Zasekan chod pc vol 2

[Koudy15x]

Zdravím,

Problémy se vrátily po reinstalaci systemu vse slapalo ale vydrzelo to pouhych nekolik dni. Ted se mi to same stalo na win 7, jako predtim na win 8.1. Jedina odlisnost je, ze se mi system do windows uz ani nedostane. Sled udalosti je zhruba takovy: spustim pc, cerna obrazovka, pote problikne panel starting windows 7 a skonci to na modre obrazovce bez jakehokoliv napisu ci moznosti prihlaseni. Take je to v jinem rozliseni nez bylo na pc pouzivano. Cely tento proces trva asi 10 minut

Predchozi topic je zde
http://forum.viry.cz/viewtopic.php?f=13&t=141124

Prosim, vite si s tim nekdo rady? Muzete mi poradit co s tim?

Edit: pri pokusu o spusteni z posledni zname fungujici kopie se pocitac nacita, take to trva dlouho a po 5 minutach to vzda, problikne modra smrt a pocitac se restartuje

[Koudy15x]

Tady je screen modre smrti ktera jak pri pokusu o obnovu systemu z posledni funkcni doby tak z pokusu o spusteni v nouzovem rezimu se siti, objevi a na ni skonci boot.

[Koudy15x]

Pri pokusu o opravu systemu se oprava zdarilo ale trvalo to 2 hodiny nez se to opravilo. System normalne nastartoval.... Po vypnuti a zapnuti pc byl stejny scenar... Po pouhem restartovani se toto nestalo. Pc se pustil sice lehounce pomaleji ale nesrovnatelne rychleji nez predtim

Pc je celkove velice pomaly, je pronlem i s nactenim www stranky

[Koudy15x]

RSIT log

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2014-11-11 18:24:32
Microsoft Windows 7 Ultimate  
System drive E: has 67 GB (37%) free of 184 GB
Total RAM: 3957 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:26:43, on 11.11.2014
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe
E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\Program Files (x86)\Magic Mouse Utilities\MagicMouseUtilities.exe
E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
E:\Program Files (x86)\Launch Manager\LManager.exe
E:\Program Files (x86)\iTunes\iTunesHelper.exe
E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\Program Files (x86)\Launch Manager\LMworker.exe
E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = E:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - E:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [LManager] E:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_ED2B1456309E36E5742C350E772C9303] "E:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "E:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Magic Mouse Utilities.lnk = E:\Program Files (x86)\Magic Mouse Utilities\MagicMouseUtilities.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://E:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - E:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - E:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - E:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - E:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - E:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - E:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - E:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - E:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - E:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - E:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - E:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - E:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - E:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - E:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - E:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - E:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - E:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - E:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - E:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - E:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - E:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - E:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - E:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - E:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - E:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - E:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - E:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10260 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
E:\Windows\system32\services.exe
E:\Windows\system32\lsass.exe
E:\Windows\system32\lsm.exe
E:\Windows\system32\svchost.exe -k DcomLaunch
E:\Windows\system32\svchost.exe -k RPCSS
E:\Windows\system32\atiesrxx.exe
winlogon.exe
E:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
E:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
E:\Windows\system32\svchost.exe -k netsvcs
E:\Windows\system32\svchost.exe -k LocalService
E:\Windows\system32\svchost.exe -k NetworkService
atieclxx
E:\Windows\system32\WLANExt.exe 32545968
\??\E:\Windows\system32\conhost.exe
E:\Windows\System32\spoolsv.exe
E:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"E:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"E:\Program Files\Bonjour\mDNSResponder.exe"
"E:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"E:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
"E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe" /s "NAV" /m "E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\diMaster.dll" /prefetch:1
"E:\Windows\system32\Dwm.exe"
E:\Windows\Explorer.EXE
"taskhost.exe"
E:\Windows\system32\svchost.exe -k imgsvc
"E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe" /c /a /s UserSession
E:\Windows\system32\wbem\wmiprvse.exe
"E:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c1aba546-fea9-48a7-997b-493099f20428 -SystemEventPortName:HostProcess-2c5de981-9e04-4b25-be21-0226fac37de1 -IoCancelEventPortName:HostProcess-8706c80e-eda4-445f-8d8c-bb3502414919 -NonStateChangingEventPortName:HostProcess-73c025c9-1382-47e4-9935-c14c45543a41 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9d57dceb-020c-47d1-a5ce-6ddc92cabf33
E:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
E:\Windows\system32\SearchIndexer.exe /Embedding
"E:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"E:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" 
"E:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" 
"E:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" 
"E:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"E:\Program Files (x86)\Magic Mouse Utilities\MagicMouseUtilities.exe" 
"E:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2860.0.1210826501\1874866385" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,16 --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.741.1.5000 --ignored=" --type=renderer " /prefetch:822062411
"E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 
"E:\Program Files (x86)\Launch Manager\LManager.exe" 
"E:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"E:\Program Files (x86)\iTunes\iTunesHelper.exe" 
"E:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StableHUPScoringExperiment_A1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="2860.1.2133065879\1729645315" /prefetch:673131151
"E:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StableHUPScoringExperiment_A1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="2860.2.1157328570\1321404792" /prefetch:673131151
"E:\Program Files (x86)\Launch Manager\LMworker.exe"
E:\Windows\system32\wbem\unsecapp.exe -Embedding
"E:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StableHUPScoringExperiment_A1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="2860.3.2077211745\1010663300" /prefetch:673131151
"E:\Program Files\iPod\bin\iPodService.exe"
E:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"E:\Program Files\Windows Media Player\wmpnetwk.exe"
"E:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StableHUPScoringExperiment_A1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="2860.5.862282025\696852857" /prefetch:673131151
E:\Windows\System32\svchost.exe -k LocalServicePeerNet
"E:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"E:\Windows\system32\wuauclt.exe"

"E:\Users\Admin\Desktop\RSITx64.exe" 
E:\Windows\system32\wbem\wmiprvse.exe
"E:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "E:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"E:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516 

======Scheduled tasks folder======

E:\Windows\tasks\Adobe Flash Player Updater.job - E:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
E:\Windows\tasks\GoogleUpdateTaskMachineCore.job - E:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
E:\Windows\tasks\GoogleUpdateTaskMachineUA.job - E:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 

=========Mozilla firefox=========

ProfilePath - E:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ma1vxeje.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=E:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=E:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=E:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=E:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=E:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=E:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=E:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL


E:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - E:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - E:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01 2322576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - E:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\IPS\IPSBHO.DLL [2011-03-31 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - E:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-07 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - E:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-07 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=E:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-07-26 9643552]
"AtherosBtStack"=E:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-05-25 585376]
"AthBtTray"=E:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-05-25 354464]
"AmIcoSinglun64"=E:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-07-26 323584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_ED2B1456309E36E5742C350E772C9303"=E:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-10-22 854344]
"DAEMON Tools Lite"=E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"CCleaner Monitoring"=E:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-12-23 284696]
"LManager"=E:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-26 1289296]
"StartCCC"=E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-25 98304]
"APSDaemon"=E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"iTunesHelper"=E:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392]

E:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Magic Mouse Utilities.lnk - E:\Program Files (x86)\Magic Mouse Utilities\MagicMouseUtilities.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=E:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - E:\Windows\System32\Notepad.exe %1
.js - open - E:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-11 18:10:08 ----D---- E:\_OTM
2014-11-11 17:56:34 ----D---- E:\AdwCleaner
2014-11-11 17:40:47 ----D---- E:\rsit
2014-11-11 17:40:47 ----D---- E:\Program Files\trend micro
2014-11-11 17:40:36 ----D---- E:\Program Files\CCleaner
2014-11-10 20:16:18 ----D---- E:\Windows\system32\MRT
2014-11-10 20:16:05 ----A---- E:\Windows\system32\MRT.exe
2014-11-09 15:48:46 ----A---- E:\Windows\system32\browserchoice.exe
2014-11-08 22:50:49 ----A---- E:\Users\Admin\AppData\Roaming\Magic Mouse Utilities.ini
2014-11-08 22:50:45 ----D---- E:\Program Files (x86)\Magic Mouse Utilities
2014-11-08 22:37:51 ----D---- E:\ProgramData\boost_interprocess
2014-11-08 20:06:06 ----D---- E:\ProgramData\Mozilla
2014-11-08 20:06:04 ----D---- E:\Program Files (x86)\Mozilla Maintenance Service
2014-11-08 16:09:16 ----D---- E:\ProgramData\HP
2014-11-08 14:40:01 ----D---- E:\Users\Admin\AppData\Roaming\Macromedia
2014-11-08 14:39:58 ----D---- E:\Users\Admin\AppData\Roaming\Adobe
2014-11-08 14:39:47 ----A---- E:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-08 14:39:46 ----D---- E:\Windows\SYSWOW64\Macromed
2014-11-08 14:39:42 ----D---- E:\Windows\system32\Macromed
2014-11-08 12:58:37 ----D---- E:\Users\Admin\AppData\Roaming\Foxit Software
2014-11-08 12:26:51 ----D---- E:\Users\Admin\AppData\Roaming\GHISLER
2014-11-08 12:26:51 ----D---- E:\Program Files\totalcmd
2014-11-08 12:26:51 ----A---- E:\Windows\UC.PIF
2014-11-08 12:26:51 ----A---- E:\Windows\RAR.PIF
2014-11-08 12:26:51 ----A---- E:\Windows\PKZIP.PIF
2014-11-08 12:26:51 ----A---- E:\Windows\PKUNZIP.PIF
2014-11-08 12:26:51 ----A---- E:\Windows\LHA.PIF
2014-11-08 12:26:51 ----A---- E:\Windows\ARJ.PIF
2014-11-08 09:21:01 ----D---- E:\Program Files (x86)\Foxit Software
2014-11-08 08:53:53 ----D---- E:\Program Files (x86)\Mozilla Thunderbird
2014-11-08 08:46:47 ----A---- E:\Windows\SYSWOW64\poqexec.exe
2014-11-08 08:46:47 ----A---- E:\Windows\system32\poqexec.exe
2014-11-08 08:46:43 ----A---- E:\Windows\system32\ntoskrnl.exe
2014-11-08 08:46:42 ----A---- E:\Windows\SYSWOW64\ntoskrnl.exe
2014-11-08 08:46:42 ----A---- E:\Windows\SYSWOW64\ntkrnlpa.exe
2014-11-08 08:45:05 ----D---- E:\Users\Admin\AppData\Roaming\Mozilla
2014-11-07 20:05:09 ----D---- E:\Program Files\Common Files\DESIGNER
2014-11-07 20:04:33 ----D---- E:\Program Files (x86)\Microsoft SQL Server
2014-11-07 20:04:32 ----D---- E:\Program Files\Microsoft.NET
2014-11-07 20:04:19 ----D---- E:\ProgramData\regid.1991-06.com.microsoft
2014-11-07 20:03:51 ----D---- E:\Program Files (x86)\Mozilla Firefox
2014-11-07 20:03:34 ----D---- E:\Windows\PCHEALTH
2014-11-07 20:03:34 ----D---- E:\Program Files\Microsoft SQL Server
2014-11-07 20:03:34 ----D---- E:\Program Files (x86)\Microsoft.NET
2014-11-07 20:00:30 ----D---- E:\Program Files\Microsoft Analysis Services
2014-11-07 20:00:30 ----D---- E:\Program Files (x86)\Microsoft Analysis Services
2014-11-07 19:59:49 ----D---- E:\Program Files (x86)\Microsoft Office
2014-11-07 19:59:47 ----D---- E:\Program Files\Microsoft Office
2014-11-07 19:59:43 ----D---- E:\ProgramData\Microsoft Help
2014-11-07 19:59:01 ----RHD---- E:\MSOCache
2014-11-07 19:56:14 ----A---- E:\Windows\system32\drivers\dtsoftbus01.sys
2014-11-07 19:56:08 ----D---- E:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2014-11-07 19:56:04 ----D---- E:\Program Files (x86)\DAEMON Tools Lite
2014-11-07 19:52:42 ----D---- E:\ProgramData\DAEMON Tools Lite
2014-11-07 19:09:29 ----D---- E:\Users\Admin\AppData\Roaming\Skype
2014-11-07 19:09:12 ----RD---- E:\Program Files (x86)\Skype
2014-11-07 19:08:57 ----D---- E:\ProgramData\Skype
2014-11-07 18:05:38 ----D---- E:\Program Files (x86)\Google
2014-11-07 17:59:21 ----D---- E:\Users\Admin\AppData\Roaming\Apple Computer
2014-11-07 17:59:13 ----DC---- E:\Windows\system32\DRVSTORE
2014-11-07 17:59:13 ----A---- E:\Windows\system32\drivers\GEARAspiWDM.sys
2014-11-07 17:58:59 ----D---- E:\Program Files\iPod
2014-11-07 17:58:58 ----D---- E:\ProgramData\Apple Computer
2014-11-07 17:58:58 ----D---- E:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-07 17:58:58 ----D---- E:\Program Files\iTunes
2014-11-07 17:58:58 ----D---- E:\Program Files (x86)\iTunes
2014-11-07 17:58:19 ----D---- E:\Program Files (x86)\Apple Software Update
2014-11-07 17:58:08 ----D---- E:\Program Files\Common Files\Apple
2014-11-07 17:57:57 ----D---- E:\Program Files\Bonjour
2014-11-07 17:57:57 ----D---- E:\Program Files (x86)\Bonjour
2014-11-07 17:57:49 ----D---- E:\ProgramData\Apple
2014-11-07 17:56:34 ----D---- E:\Program Files\WinRAR
2014-11-07 17:55:27 ----D---- E:\Users\Admin\AppData\Roaming\uTorrent
2014-11-07 17:55:11 ----D---- E:\Program Files (x86)\TeamViewer
2014-11-07 17:54:44 ----D---- E:\Program Files (x86)\Steam
2014-11-07 17:53:39 ----D---- E:\ProgramData\Sun
2014-11-07 17:53:32 ----A---- E:\Windows\SYSWOW64\javaws.exe
2014-11-07 17:53:25 ----A---- E:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-11-07 17:53:25 ----A---- E:\Windows\SYSWOW64\javaw.exe
2014-11-07 17:53:25 ----A---- E:\Windows\SYSWOW64\java.exe
2014-11-07 17:53:16 ----D---- E:\Program Files (x86)\Java
2014-11-07 17:51:30 ----D---- E:\Program Files\Symantec
2014-11-07 17:51:30 ----D---- E:\Program Files\Common Files\Symantec Shared
2014-11-07 17:51:30 ----A---- E:\Windows\system32\drivers\SYMEVENT64x86.SYS
2014-11-07 17:51:09 ----D---- E:\Windows\system32\drivers\NAVx64
2014-11-07 17:51:06 ----D---- E:\Program Files (x86)\Norton AntiVirus
2014-11-07 17:51:05 ----D---- E:\ProgramData\Norton
2014-11-07 17:50:33 ----D---- E:\ProgramData\NortonInstaller
2014-11-07 17:50:33 ----D---- E:\Program Files (x86)\NortonInstaller
2014-11-07 17:50:10 ----A---- E:\Windows\system32\wups2.dll
2014-11-07 17:50:10 ----A---- E:\Windows\system32\wucltux.dll
2014-11-07 17:50:10 ----A---- E:\Windows\system32\wuaueng.dll
2014-11-07 17:50:10 ----A---- E:\Windows\system32\wuauclt.exe
2014-11-07 17:50:06 ----A---- E:\Windows\system32\wups.dll
2014-11-07 17:50:05 ----A---- E:\Windows\system32\wudriver.dll
2014-11-07 17:50:05 ----A---- E:\Windows\system32\wuapi.dll
2014-11-07 17:49:49 ----A---- E:\Windows\system32\wuwebv.dll
2014-11-07 17:49:49 ----A---- E:\Windows\system32\wuapp.exe
2014-11-07 17:46:23 ----D---- E:\Users\Admin\AppData\Roaming\Intel Corporation
2014-11-07 17:43:27 ----D---- E:\Program Files (x86)\Cisco
2014-11-07 17:42:41 ----A---- E:\Windows\system32\bcmwlrc.dll
2014-11-07 17:42:41 ----A---- E:\Windows\system32\bcmwlcoi.dll
2014-11-07 17:42:40 ----A---- E:\Windows\system32\drivers\BCMWL664.SYS
2014-11-07 17:42:40 ----A---- E:\Windows\system32\bcmihvui64.dll
2014-11-07 17:42:40 ----A---- E:\Windows\system32\bcmihvsrv64.dll
2014-11-07 17:42:39 ----D---- E:\Program Files\Broadcom
2014-11-07 17:41:21 ----A---- E:\Windows\SYSWOW64\atipblup.dat
2014-11-07 17:41:21 ----A---- E:\Windows\system32\atipblup.dat
2014-11-07 17:41:01 ----D---- E:\Program Files (x86)\ATI Technologies
2014-11-07 17:40:26 ----D---- E:\Program Files\ATI Technologies
2014-11-07 17:40:24 ----D---- E:\Program Files\ATI
2014-11-07 17:39:17 ----A---- E:\Windows\Setup.INI
2014-11-07 17:39:10 ----D---- E:\Program Files (x86)\Launch Manager
2014-11-07 17:38:11 ----D---- E:\ProgramData\AmUStor
2014-11-07 17:38:11 ----D---- E:\Program Files (x86)\AmIcoSingLun
2014-11-07 17:37:25 ----A---- E:\Windows\system32\drivers\btath_rcp.sys
2014-11-07 17:37:24 ----A---- E:\Windows\system32\wdfcoinstaller01009.dll
2014-11-07 17:37:24 ----A---- E:\Windows\system32\drivers\btath_lwflt.sys
2014-11-07 17:37:24 ----A---- E:\Windows\system32\drivers\btath_hcrp.sys
2014-11-07 17:37:23 ----A---- E:\Windows\system32\drivers\btath_flt.sys
2014-11-07 17:37:23 ----A---- E:\Windows\system32\drivers\btath_a2dp.sys
2014-11-07 17:37:19 ----A---- E:\Windows\system32\drivers\btath_bus.sys
2014-11-07 17:36:17 ----D---- E:\Program Files (x86)\Bluetooth Suite
2014-11-07 17:35:52 ----SHD---- E:\Windows\Installer
2014-11-07 17:34:31 ----D---- E:\Windows\SYSWOW64\RTCOM
2014-11-07 17:34:19 ----D---- E:\Program Files\Realtek
2014-11-07 17:34:19 ----A---- E:\Windows\system32\drivers\rtkhdaud.dat
2014-11-07 17:34:19 ----A---- E:\Windows\system32\drivers\RtHdatEx.dat
2014-11-07 17:34:19 ----A---- E:\Windows\system32\drivers\RTEQEX2.dat
2014-11-07 17:34:19 ----A---- E:\Windows\system32\drivers\RTEQEX1.dat
2014-11-07 17:34:19 ----A---- E:\Windows\system32\drivers\RTEQEX0.dat
2014-11-07 17:34:19 ----A---- E:\Windows\system32\drivers\RTConvEQ.dat
2014-11-07 17:34:18 ----A---- E:\Windows\system32\WavesGUILib.dll
2014-11-07 17:34:18 ----A---- E:\Windows\system32\SRSWOW64.dll
2014-11-07 17:34:18 ----A---- E:\Windows\system32\SRSTSX64.dll
2014-11-07 17:34:18 ----A---- E:\Windows\system32\SRSTSH64.dll
2014-11-07 17:34:18 ----A---- E:\Windows\system32\SRSHP64.dll
2014-11-07 17:34:18 ----A---- E:\Windows\system32\RtPgEx64.dll
2014-11-07 17:34:18 ----A---- E:\Windows\system32\RtlCPAPI64.dll
2014-11-07 17:34:18 ----A---- E:\Windows\system32\drivers\RTKVHD64.sys
2014-11-07 17:34:17 ----A---- E:\Windows\system32\RtkCfg64.dll
2014-11-07 17:34:17 ----A---- E:\Windows\system32\RtkAPO64.dll
2014-11-07 17:34:17 ----A---- E:\Windows\system32\RtkApi64.dll
2014-11-07 17:34:17 ----A---- E:\Windows\system32\RTEEP64A.dll
2014-11-07 17:34:17 ----A---- E:\Windows\system32\RTEEL64A.dll
2014-11-07 17:34:17 ----A---- E:\Windows\system32\RTEEG64A.dll
2014-11-07 17:34:17 ----A---- E:\Windows\system32\RTEED64A.dll
2014-11-07 17:34:17 ----A---- E:\Windows\system32\RTCOM64.dll
2014-11-07 17:34:17 ----A---- E:\Windows\system32\RP3DHT64.dll
2014-11-07 17:34:17 ----A---- E:\Windows\system32\RP3DAA64.dll
2014-11-07 17:34:17 ----A---- E:\Windows\system32\RCoInst64.dll
2014-11-07 17:34:17 ----A---- E:\Windows\system32\MaxxAudioEQ.dll
2014-11-07 17:34:17 ----A---- E:\Windows\system32\MaxxAudioAPO20.dll
2014-11-07 17:34:17 ----A---- E:\Windows\system32\FMAPO64.dll
2014-11-07 17:34:16 ----D---- E:\Program Files (x86)\Realtek
2014-11-07 17:34:16 ----A---- E:\Windows\system32\AERTAR64.dll
2014-11-07 17:34:16 ----A---- E:\Windows\system32\AERTAC64.dll
2014-11-07 17:34:11 ----HD---- E:\Program Files (x86)\Temp
2014-11-07 17:34:11 ----A---- E:\Windows\RtlExUpd.dll
2014-11-07 17:33:39 ----D---- E:\Intel
2014-11-07 17:33:38 ----A---- E:\Windows\system32\drivers\iaStor.sys
2014-11-07 17:33:37 ----HD---- E:\Program Files (x86)\InstallShield Installation Information
2014-11-07 17:33:36 ----D---- E:\Users\Admin\AppData\Roaming\InstallShield
2014-11-07 17:33:36 ----D---- E:\ProgramData\InstallShield
2014-11-07 17:33:36 ----D---- E:\Program Files (x86)\Intel
2014-11-07 17:31:05 ----D---- E:\Users\Admin\AppData\Roaming\Identities
2014-11-07 17:30:29 ----SD---- E:\Users\Admin\AppData\Roaming\Microsoft
2014-11-07 17:30:29 ----D---- E:\Users\Admin\AppData\Roaming\Media Center Programs
2014-11-07 17:30:11 ----SHD---- E:\Recovery
2014-11-07 17:30:10 ----SHD---- E:\ProgramData\Šablony
2014-11-07 17:30:10 ----SHD---- E:\ProgramData\Plocha
2014-11-07 17:30:10 ----SHD---- E:\ProgramData\Oblíbené položky
2014-11-07 17:30:10 ----SHD---- E:\ProgramData\Nabídka Start
2014-11-07 17:30:10 ----SHD---- E:\ProgramData\Dokumenty
2014-11-07 17:30:10 ----SHD---- E:\ProgramData\Data aplikací
2014-11-07 17:22:50 ----D---- E:\Windows\SoftwareDistribution
2014-11-07 17:19:33 ----D---- E:\Windows\Prefetch
2014-11-07 17:19:17 ----ASH---- E:\pagefile.sys
2014-11-07 17:19:13 ----ASH---- E:\hiberfil.sys
2014-11-07 17:08:02 ----D---- E:\Windows\Panther
2014-11-07 17:07:27 ----D---- E:\Windows\system32\oem
2014-11-07 14:32:38 ----A---- E:\Windows\system32\drivers\AtihdW76.sys
2014-11-07 14:32:33 ----A---- E:\Windows\system32\coinst.dll
2014-11-07 14:32:32 ----A---- E:\Windows\SYSWOW64\atiuxpag.dll
2014-11-07 14:32:32 ----A---- E:\Windows\SYSWOW64\atiumdva.dll
2014-11-07 14:32:32 ----A---- E:\Windows\SYSWOW64\atiumdag.dll
2014-11-07 14:32:32 ----A---- E:\Windows\system32\atiuxp64.dll
2014-11-07 14:32:32 ----A---- E:\Windows\system32\atiumd6a.dll
2014-11-07 14:32:31 ----A---- E:\Windows\SYSWOW64\atiu9pag.dll
2014-11-07 14:32:31 ----A---- E:\Windows\SYSWOW64\atipdlxx.dll
2014-11-07 14:32:31 ----A---- E:\Windows\SYSWOW64\atipblag.dat
2014-11-07 14:32:31 ----A---- E:\Windows\system32\atiumd64.dll
2014-11-07 14:32:31 ----A---- E:\Windows\system32\atiu9p64.dll
2014-11-07 14:32:31 ----A---- E:\Windows\system32\atitmm64.dll
2014-11-07 14:32:31 ----A---- E:\Windows\system32\atipdl64.dll
2014-11-07 14:32:31 ----A---- E:\Windows\system32\atipblag.dat
2014-11-07 14:32:30 ----A---- E:\Windows\SYSWOW64\atioglxx.dll
2014-11-07 14:32:30 ----A---- E:\Windows\SYSWOW64\atimpc32.dll
2014-11-07 14:32:30 ----A---- E:\Windows\SYSWOW64\amdpcom32.dll
2014-11-07 14:32:30 ----A---- E:\Windows\system32\drivers\atikmpag.sys
2014-11-07 14:32:30 ----A---- E:\Windows\system32\atio6axx.dll
2014-11-07 14:32:30 ----A---- E:\Windows\system32\atimuixx.dll
2014-11-07 14:32:30 ----A---- E:\Windows\system32\atimpc64.dll
2014-11-07 14:32:30 ----A---- E:\Windows\system32\amdpcom64.dll
2014-11-07 14:32:29 ----A---- E:\Windows\SYSWOW64\atiglpxx.dll
2014-11-07 14:32:29 ----A---- E:\Windows\SYSWOW64\atigktxx.dll
2014-11-07 14:32:29 ----A---- E:\Windows\system32\drivers\atikmdag.sys
2014-11-07 14:32:29 ----A---- E:\Windows\system32\atiicdxx.dat
2014-11-07 14:32:29 ----A---- E:\Windows\system32\atig6txx.dll
2014-11-07 14:32:29 ----A---- E:\Windows\system32\atig6pxx.dll
2014-11-07 14:32:29 ----A---- E:\Windows\system32\atiesrxx.exe
2014-11-07 14:32:29 ----A---- E:\Windows\system32\atiedu64.dll
2014-11-07 14:32:28 ----A---- E:\Windows\SYSWOW64\atidxx32.dll
2014-11-07 14:32:28 ----A---- E:\Windows\system32\atieclxx.exe
2014-11-07 14:32:28 ----A---- E:\Windows\system32\atidxx64.dll
2014-11-07 14:32:28 ----A---- E:\Windows\system32\ATIDEMGX.dll
2014-11-07 14:32:27 ----A---- E:\Windows\SYSWOW64\aticalrt.dll
2014-11-07 14:32:27 ----A---- E:\Windows\SYSWOW64\aticaldd.dll
2014-11-07 14:32:27 ----A---- E:\Windows\SYSWOW64\aticalcl.dll
2014-11-07 14:32:27 ----A---- E:\Windows\system32\aticalrt64.dll
2014-11-07 14:32:27 ----A---- E:\Windows\system32\aticaldd64.dll
2014-11-07 14:32:27 ----A---- E:\Windows\system32\aticalcl64.dll
2014-11-07 14:32:26 ----A---- E:\Windows\SYSWOW64\atiadlxy.dll
2014-11-07 14:32:26 ----A---- E:\Windows\SYSWOW64\ati2edxx.dll
2014-11-07 14:32:26 ----A---- E:\Windows\system32\drivers\ati2erec.dll
2014-11-07 14:32:26 ----A---- E:\Windows\system32\atibtmon.exe
2014-11-07 14:32:26 ----A---- E:\Windows\system32\atiapfxx.exe
2014-11-07 14:32:26 ----A---- E:\Windows\system32\atiadlxx.dll
2014-11-07 14:26:54 ----A---- E:\Windows\UNINSTLMv4.EXE
2014-11-07 14:23:51 ----D---- E:\Dokumenty
2014-11-07 14:22:47 ----D---- E:\SW

======List of files/folders modified in the last 1 month======

2014-11-11 18:18:33 ----D---- E:\Windows\System32
2014-11-11 18:18:33 ----A---- E:\Windows\system32\PerfStringBackup.INI
2014-11-11 18:18:30 ----D---- E:\Windows\inf
2014-11-11 18:13:02 ----D---- E:\Windows\Temp
2014-11-11 18:12:09 ----SHD---- E:\System Volume Information
2014-11-11 18:11:38 ----D---- E:\Windows\system32\config
2014-11-11 17:59:32 ----D---- E:\Windows
2014-11-11 17:51:37 ----D---- E:\Windows\debug
2014-11-11 17:40:47 ----RD---- E:\Program Files
2014-11-11 17:40:39 ----D---- E:\Windows\system32\Tasks
2014-11-11 16:02:03 ----D---- E:\Windows\system32\catroot
2014-11-11 16:02:02 ----D---- E:\Windows\system32\catroot2
2014-11-11 15:58:38 ----D---- E:\Windows\winsxs
2014-11-10 18:12:02 ----D---- E:\Windows\SysWOW64
2014-11-10 18:00:46 ----D---- E:\Windows\system32\LogFiles
2014-11-10 00:09:04 ----D---- E:\Windows\system32\wdi
2014-11-08 22:50:45 ----RD---- E:\Program Files (x86)
2014-11-08 22:39:14 ----D---- E:\Windows\system32\drivers
2014-11-08 22:37:51 ----HD---- E:\ProgramData
2014-11-08 19:37:06 ----D---- E:\Program Files (x86)\Common Files
2014-11-08 16:09:12 ----D---- E:\Windows\system32\DriverStore
2014-11-08 14:39:52 ----D---- E:\Windows\Tasks
2014-11-08 10:19:07 ----RSD---- E:\Windows\assembly
2014-11-08 10:19:07 ----D---- E:\Windows\Microsoft.NET
2014-11-08 08:43:47 ----D---- E:\Windows\Logs
2014-11-08 08:36:03 ----RSD---- E:\Windows\Fonts
2014-11-07 20:05:31 ----D---- E:\Windows\ShellNew
2014-11-07 20:05:23 ----D---- E:\Program Files\Common Files\Microsoft Shared
2014-11-07 20:05:09 ----D---- E:\Program Files\Common Files
2014-11-07 20:03:34 ----SD---- E:\ProgramData\Microsoft
2014-11-07 20:01:54 ----A---- E:\Windows\win.ini
2014-11-07 20:01:52 ----D---- E:\Program Files\Common Files\System
2014-11-07 18:00:47 ----D---- E:\Windows\system32\cs-CZ
2014-11-07 17:42:46 ----D---- E:\Windows\system32\zh-TW
2014-11-07 17:42:46 ----D---- E:\Windows\system32\zh-HK
2014-11-07 17:42:46 ----D---- E:\Windows\system32\zh-CN
2014-11-07 17:42:46 ----D---- E:\Windows\system32\tr-TR
2014-11-07 17:42:46 ----D---- E:\Windows\system32\th-TH
2014-11-07 17:42:46 ----D---- E:\Windows\system32\sv-SE
2014-11-07 17:42:46 ----D---- E:\Windows\system32\sl-SI
2014-11-07 17:42:46 ----D---- E:\Windows\system32\sk-SK
2014-11-07 17:42:45 ----D---- E:\Windows\system32\ru-RU
2014-11-07 17:42:45 ----D---- E:\Windows\system32\ro-RO
2014-11-07 17:42:45 ----D---- E:\Windows\system32\pt-PT
2014-11-07 17:42:44 ----D---- E:\Windows\system32\pt-BR
2014-11-07 17:42:44 ----D---- E:\Windows\system32\pl-PL
2014-11-07 17:42:44 ----D---- E:\Windows\system32\nl-NL
2014-11-07 17:42:44 ----D---- E:\Windows\system32\nb-NO
2014-11-07 17:42:44 ----D---- E:\Windows\system32\lv-LV
2014-11-07 17:42:44 ----D---- E:\Windows\system32\lt-LT
2014-11-07 17:42:44 ----D---- E:\Windows\system32\ko-KR
2014-11-07 17:42:43 ----D---- E:\Windows\system32\ja-JP
2014-11-07 17:42:43 ----D---- E:\Windows\system32\it-IT
2014-11-07 17:42:43 ----D---- E:\Windows\system32\hu-HU
2014-11-07 17:42:43 ----D---- E:\Windows\system32\hr-HR
2014-11-07 17:42:43 ----D---- E:\Windows\system32\he-IL
2014-11-07 17:42:43 ----D---- E:\Windows\system32\fr-FR
2014-11-07 17:42:42 ----D---- E:\Windows\system32\fi-FI
2014-11-07 17:42:42 ----D---- E:\Windows\system32\et-EE
2014-11-07 17:42:42 ----D---- E:\Windows\system32\es-ES
2014-11-07 17:42:42 ----D---- E:\Windows\system32\en-US
2014-11-07 17:42:42 ----D---- E:\Windows\system32\el-GR
2014-11-07 17:42:42 ----D---- E:\Windows\system32\de-DE
2014-11-07 17:42:42 ----D---- E:\Windows\system32\da-DK
2014-11-07 17:42:42 ----D---- E:\Windows\system32\bg-BG
2014-11-07 17:42:41 ----D---- E:\Windows\system32\ar-SA
2014-11-07 17:35:59 ----D---- E:\Windows\system32\restore
2014-11-07 17:31:13 ----D---- E:\Windows\rescache
2014-11-07 17:30:53 ----SHD---- E:\$Recycle.Bin
2014-11-07 17:30:29 ----RD---- E:\Users
2014-11-07 17:30:10 ----D---- E:\Program Files\Windows NT
2014-11-07 17:23:59 ----D---- E:\Windows\system32\sysprep
2014-11-07 17:22:12 ----D---- E:\Windows\system32\drivers\UMDF
2014-11-07 17:20:29 ----D---- E:\Windows\CSC
2014-11-07 17:18:25 ----D---- E:\Windows\system32\CodeIntegrity
2014-11-07 17:07:27 ----D---- E:\Windows\system32\oobe
2014-11-07 17:07:27 ----D---- E:\Windows\Setup
2014-10-30 22:48:46 ----D---- E:\Filmy
2014-10-30 22:38:53 ----D---- E:\Music

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; E:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 rdyboost;ReadyBoost; E:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 SymDS;Symantec Data Store; E:\Windows\system32\drivers\NAVx64\1207010.003\SYMDS64.SYS [2011-01-27 450680]
R0 SymEFA;Symantec Extended File Attributes; E:\Windows\system32\drivers\NAVx64\1207010.003\SYMEFA64.SYS [2011-03-15 912504]
R1 BHDrvx64;BHDrvx64; \??\E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20141107.001\BHDrvx64.sys [2014-10-30 1587416]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; E:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; E:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-07 283064]
R1 eeCtrl;Symantec Eraser Control driver; \??\E:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-11-07 487216]
R1 IDSVia64;IDSVia64; \??\E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20141108.001\IDSvia64.sys [2014-11-06 633560]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; E:\Windows\system32\drivers\NAVx64\1207010.003\SRTSPX64.SYS [2011-03-31 40568]
R1 SymIRON;Symantec Iron Driver; E:\Windows\system32\drivers\NAVx64\1207010.003\Ironx64.SYS [2011-01-27 171128]
R1 SymNetS;Symantec Network Security WFP Driver; E:\Windows\System32\Drivers\NAVx64\1207010.003\SYMNETS.SYS [2011-04-21 386168]
R1 vwififlt;Virtual WiFi Filter Driver; E:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; E:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-26 6856192]
R3 amdkmdap;amdkmdap; E:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-26 264192]
R3 AmUStor;AM USB Stroage Driver; E:\Windows\system32\drivers\AmUStor.SYS [2011-07-26 40448]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; E:\Windows\system32\drivers\AtihdW76.sys [2011-07-26 116240]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; E:\Windows\system32\DRIVERS\bcmwl664.sys [2014-11-07 3058168]
R3 BTATH_BUS;Atheros Bluetooth Bus; E:\Windows\system32\DRIVERS\btath_bus.sys [2010-05-20 32296]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\E:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-11-07 142640]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; E:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; E:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\Windows\system32\drivers\RTKVHD64.sys [2011-07-26 2222624]
R3 NAVENG;NAVENG; \??\E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20141110.032\ENG64.SYS [2014-11-10 129752]
R3 NAVEX15;NAVEX15; \??\E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20141110.032\EX64.SYS [2014-11-10 2137304]
R3 SRTSP;Symantec Real Time Storage Protection x64; E:\Windows\System32\Drivers\NAVx64\1207010.003\SRTSP64.SYS [2011-03-31 744568]
R3 SymEvent;SymEvent; \??\E:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2014-11-08 174200]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; E:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AthBTPort;Atheros Virtual Bluetooth Class; E:\Windows\system32\DRIVERS\btath_flt.sys [2010-05-20 38248]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; E:\Windows\system32\drivers\btath_a2dp.sys [2010-05-20 294760]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; E:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-05-20 202792]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; E:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-05-20 52584]
S3 BTATH_RCP;Bluetooth AVRCP Device; E:\Windows\system32\DRIVERS\btath_rcp.sys [2010-05-20 156392]
S3 BthEnum;Služba Bluetooth Enumerator; E:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); E:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; E:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; E:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 pciide;pciide; E:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; E:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); E:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; E:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; E:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;Ovladač skeneru USB; E:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; E:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; E:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; E:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S3 WSDScan;Podpora skenování WSD přes UMB; E:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; E:\Windows\system32\atiesrxx.exe [2011-07-26 203264]
R2 Apple Mobile Device;Apple Mobile Device; E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 AtherosSvc;AtherosSvc; E:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-05-25 47776]
R2 Bonjour Service;Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; E:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DsiWMIService;Dritek WMI Service; E:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-26 325200]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; E:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-09-11 242912]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
R2 NAV;Norton AntiVirus; E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe [2011-04-17 130008]
R3 iPod Service;iPod Service; E:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352]
S2 gupdate;Služba Google Update (gupdate); E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07 107912]
S2 SkypeUpdate;Skype Updater; E:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; E:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-09 267440]
S3 AppMgmt;@appmgmts.dll,-3250; E:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07 107912]
S3 MozillaMaintenance;Mozilla Maintenance Service; E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-08 114288]
S3 ose64;Office 64 Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 178824]
S3 osppsvc;Office Software Protection Platform; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; E:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; E:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-11-26 569768]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; E:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

[Márty84]

Zdravim

Kdyz si sam odpovidate, trva dele, nez vas nekdo najde.


Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)


Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[Koudy15x]

Crystal disk info

Kód: Vybrat vše

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
                                Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 7 Ultimate Edition [6.1 Build 7600] (x64)
  Date : 2014/11/11 21:31:50

-- Controller Map ----------------------------------------------------------
 + Intel(R) 5 Series 4 Port SATA AHCI Controller [ATA]
   - WDC WD5000BEVT-22A0RT0
   - MATSHITA DVD-RAM UJ890AS

-- Disk List ---------------------------------------------------------------
 (1) WDC WD5000BEVT-22A0RT0 : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
 (1) WDC WD5000BEVT-22A0RT0
----------------------------------------------------------------------------
           Model : WDC WD5000BEVT-22A0RT0
        Firmware : 01.01A01
   Serial Number : WD-WXA1A30W2827
       Disk Size : 500,1 GB (8,4/137,4/500,1)
     Buffer Size : 8192 KB
     Queue Depth : 32
    # of Sectors : 976773168
   Rotation Rate : 5400 RPM
       Interface : Serial ATA
   Major Version : ATA8-ACS
   Minor Version : ----
   Transfer Mode : SATA/300
  Power On Hours : 15171 hod.
  Power On Count : 3675 krát
     Temparature : 47 C (116 F)
   Health Status : Pozor
        Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
       APM Level : 0060h [ON]
       AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 0000000043D1 Počet chyb čtení
03 185 151 _21 0000000006AC Čas na roztočení ploten
04 _52 _52 __0 00000000BF04 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _80 _80 __0 000000003B43 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000E5B Počet cyklů zapnutí zařízení
BF __1 __1 __0 000000000C60 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 0000000000A3 Počet vypnutí disku
C1 __1 __1 __0 00000019D0B7 Počet cyklů načítání/vymazání
C2 100 _85 __0 00000000002F Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000027 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4133 4133 3057 3238 3237
020: 0000 4000 0032 3031 2E30 3031 3031 5744 4320 5744
030: 3530 3030 4245 5654 2D32 3052 3052 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1F06 1F06 0000 004C 0040
080: 01FE 0000 746B 7F09 6163 BC09 BC09 6163 407F 0051
090: 0051 0060 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE6
110: 0014 4E6C 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16D3 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 7037 7037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A5A5

[Márty84]

Nedavejte logy do Code, spatne se to cte.

Disk nevypada dobre. Az dobehne OTL, spustte HD Tune

Udelejte kontrolu programem HD Tune
Stahnete http://www.slunecnice.cz/sw/hd-tune/ , nainstalujte a spustte jako spravce (pokud vam pri instalaci nabidne nejaky doplnek, odmitnete ho!)
V tom okne kliknete na posledni zalozku - Error Scan (pokud bude zatrzeny quick scan, tak zatrzitko zruste) a kliknete na Start.
Kontrola bude nejakou dobu trvat. Dejte vedet, jestli tam bylo nejake cervene policko.
Taky se podivejte na zalozku Health a opiste mi (vyfotte), co se tam pise. Melo by tam byt OK http://www.google.cz/imgres?um=1&hl=cs& ... s:20,i:143

[Koudy15x]

Poslušně hlásím že OTL mi už 2x spadlo během procesu, tak nevím jestli to má cenu zkoušet dále.

Tady je screen z HD Tune:


Co se týče záložky "Health" tak ta je zcela prázdná, není v ní napsáno vůbec nic.

Prosím o další instrukce

[Koudy15x]

Zkusil jsem OTL ještě jednou a tady je výsledek
Tady je OTL.txt rozdělené do 2 postů

OTL logfile created on: 12.11.2014 17:10:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Users\Admin\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,86 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 59,97% Memory free
7,73 Gb Paging File | 5,95 Gb Available in Paging File | 77,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 286,42 Gb Total Space | 179,88 Gb Free Space | 62,80% Space Free | Partition Type: NTFS
Drive E: | 179,25 Gb Total Space | 38,59 Gb Free Space | 21,53% Space Free | Partition Type: NTFS
Drive G: | 1,84 Gb Total Space | 1,83 Gb Free Space | 99,85% Space Free | Partition Type: FAT
Drive H: | 100,00 Mb Total Space | 64,22 Mb Free Space | 64,22% Space Free | Partition Type: NTFS

Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.11.11 21:30:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\Admin\Desktop\OTL.exe
PRC - [2014.10.22 05:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.09.11 12:00:06 | 000,242,912 | ---- | M] (Foxit Software Inc.) -- E:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
PRC - [2014.08.04 08:48:16 | 012,710,240 | ---- | M] (TeamViewer GmbH) -- E:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2014.08.04 08:36:26 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- E:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2011.07.26 12:36:44 | 001,289,296 | ---- | M] (Dritek System Inc.) -- E:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011.07.26 12:36:44 | 000,288,336 | ---- | M] (Dritek System Inc.) -- E:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011.07.26 12:36:43 | 000,325,200 | ---- | M] (Dritek System Inc.) -- E:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccsvchst.exe
PRC - [2009.12.23 17:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.12.23 17:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe


========== Modules (No Company Name) ==========

MOD - [2014.11.12 04:35:09 | 003,347,968 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2014.11.12 04:34:39 | 012,432,896 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2014.11.12 04:34:16 | 001,587,200 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2014.11.12 04:34:07 | 000,771,584 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2014.11.12 04:34:02 | 005,453,312 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2014.11.12 04:33:58 | 000,971,264 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2014.11.12 04:33:57 | 007,963,136 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2014.11.12 04:33:50 | 011,490,304 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2014.10.22 05:05:00 | 014,902,600 | ---- | M] () -- E:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
MOD - [2014.10.22 05:04:57 | 008,910,664 | ---- | M] () -- E:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
MOD - [2014.10.22 05:04:51 | 001,042,760 | ---- | M] () -- E:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
MOD - [2014.10.22 05:04:49 | 000,211,272 | ---- | M] () -- E:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
MOD - [2014.10.22 05:04:48 | 001,681,224 | ---- | M] () -- E:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
MOD - [2012.10.01 20:37:48 | 006,522,480 | ---- | M] () -- E:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
MOD - [2011.07.26 12:36:43 | 000,072,200 | ---- | M] () -- E:\Program Files (x86)\Launch Manager\CdDirIo.dll
MOD - [2009.07.14 16:17:12 | 000,303,104 | ---- | M] () -- E:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011.07.26 12:37:40 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- E:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.11.09 17:07:52 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- E:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.11.08 20:05:58 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.09.11 12:00:06 | 000,242,912 | ---- | M] (Foxit Software Inc.) [Auto | Running] -- E:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -- (FoxitCloudUpdateService)
SRV - [2014.04.03 19:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- E:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.11.26 06:06:38 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- E:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.07.26 12:36:43 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- E:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe -- (NAV)
SRV - [2010.05.25 17:46:44 | 000,047,776 | ---- | M] (Atheros Commnucations) [Auto | Running] -- E:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2009.12.23 17:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.11.08 00:52:53 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014.11.07 19:56:14 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- E:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014.11.07 17:42:35 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011.07.26 12:37:55 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.07.26 12:37:42 | 006,856,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.07.26 12:37:42 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.07.26 12:36:25 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2011.04.21 02:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011.03.31 04:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011.03.31 04:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011.03.15 03:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011.01.27 07:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symds64.sys -- (SymDS)
DRV:64bit: - [2011.01.27 06:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- E:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.05.20 13:42:30 | 000,294,760 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2010.05.20 13:42:30 | 000,202,792 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2010.05.20 13:42:30 | 000,156,392 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2010.05.20 13:42:30 | 000,052,584 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2010.05.20 13:42:30 | 000,038,248 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2010.05.20 13:42:30 | 000,032,296 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2009.12.17 10:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- E:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.09.17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- E:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 01:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014.11.10 18:50:30 | 000,129,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20141111.034\eng64.sys -- (NAVENG)
DRV - [2014.11.10 18:50:28 | 002,137,304 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20141111.034\ex64.sys -- (NAVEX15)
DRV - [2014.11.07 18:54:04 | 000,487,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014.11.07 18:54:04 | 000,142,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- E:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014.11.06 21:37:00 | 000,633,560 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20141111.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014.10.30 22:19:30 | 001,587,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20141107.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- E:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = E:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC






IE - HKU\S-1-5-21-4130898535-3589791334-1507998467-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4130898535-3589791334-1507998467-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4130898535-3589791334-1507998467-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4130898535-3589791334-1507998467-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.0.3
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: E:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: E:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: E:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0.3\extensions\\Components: E:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0.3\extensions\\Plugins: E:\Program Files (x86)\Mozilla Firefox\plugins [2014.11.07 20:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.2.0\extensions\\Components: E:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.2.0\extensions\\Plugins: E:\Program Files (x86)\Mozilla Thunderbird\plugins

[2014.11.08 08:46:12 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Admin\AppData\Roaming\Mozilla\Extensions
[2014.11.08 08:56:22 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ma1vxeje.default\extensions
[2014.11.08 08:44:17 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.11.08 20:06:00 | 000,000,000 | ---D | M] (Default) -- E:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.10.01 20:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- E:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdakmnplckeopfghnlpocafcepegjeap\3.0.18_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.13.1_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihiafjkopgiakbmihgoieodihjcblfbk\1.0.5_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - E:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] E:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] E:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] E:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [RtHDVCpl] E:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [IAStorIcon] E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] E:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [StartCCC] E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4130898535-3589791334-1507998467-1000..\Run: [CCleaner Monitoring] E:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4130898535-3589791334-1507998467-1000..\Run: [GoogleChromeAutoLaunch_ED2B1456309E36E5742C350E772C9303] E:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "E:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "E:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - E:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{086E495E-E9ED-4DA1-9584-1E7B84D5282F}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (E:\Windows\system32\userinit.exe) - E:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - E:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e4a2660a-66a3-11e4-bc49-e130734a7a6b}\Shell - "" = AutoRun
O33 - MountPoints2\{e4a2660a-66a3-11e4-bc49-e130734a7a6b}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{e4a2660a-66a3-11e4-bc49-e130734a7a6b}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{e4a2660a-66a3-11e4-bc49-e130734a7a6b}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.11.12 10:02:46 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\TeamViewer
[2014.11.12 09:37:01 | 002,620,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wucltux.dll
[2014.11.12 09:37:01 | 000,058,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wuauclt.exe
[2014.11.12 09:37:01 | 000,044,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wups2.dll
[2014.11.12 09:36:11 | 000,198,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wuwebv.dll
[2014.11.12 09:36:11 | 000,179,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wuwebv.dll
[2014.11.12 09:36:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wuapp.exe
[2014.11.12 09:36:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wuapp.exe
[2014.11.12 03:16:12 | 000,000,000 | ---D | C] -- E:\Windows\SysNative\SPReview
[2014.11.12 03:08:18 | 000,000,000 | ---D | C] -- E:\Windows\SysNative\EventProviders
[2014.11.11 21:41:30 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2014.11.11 21:41:30 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\HD Tune
[2014.11.11 21:31:18 | 000,000,000 | ---D | C] -- E:\Users\Admin\Desktop\Smart
[2014.11.11 21:30:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- E:\Users\Admin\Desktop\OTL.exe
[2014.11.11 21:30:49 | 001,149,912 | ---- | C] (Crystal Dew World) -- E:\Users\Admin\Desktop\DiskInfo.exe
[2014.11.11 21:30:49 | 000,000,000 | ---D | C] -- E:\Users\Admin\Desktop\CdiResource
[2014.11.11 21:30:40 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\WinRAR
[2014.11.11 19:29:37 | 000,000,000 | ---D | C] -- E:\Windows\pss
[2014.11.11 18:10:08 | 000,000,000 | ---D | C] -- E:\_OTM
[2014.11.11 18:09:17 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\CrashDumps
[2014.11.11 17:56:34 | 000,000,000 | ---D | C] -- E:\AdwCleaner
[2014.11.11 17:40:47 | 000,000,000 | ---D | C] -- E:\Program Files\trend micro
[2014.11.11 17:40:47 | 000,000,000 | ---D | C] -- E:\rsit
[2014.11.11 17:40:36 | 000,000,000 | ---D | C] -- E:\Program Files\CCleaner
[2014.11.11 16:17:40 | 000,048,976 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netfxperf.dll
[2014.11.11 16:17:38 | 001,942,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dfshim.dll
[2014.11.11 16:17:27 | 001,130,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dfshim.dll
[2014.11.11 16:17:18 | 003,715,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mstscax.dll
[2014.11.11 16:17:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014.11.11 16:17:18 | 000,012,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014.11.11 16:17:17 | 001,838,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3d10warp.dll
[2014.11.11 16:17:09 | 003,215,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mstscax.dll
[2014.11.11 16:17:01 | 000,954,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mfc40.dll
[2014.11.11 16:17:01 | 000,954,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mfc40u.dll
[2014.11.11 16:17:00 | 001,109,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpcorets.dll
[2014.11.11 16:17:00 | 000,133,632 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tssrvlic.dll
[2014.11.11 16:16:58 | 001,465,344 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XpsPrint.dll
[2014.11.11 16:16:57 | 000,629,760 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\pmcsnap.dll
[2014.11.11 16:16:54 | 014,633,472 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmp.dll
[2014.11.11 16:16:54 | 002,314,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tquery.dll
[2014.11.11 16:16:51 | 002,223,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mssrch.dll
[2014.11.11 16:16:51 | 000,902,144 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d2d1.dll
[2014.11.11 16:16:50 | 003,205,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mmcndmgr.dll
[2014.11.11 16:16:50 | 001,731,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ntdll.dll
[2014.11.11 16:16:50 | 000,870,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XpsPrint.dll
[2014.11.11 16:16:45 | 004,120,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mf.dll
[2014.11.11 16:16:45 | 000,485,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\secproc_isv.dll
[2014.11.11 16:16:43 | 000,488,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\secproc.dll
[2014.11.11 16:16:43 | 000,423,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\secproc_isv.dll
[2014.11.11 16:16:43 | 000,362,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\RMActivate_isv.exe
[2014.11.11 16:16:43 | 000,359,424 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\RMActivate.exe
[2014.11.11 16:16:42 | 003,008,000 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xpsservices.dll
[2014.11.11 16:16:40 | 000,919,040 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\jscript.dll
[2014.11.11 16:16:40 | 000,327,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\RMActivate_isv.exe
[2014.11.11 16:16:39 | 001,219,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rpcrt4.dll
[2014.11.11 16:16:39 | 000,428,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\secproc.dll
[2014.11.11 16:16:38 | 000,322,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\RMActivate.exe
[2014.11.11 16:16:37 | 000,238,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ppcsnap.dll
[2014.11.11 16:16:37 | 000,051,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\PushPrinterConnections.exe
[2014.11.11 16:16:36 | 002,086,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ole32.dll
[2014.11.11 16:16:35 | 000,263,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\spwizui.dll
[2014.11.11 16:16:34 | 002,565,632 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\esent.dll
[2014.11.11 16:16:33 | 001,556,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\RacEngn.dll
[2014.11.11 16:16:33 | 001,340,416 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\diagperf.dll
[2014.11.11 16:16:33 | 001,197,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\taskschd.dll
[2014.11.11 16:16:32 | 003,207,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mf.dll
[2014.11.11 16:16:31 | 001,866,240 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ExplorerFrame.dll
[2014.11.11 16:16:31 | 001,753,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vssapi.dll
[2014.11.11 16:16:30 | 001,334,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\CertEnroll.dll
[2014.11.11 16:16:29 | 001,401,344 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mssrch.dll
[2014.11.11 16:16:29 | 001,326,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\NaturalLanguage6.dll
[2014.11.11 16:16:28 | 003,860,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\UIRibbon.dll
[2014.11.11 16:16:28 | 002,872,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\explorer.exe
[2014.11.11 16:16:28 | 000,299,392 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2014.11.11 16:16:26 | 011,410,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wmp.dll
[2014.11.11 16:16:25 | 001,698,816 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\esent.dll
[2014.11.11 16:16:24 | 003,027,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WMVCORE.DLL
[2014.11.11 16:16:24 | 000,295,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\PresentationHost.exe
[2014.11.11 16:16:24 | 000,099,176 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\PresentationHostProxy.dll
[2014.11.11 16:16:23 | 001,544,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\DWrite.dll
[2014.11.11 16:16:23 | 000,320,352 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PresentationHost.exe
[2014.11.11 16:16:23 | 000,274,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpdd.dll
[2014.11.11 16:16:23 | 000,162,816 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpudd.dll
[2014.11.11 16:16:23 | 000,109,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PresentationHostProxy.dll
[2014.11.11 16:16:22 | 003,957,760 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WinSAT.exe
[2014.11.11 16:16:22 | 001,975,296 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\CertEnroll.dll
[2014.11.11 16:16:22 | 000,598,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\spinstall.exe
[2014.11.11 16:16:22 | 000,301,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\spreview.exe
[2014.11.11 16:16:21 | 001,548,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\tquery.dll
[2014.11.11 16:16:21 | 000,960,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\CPFilters.dll
[2014.11.11 16:16:20 | 001,888,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WMVDECOD.DLL
[2014.11.11 16:16:17 | 002,067,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3d9.dll
[2014.11.11 16:16:14 | 001,115,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\RacEngn.dll
[2014.11.11 16:16:13 | 000,867,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\SearchFolder.dll
[2014.11.11 16:16:12 | 005,066,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\AuthFWSnapin.dll
[2014.11.11 16:16:11 | 005,066,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\AuthFWSnapin.dll
[2014.11.11 16:16:10 | 001,632,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dwmcore.dll
[2014.11.11 16:16:10 | 001,161,216 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\kernel32.dll
[2014.11.11 16:16:09 | 003,391,488 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dbgeng.dll
[2014.11.11 16:16:06 | 000,079,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rdvgumd32.dll
[2014.11.11 16:16:05 | 001,456,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\crypt32.dll
[2014.11.11 16:16:04 | 001,493,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ExplorerFrame.dll
[2014.11.11 16:16:03 | 000,958,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\actxprxy.dll
[2014.11.11 16:16:02 | 001,447,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\lsasrv.dll
[2014.11.11 16:16:02 | 000,750,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\TSWorkspace.dll
[2014.11.11 16:16:02 | 000,419,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KernelBase.dll
[2014.11.11 16:16:01 | 000,784,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\gpprefcl.dll
[2014.11.11 16:16:00 | 001,116,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mstsc.exe
[2014.11.11 16:16:00 | 000,244,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sqmapi.dll
[2014.11.11 16:15:59 | 000,470,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XpsGdiConverter.dll
[2014.11.11 16:15:58 | 001,244,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\imapi2fs.dll
[2014.11.11 16:15:58 | 000,695,808 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netlogon.dll
[2014.11.11 16:15:57 | 000,787,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3d11.dll
[2014.11.11 16:15:57 | 000,641,536 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\CPFilters.dll
[2014.11.11 16:15:55 | 002,616,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\explorer.exe
[2014.11.11 16:15:55 | 001,900,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\setupapi.dll
[2014.11.11 16:15:55 | 001,212,416 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\propsys.dll
[2014.11.11 16:15:54 | 000,505,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\taskschd.dll
[2014.11.11 16:15:54 | 000,055,296 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PushPrinterConnections.exe
[2014.11.11 16:15:53 | 001,927,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\authui.dll
[2014.11.11 16:15:53 | 001,281,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\werconcpl.dll
[2014.11.11 16:15:53 | 000,720,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\odbc32.dll
[2014.11.11 16:15:53 | 000,702,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msfeeds.dll
[2014.11.11 16:15:53 | 000,464,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\taskeng.exe
[2014.11.11 16:15:52 | 001,049,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mstsc.exe
[2014.11.11 16:15:52 | 001,008,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\user32.dll
[2014.11.11 16:15:52 | 000,861,696 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\oleaut32.dll
[2014.11.11 16:15:52 | 000,357,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dnsapi.dll
[2014.11.11 16:15:48 | 001,796,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\certmgr.dll
[2014.11.11 16:15:48 | 000,376,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\netio.sys
[2014.11.11 16:15:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\LSCSHostPolicy.dll
[2014.11.11 16:15:46 | 000,612,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vbscript.dll
[2014.11.11 16:15:46 | 000,395,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\webio.dll
[2014.11.11 16:15:46 | 000,381,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wer.dll
[2014.11.11 16:15:46 | 000,146,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\scavengeui.dll
[2014.11.11 16:15:44 | 000,955,904 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\localspl.dll
[2014.11.11 16:15:44 | 000,758,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PortableDeviceApi.dll
[2014.11.11 16:15:44 | 000,342,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\certcli.dll
[2014.11.11 16:15:44 | 000,299,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tsmf.dll
[2014.11.11 16:15:43 | 000,457,216 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msdrm.dll
[2014.11.11 16:15:43 | 000,210,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ncsi.dll
[2014.11.11 16:15:42 | 001,509,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msdtctm.dll
[2014.11.11 16:15:42 | 001,371,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dwmcore.dll
[2014.11.11 16:15:42 | 000,448,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\shlwapi.dll
[2014.11.11 16:15:41 | 002,652,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netshell.dll
[2014.11.11 16:15:41 | 000,573,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\odbc32.dll
[2014.11.11 16:15:41 | 000,299,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpshell.exe
[2014.11.11 16:15:41 | 000,295,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\framedynos.dll
[2014.11.11 16:15:40 | 000,524,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmicmiplugin.dll
[2014.11.11 16:15:40 | 000,061,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\tcpmonui.dll
[2014.11.11 16:15:39 | 001,572,352 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\quartz.dll
[2014.11.11 16:15:39 | 000,800,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\usp10.dll
[2014.11.11 16:15:39 | 000,519,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netcfgx.dll
[2014.11.11 16:15:39 | 000,479,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\appmgr.dll
[2014.11.11 16:15:39 | 000,390,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winlogon.exe
[2014.11.11 16:15:39 | 000,297,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ws2_32.dll
[2014.11.11 16:15:38 | 001,328,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\quartz.dll
[2014.11.11 16:15:38 | 000,658,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dxgi.dll
[2014.11.11 16:15:38 | 000,594,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\comdlg32.dll
[2014.11.11 16:15:38 | 000,481,280 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmpps.dll
[2014.11.11 16:15:38 | 000,343,040 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\lsm.exe
[2014.11.11 16:15:38 | 000,321,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3d10_1core.dll
[2014.11.11 16:15:37 | 002,055,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Query.dll
[2014.11.11 16:15:37 | 000,597,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\TSWorkspace.dll
[2014.11.11 16:15:37 | 000,342,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\apphelp.dll
[2014.11.11 16:15:37 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- E:\Windows\SysNative\drivers\amdsata.sys
[2014.11.11 16:15:36 | 002,543,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wpdshext.dll
[2014.11.11 16:15:36 | 000,422,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drvstore.dll
[2014.11.11 16:15:36 | 000,283,648 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XpsGdiConverter.dll
[2014.11.11 16:15:36 | 000,270,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\tsmf.dll
[2014.11.11 16:15:36 | 000,091,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dot3api.dll
[2014.11.11 16:15:35 | 000,897,536 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\azroles.dll
[2014.11.11 16:15:35 | 000,266,240 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\QAGENT.DLL
[2014.11.11 16:15:33 | 001,098,240 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Vault.dll
[2014.11.11 16:15:33 | 000,758,784 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\samsrv.dll
[2014.11.11 16:15:33 | 000,566,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winresume.efi
[2014.11.11 16:15:33 | 000,345,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cmd.exe
[2014.11.11 16:15:32 | 002,522,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dbgeng.dll
[2014.11.11 16:15:32 | 000,653,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\lpksetup.exe
[2014.11.11 16:15:32 | 000,281,600 | ---- | C] (Microsoft) -- E:\Windows\SysNative\DShowRdpFilter.dll
[2014.11.11 16:15:31 | 000,751,104 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\win32spl.dll
[2014.11.11 16:15:31 | 000,722,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\EncDec.dll
[2014.11.11 16:15:30 | 000,778,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mssvp.dll
[2014.11.11 16:15:30 | 000,605,552 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winload.exe
[2014.11.11 16:15:30 | 000,522,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3d11.dll
[2014.11.11 16:15:30 | 000,210,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpclip.exe
[2014.11.11 16:15:29 | 001,118,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sbe.dll
[2014.11.11 16:15:29 | 000,406,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netcfgx.dll
[2014.11.11 16:15:28 | 001,619,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WMVDECOD.DLL
[2014.11.11 16:15:28 | 001,190,400 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WindowsCodecs.dll
[2014.11.11 16:15:28 | 000,582,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sxs.dll
[2014.11.11 16:15:28 | 000,314,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\webio.dll
[2014.11.11 16:15:27 | 000,584,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\gpprefcl.dll
[2014.11.11 16:15:27 | 000,473,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\taskcomp.dll
[2014.11.11 16:15:27 | 000,312,832 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Wldap32.dll
[2014.11.11 16:15:27 | 000,272,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mcbuilder.exe
[2014.11.11 16:15:27 | 000,240,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cscobj.dll
[2014.11.11 16:15:26 | 001,808,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\pnidui.dll
[2014.11.11 16:15:26 | 000,642,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winload.efi
[2014.11.11 16:15:26 | 000,584,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ipsmsnap.dll
[2014.11.11 16:15:26 | 000,381,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mfds.dll
[2014.11.11 16:15:26 | 000,206,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\upnp.dll
[2014.11.11 16:15:26 | 000,189,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\storport.sys
[2014.11.11 16:15:25 | 002,151,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mmcndmgr.dll
[2014.11.11 16:15:25 | 001,158,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\webservices.dll
[2014.11.11 16:15:25 | 000,252,928 | ---- | C] (Microsoft) -- E:\Windows\SysWow64\DShowRdpFilter.dll
[2014.11.11 16:15:25 | 000,235,008 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\hgprint.dll
[2014.11.11 16:15:25 | 000,167,424 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpendp.dll
[2014.11.11 16:15:25 | 000,049,488 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netfxperf.dll
[2014.11.11 16:15:24 | 001,792,000 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\authui.dll
[2014.11.11 16:15:24 | 000,933,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sqlsrv32.dll
[2014.11.11 16:15:24 | 000,732,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\imapi2fs.dll
[2014.11.11 16:15:24 | 000,518,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winresume.exe
[2014.11.11 16:15:24 | 000,235,008 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winsta.dll
[2014.11.11 16:15:23 | 000,345,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fveapi.dll
[2014.11.11 16:15:23 | 000,252,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\iepeers.dll
[2014.11.11 16:15:23 | 000,084,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dot3api.dll
[2014.11.11 16:15:22 | 001,009,152 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mcmde.dll
[2014.11.11 16:15:22 | 000,403,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\gdi32.dll
[2014.11.11 16:15:22 | 000,288,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\MSNP.ax
[2014.11.11 16:15:22 | 000,220,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mcbuilder.exe
[2014.11.11 16:15:22 | 000,183,808 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\prncache.dll
[2014.11.11 16:15:21 | 001,555,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\certmgr.dll
[2014.11.11 16:15:21 | 001,441,280 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wlanpref.dll
[2014.11.11 16:15:21 | 001,243,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WMNetMgr.dll
[2014.11.11 16:15:21 | 000,285,696 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\schtasks.exe
[2014.11.11 16:15:21 | 000,263,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vpnike.dll
[2014.11.11 16:15:20 | 001,712,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xpsservices.dll
[2014.11.11 16:15:20 | 000,630,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\evr.dll
[2014.11.11 16:15:20 | 000,409,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\photowiz.dll
[2014.11.11 16:15:20 | 000,323,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\drvstore.dll
[2014.11.11 16:15:20 | 000,220,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wintrust.dll
[2014.11.11 16:15:20 | 000,169,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tspubwmi.dll
[2014.11.11 16:15:20 | 000,109,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\userenv.dll
[2014.11.11 16:15:19 | 000,296,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\AudioSes.dll
[2014.11.11 16:15:19 | 000,279,040 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\framedyn.dll
[2014.11.11 16:15:18 | 002,262,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\SyncCenter.dll
[2014.11.11 16:15:18 | 002,072,576 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WMPEncEn.dll
[2014.11.11 16:15:18 | 001,082,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sppobjs.dll
[2014.11.11 16:15:18 | 001,024,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmpmde.dll
[2014.11.11 16:15:18 | 000,605,696 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmpeffects.dll
[2014.11.11 16:15:18 | 000,412,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\aepdu.dll
[2014.11.11 16:15:18 | 000,302,592 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\cmd.exe
[2014.11.11 16:15:18 | 000,257,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mfreadwrite.dll
[2014.11.11 16:15:18 | 000,200,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tscfgwmi.dll
[2014.11.11 16:15:17 | 000,492,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\win32spl.dll
[2014.11.11 16:15:17 | 000,424,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\aeinv.dll
[2014.11.11 16:15:17 | 000,244,224 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vmicsvc.exe
[2014.11.11 16:15:17 | 000,206,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\framedynos.dll
[2014.11.11 16:15:17 | 000,178,176 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpinit.exe
[2014.11.11 16:15:17 | 000,171,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fde.dll
[2014.11.11 16:15:16 | 000,501,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WinSATAPI.dll
[2014.11.11 16:15:16 | 000,296,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mfds.dll
[2014.11.11 16:15:15 | 000,551,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\localsec.dll
[2014.11.11 16:15:15 | 000,503,296 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\imapi2.dll
[2014.11.11 16:15:15 | 000,324,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netdiagfx.dll
[2014.11.11 16:15:15 | 000,298,104 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\bcryptprimitives.dll
[2014.11.11 16:15:15 | 000,257,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\stobject.dll
[2014.11.11 16:15:15 | 000,197,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\credui.dll
[2014.11.11 16:15:15 | 000,144,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cdd.dll
[2014.11.11 16:15:15 | 000,140,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rdpendp.dll
[2014.11.11 16:15:14 | 000,166,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\inetpp.dll
[2014.11.11 16:15:14 | 000,165,376 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netid.dll
[2014.11.11 16:15:13 | 000,762,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\azroles.dll
[2014.11.11 16:15:13 | 000,504,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\biocpl.dll
[2014.11.11 16:15:13 | 000,498,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cscui.dll
[2014.11.11 16:15:13 | 000,378,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msinfo32.exe
[2014.11.11 16:15:13 | 000,339,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\appmgr.dll
[2014.11.11 16:15:13 | 000,253,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tcpipcfg.dll
[2014.11.11 16:15:13 | 000,244,224 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\spp.dll
[2014.11.11 16:15:13 | 000,223,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\QSHVHOST.DLL
[2014.11.11 16:15:13 | 000,152,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ncsi.dll
[2014.11.11 16:15:13 | 000,100,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\davclnt.dll
[2014.11.11 16:15:12 | 002,755,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\themeui.dll
[2014.11.11 16:15:12 | 002,746,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\gameux.dll
[2014.11.11 16:15:12 | 001,050,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\printui.dll
[2014.11.11 16:15:12 | 000,571,904 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mspbda.dll
[2014.11.11 16:15:12 | 000,303,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\scansetting.dll
[2014.11.11 16:15:11 | 000,716,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\jscript.dll
[2014.11.11 16:15:11 | 000,477,696 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PhotoScreensaver.scr
[2014.11.11 16:15:11 | 000,337,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\conhost.exe
[2014.11.11 16:15:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\splwow64.exe
[2014.11.11 16:15:10 | 000,577,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\AdmTmpl.dll
[2014.11.11 16:15:10 | 000,552,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msdri.dll
[2014.11.11 16:15:10 | 000,307,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wusa.exe
[2014.11.11 16:15:10 | 000,145,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\IPHLPAPI.DLL
[2014.11.11 16:15:10 | 000,122,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\aitagent.exe
[2014.11.11 16:15:09 | 000,934,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\FirewallControlPanel.dll
[2014.11.11 16:15:09 | 000,854,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dbghelp.dll
[2014.11.11 16:15:09 | 000,625,664 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mscms.dll
[2014.11.11 16:15:09 | 000,442,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winspool.drv
[2014.11.11 16:15:09 | 000,199,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PkgMgr.exe
[2014.11.11 16:15:09 | 000,196,608 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mfreadwrite.dll
[2014.11.11 16:15:09 | 000,187,904 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rpchttp.dll
[2014.11.11 16:15:09 | 000,144,768 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\basecsp.dll
[2014.11.11 16:15:08 | 003,211,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msi.dll
[2014.11.11 16:15:08 | 000,488,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\evr.dll
[2014.11.11 16:15:08 | 000,405,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wisptis.exe
[2014.11.11 16:15:08 | 000,305,152 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\taskcomp.dll
[2014.11.11 16:15:08 | 000,229,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XpsRasterService.dll
[2014.11.11 16:15:08 | 000,186,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ocsetup.exe
[2014.11.11 16:15:07 | 001,031,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpcore.dll
[2014.11.11 16:15:07 | 000,776,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\calc.exe
[2014.11.11 16:15:07 | 000,459,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\DXP.dll
[2014.11.11 16:15:07 | 000,418,816 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sppwinob.dll
[2014.11.11 16:15:07 | 000,335,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WinSATAPI.dll
[2014.11.11 16:15:07 | 000,207,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cfgmgr32.dll
[2014.11.11 16:15:07 | 000,161,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ocsetapi.dll
[2014.11.11 16:15:06 | 000,780,008 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ci.dll
[2014.11.11 16:15:06 | 000,778,240 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\sqlsrv32.dll
[2014.11.11 16:15:06 | 000,534,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\EncDec.dll
[2014.11.11 16:15:06 | 000,509,952 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ntshrui.dll
[2014.11.11 16:15:06 | 000,348,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\eapp3hst.dll
[2014.11.11 16:15:05 | 002,983,424 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\UIRibbon.dll
[2014.11.11 16:15:05 | 000,850,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mmsys.cpl
[2014.11.11 16:15:05 | 000,303,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\eapphost.dll
[2014.11.11 16:15:05 | 000,264,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\upnp.dll
[2014.11.11 16:15:05 | 000,221,184 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mprapi.dll
[2014.11.11 16:15:05 | 000,148,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\t2embed.dll
[2014.11.11 16:15:05 | 000,128,000 | ---- | C] (Microsoft) -- E:\Windows\SysNative\Robocopy.exe
[2014.11.11 16:15:05 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- E:\Windows\SysNative\drivers\HpSAMD.sys
[2014.11.11 16:15:04 | 002,494,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netshell.dll
[2014.11.11 16:15:04 | 000,263,040 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\hal.dll
[2014.11.11 16:15:04 | 000,176,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ie4uinit.exe
[2014.11.11 16:15:04 | 000,112,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\thumbcache.dll
[2014.11.11 16:15:03 | 001,457,664 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\DxpTaskSync.dll
[2014.11.11 16:15:03 | 001,160,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\MSMPEG2ENC.DLL
[2014.11.11 16:15:03 | 000,658,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PerfCenterCPL.dll
[2014.11.11 16:15:03 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\SysNative\atmfd.dll
[2014.11.11 16:15:03 | 000,232,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\scecli.dll
[2014.11.11 16:15:03 | 000,128,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dwmredir.dll
[2014.11.11 16:15:02 | 002,851,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\themeui.dll
[2014.11.11 16:15:02 | 000,568,832 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\scrptadm.dll
[2014.11.11 16:15:02 | 000,429,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\puiobj.dll
[2014.11.11 16:15:02 | 000,179,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\Classpnp.sys
[2014.11.11 16:15:02 | 000,136,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sspicli.dll
[2014.11.11 16:15:02 | 000,116,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\prncache.dll
[2014.11.11 16:15:02 | 000,046,592 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msasn1.dll
[2014.11.11 16:15:02 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- E:\Windows\SysNative\drivers\amdxata.sys
[2014.11.11 16:15:01 | 000,932,352 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\printui.dll
[2014.11.11 16:15:01 | 000,675,328 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\DXPTaskRingtone.dll
[2014.11.11 16:15:01 | 000,235,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\onex.dll
[2014.11.11 16:15:00 | 000,352,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wmpeffects.dll
[2014.11.11 16:15:00 | 000,158,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\aaclient.dll
[2014.11.11 16:15:00 | 000,142,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\net1.exe
[2014.11.11 16:15:00 | 000,139,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rpchttp.dll
[2014.11.11 16:14:59 | 001,363,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wdc.dll
[2014.11.11 16:14:59 | 001,163,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mfc42u.dll
[2014.11.11 16:14:59 | 000,243,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wow64.dll
[2014.11.11 16:14:58 | 001,120,768 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sdengin2.dll
[2014.11.11 16:14:58 | 000,799,744 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msftedit.dll
[2014.11.11 16:14:58 | 000,475,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wlangpui.dll
[2014.11.11 16:14:58 | 000,406,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\scesrv.dll
[2014.11.11 16:14:58 | 000,325,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\usbport.sys
[2014.11.11 16:14:58 | 000,246,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\scansetting.dll
[2014.11.11 16:14:57 | 001,689,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netcenter.dll
[2014.11.11 16:14:57 | 000,691,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\VAN.dll
[2014.11.11 16:14:57 | 000,483,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\StructuredQuery.dll
[2014.11.11 16:14:57 | 000,462,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wiadefui.dll
[2014.11.11 16:14:57 | 000,273,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\SndVol.exe
[2014.11.11 16:14:57 | 000,239,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dskquoui.dll
[2014.11.11 16:14:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\samcli.dll
[2014.11.11 16:14:57 | 000,063,488 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wscapi.dll
[2014.11.11 16:14:56 | 000,411,648 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wlangpui.dll
[2014.11.11 16:14:56 | 000,167,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\QSHVHOST.DLL
[2014.11.11 16:14:56 | 000,131,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\aaclient.dll
[2014.11.11 16:14:56 | 000,112,000 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\consent.exe
[2014.11.11 16:14:56 | 000,107,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\QUTIL.DLL
[2014.11.11 16:14:56 | 000,095,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\regapi.dll
[2014.11.11 16:14:55 | 001,750,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\pnidui.dll
[2014.11.11 16:14:55 | 000,782,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\webservices.dll
[2014.11.11 16:14:55 | 000,515,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\timedate.cpl
[2014.11.11 16:14:55 | 000,464,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\scrptadm.dll
[2014.11.11 16:14:55 | 000,340,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\srchadmin.dll
[2014.11.11 16:14:55 | 000,124,416 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\fde.dll
[2014.11.11 16:14:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\t2embed.dll
[2014.11.11 16:14:54 | 002,146,304 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\SyncCenter.dll
[2014.11.11 16:14:54 | 000,684,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\TabletPC.cpl
[2014.11.11 16:14:54 | 000,424,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rastls.dll
[2014.11.11 16:14:54 | 000,248,832 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wksprt.exe
[2014.11.11 16:14:54 | 000,225,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netdiagfx.dll
[2014.11.11 16:14:54 | 000,088,576 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\setupcl.exe
[2014.11.11 16:14:54 | 000,069,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\taskhost.exe
[2014.11.11 16:14:53 | 000,726,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\appwiz.cpl
[2014.11.11 16:14:53 | 000,560,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wuapi.dll
[2014.11.11 16:14:53 | 000,051,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wscapi.dll
[2014.11.11 16:14:51 | 000,332,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\hgcpl.dll
[2014.11.11 16:14:51 | 000,300,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msconfig.exe
[2014.11.11 16:14:51 | 000,215,552 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netiohlp.dll
[2014.11.11 16:14:51 | 000,139,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\cscobj.dll
[2014.11.11 16:14:51 | 000,041,472 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mimefilt.dll
[2014.11.11 16:14:50 | 000,314,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\clusapi.dll
[2014.11.11 16:14:50 | 000,166,784 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\basecsp.dll
[2014.11.11 16:14:50 | 000,072,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fdeploy.dll
[2014.11.11 16:14:50 | 000,050,176 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\lsmproxy.dll
[2014.11.11 16:14:49 | 001,538,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\inetcpl.cpl
[2014.11.11 16:14:49 | 000,974,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WFS.exe
[2014.11.11 16:14:49 | 000,830,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\MSMPEG2ENC.DLL
[2014.11.11 16:14:49 | 000,826,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rdpcore.dll
[2014.11.11 16:14:49 | 000,726,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2014.11.11 16:14:49 | 000,372,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mtxclu.dll
[2014.11.11 16:14:49 | 000,258,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mpg2splt.ax
[2014.11.11 16:14:49 | 000,186,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\iepeers.dll
[2014.11.11 16:14:49 | 000,040,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014.11.11 16:14:48 | 000,633,344 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\riched20.dll
[2014.11.11 16:14:48 | 000,630,784 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\DXPTaskRingtone.dll
[2014.11.11 16:14:48 | 000,392,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\imapi2.dll
[2014.11.11 16:14:48 | 000,214,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winsrv.dll
[2014.11.11 16:14:48 | 000,027,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\Diskdump.sys
[2014.11.11 16:14:47 | 002,576,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\gameux.dll
[2014.11.11 16:14:47 | 000,118,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dnscmmc.dll
[2014.11.11 16:14:46 | 000,486,400 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\powercpl.dll
[2014.11.11 16:14:46 | 000,199,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\onex.dll
[2014.11.11 16:14:46 | 000,186,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\logoncli.dll
[2014.11.11 16:14:46 | 000,065,536 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\RpcRtRemote.dll
[2014.11.11 16:14:45 | 001,624,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WMPEncEn.dll
[2014.11.11 16:14:45 | 000,666,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mssvp.dll
[2014.11.11 16:14:45 | 000,357,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sharemediacpl.dll
[2014.11.11 16:14:44 | 002,193,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\themecpl.dll
[2014.11.11 16:14:44 | 000,090,112 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\nci.dll
[2014.11.11 16:14:43 | 002,250,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\SensorsCpl.dll
[2014.11.11 16:14:43 | 000,658,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\autofmt.exe
[2014.11.11 16:14:43 | 000,359,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\eudcedit.exe
[2014.11.11 16:14:43 | 000,355,328 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Faultrep.dll
[2014.11.11 16:14:43 | 000,188,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netjoin.dll
[2014.11.11 16:14:43 | 000,066,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\hbaapi.dll
[2014.11.11 16:14:42 | 001,077,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Narrator.exe
[2014.11.11 16:14:42 | 000,166,400 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netiohlp.dll
[2014.11.11 16:14:42 | 000,057,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\licmgr10.dll
[2014.11.11 16:14:41 | 000,668,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\autochk.exe
[2014.11.11 16:14:41 | 000,038,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vpnikeapi.dll
[2014.11.11 16:14:40 | 000,633,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\comctl32.dll
[2014.11.11 16:14:40 | 000,232,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sppcomapi.dll
[2014.11.11 16:14:40 | 000,139,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cabview.dll
[2014.11.11 16:14:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\proquota.exe
[2014.11.11 16:14:39 | 000,777,728 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\autochk.exe
[2014.11.11 16:14:39 | 000,763,904 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\autofmt.exe
[2014.11.11 16:14:39 | 000,679,424 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\autoconv.exe
[2014.11.11 16:14:39 | 000,167,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msutb.dll
[2014.11.11 16:14:38 | 000,793,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\autoconv.exe
[2014.11.11 16:14:38 | 000,400,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ipsmsnap.dll
[2014.11.11 16:14:38 | 000,303,104 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msinfo32.exe
[2014.11.11 16:14:38 | 000,072,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\regapi.dll
[2014.11.11 16:14:38 | 000,042,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mimefilt.dll
[2014.11.11 16:14:37 | 000,850,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\sbe.dll
[2014.11.11 16:14:37 | 000,611,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wpd_ci.dll
[2014.11.11 16:14:37 | 000,455,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\nshipsec.dll
[2014.11.11 16:14:37 | 000,301,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\srchadmin.dll
[2014.11.11 16:14:37 | 000,181,760 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\tcpipcfg.dll
[2014.11.11 16:14:37 | 000,179,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\schtasks.exe
[2014.11.11 16:14:37 | 000,130,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\shsetup.dll
[2014.11.11 16:14:37 | 000,126,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\audiodg.exe
[2014.11.11 16:14:37 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- E:\Windows\SysNative\fms.dll
[2014.11.11 16:14:36 | 001,264,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sdclt.exe
[2014.11.11 16:14:36 | 000,441,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\powercpl.dll
[2014.11.11 16:14:36 | 000,222,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\eapphost.dll
[2014.11.11 16:14:36 | 000,202,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\framedyn.dll
[2014.11.11 16:14:36 | 000,168,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\bcdsrv.dll
[2014.11.11 16:14:35 | 001,466,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\inetcpl.cpl
[2014.11.11 16:14:35 | 000,905,216 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mmsys.cpl
[2014.11.11 16:14:35 | 000,665,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2014.11.11 16:14:35 | 000,414,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wlanui.dll
[2014.11.11 16:14:35 | 000,337,408 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msihnd.dll
[2014.11.11 16:14:35 | 000,222,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wwanconn.dll
[2014.11.11 16:14:35 | 000,171,392 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\scsiport.sys
[2014.11.11 16:14:35 | 000,156,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\prntvpt.dll
[2014.11.11 16:14:35 | 000,155,472 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mscorier.dll
[2014.11.11 16:14:35 | 000,154,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mscorier.dll
[2014.11.11 16:14:34 | 000,933,376 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\SmiEngine.dll
[2014.11.11 16:14:34 | 000,861,184 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fontext.dll
[2014.11.11 16:14:34 | 000,478,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\timedate.cpl
[2014.11.11 16:14:34 | 000,171,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\QAGENT.DLL
[2014.11.11 16:14:34 | 000,066,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpsign.exe
[2014.11.11 16:14:33 | 001,066,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Display.dll
[2014.11.11 16:14:33 | 000,211,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mprddm.dll
[2014.11.11 16:14:33 | 000,117,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netid.dll
[2014.11.11 16:14:32 | 000,624,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\qedit.dll
[2014.11.11 16:14:32 | 000,267,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\FXSCOVER.exe
[2014.11.11 16:14:31 | 001,227,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wdc.dll
[2014.11.11 16:14:31 | 000,749,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\batmeter.dll
[2014.11.11 16:14:31 | 000,204,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\MSNP.ax
[2014.11.11 16:14:31 | 000,076,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\hidclass.sys
[2014.11.11 16:14:31 | 000,020,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\rdpvideominiport.sys
[2014.11.11 16:14:30 | 000,957,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mblctr.exe
[2014.11.11 16:14:30 | 000,933,376 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\Vault.dll
[2014.11.11 16:14:30 | 000,372,224 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rastls.dll
[2014.11.11 16:14:30 | 000,346,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\untfs.dll
[2014.11.11 16:14:30 | 000,307,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\scesrv.dll
[2014.11.11 16:14:30 | 000,223,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmpsrcwp.dll
[2014.11.11 16:14:30 | 000,100,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fontsub.dll
[2014.11.11 16:14:30 | 000,078,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\nci.dll
[2014.11.11 16:14:29 | 001,326,592 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wlanpref.dll
[2014.11.11 16:14:29 | 001,202,176 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\DiagCpl.dll
[2014.11.11 16:14:29 | 001,003,008 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WMNetMgr.dll
[2014.11.11 16:14:29 | 000,625,664 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\usercpl.dll
[2014.11.11 16:14:29 | 000,052,224 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rtutils.dll
[2014.11.11 16:14:29 | 000,044,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\licmgr10.dll
[2014.11.11 16:14:28 | 002,217,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\bootres.dll
[2014.11.11 16:14:28 | 000,433,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\MCEWMDRMNDBootstrap.dll
[2014.11.11 16:14:28 | 000,250,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ksproxy.ax
[2014.11.11 16:14:28 | 000,098,816 | ---- | C] (Microsoft) -- E:\Windows\SysWow64\Robocopy.exe
[2014.11.11 16:14:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WSTPager.ax
[2014.11.11 16:14:27 | 001,400,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\DxpTaskSync.dll
[2014.11.11 16:14:27 | 000,812,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wpccpl.dll
[2014.11.11 16:14:27 | 000,227,328 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\taskmgr.exe
[2014.11.11 16:14:27 | 000,211,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rasppp.dll
[2014.11.11 16:14:27 | 000,052,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\winhv.sys
[2014.11.11 16:14:26 | 001,040,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\Display.dll
[2014.11.11 16:14:26 | 000,320,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mtxclu.dll
[2014.11.11 16:14:26 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\atmfd.dll
[2014.11.11 16:14:26 | 000,279,552 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dxdiagn.dll
[2014.11.11 16:14:26 | 000,225,280 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\SndVolSSO.dll
[2014.11.11 16:14:26 | 000,069,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dot3cfg.dll
[2014.11.11 16:14:25 | 000,416,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\prnfldr.dll
[2014.11.11 16:14:25 | 000,352,768 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\termmgr.dll
[2014.11.11 16:14:25 | 000,324,608 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\puiobj.dll
[2014.11.11 16:14:25 | 000,257,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\taskmgr.exe
[2014.11.11 16:14:25 | 000,196,608 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\shdocvw.dll
[2014.11.11 16:14:25 | 000,135,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XpsRasterService.dll
[2014.11.11 16:14:25 | 000,078,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\hbaapi.dll
[2014.11.11 16:14:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\userinit.exe
[2014.11.11 16:14:24 | 000,300,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\pdh.dll
[2014.11.11 16:14:24 | 000,288,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\eudcedit.exe
[2014.11.11 16:14:24 | 000,155,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\ataport.sys
[2014.11.11 16:14:24 | 000,115,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WPDShServiceObj.dll
[2014.11.11 16:14:24 | 000,031,744 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\proquota.exe
[2014.11.11 16:14:23 | 003,745,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\accessibilitycpl.dll
[2014.11.11 16:14:23 | 000,416,768 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wiadefui.dll
[2014.11.11 16:14:23 | 000,403,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\untfs.dll
[2014.11.11 16:14:23 | 000,268,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\MSAC3ENC.DLL
[2014.11.11 16:14:23 | 000,193,536 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\sppcomapi.dll
[2014.11.11 16:14:23 | 000,176,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rasppp.dll
[2014.11.11 16:14:23 | 000,149,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpcorekmts.dll
[2014.11.11 16:14:23 | 000,132,608 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\cabview.dll
[2014.11.11 16:14:23 | 000,127,488 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\logoncli.dll
[2014.11.11 16:14:23 | 000,111,104 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\shsetup.dll
[2014.11.11 16:14:23 | 000,030,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\userinit.exe
[2014.11.11 16:14:22 | 002,202,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\SensorsCpl.dll
[2014.11.11 16:14:22 | 000,856,576 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\FirewallControlPanel.dll
[2014.11.11 16:14:22 | 000,649,216 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\appwiz.cpl
[2014.11.11 16:14:21 | 002,157,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\themecpl.dll
[2014.11.11 16:14:21 | 000,366,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\zipfldr.dll
[2014.11.11 16:14:21 | 000,349,696 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\slui.exe
[2014.11.11 16:14:21 | 000,335,360 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msieftp.dll
[2014.11.11 16:14:21 | 000,233,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\defaultlocationcpl.dll
[2014.11.11 16:14:21 | 000,216,576 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\FWPUCLNT.DLL
[2014.11.11 16:14:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dnscmmc.dll
[2014.11.11 16:14:20 | 000,413,696 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\PhotoScreensaver.scr
[2014.11.11 16:14:20 | 000,312,832 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\hgcpl.dll
[2014.11.11 16:14:20 | 000,104,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Mpeg2Data.ax
[2014.11.11 16:14:19 | 002,146,816 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\networkmap.dll
[2014.11.11 16:14:19 | 000,828,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\fontext.dll
[2014.11.11 16:14:19 | 000,769,536 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sud.dll
[2014.11.11 16:14:19 | 000,508,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\DeviceCenter.dll
[2014.11.11 16:14:19 | 000,429,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\localsec.dll
[2014.11.11 16:14:19 | 000,268,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mprddm.dll
[2014.11.11 16:14:19 | 000,221,696 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\OnLineIDCpl.dll
[2014.11.11 16:14:19 | 000,175,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\scecli.dll
[2014.11.11 16:14:19 | 000,108,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\psisrndr.ax
[2014.11.11 16:14:19 | 000,080,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mscories.dll
[2014.11.11 16:14:18 | 001,065,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cryptui.dll
[2014.11.11 16:14:18 | 000,780,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ActionCenter.dll
[2014.11.11 16:14:18 | 000,600,576 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\PerfCenterCPL.dll
[2014.11.11 16:14:18 | 000,600,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\usercpl.dll
[2014.11.11 16:14:18 | 000,509,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\qedit.dll
[2014.11.11 16:14:18 | 000,503,296 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\srcore.dll
[2014.11.11 16:14:18 | 000,410,112 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wlanui.dll
[2014.11.11 16:14:18 | 000,373,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\intl.cpl
[2014.11.11 16:14:18 | 000,366,592 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\qdvd.dll
[2014.11.11 16:14:18 | 000,243,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\taskbarcpl.dll
[2014.11.11 16:14:18 | 000,220,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\SndVolSSO.dll
[2014.11.11 16:14:18 | 000,172,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\twext.dll
[2014.11.11 16:14:17 | 001,644,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netcenter.dll
[2014.11.11 16:14:17 | 000,898,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\OobeFldr.dll
[2014.11.11 16:14:17 | 000,740,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\batmeter.dll
[2014.11.11 16:14:17 | 000,638,976 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\VAN.dll
[2014.11.11 16:14:17 | 000,514,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\qdvd.dll
[2014.11.11 16:14:17 | 000,472,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\azroleui.dll
[2014.11.11 16:14:17 | 000,346,112 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\bcdedit.exe
[2014.11.11 16:14:17 | 000,314,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\SndVol.exe
[2014.11.11 16:14:17 | 000,288,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014.11.11 16:14:17 | 000,154,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\uxlib.dll
[2014.11.11 16:14:17 | 000,146,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\recovery.dll
[2014.11.11 16:14:17 | 000,120,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\prntvpt.dll
[2014.11.11 16:14:17 | 000,077,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpwsx.dll
[2014.11.11 16:14:17 | 000,066,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\w32tm.exe
[2014.11.11 16:14:16 | 003,727,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\accessibilitycpl.dll
[2014.11.11 16:14:16 | 000,721,408 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\bthprops.cpl
[2014.11.11 16:14:16 | 000,701,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dsuiext.dll
[2014.11.11 16:14:16 | 000,352,768 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\spwizeng.dll
[2014.11.11 16:14:16 | 000,345,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\MediaMetadataHandler.dll
[2014.11.11 16:14:16 | 000,314,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\azroleui.dll
[2014.11.11 16:14:16 | 000,304,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\efscore.dll
[2014.11.11 16:14:16 | 000,095,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cca.dll
[2014.11.11 16:14:16 | 000,091,648 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\isoburn.exe
[2014.11.11 16:14:16 | 000,058,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tzutil.exe
[2014.11.11 16:14:16 | 000,024,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sisbkup.dll
[2014.11.11 16:14:15 | 001,003,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\cryptui.dll
[2014.11.11 16:14:15 | 000,762,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sdcpl.dll
[2014.11.11 16:14:15 | 000,516,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\main.cpl
[2014.11.11 16:14:15 | 000,460,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\certcli.dll
[2014.11.11 16:14:15 | 000,451,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\shwebsvc.dll
[2014.11.11 16:14:15 | 000,419,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\systemcpl.dll
[2014.11.11 16:14:15 | 000,238,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\recdisc.exe
[2014.11.11 16:14:15 | 000,226,304 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\MSAC3ENC.DLL
[2014.11.11 16:14:15 | 000,200,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\syncui.dll
[2014.11.11 16:14:15 | 000,196,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\VBICodec.ax
[2014.11.11 16:14:15 | 000,193,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netplwiz.dll
[2014.11.11 16:14:15 | 000,186,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\adsldp.dll
[2014.11.11 16:14:15 | 000,184,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fvecpl.dll
[2014.11.11 16:14:15 | 000,161,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netjoin.dll
[2014.11.11 16:14:15 | 000,155,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\autoplay.dll
[2014.11.11 16:14:15 | 000,059,904 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\fdeploy.dll
[2014.11.11 16:14:15 | 000,045,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\httpapi.dll
[2014.11.11 16:14:15 | 000,029,184 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sspisrv.dll
[2014.11.11 16:14:14 | 002,130,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\networkmap.dll
[2014.11.11 16:14:14 | 000,549,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ActionCenterCPL.dll
[2014.11.11 16:14:14 | 000,414,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wlanmsm.dll
[2014.11.11 16:14:14 | 000,320,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\Faultrep.dll
[2014.11.11 16:14:14 | 000,207,360 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sysclass.dll
[2014.11.11 16:14:14 | 000,066,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ncryptui.dll
[2014.11.11 16:14:13 | 000,755,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\sud.dll
[2014.11.11 16:14:13 | 000,744,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ActionCenter.dll
[2014.11.11 16:14:13 | 000,445,952 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\spwizeng.dll
[2014.11.11 16:14:13 | 000,421,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\termmgr.dll
[2014.11.11 16:14:13 | 000,395,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\prnfldr.dll
[2014.11.11 16:14:13 | 000,314,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wusa.exe
[2014.11.11 16:14:13 | 000,312,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\MCEWMDRMNDBootstrap.dll
[2014.11.11 16:14:13 | 000,301,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msieftp.dll
[2014.11.11 16:14:13 | 000,295,424 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\photowiz.dll
[2014.11.11 16:14:13 | 000,266,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\MediaMetadataHandler.dll
[2014.11.11 16:14:13 | 000,240,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\MFPlay.dll
[2014.11.11 16:14:13 | 000,218,112 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\OnLineIDCpl.dll
[2014.11.11 16:14:13 | 000,185,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vdsutil.dll
[2014.11.11 16:14:13 | 000,135,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2014.11.11 16:14:13 | 000,097,280 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mshtmled.dll
[2014.11.11 16:14:13 | 000,066,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ksxbar.ax
[2014.11.11 16:14:12 | 000,641,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msscp.dll
[2014.11.11 16:14:12 | 000,474,112 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sysmon.ocx
[2014.11.11 16:14:12 | 000,389,632 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\sysmon.ocx
[2014.11.11 16:14:12 | 000,296,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rstrui.exe
[2014.11.11 16:14:12 | 000,279,040 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sethc.exe
[2014.11.11 16:14:12 | 000,271,360 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\iprtrmgr.dll
[2014.11.11 16:14:12 | 000,220,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\defaultlocationcpl.dll
[2014.11.11 16:14:12 | 000,163,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\odbccp32.dll
[2014.11.11 16:14:12 | 000,129,536 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ntlanman.dll
[2014.11.11 16:14:11 | 000,692,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\bthprops.cpl
[2014.11.11 16:14:11 | 000,446,976 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sqlcese30.dll
[2014.11.11 16:14:11 | 000,428,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\shwebsvc.dll
[2014.11.11 16:14:11 | 000,345,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\intl.cpl
[2014.11.11 16:14:11 | 000,313,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ReAgent.dll
[2014.11.11 16:14:11 | 000,281,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\iprtrmgr.dll
[2014.11.11 16:14:11 | 000,189,952 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\SmartcardCredentialProvider.dll
[2014.11.11 16:14:11 | 000,148,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ifsutil.dll
[2014.11.11 16:14:11 | 000,139,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ieUnatt.exe
[2014.11.11 16:14:11 | 000,082,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dot3cfg.dll
[2014.11.11 16:14:11 | 000,044,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tsgqec.dll
[2014.11.11 16:14:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ftp.exe
[2014.11.11 16:14:11 | 000,019,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\sisbkup.dll
[2014.11.11 16:14:10 | 000,537,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ActionCenterCPL.dll

[Koudy15x]

[2014.11.11 16:14:10 | 000,333,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ssText3d.scr
[2014.11.11 16:14:10 | 000,321,536 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\unimdm.tsp
[2014.11.11 16:14:10 | 000,319,488 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\odbcjt32.dll
[2014.11.11 16:14:10 | 000,282,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\iTVData.dll
[2014.11.11 16:14:10 | 000,212,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\odbctrac.dll
[2014.11.11 16:14:10 | 000,205,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\efscore.dll
[2014.11.11 16:14:10 | 000,114,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\iesysprep.dll
[2014.11.11 16:14:10 | 000,084,480 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\UserAccountControlSettings.dll
[2014.11.11 16:14:10 | 000,068,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpd3d.dll
[2014.11.11 16:14:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wwanprotdim.dll
[2014.11.11 16:14:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\secur32.dll
[2014.11.11 16:14:09 | 000,781,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmdrmsdk.dll
[2014.11.11 16:14:09 | 000,738,816 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wmpmde.dll
[2014.11.11 16:14:09 | 000,495,104 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drmmgrtn.dll
[2014.11.11 16:14:09 | 000,484,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\DeviceCenter.dll
[2014.11.11 16:14:09 | 000,196,608 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dskquoui.dll
[2014.11.11 16:14:09 | 000,159,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\syncui.dll
[2014.11.11 16:14:09 | 000,146,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\autoplay.dll
[2014.11.11 16:14:09 | 000,128,000 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\srvcli.dll
[2014.11.11 16:14:09 | 000,015,360 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\slwga.dll
[2014.11.11 16:14:08 | 000,859,648 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\OobeFldr.dll
[2014.11.11 16:14:08 | 000,410,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\systemcpl.dll
[2014.11.11 16:14:08 | 000,344,576 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ntprint.dll
[2014.11.11 16:14:08 | 000,297,472 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ntprint.dll
[2014.11.11 16:14:08 | 000,255,488 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wavemsp.dll
[2014.11.11 16:14:08 | 000,225,280 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\DevicePairingFolder.dll
[2014.11.11 16:14:08 | 000,173,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\powercfg.cpl
[2014.11.11 16:14:08 | 000,152,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2014.11.11 16:14:08 | 000,133,632 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\NAPHLPR.DLL
[2014.11.11 16:14:08 | 000,109,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\nslookup.exe
[2014.11.11 16:14:08 | 000,068,608 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WSTPager.ax
[2014.11.11 16:14:08 | 000,053,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\acppage.dll
[2014.11.11 16:14:07 | 000,743,424 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\blackbox.dll
[2014.11.11 16:14:07 | 000,656,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\nshwfp.dll
[2014.11.11 16:14:07 | 000,270,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\srrstr.dll
[2014.11.11 16:14:07 | 000,270,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\sethc.exe
[2014.11.11 16:14:07 | 000,229,376 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fsquirt.exe
[2014.11.11 16:14:07 | 000,202,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\activeds.dll
[2014.11.11 16:14:07 | 000,199,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mpg2splt.ax
[2014.11.11 16:14:07 | 000,193,536 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ksproxy.ax
[2014.11.11 16:14:07 | 000,182,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wmpsrcwp.dll
[2014.11.11 16:14:07 | 000,175,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netplwiz.dll
[2014.11.11 16:14:07 | 000,175,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\bcdboot.exe
[2014.11.11 16:14:07 | 000,107,008 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\NAPHLPR.DLL
[2014.11.11 16:14:07 | 000,102,400 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sppnp.dll
[2014.11.11 16:14:07 | 000,101,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\migisol.dll
[2014.11.11 16:14:07 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- E:\Windows\SysWow64\fms.dll
[2014.11.11 16:14:06 | 001,672,704 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\networkexplorer.dll
[2014.11.11 16:14:06 | 000,805,376 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\cdosys.dll
[2014.11.11 16:14:06 | 000,257,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dpx.dll
[2014.11.11 16:14:06 | 000,153,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\remotepg.dll
[2014.11.11 16:14:06 | 000,094,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cabinet.dll
[2014.11.11 16:14:06 | 000,071,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wkscli.dll
[2014.11.11 16:14:06 | 000,034,816 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\httpapi.dll
[2014.11.11 16:14:05 | 001,133,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cdosys.dll
[2014.11.11 16:14:05 | 000,606,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dfrgui.exe
[2014.11.11 16:14:05 | 000,592,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msftedit.dll
[2014.11.11 16:14:05 | 000,428,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wlanmsm.dll
[2014.11.11 16:14:05 | 000,346,112 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\nshipsec.dll
[2014.11.11 16:14:05 | 000,247,808 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ReAgent.dll
[2014.11.11 16:14:05 | 000,222,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wavemsp.dll
[2014.11.11 16:14:05 | 000,217,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WinSCard.dll
[2014.11.11 16:14:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PresentationSettings.exe
[2014.11.11 16:14:05 | 000,102,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\kstvtune.ax
[2014.11.11 16:14:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\isoburn.exe
[2014.11.11 16:14:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ftp.exe
[2014.11.11 16:14:04 | 000,685,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dsuiext.dll
[2014.11.11 16:14:04 | 000,594,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wvc.dll
[2014.11.11 16:14:04 | 000,586,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dfrgui.exe
[2014.11.11 16:14:04 | 000,358,400 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmpdxm.dll
[2014.11.11 16:14:04 | 000,333,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dot3ui.dll
[2014.11.11 16:14:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\net1.exe
[2014.11.11 16:14:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wsnmp32.dll
[2014.11.11 16:14:03 | 000,840,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\blackbox.dll
[2014.11.11 16:14:03 | 000,636,416 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmdrmdev.dll
[2014.11.11 16:14:03 | 000,444,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wvc.dll
[2014.11.11 16:14:03 | 000,438,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\AdmTmpl.dll
[2014.11.11 16:14:03 | 000,406,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wimgapi.dll
[2014.11.11 16:14:03 | 000,293,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wsqmcons.exe
[2014.11.11 16:14:03 | 000,281,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\unimdm.tsp
[2014.11.11 16:14:03 | 000,258,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\dxgmms1.sys
[2014.11.11 16:14:03 | 000,209,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\PkgMgr.exe
[2014.11.11 16:14:03 | 000,209,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mstask.dll
[2014.11.11 16:14:03 | 000,206,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mfps.dll
[2014.11.11 16:14:03 | 000,197,632 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ocsetup.exe
[2014.11.11 16:14:03 | 000,146,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\twext.dll
[2014.11.11 16:14:03 | 000,047,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\tzutil.exe
[2014.11.11 16:14:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WerFaultSecure.exe
[2014.11.11 16:14:02 | 001,911,808 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\OpcServices.dll
[2014.11.11 16:14:02 | 000,899,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Bubbles.scr
[2014.11.11 16:14:02 | 000,190,976 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\qcap.dll
[2014.11.11 16:14:02 | 000,182,784 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WUDFPlatform.dll
[2014.11.11 16:14:02 | 000,091,648 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mapistub.dll
[2014.11.11 16:14:02 | 000,091,648 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mapi32.dll
[2014.11.11 16:14:02 | 000,073,216 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\unimdmat.dll
[2014.11.11 16:14:02 | 000,051,200 | ---- | C] (Twain Working Group) -- E:\Windows\twain_32.dll
[2014.11.11 16:14:02 | 000,008,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014.11.11 16:14:01 | 000,497,664 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\main.cpl
[2014.11.11 16:14:01 | 000,363,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\diskraid.exe
[2014.11.11 16:14:01 | 000,293,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ssText3d.scr
[2014.11.11 16:14:01 | 000,241,664 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Ribbons.scr
[2014.11.11 16:14:01 | 000,206,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\qasf.dll
[2014.11.11 16:14:01 | 000,195,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msrating.dll
[2014.11.11 16:14:01 | 000,180,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ifsutil.dll
[2014.11.11 16:14:01 | 000,153,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\occache.dll
[2014.11.11 16:14:01 | 000,118,784 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\uxlib.dll
[2014.11.11 16:14:01 | 000,113,152 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\setupugc.exe
[2014.11.11 16:14:01 | 000,037,376 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\iscsium.dll
[2014.11.11 16:14:01 | 000,014,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\slwga.dll
[2014.11.11 16:14:00 | 000,616,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wmdrmsdk.dll
[2014.11.11 16:14:00 | 000,573,952 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3d10level9.dll
[2014.11.11 16:14:00 | 000,242,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Mystify.scr
[2014.11.11 16:14:00 | 000,120,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msvfw32.dll
[2014.11.11 16:14:00 | 000,098,304 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\nslookup.exe
[2014.11.11 16:14:00 | 000,084,480 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mciavi32.dll
[2014.11.11 16:14:00 | 000,016,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\muifontsetup.dll
[2014.11.11 16:13:59 | 000,504,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msscp.dll
[2014.11.11 16:13:59 | 000,327,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wimserv.exe
[2014.11.11 16:13:59 | 000,294,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WindowsAnytimeUpgradeResults.exe
[2014.11.11 16:13:59 | 000,276,480 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\diskraid.exe
[2014.11.11 16:13:59 | 000,254,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\qasf.dll
[2014.11.11 16:13:59 | 000,230,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\clusapi.dll
[2014.11.11 16:13:59 | 000,222,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpencom.dll
[2014.11.11 16:13:59 | 000,211,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\DevicePairingFolder.dll
[2014.11.11 16:13:59 | 000,172,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\perfmon.exe
[2014.11.11 16:13:59 | 000,132,608 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmpshell.dll
[2014.11.11 16:13:59 | 000,073,728 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tlscsp.dll
[2014.11.11 16:13:59 | 000,059,904 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\umb.dll
[2014.11.11 16:13:59 | 000,050,176 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\NAPCRYPT.DLL
[2014.11.11 16:13:59 | 000,045,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\acppage.dll
[2014.11.11 16:13:59 | 000,031,744 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\AzSqlExt.dll
[2014.11.11 16:13:59 | 000,029,184 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netutils.dll
[2014.11.11 16:13:58 | 001,087,488 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dbghelp.dll
[2014.11.11 16:13:58 | 000,623,104 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\FXSAPI.dll
[2014.11.11 16:13:58 | 000,337,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\raschap.dll
[2014.11.11 16:13:58 | 000,318,976 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\raschap.dll
[2014.11.11 16:13:58 | 000,213,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ActionQueue.dll
[2014.11.11 16:13:58 | 000,186,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rdpencom.dll
[2014.11.11 16:13:58 | 000,157,184 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\perfmon.exe
[2014.11.11 16:13:58 | 000,146,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\remotepg.dll
[2014.11.11 16:13:58 | 000,125,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\inseng.dll
[2014.11.11 16:13:58 | 000,071,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\bfsvc.exe
[2014.11.11 16:13:58 | 000,070,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\fontsub.dll
[2014.11.11 16:13:58 | 000,056,832 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\runonce.exe
[2014.11.11 16:13:57 | 001,232,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WMADMOD.DLL
[2014.11.11 16:13:57 | 000,402,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\drmmgrtn.dll
[2014.11.11 16:13:57 | 000,215,040 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wpdwcn.dll
[2014.11.11 16:13:57 | 000,202,240 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\input.dll
[2014.11.11 16:13:57 | 000,174,592 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ocsetapi.dll
[2014.11.11 16:13:57 | 000,146,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\MdSched.exe
[2014.11.11 16:13:57 | 000,124,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wiavideo.dll
[2014.11.11 16:13:57 | 000,122,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\odbccp32.dll
[2014.11.11 16:13:57 | 000,080,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\QUTIL.DLL
[2014.11.11 16:13:57 | 000,078,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\UserAccountControlSettings.dll
[2014.11.11 16:13:57 | 000,048,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PrintIsolationProxy.dll
[2014.11.11 16:13:57 | 000,046,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\NAPCRYPT.DLL
[2014.11.11 16:13:57 | 000,025,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\vpnikeapi.dll
[2014.11.11 16:13:57 | 000,017,408 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\syssetup.dll
[2014.11.11 16:13:56 | 001,111,552 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\onexui.dll
[2014.11.11 16:13:56 | 000,666,112 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WMVSDECD.DLL
[2014.11.11 16:13:56 | 000,299,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wmpdxm.dll
[2014.11.11 16:13:56 | 000,238,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mstask.dll
[2014.11.11 16:13:56 | 000,219,648 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\iTVData.dll
[2014.11.11 16:13:56 | 000,198,144 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wpdwcn.dll
[2014.11.11 16:13:56 | 000,190,976 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vdsbas.dll
[2014.11.11 16:13:56 | 000,160,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\vdsbas.dll
[2014.11.11 16:13:56 | 000,133,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Kswdmcap.ax
[2014.11.11 16:13:56 | 000,096,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\inseng.dll
[2014.11.11 16:13:56 | 000,050,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\runonce.exe
[2014.11.11 16:13:55 | 000,395,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\nltest.exe
[2014.11.11 16:13:55 | 000,242,176 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\eapp3hst.dll
[2014.11.11 16:13:55 | 000,232,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\bitsadmin.exe
[2014.11.11 16:13:55 | 000,210,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dxdiagn.dll
[2014.11.11 16:13:55 | 000,176,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\MFPlay.dll
[2014.11.11 16:13:55 | 000,146,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\rmcast.sys
[2014.11.11 16:13:55 | 000,135,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\shacct.dll
[2014.11.11 16:13:55 | 000,095,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\logagent.exe
[2014.11.11 16:13:55 | 000,083,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014.11.11 16:13:55 | 000,046,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cscapi.dll
[2014.11.11 16:13:54 | 000,527,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmdrmnet.dll
[2014.11.11 16:13:54 | 000,507,392 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wmdrmdev.dll
[2014.11.11 16:13:54 | 000,124,416 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\QSVRMGMT.DLL
[2014.11.11 16:13:54 | 000,108,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\shacct.dll
[2014.11.11 16:13:54 | 000,105,472 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wmpshell.dll
[2014.11.11 16:13:54 | 000,104,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\logman.exe
[2014.11.11 16:13:54 | 000,078,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tabcal.exe
[2014.11.11 16:13:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vss_ps.dll
[2014.11.11 16:13:53 | 000,978,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WMSPDMOD.DLL
[2014.11.11 16:13:53 | 000,878,592 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\Bubbles.scr
[2014.11.11 16:13:53 | 000,431,104 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WPDSp.dll
[2014.11.11 16:13:53 | 000,325,632 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msnetobj.dll
[2014.11.11 16:13:53 | 000,309,760 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\sqlcese30.dll
[2014.11.11 16:13:53 | 000,288,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mssphtb.dll
[2014.11.11 16:13:53 | 000,224,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PortableDeviceSyncProvider.dll
[2014.11.11 16:13:53 | 000,186,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\bitsadmin.exe
[2014.11.11 16:13:53 | 000,181,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\qcap.dll
[2014.11.11 16:13:53 | 000,137,216 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\CscMig.dll
[2014.11.11 16:13:53 | 000,121,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\secproc_ssp_isv.dll
[2014.11.11 16:13:53 | 000,121,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\secproc_ssp.dll
[2014.11.11 16:13:53 | 000,087,552 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wudriver.dll
[2014.11.11 16:13:53 | 000,059,392 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\unimdmat.dll
[2014.11.11 16:13:53 | 000,052,224 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rdpd3d.dll
[2014.11.11 16:13:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\iscsium.dll
[2014.11.11 16:13:53 | 000,021,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\lsmproxy.dll
[2014.11.11 16:13:52 | 001,160,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\OpcServices.dll
[2014.11.11 16:13:52 | 000,435,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PortableDeviceStatus.dll
[2014.11.11 16:13:52 | 000,350,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WPDSp.dll
[2014.11.11 16:13:52 | 000,250,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\qdv.dll
[2014.11.11 16:13:52 | 000,236,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\pdh.dll
[2014.11.11 16:13:52 | 000,183,296 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\PortableDeviceSyncProvider.dll
[2014.11.11 16:13:52 | 000,158,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mprapi.dll
[2014.11.11 16:13:52 | 000,098,816 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\RegisterIEPKEYs.exe
[2014.11.11 16:13:52 | 000,084,480 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\kstvtune.ax
[2014.11.11 16:13:52 | 000,082,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\logman.exe
[2014.11.11 16:13:52 | 000,078,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\spbcd.dll
[2014.11.11 16:13:52 | 000,077,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\olethk32.dll
[2014.11.11 16:13:52 | 000,060,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ncryptui.dll
[2014.11.11 16:13:52 | 000,051,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vmictimeprovider.dll
[2014.11.11 16:13:51 | 000,902,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WMADMOD.DLL
[2014.11.11 16:13:51 | 000,427,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\PortableDeviceStatus.dll
[2014.11.11 16:13:51 | 000,392,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WMPhoto.dll
[2014.11.11 16:13:51 | 000,318,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WMPhoto.dll
[2014.11.11 16:13:51 | 000,313,344 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dot3ui.dll
[2014.11.11 16:13:51 | 000,221,184 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\Mystify.scr
[2014.11.11 16:13:51 | 000,220,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\Ribbons.scr
[2014.11.11 16:13:51 | 000,163,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\odbctrac.dll
[2014.11.11 16:13:51 | 000,142,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\powercfg.cpl
[2014.11.11 16:13:51 | 000,130,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\desk.cpl
[2014.11.11 16:13:51 | 000,121,344 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fphc.dll
[2014.11.11 16:13:51 | 000,099,328 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\QSVRMGMT.DLL
[2014.11.11 16:13:51 | 000,091,648 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\avifil32.dll
[2014.11.11 16:13:51 | 000,089,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\amstream.dll
[2014.11.11 16:13:51 | 000,076,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mapistub.dll
[2014.11.11 16:13:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\Mpeg2Data.ax
[2014.11.11 16:13:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mshtmled.dll
[2014.11.11 16:13:51 | 000,063,488 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\takeown.exe
[2014.11.11 16:13:51 | 000,063,488 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\setbcdlocale.dll
[2014.11.11 16:13:51 | 000,062,976 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PnPUnattend.exe
[2014.11.11 16:13:51 | 000,036,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\tsgqec.dll
[2014.11.11 16:13:51 | 000,031,744 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\utildll.dll
[2014.11.11 16:13:50 | 001,148,416 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\IMJP10.IME
[2014.11.11 16:13:50 | 000,541,184 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WMVSDECD.DLL
[2014.11.11 16:13:50 | 000,436,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wmdrmnet.dll
[2014.11.11 16:13:50 | 000,189,952 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\sqmapi.dll
[2014.11.11 16:13:50 | 000,153,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\VBICodec.ax
[2014.11.11 16:13:50 | 000,144,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\EhStorAPI.dll
[2014.11.11 16:13:50 | 000,115,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dot3msm.dll
[2014.11.11 16:13:50 | 000,109,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wiavideo.dll
[2014.11.11 16:13:50 | 000,107,008 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\Kswdmcap.ax
[2014.11.11 16:13:50 | 000,098,304 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\fphc.dll
[2014.11.11 16:13:50 | 000,072,704 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netapi32.dll
[2014.11.11 16:13:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\takeown.exe
[2014.11.11 16:13:50 | 000,027,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\HotStartUserAgent.dll
[2014.11.11 16:13:49 | 000,681,472 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WUDFx.dll
[2014.11.11 16:13:49 | 000,283,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\qdv.dll
[2014.11.11 16:13:49 | 000,265,216 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msnetobj.dll
[2014.11.11 16:13:49 | 000,226,816 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WUDFHost.exe
[2014.11.11 16:13:49 | 000,100,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\sppinst.dll
[2014.11.11 16:13:49 | 000,092,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cmstp.exe
[2014.11.11 16:13:49 | 000,079,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\QCLIPROV.DLL
[2014.11.11 16:13:49 | 000,075,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\psisrndr.ax
[2014.11.11 16:13:49 | 000,071,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\CertPolEng.dll
[2014.11.11 16:13:49 | 000,061,952 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WavDest.dll
[2014.11.11 16:13:49 | 000,061,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\djoin.exe
[2014.11.11 16:13:49 | 000,037,376 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\shimgvw.dll
[2014.11.11 16:13:49 | 000,015,360 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\nrpsrv.dll
[2014.11.11 16:13:48 | 000,084,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\cmstp.exe
[2014.11.11 16:13:48 | 000,075,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\MSDvbNP.ax
[2014.11.11 16:13:48 | 000,074,240 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fdProxy.dll
[2014.11.11 16:13:48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\QCLIPROV.DLL
[2014.11.11 16:13:48 | 000,070,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\MuiUnattend.exe
[2014.11.11 16:13:48 | 000,066,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\cca.dll
[2014.11.11 16:13:48 | 000,056,832 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\vfwwdm32.dll
[2014.11.11 16:13:48 | 000,051,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\MultiDigiMon.exe
[2014.11.11 16:13:47 | 000,739,328 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WMSPDMOD.DLL
[2014.11.11 16:13:47 | 000,176,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msorcl32.dll
[2014.11.11 16:13:47 | 000,166,400 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\diskpart.exe
[2014.11.11 16:13:47 | 000,152,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\iscsicli.exe
[2014.11.11 16:13:47 | 000,144,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\iscsicli.exe
[2014.11.11 16:13:47 | 000,143,360 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mydocs.dll
[2014.11.11 16:13:47 | 000,130,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\BdeHdCfg.exe
[2014.11.11 16:13:47 | 000,128,000 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\desk.cpl
[2014.11.11 16:13:47 | 000,115,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\setupcln.dll
[2014.11.11 16:13:47 | 000,102,400 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mobsync.exe
[2014.11.11 16:13:47 | 000,057,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\g711codc.ax
[2014.11.11 16:13:47 | 000,051,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wsnmp32.dll
[2014.11.11 16:13:47 | 000,046,592 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\pdhui.dll
[2014.11.11 16:13:47 | 000,043,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vbisurf.ax
[2014.11.11 16:13:47 | 000,043,008 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\relog.exe
[2014.11.11 16:13:47 | 000,037,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\relog.exe
[2014.11.11 16:13:47 | 000,028,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\AzSqlExt.dll
[2014.11.11 16:13:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netiougc.exe
[2014.11.11 16:13:47 | 000,014,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\BWUnpairElevated.dll
[2014.11.11 16:13:47 | 000,013,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sscore.dll
[2014.11.11 16:13:46 | 000,306,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\RMActivate_ssp.exe
[2014.11.11 16:13:46 | 000,305,152 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014.11.11 16:13:46 | 000,194,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\itircl.dll
[2014.11.11 16:13:46 | 000,158,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\itircl.dll
[2014.11.11 16:13:46 | 000,136,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mydocs.dll
[2014.11.11 16:13:46 | 000,133,632 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\diskpart.exe
[2014.11.11 16:13:46 | 000,103,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dot3msm.dll
[2014.11.11 16:13:46 | 000,085,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\secproc_ssp_isv.dll
[2014.11.11 16:13:46 | 000,071,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\resutils.dll
[2014.11.11 16:13:46 | 000,070,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\amstream.dll
[2014.11.11 16:13:46 | 000,069,632 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rastapi.dll
[2014.11.11 16:13:46 | 000,061,952 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\spbcd.dll
[2014.11.11 16:13:46 | 000,058,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\browcli.dll
[2014.11.11 16:13:46 | 000,047,104 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wkscli.dll
[2014.11.11 16:13:46 | 000,035,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msdmo.dll
[2014.11.11 16:13:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netbtugc.exe
[2014.11.11 16:13:45 | 001,027,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\IMJP10.IME
[2014.11.11 16:13:45 | 000,434,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\FXSTIFF.dll
[2014.11.11 16:13:45 | 000,144,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wmpps.dll
[2014.11.11 16:13:45 | 000,103,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\eappgnui.dll
[2014.11.11 16:13:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\secproc_ssp.dll
[2014.11.11 16:13:45 | 000,071,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\findstr.exe
[2014.11.11 16:13:45 | 000,065,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\CertPolEng.dll
[2014.11.11 16:13:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ksxbar.ax
[2014.11.11 16:13:45 | 000,041,472 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mciqtz32.dll
[2014.11.11 16:13:45 | 000,036,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\choice.exe
[2014.11.11 16:13:45 | 000,031,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\prevhost.exe
[2014.11.11 16:13:45 | 000,026,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\qprocess.exe
[2014.11.11 16:13:45 | 000,014,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\syssetup.dll
[2014.11.11 16:13:44 | 001,080,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\onexui.dll
[2014.11.11 16:13:44 | 000,280,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\RMActivate_ssp.exe
[2014.11.11 16:13:44 | 000,278,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014.11.11 16:13:44 | 000,145,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sppc.dll
[2014.11.11 16:13:44 | 000,094,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\eappgnui.dll
[2014.11.11 16:13:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\imagehlp.dll
[2014.11.11 16:13:44 | 000,069,632 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\tlscsp.dll
[2014.11.11 16:13:44 | 000,062,976 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\findstr.exe
[2014.11.11 16:13:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\luainstall.dll
[2014.11.11 16:13:44 | 000,036,352 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mciqtz32.dll
[2014.11.11 16:13:44 | 000,028,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WerFaultSecure.exe
[2014.11.11 16:13:44 | 000,022,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ReAgentc.exe
[2014.11.11 16:13:43 | 000,121,344 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\sppc.dll
[2014.11.11 16:13:43 | 000,101,376 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mobsync.exe
[2014.11.11 16:13:43 | 000,082,944 | ---- | C] (Radius Inc.) -- E:\Windows\SysWow64\iccvid.dll
[2014.11.11 16:13:43 | 000,079,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\manage-bde.exe
[2014.11.11 16:13:43 | 000,065,536 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\inetmib1.dll
[2014.11.11 16:13:43 | 000,059,904 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\MSDvbNP.ax
[2014.11.11 16:13:43 | 000,051,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\repair-bde.exe
[2014.11.11 16:13:43 | 000,036,352 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wdiasqmmodule.dll
[2014.11.11 16:13:43 | 000,035,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\shimgvw.dll
[2014.11.11 16:13:43 | 000,031,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\prevhost.exe
[2014.11.11 16:13:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dnscacheugc.exe
[2014.11.11 16:13:43 | 000,024,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\schedcli.dll
[2014.11.11 16:13:43 | 000,023,040 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\qappsrv.exe
[2014.11.11 16:13:43 | 000,022,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\chglogon.exe
[2014.11.11 16:13:43 | 000,019,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\spopk.dll
[2014.11.11 16:13:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\spopk.dll
[2014.11.11 16:13:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\muifontsetup.dll
[2014.11.11 16:13:42 | 000,147,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\RDPENCDD.dll
[2014.11.11 16:13:42 | 000,053,760 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vmicres.dll
[2014.11.11 16:13:42 | 000,053,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\odbcconf.dll
[2014.11.11 16:13:42 | 000,052,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\inetmib1.dll
[2014.11.11 16:13:42 | 000,044,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WUDFCoinstaller.dll
[2014.11.11 16:13:42 | 000,041,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\luainstall.dll
[2014.11.11 16:13:42 | 000,038,400 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vmstorfltres.dll
[2014.11.11 16:13:42 | 000,034,304 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\unlodctr.exe
[2014.11.11 16:13:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\vbisurf.ax
[2014.11.11 16:13:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\profprov.dll
[2014.11.11 16:13:42 | 000,030,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msdmo.dll
[2014.11.11 16:13:42 | 000,024,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\chgport.exe
[2014.11.11 16:13:42 | 000,022,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tscon.exe
[2014.11.11 16:13:42 | 000,021,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rdprefdrvapi.dll
[2014.11.11 16:13:42 | 000,021,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\logoff.exe
[2014.11.11 16:13:42 | 000,021,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\chgusr.exe
[2014.11.11 16:13:42 | 000,017,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fixmapi.exe
[2014.11.11 16:13:41 | 001,164,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\UIRibbonRes.dll
[2014.11.11 16:13:41 | 001,164,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\UIRibbonRes.dll
[2014.11.11 16:13:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\g711codc.ax
[2014.11.11 16:13:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vmbusres.dll
[2014.11.11 16:13:41 | 000,041,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\FXSMON.dll
[2014.11.11 16:13:41 | 000,041,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\browcli.dll
[2014.11.11 16:13:41 | 000,040,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\odbcconf.dll
[2014.11.11 16:13:41 | 000,027,648 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wups.dll
[2014.11.11 16:13:41 | 000,025,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\elsTrans.dll
[2014.11.11 16:13:41 | 000,023,552 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tskill.exe
[2014.11.11 16:13:41 | 000,022,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tsdiscon.exe
[2014.11.11 16:13:41 | 000,021,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\TRAPI.dll
[2014.11.11 16:13:41 | 000,021,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\shadow.exe
[2014.11.11 16:13:41 | 000,021,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rwinsta.exe
[2014.11.11 16:13:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msfeedssync.exe
[2014.11.11 16:13:40 | 000,036,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dsauth.dll
[2014.11.11 16:13:40 | 000,027,648 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\LogonUI.exe
[2014.11.11 16:13:40 | 000,026,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\tdi.sys
[2014.11.11 16:13:40 | 000,017,408 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\perfts.dll
[2014.11.11 16:13:40 | 000,016,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\reset.exe
[2014.11.11 16:13:39 | 000,072,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\napdsnap.dll
[2014.11.11 16:13:39 | 000,046,080 | ---- | C] (Adobe Systems) -- E:\Windows\SysNative\atmlib.dll
[2014.11.11 16:13:39 | 000,023,040 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdprefdrvapi.dll
[2014.11.11 16:13:39 | 000,022,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\elsTrans.dll
[2014.11.11 16:13:39 | 000,021,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\TRAPI.dll
[2014.11.11 16:13:39 | 000,018,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\FXSUNATD.exe
[2014.11.11 16:13:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\change.exe
[2014.11.11 16:13:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\query.exe
[2014.11.11 16:13:39 | 000,012,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msfeedssync.exe
[2014.11.11 16:13:38 | 000,457,216 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\imkr80.ime
[2014.11.11 16:13:38 | 000,068,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\napdsnap.dll
[2014.11.11 16:13:38 | 000,034,304 | ---- | C] (Adobe Systems) -- E:\Windows\SysWow64\atmlib.dll
[2014.11.11 16:13:38 | 000,031,744 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\usbrpm.sys
[2014.11.11 16:13:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dsauth.dll
[2014.11.11 16:13:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cscdll.dll
[2014.11.11 16:13:38 | 000,024,576 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\bitsperf.dll
[2014.11.11 16:13:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\bitsperf.dll
[2014.11.11 16:13:38 | 000,017,408 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\schedcli.dll
[2014.11.11 16:13:37 | 000,026,112 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wsdchngr.dll
[2014.11.11 16:13:37 | 000,009,728 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\sscore.dll
[2014.11.11 16:13:36 | 000,482,816 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\html.iec
[2014.11.11 16:13:36 | 000,430,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\imkr80.ime
[2014.11.11 16:13:36 | 000,028,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\shgina.dll
[2014.11.11 16:13:36 | 000,021,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wsdchngr.dll
[2014.11.11 16:13:36 | 000,020,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\shgina.dll
[2014.11.11 16:13:36 | 000,008,704 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\riched32.dll
[2014.11.11 16:13:35 | 000,361,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wow64win.dll
[2014.11.11 16:13:35 | 000,032,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\USBCAMD2.sys
[2014.11.11 16:13:35 | 000,013,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wshirda.dll
[2014.11.11 16:13:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wow64cpu.dll
[2014.11.11 16:13:34 | 000,386,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\html.iec
[2014.11.11 16:13:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vmbuspipe.dll
[2014.11.11 16:13:33 | 000,011,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wshirda.dll
[2014.11.11 16:13:33 | 000,010,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\riched32.dll
[2014.11.11 16:13:33 | 000,010,240 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpcfgex.dll
[2014.11.11 16:13:32 | 000,130,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\VmbusCoinstaller.dll
[2014.11.11 16:13:32 | 000,129,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\VmdCoinstall.dll
[2014.11.11 16:13:32 | 000,128,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\IcCoinstall.dll
[2014.11.11 16:13:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\C_ISCII.DLL
[2014.11.11 16:13:32 | 000,009,728 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\spwmp.dll
[2014.11.11 16:13:32 | 000,008,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\spwmp.dll
[2014.11.11 16:13:31 | 000,011,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\shunimpl.dll
[2014.11.11 16:13:31 | 000,011,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\C_ISCII.DLL
[2014.11.11 16:13:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDTUF.DLL
[2014.11.11 16:13:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDTUF.DLL
[2014.11.11 16:13:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDSG.DLL
[2014.11.11 16:13:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDSF.DLL
[2014.11.11 16:13:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDPO.DLL
[2014.11.11 16:13:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\kbdlk41a.dll
[2014.11.11 16:13:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDINTAM.DLL
[2014.11.11 16:13:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDINBEN.DLL
[2014.11.11 16:13:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDGR1.DLL
[2014.11.11 16:13:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msdxm.ocx
[2014.11.11 16:13:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dxmasf.dll
[2014.11.11 16:13:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msdxm.ocx
[2014.11.11 16:13:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dxmasf.dll
[2014.11.11 16:13:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\SysNative\api-ms-win-core-ums-l1-1-0.dll
[2014.11.11 16:13:30 | 012,625,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmploc.DLL
[2014.11.11 16:13:30 | 012,625,408 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wmploc.DLL
[2014.11.11 16:13:30 | 000,008,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDTUQ.DLL
[2014.11.11 16:13:30 | 000,008,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDSG.DLL
[2014.11.11 16:13:30 | 000,008,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\kbdlk41a.dll
[2014.11.11 16:13:30 | 000,008,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDGKL.DLL
[2014.11.11 16:13:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDTUQ.DLL
[2014.11.11 16:13:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDNEPR.DLL
[2014.11.11 16:13:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDGR1.DLL
[2014.11.11 16:13:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDGKL.DLL
[2014.11.11 16:13:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDUS.DLL
[2014.11.11 16:13:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDTURME.DLL
[2014.11.11 16:13:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDTAJIK.DLL
[2014.11.11 16:13:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDMON.DLL
[2014.11.11 16:13:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDINTEL.DLL
[2014.11.11 16:13:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDGEO.DLL
[2014.11.11 16:13:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDBLR.DLL
[2014.11.11 16:13:29 | 000,069,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\nlsbres.dll
[2014.11.11 16:13:29 | 000,069,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\nlsbres.dll
[2014.11.11 16:13:29 | 000,035,328 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\pifmgr.dll
[2014.11.11 16:13:29 | 000,035,328 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\pifmgr.dll
[2014.11.11 16:13:29 | 000,008,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDCZ1.DLL
[2014.11.11 16:13:29 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\spwizres.dll
[2014.11.11 16:13:29 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\spwizres.dll
[2014.11.11 16:13:29 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDCZ1.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDUS.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDUGHR1.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDTURME.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDTAJIK.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDSF.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDPO.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDNEPR.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDMON.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDMAORI.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDLT1.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDINTEL.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDINTAM.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDINORI.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDINORI.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDINMAR.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDINMAR.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDINKAN.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDINKAN.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDINHIN.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDINHIN.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDINBEN.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDBULG.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDBLR.DLL
[2014.11.11 16:13:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDBASH.DLL
[2014.11.11 16:13:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDUGHR1.DLL
[2014.11.11 16:13:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDMAORI.DLL
[2014.11.11 16:13:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDLT1.DLL
[2014.11.11 16:13:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KBDGEO.DLL
[2014.11.11 16:13:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDBULG.DLL
[2014.11.11 16:13:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\KBDBASH.DLL
[2014.11.11 16:13:29 | 000,003,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dpnaddr.dll
[2014.11.11 16:13:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dpnaddr.dll
[2014.11.11 16:13:28 | 000,052,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\BlbEvents.dll
[2014.11.11 16:13:13 | 000,399,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dpx.dll
[2014.11.11 16:13:13 | 000,189,952 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wdscore.dll
[2014.11.11 16:09:24 | 000,529,408 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wbemcomn.dll
[2014.11.10 20:16:18 | 000,000,000 | ---D | C] -- E:\Windows\SysNative\MRT
[2014.11.09 17:09:24 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\Macromedia
[2014.11.09 15:48:46 | 000,294,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\browserchoice.exe
[2014.11.09 01:11:21 | 000,000,000 | ---D | C] -- E:\Users\Admin\jagexcache1
[2014.11.08 22:50:46 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Mouse Utilities
[2014.11.08 22:50:45 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Magic Mouse Utilities
[2014.11.08 22:39:17 | 000,000,000 | ---D | C] -- E:\Users\Public\Documents\Atheros
[2014.11.08 22:38:51 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\BMExplorer
[2014.11.08 22:37:51 | 000,000,000 | ---D | C] -- E:\ProgramData\boost_interprocess
[2014.11.08 22:04:20 | 000,912,504 | ---- | C] (Symantec Corporation) -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symefa64.sys
[2014.11.08 22:04:20 | 000,450,680 | ---- | C] (Symantec Corporation) -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symds64.sys
[2014.11.08 22:04:20 | 000,386,168 | ---- | C] (Symantec Corporation) -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symnets.sys
[2014.11.08 22:04:20 | 000,040,568 | ---- | C] (Symantec Corporation) -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\srtspx64.sys
[2014.11.08 22:04:19 | 000,744,568 | ---- | C] (Symantec Corporation) -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\srtsp64.sys
[2014.11.08 22:04:19 | 000,171,128 | ---- | C] (Symantec Corporation) -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\ironx64.sys
[2014.11.08 22:03:52 | 000,000,000 | ---D | C] -- E:\Windows\SysNative\drivers\NAVx64\1207010.003
[2014.11.08 20:06:06 | 000,000,000 | ---D | C] -- E:\ProgramData\Mozilla
[2014.11.08 20:06:04 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Mozilla Maintenance Service
[2014.11.08 19:37:06 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Symantec Shared
[2014.11.08 16:09:40 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\ElevatedDiagnostics
[2014.11.08 16:09:16 | 000,000,000 | ---D | C] -- E:\ProgramData\HP
[2014.11.08 14:40:01 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\Macromedia
[2014.11.08 14:39:58 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\Adobe
[2014.11.08 14:39:47 | 000,701,104 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerApp.exe
[2014.11.08 14:39:47 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.11.08 14:39:46 | 000,000,000 | ---D | C] -- E:\Windows\SysWow64\Macromed
[2014.11.08 14:39:42 | 000,000,000 | ---D | C] -- E:\Windows\SysNative\Macromed
[2014.11.08 14:39:16 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\Adobe
[2014.11.08 12:58:37 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\Foxit Software
[2014.11.08 12:26:52 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
[2014.11.08 12:26:51 | 000,000,000 | ---D | C] -- E:\Program Files\totalcmd
[2014.11.08 12:26:51 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\GHISLER
[2014.11.08 12:10:39 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google AdWords Editor
[2014.11.08 09:21:12 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2014.11.08 09:21:01 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Foxit Software
[2014.11.08 09:20:12 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\Programs
[2014.11.08 08:53:53 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Mozilla Thunderbird
[2014.11.08 08:46:47 | 000,142,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\poqexec.exe
[2014.11.08 08:46:47 | 000,123,904 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\poqexec.exe
[2014.11.08 08:46:45 | 005,562,240 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ntoskrnl.exe
[2014.11.08 08:46:43 | 003,967,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ntkrnlpa.exe
[2014.11.08 08:46:43 | 003,912,576 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ntoskrnl.exe
[2014.11.08 08:45:05 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\Mozilla
[2014.11.08 08:45:05 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\Mozilla
[2014.11.07 20:06:13 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014.11.07 20:05:09 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\DESIGNER
[2014.11.07 20:04:33 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft SQL Server
[2014.11.07 20:04:32 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft.NET
[2014.11.07 20:04:19 | 000,000,000 | ---D | C] -- E:\ProgramData\regid.1991-06.com.microsoft
[2014.11.07 20:03:51 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Mozilla Firefox
[2014.11.07 20:03:34 | 000,000,000 | ---D | C] -- E:\Windows\PCHEALTH
[2014.11.07 20:03:34 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft.NET
[2014.11.07 20:03:34 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft SQL Server
[2014.11.07 20:00:30 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Analysis Services
[2014.11.07 20:00:30 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft Analysis Services
[2014.11.07 19:59:51 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\Microsoft Help
[2014.11.07 19:59:49 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft Office
[2014.11.07 19:59:47 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Office
[2014.11.07 19:59:43 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft Help
[2014.11.07 19:59:01 | 000,000,000 | RH-D | C] -- E:\MSOCache
[2014.11.07 19:56:56 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014.11.07 19:56:14 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- E:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014.11.07 19:56:08 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2014.11.07 19:56:04 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\DAEMON Tools Lite
[2014.11.07 19:52:42 | 000,000,000 | ---D | C] -- E:\ProgramData\DAEMON Tools Lite
[2014.11.07 19:09:34 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\Skype
[2014.11.07 19:09:29 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\Skype
[2014.11.07 19:09:12 | 000,000,000 | R--D | C] -- E:\Program Files (x86)\Skype
[2014.11.07 19:09:12 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014.11.07 19:09:12 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Skype
[2014.11.07 19:08:57 | 000,000,000 | ---D | C] -- E:\ProgramData\Skype
[2014.11.07 18:14:49 | 000,000,000 | ---D | C] -- E:\Users\Admin\jagexcache
[2014.11.07 18:06:23 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014.11.07 18:05:38 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Google
[2014.11.07 18:05:30 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\Google
[2014.11.07 18:04:34 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\Deployment
[2014.11.07 18:04:34 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\Apps
[2014.11.07 17:59:21 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\Apple Computer
[2014.11.07 17:59:21 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\Apple Computer
[2014.11.07 17:59:15 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014.11.07 17:59:13 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- E:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2014.11.07 17:59:13 | 000,000,000 | ---D | C] -- E:\Windows\SysNative\DRVSTORE
[2014.11.07 17:58:59 | 000,000,000 | ---D | C] -- E:\Program Files\iPod
[2014.11.07 17:58:58 | 000,000,000 | ---D | C] -- E:\Program Files\iTunes
[2014.11.07 17:58:58 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\iTunes
[2014.11.07 17:58:58 | 000,000,000 | ---D | C] -- E:\ProgramData\Apple Computer
[2014.11.07 17:58:58 | 000,000,000 | ---D | C] -- E:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014.11.07 17:58:20 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\Apple
[2014.11.07 17:58:19 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Apple Software Update
[2014.11.07 17:58:08 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Apple
[2014.11.07 17:57:57 | 000,000,000 | ---D | C] -- E:\Program Files\Bonjour
[2014.11.07 17:57:57 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Bonjour
[2014.11.07 17:57:49 | 000,000,000 | ---D | C] -- E:\ProgramData\Apple
[2014.11.07 17:57:49 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Apple
[2014.11.07 17:56:37 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.11.07 17:56:37 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.11.07 17:56:34 | 000,000,000 | ---D | C] -- E:\Program Files\WinRAR
[2014.11.07 17:55:27 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\uTorrent
[2014.11.07 17:55:27 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
[2014.11.07 17:55:11 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\TeamViewer
[2014.11.07 17:54:45 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014.11.07 17:54:45 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Steam
[2014.11.07 17:54:44 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Steam
[2014.11.07 17:53:39 | 000,000,000 | ---D | C] -- E:\ProgramData\Sun
[2014.11.07 17:53:37 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Java
[2014.11.07 17:53:32 | 000,264,616 | ---- | C] (Oracle Corporation) -- E:\Windows\SysWow64\javaws.exe
[2014.11.07 17:53:25 | 000,175,016 | ---- | C] (Oracle Corporation) -- E:\Windows\SysWow64\javaw.exe
[2014.11.07 17:53:25 | 000,174,504 | ---- | C] (Oracle Corporation) -- E:\Windows\SysWow64\java.exe
[2014.11.07 17:53:25 | 000,096,168 | ---- | C] (Oracle Corporation) -- E:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.11.07 17:53:25 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.11.07 17:53:16 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Java
[2014.11.07 17:51:30 | 000,174,200 | ---- | C] (Symantec Corporation) -- E:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014.11.07 17:51:30 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Symantec Shared
[2014.11.07 17:51:30 | 000,000,000 | ---D | C] -- E:\Program Files\Symantec
[2014.11.07 17:51:09 | 000,000,000 | ---D | C] -- E:\Windows\SysNative\drivers\NAVx64
[2014.11.07 17:51:06 | 000,000,000 | R--D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
[2014.11.07 17:51:06 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Norton AntiVirus
[2014.11.07 17:51:05 | 000,000,000 | ---D | C] -- E:\ProgramData\Norton
[2014.11.07 17:50:33 | 000,000,000 | ---D | C] -- E:\ProgramData\NortonInstaller
[2014.11.07 17:50:33 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\NortonInstaller
[2014.11.07 17:50:06 | 000,038,424 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wups.dll
[2014.11.07 17:50:05 | 000,701,976 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wuapi.dll
[2014.11.07 17:50:05 | 000,099,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wudriver.dll
[2014.11.07 17:46:23 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\Intel Corporation
[2014.11.07 17:43:27 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Cisco
[2014.11.07 17:42:41 | 000,095,472 | ---- | C] (Broadcom Corporation) -- E:\Windows\SysNative\bcmwlcoi.dll
[2014.11.07 17:42:40 | 003,896,632 | ---- | C] (Broadcom Corporation) -- E:\Windows\SysNative\bcmihvsrv64.dll
[2014.11.07 17:42:40 | 003,561,272 | ---- | C] (Broadcom Corporation) -- E:\Windows\SysNative\bcmihvui64.dll
[2014.11.07 17:42:40 | 003,058,168 | ---- | C] (Broadcom Corporation) -- E:\Windows\SysNative\drivers\BCMWL664.SYS
[2014.11.07 17:42:39 | 000,000,000 | ---D | C] -- E:\Program Files\Broadcom
[2014.11.07 17:42:10 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2014.11.07 17:41:01 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\ATI Technologies
[2014.11.07 17:40:26 | 000,000,000 | ---D | C] -- E:\Program Files\ATI Technologies
[2014.11.07 17:40:24 | 000,000,000 | ---D | C] -- E:\Program Files\ATI
[2014.11.07 17:39:10 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Launch Manager
[2014.11.07 17:38:11 | 000,000,000 | ---D | C] -- E:\ProgramData\AmUStor
[2014.11.07 17:38:11 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\AmIcoSingLun
[2014.11.07 17:37:25 | 000,156,392 | ---- | C] (Atheros) -- E:\Windows\SysNative\drivers\btath_rcp.sys
[2014.11.07 17:37:24 | 001,721,576 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wdfcoinstaller01009.dll
[2014.11.07 17:37:24 | 000,202,792 | ---- | C] (Atheros) -- E:\Windows\SysNative\drivers\btath_hcrp.sys
[2014.11.07 17:37:24 | 000,052,584 | ---- | C] (Atheros) -- E:\Windows\SysNative\drivers\btath_lwflt.sys
[2014.11.07 17:37:23 | 000,294,760 | ---- | C] (Atheros) -- E:\Windows\SysNative\drivers\btath_a2dp.sys
[2014.11.07 17:37:23 | 000,038,248 | ---- | C] (Atheros) -- E:\Windows\SysNative\drivers\btath_flt.sys
[2014.11.07 17:37:19 | 000,032,296 | ---- | C] (Atheros) -- E:\Windows\SysNative\drivers\btath_bus.sys
[2014.11.07 17:37:14 | 000,000,000 | ---D | C] -- E:\Users\Admin\Documents\Bluetooth Folder
[2014.11.07 17:36:29 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Suite
[2014.11.07 17:36:17 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Bluetooth Suite
[2014.11.07 17:35:52 | 000,000,000 | -HSD | C] -- E:\Windows\Installer
[2014.11.07 17:34:31 | 000,000,000 | ---D | C] -- E:\Windows\SysWow64\RTCOM
[2014.11.07 17:34:19 | 000,000,000 | ---D | C] -- E:\Program Files\Realtek
[2014.11.07 17:34:18 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- E:\Windows\SysNative\WavesGUILib.dll
[2014.11.07 17:34:18 | 001,694,240 | ---- | C] (Realtek Semiconductor Corp.) -- E:\Windows\SysNative\RtPgEx64.dll
[2014.11.07 17:34:18 | 000,612,384 | ---- | C] (Realtek Semiconductor Corp.) -- E:\Windows\SysNative\RTSnMg64.cpl
[2014.11.07 17:34:18 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- E:\Windows\SysNative\SRSTSX64.dll
[2014.11.07 17:34:18 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- E:\Windows\SysNative\RtlCPAPI64.dll
[2014.11.07 17:34:18 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- E:\Windows\SysNative\SRSTSH64.dll
[2014.11.07 17:34:18 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- E:\Windows\SysNative\SRSHP64.dll
[2014.11.07 17:34:18 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- E:\Windows\SysNative\SRSWOW64.dll
[2014.11.07 17:34:17 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- E:\Windows\SysNative\MaxxAudioEQ.dll
[2014.11.07 17:34:17 | 001,639,968 | ---- | C] (Realtek Semiconductor Corp.) -- E:\Windows\SysNative\RtkAPO64.dll
[2014.11.07 17:34:17 | 001,201,184 | ---- | C] (Realtek Semiconductor Corp.) -- E:\Windows\SysNative\RTCOM64.dll
[2014.11.07 17:34:17 | 000,475,168 | ---- | C] (Realtek Semiconductor Corp.) -- E:\Windows\SysNative\RtkApi64.dll
[2014.11.07 17:34:17 | 000,363,008 | ---- | C] (Dolby Laboratories, Inc.) -- E:\Windows\SysNative\RTEEP64A.dll
[2014.11.07 17:34:17 | 000,328,096 | ---- | C] (Fortemedia Corporation) -- E:\Windows\SysNative\FMAPO64.dll
[2014.11.07 17:34:17 | 000,325,904 | ---- | C] (Waves Audio Ltd.) -- E:\Windows\SysNative\MaxxAudioAPO20.dll
[2014.11.07 17:34:17 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- E:\Windows\SysNative\RP3DHT64.dll
[2014.11.07 17:34:17 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- E:\Windows\SysNative\RP3DAA64.dll
[2014.11.07 17:34:17 | 000,198,656 | ---- | C] (Dolby Laboratories, Inc.) -- E:\Windows\SysNative\RTEED64A.dll
[2014.11.07 17:34:17 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- E:\Windows\SysNative\RtkCfg64.dll
[2014.11.07 17:34:17 | 000,095,744 | ---- | C] (Dolby Laboratories, Inc.) -- E:\Windows\SysNative\RTEEL64A.dll
[2014.11.07 17:34:17 | 000,073,216 | ---- | C] (Dolby Laboratories, Inc.) -- E:\Windows\SysNative\RTEEG64A.dll
[2014.11.07 17:34:17 | 000,068,640 | ---- | C] (Realtek Semiconductor Corp.) -- E:\Windows\SysNative\RCoInst64.dll
[2014.11.07 17:34:16 | 000,168,864 | ---- | C] (Andrea Electronics Corporation) -- E:\Windows\SysNative\AERTAC64.dll
[2014.11.07 17:34:16 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- E:\Windows\SysNative\AERTAR64.dll
[2014.11.07 17:34:16 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Realtek
[2014.11.07 17:34:11 | 000,838,176 | ---- | C] (Realtek Semiconductor Corp.) -- E:\Windows\RtlExUpd.dll
[2014.11.07 17:34:11 | 000,000,000 | -H-D | C] -- E:\Program Files (x86)\Temp
[2014.11.07 17:34:08 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\InstallShield
[2014.11.07 17:33:53 | 000,000,000 | R--D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2014.11.07 17:33:39 | 000,000,000 | ---D | C] -- E:\Intel
[2014.11.07 17:33:38 | 000,538,136 | ---- | C] (Intel Corporation) -- E:\Windows\SysNative\drivers\iaStor.sys
[2014.11.07 17:33:37 | 000,000,000 | -H-D | C] -- E:\Program Files (x86)\InstallShield Installation Information
[2014.11.07 17:33:36 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Intel
[2014.11.07 17:33:36 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\InstallShield
[2014.11.07 17:33:36 | 000,000,000 | ---D | C] -- E:\ProgramData\InstallShield
[2014.11.07 17:31:17 | 000,000,000 | R--D | C] -- E:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014.11.07 17:31:17 | 000,000,000 | R--D | C] -- E:\Users\Admin\Searches
[2014.11.07 17:31:17 | 000,000,000 | R--D | C] -- E:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014.11.07 17:31:05 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\Identities
[2014.11.07 17:30:56 | 000,000,000 | R--D | C] -- E:\Users\Admin\Contacts
[2014.11.07 17:30:52 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\VirtualStore
[2014.11.07 17:30:29 | 000,000,000 | --SD | C] -- E:\Users\Admin\AppData\Roaming\Microsoft
[2014.11.07 17:30:29 | 000,000,000 | R--D | C] -- E:\Users\Admin\Videos
[2014.11.07 17:30:29 | 000,000,000 | R--D | C] -- E:\Users\Admin\Saved Games
[2014.11.07 17:30:29 | 000,000,000 | R--D | C] -- E:\Users\Admin\Pictures
[2014.11.07 17:30:29 | 000,000,000 | R--D | C] -- E:\Users\Admin\Music
[2014.11.07 17:30:29 | 000,000,000 | R--D | C] -- E:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014.11.07 17:30:29 | 000,000,000 | R--D | C] -- E:\Users\Admin\Links
[2014.11.07 17:30:29 | 000,000,000 | R--D | C] -- E:\Users\Admin\Favorites
[2014.11.07 17:30:29 | 000,000,000 | R--D | C] -- E:\Users\Admin\Downloads
[2014.11.07 17:30:29 | 000,000,000 | R--D | C] -- E:\Users\Admin\Documents
[2014.11.07 17:30:29 | 000,000,000 | R--D | C] -- E:\Users\Admin\Desktop
[2014.11.07 17:30:29 | 000,000,000 | R--D | C] -- E:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\AppData\Local\Temporary Internet Files
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\Šablony
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\Soubory cookie
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\SendTo
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\Poslední
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\Okolní tiskárny
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\Okolní síť
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\Documents\Obrázky
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\Nabídka Start
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\Local Settings
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\Documents\Hudba
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\AppData\Local\History
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\Documents\Filmy
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\Dokumenty
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\Data aplikací
[2014.11.07 17:30:29 | 000,000,000 | -HSD | C] -- E:\Users\Admin\AppData\Local\Data aplikací
[2014.11.07 17:30:29 | 000,000,000 | -H-D | C] -- E:\Users\Admin\AppData
[2014.11.07 17:30:29 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\Temp
[2014.11.07 17:30:29 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\Microsoft
[2014.11.07 17:30:29 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\Media Center Programs
[2014.11.07 17:30:11 | 000,000,000 | -HSD | C] -- E:\Recovery
[2014.11.07 17:30:10 | 000,000,000 | -HSD | C] -- E:\ProgramData\Šablony
[2014.11.07 17:30:10 | 000,000,000 | -HSD | C] -- E:\ProgramData\Plocha
[2014.11.07 17:30:10 | 000,000,000 | -HSD | C] -- E:\Users\Public\Documents\Obrázky
[2014.11.07 17:30:10 | 000,000,000 | -HSD | C] -- E:\ProgramData\Oblíbené položky
[2014.11.07 17:30:10 | 000,000,000 | -HSD | C] -- E:\ProgramData\Nabídka Start
[2014.11.07 17:30:10 | 000,000,000 | -HSD | C] -- E:\Users\Public\Documents\Hudba
[2014.11.07 17:30:10 | 000,000,000 | -HSD | C] -- E:\Users\Public\Documents\Filmy
[2014.11.07 17:30:10 | 000,000,000 | -HSD | C] -- E:\ProgramData\Dokumenty
[2014.11.07 17:30:10 | 000,000,000 | -HSD | C] -- E:\ProgramData\Data aplikací
[2014.11.07 17:22:50 | 000,000,000 | ---D | C] -- E:\Windows\SoftwareDistribution
[2014.11.07 17:19:33 | 000,000,000 | ---D | C] -- E:\Windows\Prefetch
[2014.11.07 17:08:02 | 000,000,000 | ---D | C] -- E:\Windows\Panther
[2014.11.07 17:07:27 | 000,000,000 | ---D | C] -- E:\Windows\SysNative\oem
[2014.11.07 14:32:38 | 000,116,240 | ---- | C] (ATI Technologies, Inc.) -- E:\Windows\SysNative\drivers\AtihdW76.sys
[2014.11.07 14:32:33 | 000,055,296 | ---- | C] (AMD) -- E:\Windows\SysNative\coinst.dll
[2014.11.07 14:32:32 | 003,798,528 | ---- | C] (ATI Technologies Inc. ) -- E:\Windows\SysWow64\atiumdag.dll
[2014.11.07 14:32:32 | 003,025,408 | ---- | C] (Advanced Micro Devices, Inc. ) -- E:\Windows\SysWow64\atiumdva.dll
[2014.11.07 14:32:32 | 002,752,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- E:\Windows\SysNative\atiumd6a.dll
[2014.11.07 14:32:32 | 000,038,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- E:\Windows\SysNative\atiuxp64.dll
[2014.11.07 14:32:32 | 000,030,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- E:\Windows\SysWow64\atiuxpag.dll
[2014.11.07 14:32:31 | 004,917,248 | ---- | C] (ATI Technologies Inc. ) -- E:\Windows\SysNative\atiumd64.dll
[2014.11.07 14:32:31 | 000,421,376 | ---- | C] (ATI Technologies, Inc.) -- E:\Windows\SysNative\atipdl64.dll
[2014.11.07 14:32:31 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- E:\Windows\SysWow64\atipdlxx.dll
[2014.11.07 14:32:31 | 000,120,320 | ---- | C] (AMD) -- E:\Windows\SysNative\atitmm64.dll
[2014.11.07 14:32:31 | 000,030,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- E:\Windows\SysNative\atiu9p64.dll
[2014.11.07 14:32:31 | 000,022,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- E:\Windows\SysWow64\atiu9pag.dll
[2014.11.07 14:32:30 | 019,901,952 | ---- | C] (Advanced Micro Devices, Inc.) -- E:\Windows\SysNative\atio6axx.dll
[2014.11.07 14:32:30 | 015,180,800 | ---- | C] (Advanced Micro Devices, Inc.) -- E:\Windows\SysWow64\atioglxx.dll
[2014.11.07 14:32:30 | 000,264,192 | ---- | C] (Advanced Micro Devices, Inc.) -- E:\Windows\SysNative\drivers\atikmpag.sys
[2014.11.07 14:32:30 | 000,054,272 | ---- | C] (Advanced Micro Devices, Inc. ) -- E:\Windows\SysNative\atimpc64.dll
[2014.11.07 14:32:30 | 000,054,272 | ---- | C] (Advanced Micro Devices, Inc. ) -- E:\Windows\SysNative\amdpcom64.dll
[2014.11.07 14:32:30 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- E:\Windows\SysWow64\atimpc32.dll
[2014.11.07 14:32:30 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- E:\Windows\SysWow64\amdpcom32.dll
[2014.11.07 14:32:30 | 000,012,288 | ---- | C] (AMD) -- E:\Windows\SysNative\atimuixx.dll
[2014.11.07 14:32:29 | 006,856,192 | ---- | C] (ATI Technologies Inc.) -- E:\Windows\SysNative\drivers\atikmdag.sys
[2014.11.07 14:32:29 | 000,203,264 | ---- | C] (AMD) -- E:\Windows\SysNative\atiesrxx.exe
[2014.11.07 14:32:29 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- E:\Windows\SysNative\atiedu64.dll
[2014.11.07 14:32:29 | 000,018,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- E:\Windows\SysNative\atig6txx.dll
[2014.11.07 14:32:29 | 000,016,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- E:\Windows\SysWow64\atigktxx.dll
[2014.11.07 14:32:29 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- E:\Windows\SysNative\atig6pxx.dll
[2014.11.07 14:32:29 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- E:\Windows\SysWow64\atiglpxx.dll
[2014.11.07 14:32:28 | 004,294,656 | ---- | C] (ATI Technologies Inc. ) -- E:\Windows\SysNative\atidxx64.dll
[2014.11.07 14:32:28 | 003,668,480 | ---- | C] (ATI Technologies Inc. ) -- E:\Windows\SysWow64\atidxx32.dll
[2014.11.07 14:32:28 | 000,458,752 | ---- | C] (AMD) -- E:\Windows\SysNative\atieclxx.exe
[2014.11.07 14:32:28 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- E:\Windows\SysNative\ATIDEMGX.dll
[2014.11.07 14:32:27 | 005,265,408 | ---- | C] (Advanced Micro Devices Inc.) -- E:\Windows\SysNative\aticaldd64.dll
[2014.11.07 14:32:27 | 004,096,000 | ---- | C] (Advanced Micro Devices Inc.) -- E:\Windows\SysWow64\aticaldd.dll
[2014.11.07 14:32:27 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- E:\Windows\SysWow64\aticalrt.dll
[2014.11.07 14:32:27 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- E:\Windows\SysWow64\aticalcl.dll
[2014.11.07 14:32:27 | 000,043,008 | ---- | C] (Advanced Micro Devices Inc.) -- E:\Windows\SysNative\aticalrt64.dll
[2014.11.07 14:32:27 | 000,039,936 | ---- | C] (Advanced Micro Devices Inc.) -- E:\Windows\SysNative\aticalcl64.dll
[2014.11.07 14:32:26 | 000,335,872 | ---- | C] (Advanced Micro Devices, Inc.) -- E:\Windows\SysNative\atiadlxx.dll
[2014.11.07 14:32:26 | 000,237,568 | ---- | C] (Advanced Micro Devices, Inc.) -- E:\Windows\SysWow64\atiadlxy.dll
[2014.11.07 14:32:26 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- E:\Windows\SysNative\atiapfxx.exe
[2014.11.07 14:32:26 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- E:\Windows\SysNative\atibtmon.exe
[2014.11.07 14:32:26 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- E:\Windows\SysNative\drivers\ati2erec.dll
[2014.11.07 14:32:26 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- E:\Windows\SysWow64\ati2edxx.dll
[2014.11.07 14:26:54 | 000,349,776 | ---- | C] (Dritek System Inc.) -- E:\Windows\UNINSTLMv4.EXE
[2014.11.07 14:23:51 | 000,000,000 | ---D | C] -- E:\Dokumenty
[2014.11.07 14:22:47 | 000,000,000 | ---D | C] -- E:\SW

========== Files - Modified Within 30 Days ==========

[2014.11.12 17:10:00 | 000,000,950 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.11.12 17:09:50 | 000,041,276 | ---- | M] () -- E:\Users\Admin\Desktop\HDTune_Info_WDC_WD5000BEVT-22A0R.png
[2014.11.12 17:09:46 | 000,029,601 | ---- | M] () -- E:\Users\Admin\Desktop\HDTune_Health_WDC_WD5000BEVT-22A0R.png
[2014.11.12 17:09:40 | 000,033,700 | ---- | M] () -- E:\Users\Admin\Desktop\HDTune_Error_Scan_WDC_WD5000BEVT-22A0R.png
[2014.11.12 17:06:03 | 000,096,694 | ---- | M] () -- E:\Users\Admin\Desktop\hddscan.png
[2014.11.12 17:02:43 | 001,387,330 | ---- | M] () -- E:\Users\Admin\Desktop\Bez názvu.png
[2014.11.12 16:49:46 | 000,000,914 | ---- | M] () -- E:\Windows\tasks\Adobe Flash Player Updater.job
[2014.11.12 09:49:59 | 001,318,966 | ---- | M] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\Cat.DB
[2014.11.12 09:12:16 | 000,014,016 | -H-- | M] () -- E:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.11.12 09:12:11 | 000,014,016 | -H-- | M] () -- E:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.11.12 09:07:40 | 001,445,734 | ---- | M] () -- E:\Windows\SysNative\PerfStringBackup.INI
[2014.11.12 09:07:40 | 000,622,660 | ---- | M] () -- E:\Windows\SysNative\perfh005.dat
[2014.11.12 09:07:40 | 000,607,190 | ---- | M] () -- E:\Windows\SysNative\perfh009.dat
[2014.11.12 09:07:40 | 000,118,810 | ---- | M] () -- E:\Windows\SysNative\perfc005.dat
[2014.11.12 09:07:40 | 000,103,568 | ---- | M] () -- E:\Windows\SysNative\perfc009.dat
[2014.11.12 09:03:51 | 000,000,043 | ---- | M] () -- E:\Users\Public\Documents\AtherosServiceConfig.ini
[2014.11.12 09:03:08 | 000,000,946 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.11.12 09:02:37 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
[2014.11.12 09:02:24 | 3111,518,208 | -HS- | M] () -- E:\hiberfil.sys
[2014.11.12 04:18:50 | 000,442,264 | ---- | M] () -- E:\Windows\SysNative\FNTCACHE.DAT
[2014.11.12 03:46:39 | 000,175,616 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysNative\msclmd.dll
[2014.11.12 03:46:39 | 000,152,576 | ---- | M] (Microsoft Corporation) -- E:\Windows\SysWow64\msclmd.dll
[2014.11.11 22:39:13 | 000,000,512 | ---- | M] () -- E:\PhysicalMBR.bin
[2014.11.11 21:41:30 | 000,000,938 | ---- | M] () -- E:\Users\Admin\Desktop\HD Tune.lnk
[2014.11.11 21:31:21 | 000,000,194 | ---- | M] () -- E:\Users\Admin\Desktop\DiskInfo.ini
[2014.11.11 21:30:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\Admin\Desktop\OTL.exe
[2014.11.11 21:22:23 | 1783,365,626 | ---- | M] () -- E:\3590F75ABA9E485486C100C1A9D4FF06OUQUTECZCQMQPBDW
[2014.11.11 20:14:56 | 000,000,045 | ---- | M] () -- E:\Users\Admin\jagex_cl_runescape_LIVE1.dat
[2014.11.11 20:14:11 | 000,000,044 | ---- | M] () -- E:\Users\Admin\jagex_cl_runescape_LIVE.dat
[2014.11.11 20:13:45 | 000,000,024 | ---- | M] () -- E:\Users\Admin\random.dat
[2014.11.11 18:51:47 | 000,009,430 | ---- | M] () -- E:\Users\Admin\Documents\cc_20141111_185140.reg
[2014.11.11 18:13:44 | 000,000,063 | ---- | M] () -- E:\Users\Admin\AppData\Roaming\Magic Mouse Utilities.ini
[2014.11.11 17:40:37 | 000,000,828 | ---- | M] () -- E:\Users\Public\Desktop\CCleaner.lnk
[2014.11.11 17:40:32 | 001,222,144 | ---- | M] () -- E:\Users\Admin\Desktop\RSITx64.exe
[2014.11.11 17:39:37 | 000,004,264 | ---- | M] () -- E:\{0E3A9FEC-FFAC-4CDE-A117-FC66B89D4073}
[2014.11.10 18:02:49 | 000,002,394 | ---- | M] () -- E:\Users\Public\Desktop\Norton AntiVirus.lnk
[2014.11.09 17:07:52 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerApp.exe
[2014.11.09 17:07:52 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.11.08 22:39:08 | 000,000,000 | -H-- | M] () -- E:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2014.11.08 09:21:13 | 000,001,377 | ---- | M] () -- E:\Users\Public\Desktop\Foxit Reader.lnk
[2014.11.08 00:52:53 | 000,174,200 | ---- | M] (Symantec Corporation) -- E:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014.11.08 00:52:53 | 000,007,488 | ---- | M] () -- E:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014.11.08 00:52:53 | 000,000,855 | ---- | M] () -- E:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2014.11.07 19:57:26 | 000,001,972 | ---- | M] () -- E:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014.11.07 19:56:14 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- E:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014.11.07 19:09:12 | 000,002,563 | ---- | M] () -- E:\Users\Public\Desktop\Skype.lnk
[2014.11.07 18:30:22 | 000,001,104 | ---- | M] () -- E:\Users\Public\Desktop\TeamViewer 8.lnk
[2014.11.07 18:06:23 | 000,002,271 | ---- | M] () -- E:\Users\Public\Desktop\Google Chrome.lnk
[2014.11.07 17:55:27 | 000,000,931 | ---- | M] () -- E:\Users\Admin\Desktop\µTorrent.lnk
[2014.11.07 17:54:45 | 000,000,977 | ---- | M] () -- E:\Users\Public\Desktop\Steam.lnk
[2014.11.07 17:53:19 | 000,096,168 | ---- | M] (Oracle Corporation) -- E:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.11.07 17:53:18 | 000,264,616 | ---- | M] (Oracle Corporation) -- E:\Windows\SysWow64\javaws.exe
[2014.11.07 17:53:18 | 000,175,016 | ---- | M] (Oracle Corporation) -- E:\Windows\SysWow64\javaw.exe
[2014.11.07 17:53:18 | 000,174,504 | ---- | M] (Oracle Corporation) -- E:\Windows\SysWow64\java.exe
[2014.11.07 17:45:25 | 000,000,000 | ---- | M] () -- E:\Windows\ativpsrm.bin
[2014.11.07 17:43:06 | 000,696,680 | ---- | M] () -- E:\Windows\SysNative\oem15.inf
[2014.11.07 17:42:35 | 003,896,632 | ---- | M] (Broadcom Corporation) -- E:\Windows\SysNative\bcmihvsrv64.dll
[2014.11.07 17:42:35 | 003,561,272 | ---- | M] (Broadcom Corporation) -- E:\Windows\SysNative\bcmihvui64.dll
[2014.11.07 17:42:35 | 003,058,168 | ---- | M] (Broadcom Corporation) -- E:\Windows\SysNative\drivers\BCMWL664.SYS
[2014.11.07 17:42:35 | 000,095,472 | ---- | M] (Broadcom Corporation) -- E:\Windows\SysNative\bcmwlcoi.dll
[2014.11.07 17:42:35 | 000,006,656 | ---- | M] () -- E:\Windows\SysNative\bcmwlrc.dll
[2014.11.07 17:39:17 | 000,000,000 | ---- | M] () -- E:\Windows\Setup.INI
[2014.11.07 17:39:13 | 000,000,184 | ---- | M] () -- E:\Windows\LMv4.UNI
[2014.11.07 17:37:15 | 000,246,804 | ---- | M] () -- E:\Windows\SysNative\drivers\AtherosBt.bin
[2014.11.07 17:24:30 | 000,068,220 | ---- | M] () -- E:\Windows\SysWow64\license.rtf
[2014.11.07 17:24:30 | 000,068,220 | ---- | M] () -- E:\Windows\SysNative\license.rtf
[2014.11.07 17:22:15 | 000,000,000 | -H-- | M] () -- E:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

========== Files Created - No Company Name ==========

[2014.11.12 17:09:50 | 000,041,276 | ---- | C] () -- E:\Users\Admin\Desktop\HDTune_Info_WDC_WD5000BEVT-22A0R.png
[2014.11.12 17:09:46 | 000,029,601 | ---- | C] () -- E:\Users\Admin\Desktop\HDTune_Health_WDC_WD5000BEVT-22A0R.png
[2014.11.12 17:09:39 | 000,033,700 | ---- | C] () -- E:\Users\Admin\Desktop\HDTune_Error_Scan_WDC_WD5000BEVT-22A0R.png
[2014.11.12 17:06:03 | 000,096,694 | ---- | C] () -- E:\Users\Admin\Desktop\hddscan.png
[2014.11.12 17:02:42 | 001,387,330 | ---- | C] () -- E:\Users\Admin\Desktop\Bez názvu.png
[2014.11.11 21:41:30 | 000,000,938 | ---- | C] () -- E:\Users\Admin\Desktop\HD Tune.lnk
[2014.11.11 21:37:15 | 000,000,512 | ---- | C] () -- E:\PhysicalMBR.bin
[2014.11.11 21:31:11 | 000,000,194 | ---- | C] () -- E:\Users\Admin\Desktop\DiskInfo.ini
[2014.11.11 21:22:23 | 1783,365,626 | ---- | C] () -- E:\3590F75ABA9E485486C100C1A9D4FF06OUQUTECZCQMQPBDW
[2014.11.11 18:51:43 | 000,009,430 | ---- | C] () -- E:\Users\Admin\Documents\cc_20141111_185140.reg
[2014.11.11 17:40:37 | 000,000,828 | ---- | C] () -- E:\Users\Public\Desktop\CCleaner.lnk
[2014.11.11 17:40:27 | 001,222,144 | ---- | C] () -- E:\Users\Admin\Desktop\RSITx64.exe
[2014.11.11 17:39:34 | 000,004,264 | ---- | C] () -- E:\{0E3A9FEC-FFAC-4CDE-A117-FC66B89D4073}
[2014.11.11 16:17:00 | 000,095,744 | ---- | C] () -- E:\Windows\SysNative\RDVGHelper.exe
[2014.11.11 16:16:24 | 000,347,904 | ---- | C] () -- E:\Windows\SysNative\systemsf.ebd
[2014.11.11 16:13:44 | 000,010,429 | ---- | C] () -- E:\Windows\SysNative\ScavengeSpace.xml
[2014.11.11 16:13:27 | 000,105,559 | ---- | C] () -- E:\Windows\SysWow64\RacRules.xml
[2014.11.11 16:13:27 | 000,105,559 | ---- | C] () -- E:\Windows\SysNative\RacRules.xml
[2014.11.11 16:13:04 | 000,001,041 | ---- | C] () -- E:\Windows\SysWow64\tcpbidi.xml
[2014.11.11 16:13:03 | 000,146,389 | ---- | C] () -- E:\Windows\SysWow64\printmanagement.msc
[2014.11.10 18:02:04 | 001,318,966 | ---- | C] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\Cat.DB
[2014.11.09 01:11:21 | 000,000,045 | ---- | C] () -- E:\Users\Admin\jagex_cl_runescape_LIVE1.dat
[2014.11.08 22:50:49 | 000,000,063 | ---- | C] () -- E:\Users\Admin\AppData\Roaming\Magic Mouse Utilities.ini
[2014.11.08 22:39:08 | 000,000,000 | -H-- | C] () -- E:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2014.11.08 22:04:20 | 000,007,462 | ---- | C] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\srtspx64.cat
[2014.11.08 22:04:20 | 000,007,460 | ---- | C] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symefa64.cat
[2014.11.08 22:04:20 | 000,007,458 | ---- | C] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symnet64.cat
[2014.11.08 22:04:20 | 000,003,373 | ---- | C] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symefa.inf
[2014.11.08 22:04:20 | 000,002,792 | ---- | C] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symds.inf
[2014.11.08 22:04:20 | 000,001,445 | ---- | C] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symnet.inf
[2014.11.08 22:04:20 | 000,001,422 | ---- | C] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\srtspx64.inf
[2014.11.08 22:04:19 | 000,007,492 | ---- | C] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\iron.cat
[2014.11.08 22:04:19 | 000,007,458 | ---- | C] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\srtsp64.cat
[2014.11.08 22:04:19 | 000,001,438 | ---- | C] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\srtsp64.inf
[2014.11.08 22:04:19 | 000,000,772 | ---- | C] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\iron.inf
[2014.11.08 22:03:53 | 000,000,000 | ---- | C] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symds64.cat
[2014.11.08 22:03:52 | 000,000,172 | ---- | C] () -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\isolate.ini
[2014.11.08 14:39:52 | 000,000,914 | ---- | C] () -- E:\Windows\tasks\Adobe Flash Player Updater.job
[2014.11.08 12:26:51 | 000,000,545 | ---- | C] () -- E:\Windows\UC.PIF
[2014.11.08 12:26:51 | 000,000,545 | ---- | C] () -- E:\Windows\RAR.PIF
[2014.11.08 12:26:51 | 000,000,545 | ---- | C] () -- E:\Windows\PKZIP.PIF
[2014.11.08 12:26:51 | 000,000,545 | ---- | C] () -- E:\Windows\PKUNZIP.PIF
[2014.11.08 12:26:51 | 000,000,545 | ---- | C] () -- E:\Windows\LHA.PIF
[2014.11.08 12:26:51 | 000,000,545 | ---- | C] () -- E:\Windows\ARJ.PIF
[2014.11.08 09:21:13 | 000,001,377 | ---- | C] () -- E:\Users\Public\Desktop\Foxit Reader.lnk
[2014.11.08 08:44:22 | 000,001,179 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014.11.07 19:57:26 | 000,001,972 | ---- | C] () -- E:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014.11.07 19:09:12 | 000,002,563 | ---- | C] () -- E:\Users\Public\Desktop\Skype.lnk
[2014.11.07 18:14:49 | 000,000,044 | ---- | C] () -- E:\Users\Admin\jagex_cl_runescape_LIVE.dat
[2014.11.07 18:14:49 | 000,000,024 | ---- | C] () -- E:\Users\Admin\random.dat
[2014.11.07 18:06:23 | 000,002,271 | ---- | C] () -- E:\Users\Public\Desktop\Google Chrome.lnk
[2014.11.07 18:05:44 | 000,000,950 | ---- | C] () -- E:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.11.07 18:05:42 | 000,000,946 | ---- | C] () -- E:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.11.07 17:58:19 | 000,002,563 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014.11.07 17:55:27 | 000,000,931 | ---- | C] () -- E:\Users\Admin\Desktop\µTorrent.lnk
[2014.11.07 17:55:14 | 000,001,116 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2014.11.07 17:55:14 | 000,001,104 | ---- | C] () -- E:\Users\Public\Desktop\TeamViewer 8.lnk
[2014.11.07 17:54:44 | 000,000,977 | ---- | C] () -- E:\Users\Public\Desktop\Steam.lnk
[2014.11.07 17:51:30 | 000,007,488 | ---- | C] () -- E:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014.11.07 17:51:30 | 000,000,855 | ---- | C] () -- E:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2014.11.07 17:51:27 | 000,002,394 | ---- | C] () -- E:\Users\Public\Desktop\Norton AntiVirus.lnk
[2014.11.07 17:46:02 | 000,000,043 | ---- | C] () -- E:\Users\Public\Documents\AtherosServiceConfig.ini
[2014.11.07 17:45:25 | 000,000,000 | ---- | C] () -- E:\Windows\ativpsrm.bin
[2014.11.07 17:43:13 | 000,696,680 | ---- | C] () -- E:\Windows\SysNative\oem15.inf
[2014.11.07 17:42:41 | 000,006,656 | ---- | C] () -- E:\Windows\SysNative\bcmwlrc.dll
[2014.11.07 17:41:21 | 000,002,189 | ---- | C] () -- E:\Windows\SysWow64\atipblup.dat
[2014.11.07 17:41:21 | 000,002,189 | ---- | C] () -- E:\Windows\SysNative\atipblup.dat
[2014.11.07 17:39:17 | 000,000,000 | ---- | C] () -- E:\Windows\Setup.INI
[2014.11.07 17:39:13 | 000,000,184 | ---- | C] () -- E:\Windows\LMv4.UNI
[2014.11.07 17:34:19 | 000,231,056 | ---- | C] () -- E:\Windows\SysNative\drivers\RTConvEQ.dat
[2014.11.07 17:34:19 | 000,001,352 | ---- | C] () -- E:\Windows\SysNative\drivers\RtHdatEx.dat
[2014.11.07 17:34:19 | 000,000,520 | ---- | C] () -- E:\Windows\SysNative\drivers\RTEQEX2.dat
[2014.11.07 17:34:19 | 000,000,520 | ---- | C] () -- E:\Windows\SysNative\drivers\RTEQEX1.dat
[2014.11.07 17:34:19 | 000,000,520 | ---- | C] () -- E:\Windows\SysNative\drivers\RTEQEX0.dat
[2014.11.07 17:34:19 | 000,000,008 | ---- | C] () -- E:\Windows\SysNative\drivers\rtkhdaud.dat
[2014.11.07 17:31:25 | 000,001,425 | ---- | C] () -- E:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2014.11.07 17:31:20 | 000,001,465 | ---- | C] () -- E:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014.11.07 17:24:16 | 000,001,345 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014.11.07 17:24:08 | 000,001,326 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014.11.07 17:22:15 | 000,000,000 | -H-- | C] () -- E:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014.11.07 17:19:13 | 3111,518,208 | -HS- | C] () -- E:\hiberfil.sys
[2014.11.07 14:32:32 | 000,534,960 | ---- | C] () -- E:\Windows\SysWow64\atiumdva.cap
[2014.11.07 14:32:31 | 000,534,960 | ---- | C] () -- E:\Windows\SysNative\atiumd6a.cap
[2014.11.07 14:32:31 | 000,002,189 | ---- | C] () -- E:\Windows\SysWow64\atipblag.dat
[2014.11.07 14:32:31 | 000,002,189 | ---- | C] () -- E:\Windows\SysNative\atipblag.dat
[2014.11.07 14:32:30 | 000,021,360 | ---- | C] () -- E:\Windows\atiogl.xml
[2014.11.07 14:32:29 | 000,203,336 | ---- | C] () -- E:\Windows\SysNative\atiicdxx.dat
[2014.11.07 14:32:26 | 000,057,816 | ---- | C] () -- E:\Windows\SysNative\atiapfxx.blb

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- E:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = E:\Windows\SysNative\shell32.dll -- [2010.11.20 14:27:25 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.20 13:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = E:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = E:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.11.11 17:51:46 | 000,000,000 | ---D | M] -- E:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2014.11.08 15:47:49 | 000,000,000 | ---D | M] -- E:\Users\Admin\AppData\Roaming\Foxit Software
[2014.11.09 15:53:54 | 000,000,000 | ---D | M] -- E:\Users\Admin\AppData\Roaming\GHISLER
[2014.11.12 10:02:46 | 000,000,000 | ---D | M] -- E:\Users\Admin\AppData\Roaming\TeamViewer
[2014.11.07 17:55:36 | 000,000,000 | ---D | M] -- E:\Users\Admin\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >

[Koudy15x]

A tady je obsah souboru Extras.txt

OTL Extras logfile created on: 12.11.2014 17:10:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Users\Admin\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,86 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 59,97% Memory free
7,73 Gb Paging File | 5,95 Gb Available in Paging File | 77,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 286,42 Gb Total Space | 179,88 Gb Free Space | 62,80% Space Free | Partition Type: NTFS
Drive E: | 179,25 Gb Total Space | 38,59 Gb Free Space | 21,53% Space Free | Partition Type: NTFS
Drive G: | 1,84 Gb Total Space | 1,83 Gb Free Space | 99,85% Space Free | Partition Type: FAT
Drive H: | 100,00 Mb Total Space | 64,22 Mb Free Space | 64,22% Space Free | Partition Type: NTFS

Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- E:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- E:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4130898535-3589791334-1507998467-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "E:\Windows\System32\rundll32.exe" "E:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "E:\Windows\System32\rundll32.exe" "E:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00768DE7-9D7A-478A-A64A-16029BDD8EAB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0139A635-70DD-4BB3-AE52-9431BE5DB67E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{05E3B0E7-466B-45A0-A1AD-83C201A27F38}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{065AC9C5-C0F5-4717-8B5D-FAD59CBA3F40}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{13FF887F-9C42-40E1-88D5-E0F0249C6435}" = rport=10243 | protocol=6 | dir=out | app=system |
"{16629A02-B107-4EDE-9BBF-78D9021F6A2E}" = rport=445 | protocol=6 | dir=out | app=system |
"{1DEA7620-ABCD-4142-B12E-EB43205938DB}" = rport=137 | protocol=17 | dir=out | app=system |
"{2478AA23-2375-49A2-88BA-F0A2B954ED94}" = lport=138 | protocol=17 | dir=in | app=system |
"{2AA4CA18-0F79-4B3F-8A2A-04089C408A0E}" = rport=138 | protocol=17 | dir=out | app=system |
"{2B57026F-926F-4580-ADDF-22DCA500E8EC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{32F3B484-E237-4BF0-9381-10C1C8E1684E}" = lport=139 | protocol=6 | dir=in | app=system |
"{3C3655A0-8FFB-4F83-AF6B-B78ACE5BAC28}" = lport=445 | protocol=6 | dir=in | app=system |
"{3EF510B9-B9D6-4AFD-9A35-6BCC2426179F}" = lport=5353 | protocol=17 | dir=in | app=e:\program files (x86)\google\chrome\application\chrome.exe |
"{50ED88CB-8B96-4867-A299-4D9C766B9600}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{53BA65FB-7387-4A32-9276-3E44BA79D458}" = lport=137 | protocol=17 | dir=in | app=system |
"{69F5F4C9-9AFF-4D1F-85BC-6A1E5DCAAB21}" = lport=6004 | protocol=17 | dir=in | app=e:\program files\microsoft office\office15\outlook.exe |
"{713A8DDA-5EE1-4777-98E8-DFA0404B0D48}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B679778C-5E66-4110-82C8-8D835CDDE8EB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BB50F5C4-BFA2-4AA5-ACD9-E882421C8946}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DBF438F4-192A-4B70-A423-4FD990CB27C2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EC4A3348-74DA-4B0F-B112-55F79BF10E06}" = rport=139 | protocol=6 | dir=out | app=system |
"{EE4AB1E7-595B-4CA4-AD93-7181DE72E989}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F0517D5A-6AAA-47E7-A5F2-907411E79ED2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00326DFA-F1A5-438C-8702-91CF549A28DF}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steam.exe |
"{047F0C28-EC64-45C7-8285-5844C0B21E92}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0C701604-72B7-416C-89ED-0E87BDD3BBC0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{162772E6-F926-4B8F-8C79-1E2FC47B25B7}" = protocol=17 | dir=in | app=e:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{230B44CB-CD58-4EFB-8AD8-78F7C8452C0F}" = dir=in | app=e:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{37D0BDEB-28F6-447E-8138-F4D41EDB7320}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3EB46FC3-D374-490B-BF8D-FF39F04179FD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{455B3830-FB18-4AE3-A1D3-F387BFD5ECF1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{458E95AB-97A9-489D-AE15-C227F8D58172}" = protocol=6 | dir=in | app=e:\program files\microsoft office\office15\ucmapi.exe |
"{4A5EB75E-2861-4A5E-ABA6-952FAEBF8F72}" = protocol=17 | dir=in | app=e:\program files\microsoft office\office15\ucmapi.exe |
"{4A76838C-F4A4-400B-83E5-317EE9476AD9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4EE3858E-263B-41DA-9C03-06BE625380AD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{52237A2D-46A7-4F67-B5CE-6AAD734B45C9}" = protocol=6 | dir=in | app=e:\program files (x86)\bonjour\mdnsresponder.exe |
"{56E4EA90-B093-41D4-A655-CB1DE8AEFD9C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{65D5A472-54CC-4AF8-8965-8C8F280AE028}" = protocol=17 | dir=in | app=e:\program files\bonjour\mdnsresponder.exe |
"{66B03F80-2B1F-4C84-B7C4-D146DC498B7E}" = protocol=17 | dir=in | app=e:\program files\microsoft office\office15\lync.exe |
"{6ABB41B0-486C-474D-9C99-E854C76FD422}" = dir=in | app=e:\program files (x86)\skype\phone\skype.exe |
"{7C36D27F-D224-4E48-A8B9-78C47DC1F7B4}" = protocol=6 | dir=out | app=system |
"{8464FB02-39E3-4E38-BDE3-C130B88133C6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8BAEFAFF-BCC4-4196-ABC0-3E594801B679}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8BEF0E83-AE5C-4E44-AA8B-689DB7BC47CD}" = protocol=6 | dir=in | app=e:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{8C70E8C7-B35F-4716-92CB-6440A7C59A2F}" = protocol=17 | dir=in | app=e:\program files (x86)\bonjour\mdnsresponder.exe |
"{8D7F0764-9962-416C-8808-8F3F8993445F}" = protocol=17 | dir=in | app=e:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{95E8A2FD-E783-4826-9687-7A5DDA8DFD66}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9AB56FEB-5132-4F86-A8AF-F4B7BD002F7A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9D639030-6980-4A36-AF00-3EA539DACD89}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A555BA33-397F-4AED-83AC-3EE0CC787400}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B40675A8-FB9F-4CF6-B5AA-B72F36AF930A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CFD90970-59D7-4749-93A0-B9EFBBCFA3D7}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steam.exe |
"{D258E666-C27D-4AF2-984B-4C606992BED5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DFD2F608-C34E-454C-AE8D-5454E2D7BD5D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E3EE36CC-9FA7-46E1-B274-9D873E71D1AD}" = protocol=6 | dir=in | app=e:\program files\microsoft office\office15\lync.exe |
"{ED3ABDEE-CA89-4DF5-9602-C8D0AF210AC8}" = protocol=6 | dir=in | app=e:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{F6C7779C-8884-4A93-A1C6-03C5A05A3CE1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F7687FB0-5DF2-454C-80F9-CD19839975E2}" = dir=in | app=e:\program files (x86)\itunes\itunes.exe |
"{FB91850F-E9CF-4B1F-88D1-A171254D1D8D}" = protocol=6 | dir=in | app=e:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{6D52A814-05A6-4D49-BC72-8FE2A39BF194}E:\users\admin\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=e:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{F8B20D98-57F2-424E-9272-EB3E49C986DE}E:\users\admin\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=e:\users\admin\appdata\roaming\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{64726C2C-0B39-5D87-3117-E11F59C9460D}" = ccc-utility64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75FDB05A-C1C2-CD17-35CE-3C1A454CC79F}" = ATI Catalyst Install Manager
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{91150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CCleaner" = CCleaner
"Office15.PROPLUSR" = Microsoft Office Professional Plus 2013
"WinRAR archiver" = WinRAR 5.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{098426AB-AF12-F225-15E1-0A6B5CB44625}" = CCC Help Spanish
"{14069A87-872C-41E6-9D36-B1BE3870C35A}" = Google AdWords Editor
"{1B192700-C368-49C1-BF81-D2F9BA065534}" = Catalyst Control Center - Branding
"{1DE498F3-1516-20E5-97A6-825B1B4C550A}" = CCC Help Korean
"{1DE4A2D1-BB3B-8AAB-85FA-950C2CC43D04}" = CCC Help Dutch
"{244E0BD1-F718-CAE3-CF72-AC80E14D0F00}" = CCC Help Japanese
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.22
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{305D864B-2F21-63F0-19DC-407FCA0D57EC}" = PX Profile Update
"{39C14B42-C152-8714-2AD5-181AB0552B94}" = CCC Help Finnish
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1" = Foxit Cloud
"{43002AB2-B693-6BE0-C503-F4A65663D4DE}" = Catalyst Control Center Graphics Previews Vista
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{571B550F-C377-7C28-14C2-F53E0559C9F9}" = Catalyst Control Center InstallProxy
"{5E43F665-AA84-A378-2F47-CA68AAE8816C}" = CCC Help Czech
"{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}" = Alcor Micro USB Card Reader
"{63F043DB-8643-AA02-7A4E-D319AC0B7EDE}" = CCC Help Swedish
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{68B3611D-CBF5-19E0-038F-C2B9CA8E741C}" = CCC Help Chinese Traditional
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{811E44BF-DD4F-859E-1ACA-CC5C8B2D1A4D}" = CCC Help Danish
"{8861494F-7030-9F2E-6E4D-DD04F5D5589A}" = CCC Help Russian
"{A7BC15A6-FD50-5B42-6DDC-1E8FCEF4D5EF}" = CCC Help Norwegian
"{A8B92DB3-B481-35C2-2A38-D2EF946DCE6B}" = Catalyst Control Center Localization All
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ACA4DE44-9531-EF98-A1DB-9B81C0C5552C}" = CCC Help Greek
"{B29F0C92-D258-60E1-CDCD-98B2426A849F}" = CCC Help German
"{C010177E-FBE7-8F26-73CA-9AB66F53D521}" = CCC Help Chinese Standard
"{C44AA0C1-3D87-F8A5-D779-40925F7CF38B}" = CCC Help Italian
"{C6C7C290-9E0A-377B-BEBA-0BB556D5B6AD}" = CCC Help Turkish
"{CE68968C-6298-6DDA-7298-3439457A9AA2}" = CCC Help Polish
"{DA236B20-EE6D-015F-1DB7-4885F558C859}" = ccc-core-static
"{DB85A80F-3A68-8C88-93E3-A3EDEE8F065E}" = CCC Help Thai
"{DC4E398E-6994-5657-E02E-88DDBE49FDD9}" = CCC Help French
"{DDD2A0FD-BBB4-F996-CE0D-800859DDEE23}" = CCC Help English
"{DE42DFC0-1297-41D8-CFDC-A1779D400CF1}" = CCC Help Hungarian
"{ECEDCC15-9E49-8B32-CF40-3592FDF8F68C}" = CCC Help Portuguese
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F659CE9D-CA4B-43AA-8C32-D523CD955494}_is1" = Magic Mouse Utilities version 1.1
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"DAEMON Tools Lite" = DAEMON Tools Lite
"Foxit Reader_is1" = Foxit Reader
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}" = Alcor Micro USB Card Reader
"LManager" = Launch Manager
"Mozilla Firefox 33.0.3 (x86 cs)" = Mozilla Firefox 33.0.3 (x86 cs)
"Mozilla Thunderbird 31.2.0 (x86 cs)" = Mozilla Thunderbird 31.2.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NAV" = Norton AntiVirus
"Steam" = Steam
"TeamViewer 8" = TeamViewer 8
"Totalcmd" = Total Commander (Remove or Repair)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11.11.2014 14:14:30 | Computer Name = Admin-PC | Source = Microsoft-Windows-Backup | ID = 517
Description = Operace zálohování spuštěná v 2014-11-11T18:08:21.777398100Z se nezdařila
s kódem chyby 2155348269 (%%2155348269). V podrobnostech o události vyhledejte
řešení problému a po jeho vyřešení spusťte operaci zálohování znovu.

Error - 11.11.2014 14:14:32 | Computer Name = Admin-PC | Source = Windows Backup | ID = 4104
Description =

Error - 11.11.2014 16:38:35 | Computer Name = Admin-PC | Source = VSS | ID = 12305
Description =

Error - 11.11.2014 23:16:26 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: dsiwmis.exe, verze: 2.4.0.408, časové razítko:
0x4b868a7e Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x75756cc4 ID chybujícího procesu: 0x6ec Čas spuštění
chybující aplikace: 0x01cffdfed5d0f918 Cesta k chybující aplikaci: E:\Program Files
(x86)\Launch Manager\dsiwmis.exe Cesta k chybujícímu modulu: unknown ID zprávy: 48d08c19-6a1a-11e4-8567-e9e7bc41f468

Error - 11.11.2014 23:16:26 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: AppleMobileDeviceService.exe, verze: 17.323.0.9,
časové razítko: 0x4fb5bca5 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové
razítko: 0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x75756cc4 ID chybujícího
procesu: 0x64c Čas spuštění chybující aplikace: 0x01cffdfed4d97995 Cesta k chybující
aplikaci: E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 48d0b329-6a1a-11e4-8567-e9e7bc41f468

Error - 11.11.2014 23:16:26 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: FCUpdateService.exe, verze: 1.0.0.1, časové
razítko: 0x54102890 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x75756cc4 ID chybujícího procesu:
0x708 Čas spuštění chybující aplikace: 0x01cffdfed5d58cf8 Cesta k chybující aplikaci:
E:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 48d0da39-6a1a-11e4-8567-e9e7bc41f468

Error - 11.11.2014 23:16:30 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ccSvcHst.exe, verze: 10.1.1.16, časové razítko:
0x4daa1893 Název chybujícího modulu: peerdist.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x4a5bdacc Kód výjimky: 0xc0000005 Posun chyby: 0x75756cc4 ID chybujícího
procesu: 0x728 Čas spuštění chybující aplikace: 0x01cffdfed5da20d9 Cesta k chybující
aplikaci: E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe Cesta
k chybujícímu modulu: peerdist.dll ID zprávy: 4b4034a0-6a1a-11e4-8567-e9e7bc41f468

Error - 11.11.2014 23:16:34 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 9.5.6.1002,
časové razítko: 0x4b32c4bd Název chybujícího modulu: unknown, verze: 0.0.0.0, časové
razítko: 0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x75756cc4 ID chybujícího
procesu: 0x57c Čas spuštění chybující aplikace: 0x01cffdfed9d04278 Cesta k chybující
aplikaci: E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 4d89c724-6a1a-11e4-8567-e9e7bc41f468

Error - 12.11.2014 3:41:46 | Computer Name = Admin-PC | Source = ESENT | ID = 215
Description = WinMail (3404) WindowsMail0: Zálohování bylo ukončeno, protože bylo
zastaveno klientem nebo protože se nezdařilo připojení ke klientovi.

Error - 12.11.2014 3:41:50 | Computer Name = Admin-PC | Source = ESENT | ID = 215
Description = WinMail (3680) WindowsMail0: Zálohování bylo ukončeno, protože bylo
zastaveno klientem nebo protože se nezdařilo připojení ke klientovi.

[ System Events ]
Error - 12.11.2014 11:09:53 | Computer Name = Admin-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error - 12.11.2014 11:18:59 | Computer Name = Admin-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error - 12.11.2014 11:23:59 | Computer Name = Admin-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error - 12.11.2014 11:29:01 | Computer Name = Admin-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error - 12.11.2014 11:35:08 | Computer Name = Admin-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error - 12.11.2014 11:39:59 | Computer Name = Admin-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error - 12.11.2014 11:46:00 | Computer Name = Admin-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error - 12.11.2014 11:49:43 | Computer Name = Admin-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error - 12.11.2014 11:54:33 | Computer Name = Admin-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error - 12.11.2014 12:00:01 | Computer Name = Admin-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.


< End of report >

[Márty84]

OTL sice probehlo, ale spustil jste ho bez skriptu, takze je mi celkem k nicemu.


Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Akorat si myslim, ze to nema moc cenu, protoze ten disk je na odpis a je s nejvetsi pravdepodobnosti pricinou vsech potizi.

[Koudy15x]

Jasný...takže tomuhle pomůže už jen výměna disku za nový? Docela to chápu, notebook mám přes 3 roky a hodně ho nosím všude možné, takže je to dost možné.

Mám ten OTL tedy ještě zkoušet spustit? Pokud se to tedy znovu nezasekne. Asi se o to pokusím a uvidíme, jak to dopadne.

[Márty84]

takže tomuhle pomůže už jen výměna disku za nový?

Ano. I kdyz se to povede nejak rozchodit, bude to opet jen na chvilku. Tech chyb na disku je moc.

OTL klidne spustte, uvidime, jestli tam neni i nejake svinstvo.

[Koudy15x]

Tak tady log z OTL: part 1

OTL logfile created on: 12.11.2014 19:21:56 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Users\Admin\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,86 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 50,27% Memory free
7,73 Gb Paging File | 5,50 Gb Available in Paging File | 71,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 286,42 Gb Total Space | 179,88 Gb Free Space | 62,80% Space Free | Partition Type: NTFS
Drive E: | 179,25 Gb Total Space | 38,53 Gb Free Space | 21,50% Space Free | Partition Type: NTFS
Drive G: | 1,84 Gb Total Space | 1,83 Gb Free Space | 99,85% Space Free | Partition Type: FAT
Drive H: | 100,00 Mb Total Space | 64,22 Mb Free Space | 64,22% Space Free | Partition Type: NTFS

Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.11.11 21:30:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\Admin\Desktop\OTL.exe
PRC - [2014.10.22 05:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.09.11 12:00:06 | 000,242,912 | ---- | M] (Foxit Software Inc.) -- E:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
PRC - [2014.08.04 08:48:16 | 012,710,240 | ---- | M] (TeamViewer GmbH) -- E:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2014.08.04 08:36:26 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- E:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2011.07.26 12:36:44 | 001,289,296 | ---- | M] (Dritek System Inc.) -- E:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011.07.26 12:36:44 | 000,288,336 | ---- | M] (Dritek System Inc.) -- E:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011.07.26 12:36:43 | 000,325,200 | ---- | M] (Dritek System Inc.) -- E:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccsvchst.exe
PRC - [2009.12.23 17:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.12.23 17:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe


========== Modules (No Company Name) ==========

MOD - [2014.11.12 04:35:09 | 003,347,968 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2014.11.12 04:34:39 | 012,432,896 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2014.11.12 04:34:16 | 001,587,200 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2014.11.12 04:34:07 | 000,771,584 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2014.11.12 04:34:02 | 005,453,312 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2014.11.12 04:33:58 | 000,971,264 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2014.11.12 04:33:57 | 007,963,136 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2014.11.12 04:33:50 | 011,490,304 | ---- | M] () -- E:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2014.10.22 05:04:57 | 008,910,664 | ---- | M] () -- E:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
MOD - [2014.10.22 05:04:51 | 001,042,760 | ---- | M] () -- E:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
MOD - [2014.10.22 05:04:49 | 000,211,272 | ---- | M] () -- E:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
MOD - [2014.10.22 05:04:48 | 001,681,224 | ---- | M] () -- E:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
MOD - [2012.10.01 20:37:48 | 006,522,480 | ---- | M] () -- E:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
MOD - [2011.07.26 12:36:43 | 000,072,200 | ---- | M] () -- E:\Program Files (x86)\Launch Manager\CdDirIo.dll
MOD - [2009.07.14 16:17:12 | 000,303,104 | ---- | M] () -- E:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011.07.26 12:37:40 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- E:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.11.09 17:07:52 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- E:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.11.08 20:05:58 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.09.11 12:00:06 | 000,242,912 | ---- | M] (Foxit Software Inc.) [Auto | Running] -- E:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -- (FoxitCloudUpdateService)
SRV - [2014.04.03 19:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- E:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.11.26 06:06:38 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- E:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.07.26 12:36:43 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- E:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe -- (NAV)
SRV - [2010.05.25 17:46:44 | 000,047,776 | ---- | M] (Atheros Commnucations) [Auto | Running] -- E:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2009.12.23 17:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.11.08 00:52:53 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014.11.07 19:56:14 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- E:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014.11.07 17:42:35 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011.07.26 12:37:55 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.07.26 12:37:42 | 006,856,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.07.26 12:37:42 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.07.26 12:36:25 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2011.04.21 02:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011.03.31 04:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011.03.31 04:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011.03.15 03:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011.01.27 07:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\symds64.sys -- (SymDS)
DRV:64bit: - [2011.01.27 06:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\Windows\SysNative\drivers\NAVx64\1207010.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- E:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.05.20 13:42:30 | 000,294,760 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2010.05.20 13:42:30 | 000,202,792 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2010.05.20 13:42:30 | 000,156,392 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2010.05.20 13:42:30 | 000,052,584 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2010.05.20 13:42:30 | 000,038,248 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2010.05.20 13:42:30 | 000,032,296 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2009.12.17 10:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- E:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.09.17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- E:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- E:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 01:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- E:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014.11.10 18:50:30 | 000,129,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20141111.034\eng64.sys -- (NAVENG)
DRV - [2014.11.10 18:50:28 | 002,137,304 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20141111.034\ex64.sys -- (NAVEX15)
DRV - [2014.11.07 18:54:04 | 000,487,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014.11.07 18:54:04 | 000,142,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- E:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014.11.06 21:37:00 | 000,633,560 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20141111.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014.10.30 22:19:30 | 001,587,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- E:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20141107.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- E:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = E:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC






IE - HKU\S-1-5-21-4130898535-3589791334-1507998467-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4130898535-3589791334-1507998467-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4130898535-3589791334-1507998467-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4130898535-3589791334-1507998467-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.0.3
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: E:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: E:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: E:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0.3\extensions\\Components: E:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0.3\extensions\\Plugins: E:\Program Files (x86)\Mozilla Firefox\plugins [2014.11.07 20:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.2.0\extensions\\Components: E:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.2.0\extensions\\Plugins: E:\Program Files (x86)\Mozilla Thunderbird\plugins

[2014.11.08 08:46:12 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Admin\AppData\Roaming\Mozilla\Extensions
[2014.11.08 08:56:22 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ma1vxeje.default\extensions
[2014.11.08 08:44:17 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.11.08 20:06:00 | 000,000,000 | ---D | M] (Default) -- E:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.10.01 20:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- E:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdakmnplckeopfghnlpocafcepegjeap\3.0.18_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.13.1_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihiafjkopgiakbmihgoieodihjcblfbk\1.0.5_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = E:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - E:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - E:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] E:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] E:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] E:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [RtHDVCpl] E:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [IAStorIcon] E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] E:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [StartCCC] E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4130898535-3589791334-1507998467-1000..\Run: [CCleaner Monitoring] E:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4130898535-3589791334-1507998467-1000..\Run: [GoogleChromeAutoLaunch_ED2B1456309E36E5742C350E772C9303] E:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "E:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "E:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - E:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{086E495E-E9ED-4DA1-9584-1E7B84D5282F}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (E:\Windows\system32\userinit.exe) - E:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - E:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e4a2660a-66a3-11e4-bc49-e130734a7a6b}\Shell - "" = AutoRun
O33 - MountPoints2\{e4a2660a-66a3-11e4-bc49-e130734a7a6b}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{e4a2660a-66a3-11e4-bc49-e130734a7a6b}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{e4a2660a-66a3-11e4-bc49-e130734a7a6b}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - E:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - E:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - E:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - E:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to E:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.11.12 10:02:46 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\TeamViewer
[2014.11.12 09:37:01 | 002,620,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wucltux.dll
[2014.11.12 09:37:01 | 000,058,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wuauclt.exe
[2014.11.12 09:37:01 | 000,044,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wups2.dll
[2014.11.12 09:36:11 | 000,198,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wuwebv.dll
[2014.11.12 09:36:11 | 000,179,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wuwebv.dll
[2014.11.12 09:36:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wuapp.exe
[2014.11.12 09:36:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wuapp.exe
[2014.11.12 03:16:12 | 000,000,000 | ---D | C] -- E:\Windows\SysNative\SPReview
[2014.11.12 03:08:18 | 000,000,000 | ---D | C] -- E:\Windows\SysNative\EventProviders
[2014.11.11 21:41:30 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2014.11.11 21:41:30 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\HD Tune
[2014.11.11 21:31:18 | 000,000,000 | ---D | C] -- E:\Users\Admin\Desktop\Smart
[2014.11.11 21:30:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- E:\Users\Admin\Desktop\OTL.exe
[2014.11.11 21:30:49 | 001,149,912 | ---- | C] (Crystal Dew World) -- E:\Users\Admin\Desktop\DiskInfo.exe
[2014.11.11 21:30:49 | 000,000,000 | ---D | C] -- E:\Users\Admin\Desktop\CdiResource
[2014.11.11 21:30:40 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Roaming\WinRAR
[2014.11.11 19:29:37 | 000,000,000 | ---D | C] -- E:\Windows\pss
[2014.11.11 18:10:08 | 000,000,000 | ---D | C] -- E:\_OTM
[2014.11.11 18:09:17 | 000,000,000 | ---D | C] -- E:\Users\Admin\AppData\Local\CrashDumps
[2014.11.11 17:56:34 | 000,000,000 | ---D | C] -- E:\AdwCleaner
[2014.11.11 17:40:47 | 000,000,000 | ---D | C] -- E:\Program Files\trend micro
[2014.11.11 17:40:47 | 000,000,000 | ---D | C] -- E:\rsit
[2014.11.11 17:40:36 | 000,000,000 | ---D | C] -- E:\Program Files\CCleaner
[2014.11.11 16:17:40 | 000,048,976 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netfxperf.dll
[2014.11.11 16:17:38 | 001,942,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dfshim.dll
[2014.11.11 16:17:27 | 001,130,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dfshim.dll
[2014.11.11 16:17:18 | 003,715,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mstscax.dll
[2014.11.11 16:17:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014.11.11 16:17:18 | 000,012,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014.11.11 16:17:17 | 001,838,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3d10warp.dll
[2014.11.11 16:17:09 | 003,215,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mstscax.dll
[2014.11.11 16:17:01 | 000,954,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mfc40.dll
[2014.11.11 16:17:01 | 000,954,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mfc40u.dll
[2014.11.11 16:17:00 | 001,109,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpcorets.dll
[2014.11.11 16:17:00 | 000,133,632 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tssrvlic.dll
[2014.11.11 16:16:58 | 001,465,344 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XpsPrint.dll
[2014.11.11 16:16:57 | 000,629,760 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\pmcsnap.dll
[2014.11.11 16:16:54 | 014,633,472 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmp.dll
[2014.11.11 16:16:54 | 002,314,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tquery.dll
[2014.11.11 16:16:51 | 002,223,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mssrch.dll
[2014.11.11 16:16:51 | 000,902,144 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d2d1.dll
[2014.11.11 16:16:50 | 003,205,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mmcndmgr.dll
[2014.11.11 16:16:50 | 001,731,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ntdll.dll
[2014.11.11 16:16:50 | 000,870,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XpsPrint.dll
[2014.11.11 16:16:45 | 004,120,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mf.dll
[2014.11.11 16:16:45 | 000,485,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\secproc_isv.dll
[2014.11.11 16:16:43 | 000,488,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\secproc.dll
[2014.11.11 16:16:43 | 000,423,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\secproc_isv.dll
[2014.11.11 16:16:43 | 000,362,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\RMActivate_isv.exe
[2014.11.11 16:16:43 | 000,359,424 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\RMActivate.exe
[2014.11.11 16:16:42 | 003,008,000 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\xpsservices.dll
[2014.11.11 16:16:40 | 000,919,040 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\jscript.dll
[2014.11.11 16:16:40 | 000,327,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\RMActivate_isv.exe
[2014.11.11 16:16:39 | 001,219,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rpcrt4.dll
[2014.11.11 16:16:39 | 000,428,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\secproc.dll
[2014.11.11 16:16:38 | 000,322,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\RMActivate.exe
[2014.11.11 16:16:37 | 000,238,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ppcsnap.dll
[2014.11.11 16:16:37 | 000,051,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\PushPrinterConnections.exe
[2014.11.11 16:16:36 | 002,086,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ole32.dll
[2014.11.11 16:16:35 | 000,263,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\spwizui.dll
[2014.11.11 16:16:34 | 002,565,632 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\esent.dll
[2014.11.11 16:16:33 | 001,556,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\RacEngn.dll
[2014.11.11 16:16:33 | 001,340,416 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\diagperf.dll
[2014.11.11 16:16:33 | 001,197,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\taskschd.dll
[2014.11.11 16:16:32 | 003,207,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mf.dll
[2014.11.11 16:16:31 | 001,866,240 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ExplorerFrame.dll
[2014.11.11 16:16:31 | 001,753,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vssapi.dll
[2014.11.11 16:16:30 | 001,334,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\CertEnroll.dll
[2014.11.11 16:16:29 | 001,401,344 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mssrch.dll
[2014.11.11 16:16:29 | 001,326,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\NaturalLanguage6.dll
[2014.11.11 16:16:28 | 003,860,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\UIRibbon.dll
[2014.11.11 16:16:28 | 002,872,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\explorer.exe
[2014.11.11 16:16:28 | 000,299,392 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2014.11.11 16:16:26 | 011,410,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wmp.dll
[2014.11.11 16:16:25 | 001,698,816 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\esent.dll
[2014.11.11 16:16:24 | 003,027,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WMVCORE.DLL
[2014.11.11 16:16:24 | 000,295,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\PresentationHost.exe
[2014.11.11 16:16:24 | 000,099,176 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\PresentationHostProxy.dll
[2014.11.11 16:16:23 | 001,544,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\DWrite.dll
[2014.11.11 16:16:23 | 000,320,352 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PresentationHost.exe
[2014.11.11 16:16:23 | 000,274,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpdd.dll
[2014.11.11 16:16:23 | 000,162,816 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpudd.dll
[2014.11.11 16:16:23 | 000,109,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PresentationHostProxy.dll
[2014.11.11 16:16:22 | 003,957,760 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WinSAT.exe
[2014.11.11 16:16:22 | 001,975,296 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\CertEnroll.dll
[2014.11.11 16:16:22 | 000,598,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\spinstall.exe
[2014.11.11 16:16:22 | 000,301,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\spreview.exe
[2014.11.11 16:16:21 | 001,548,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\tquery.dll
[2014.11.11 16:16:21 | 000,960,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\CPFilters.dll
[2014.11.11 16:16:20 | 001,888,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WMVDECOD.DLL
[2014.11.11 16:16:17 | 002,067,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3d9.dll
[2014.11.11 16:16:14 | 001,115,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\RacEngn.dll
[2014.11.11 16:16:13 | 000,867,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\SearchFolder.dll
[2014.11.11 16:16:12 | 005,066,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\AuthFWSnapin.dll
[2014.11.11 16:16:11 | 005,066,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\AuthFWSnapin.dll
[2014.11.11 16:16:10 | 001,632,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dwmcore.dll
[2014.11.11 16:16:10 | 001,161,216 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\kernel32.dll
[2014.11.11 16:16:09 | 003,391,488 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dbgeng.dll
[2014.11.11 16:16:06 | 000,079,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rdvgumd32.dll
[2014.11.11 16:16:05 | 001,456,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\crypt32.dll
[2014.11.11 16:16:04 | 001,493,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ExplorerFrame.dll
[2014.11.11 16:16:03 | 000,958,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\actxprxy.dll
[2014.11.11 16:16:02 | 001,447,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\lsasrv.dll
[2014.11.11 16:16:02 | 000,750,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\TSWorkspace.dll
[2014.11.11 16:16:02 | 000,419,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\KernelBase.dll
[2014.11.11 16:16:01 | 000,784,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\gpprefcl.dll
[2014.11.11 16:16:00 | 001,116,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mstsc.exe
[2014.11.11 16:16:00 | 000,244,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sqmapi.dll
[2014.11.11 16:15:59 | 000,470,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XpsGdiConverter.dll
[2014.11.11 16:15:58 | 001,244,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\imapi2fs.dll
[2014.11.11 16:15:58 | 000,695,808 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netlogon.dll
[2014.11.11 16:15:57 | 000,787,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3d11.dll
[2014.11.11 16:15:57 | 000,641,536 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\CPFilters.dll
[2014.11.11 16:15:55 | 002,616,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\explorer.exe
[2014.11.11 16:15:55 | 001,900,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\setupapi.dll
[2014.11.11 16:15:55 | 001,212,416 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\propsys.dll
[2014.11.11 16:15:54 | 000,505,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\taskschd.dll
[2014.11.11 16:15:54 | 000,055,296 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PushPrinterConnections.exe
[2014.11.11 16:15:53 | 001,927,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\authui.dll
[2014.11.11 16:15:53 | 001,281,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\werconcpl.dll
[2014.11.11 16:15:53 | 000,720,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\odbc32.dll
[2014.11.11 16:15:53 | 000,702,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msfeeds.dll
[2014.11.11 16:15:53 | 000,464,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\taskeng.exe
[2014.11.11 16:15:52 | 001,049,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mstsc.exe
[2014.11.11 16:15:52 | 001,008,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\user32.dll
[2014.11.11 16:15:52 | 000,861,696 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\oleaut32.dll
[2014.11.11 16:15:52 | 000,357,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dnsapi.dll
[2014.11.11 16:15:48 | 001,796,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\certmgr.dll
[2014.11.11 16:15:48 | 000,376,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\netio.sys
[2014.11.11 16:15:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\LSCSHostPolicy.dll
[2014.11.11 16:15:46 | 000,612,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vbscript.dll
[2014.11.11 16:15:46 | 000,395,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\webio.dll
[2014.11.11 16:15:46 | 000,381,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wer.dll
[2014.11.11 16:15:46 | 000,146,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\scavengeui.dll
[2014.11.11 16:15:44 | 000,955,904 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\localspl.dll
[2014.11.11 16:15:44 | 000,758,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PortableDeviceApi.dll
[2014.11.11 16:15:44 | 000,342,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\certcli.dll
[2014.11.11 16:15:44 | 000,299,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tsmf.dll
[2014.11.11 16:15:43 | 000,457,216 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msdrm.dll
[2014.11.11 16:15:43 | 000,210,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ncsi.dll
[2014.11.11 16:15:42 | 001,509,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msdtctm.dll
[2014.11.11 16:15:42 | 001,371,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dwmcore.dll
[2014.11.11 16:15:42 | 000,448,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\shlwapi.dll
[2014.11.11 16:15:41 | 002,652,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netshell.dll
[2014.11.11 16:15:41 | 000,573,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\odbc32.dll
[2014.11.11 16:15:41 | 000,299,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpshell.exe
[2014.11.11 16:15:41 | 000,295,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\framedynos.dll
[2014.11.11 16:15:40 | 000,524,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmicmiplugin.dll
[2014.11.11 16:15:40 | 000,061,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\tcpmonui.dll
[2014.11.11 16:15:39 | 001,572,352 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\quartz.dll
[2014.11.11 16:15:39 | 000,800,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\usp10.dll
[2014.11.11 16:15:39 | 000,519,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netcfgx.dll
[2014.11.11 16:15:39 | 000,479,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\appmgr.dll
[2014.11.11 16:15:39 | 000,390,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winlogon.exe
[2014.11.11 16:15:39 | 000,297,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ws2_32.dll
[2014.11.11 16:15:38 | 001,328,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\quartz.dll
[2014.11.11 16:15:38 | 000,658,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dxgi.dll
[2014.11.11 16:15:38 | 000,594,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\comdlg32.dll
[2014.11.11 16:15:38 | 000,481,280 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmpps.dll
[2014.11.11 16:15:38 | 000,343,040 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\lsm.exe
[2014.11.11 16:15:38 | 000,321,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\d3d10_1core.dll
[2014.11.11 16:15:37 | 002,055,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Query.dll
[2014.11.11 16:15:37 | 000,597,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\TSWorkspace.dll
[2014.11.11 16:15:37 | 000,342,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\apphelp.dll
[2014.11.11 16:15:37 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- E:\Windows\SysNative\drivers\amdsata.sys
[2014.11.11 16:15:36 | 002,543,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wpdshext.dll
[2014.11.11 16:15:36 | 000,422,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drvstore.dll
[2014.11.11 16:15:36 | 000,283,648 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\XpsGdiConverter.dll
[2014.11.11 16:15:36 | 000,270,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\tsmf.dll
[2014.11.11 16:15:36 | 000,091,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dot3api.dll
[2014.11.11 16:15:35 | 000,897,536 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\azroles.dll
[2014.11.11 16:15:35 | 000,266,240 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\QAGENT.DLL
[2014.11.11 16:15:33 | 001,098,240 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Vault.dll
[2014.11.11 16:15:33 | 000,758,784 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\samsrv.dll
[2014.11.11 16:15:33 | 000,566,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winresume.efi
[2014.11.11 16:15:33 | 000,345,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cmd.exe
[2014.11.11 16:15:32 | 002,522,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dbgeng.dll
[2014.11.11 16:15:32 | 000,653,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\lpksetup.exe
[2014.11.11 16:15:32 | 000,281,600 | ---- | C] (Microsoft) -- E:\Windows\SysNative\DShowRdpFilter.dll
[2014.11.11 16:15:31 | 000,751,104 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\win32spl.dll
[2014.11.11 16:15:31 | 000,722,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\EncDec.dll
[2014.11.11 16:15:30 | 000,778,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mssvp.dll
[2014.11.11 16:15:30 | 000,605,552 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winload.exe
[2014.11.11 16:15:30 | 000,522,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3d11.dll
[2014.11.11 16:15:30 | 000,210,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpclip.exe
[2014.11.11 16:15:29 | 001,118,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sbe.dll
[2014.11.11 16:15:29 | 000,406,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netcfgx.dll
[2014.11.11 16:15:28 | 001,619,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WMVDECOD.DLL
[2014.11.11 16:15:28 | 001,190,400 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WindowsCodecs.dll
[2014.11.11 16:15:28 | 000,582,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sxs.dll
[2014.11.11 16:15:28 | 000,314,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\webio.dll
[2014.11.11 16:15:27 | 000,584,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\gpprefcl.dll
[2014.11.11 16:15:27 | 000,473,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\taskcomp.dll
[2014.11.11 16:15:27 | 000,312,832 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Wldap32.dll
[2014.11.11 16:15:27 | 000,272,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mcbuilder.exe
[2014.11.11 16:15:27 | 000,240,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cscobj.dll
[2014.11.11 16:15:26 | 001,808,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\pnidui.dll
[2014.11.11 16:15:26 | 000,642,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winload.efi
[2014.11.11 16:15:26 | 000,584,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ipsmsnap.dll
[2014.11.11 16:15:26 | 000,381,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mfds.dll
[2014.11.11 16:15:26 | 000,206,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\upnp.dll
[2014.11.11 16:15:26 | 000,189,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\storport.sys
[2014.11.11 16:15:25 | 002,151,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mmcndmgr.dll
[2014.11.11 16:15:25 | 001,158,656 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\webservices.dll
[2014.11.11 16:15:25 | 000,252,928 | ---- | C] (Microsoft) -- E:\Windows\SysWow64\DShowRdpFilter.dll
[2014.11.11 16:15:25 | 000,235,008 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\hgprint.dll
[2014.11.11 16:15:25 | 000,167,424 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpendp.dll
[2014.11.11 16:15:25 | 000,049,488 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netfxperf.dll
[2014.11.11 16:15:24 | 001,792,000 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\authui.dll
[2014.11.11 16:15:24 | 000,933,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sqlsrv32.dll
[2014.11.11 16:15:24 | 000,732,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\imapi2fs.dll
[2014.11.11 16:15:24 | 000,518,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winresume.exe
[2014.11.11 16:15:24 | 000,235,008 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winsta.dll
[2014.11.11 16:15:23 | 000,345,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fveapi.dll
[2014.11.11 16:15:23 | 000,252,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\iepeers.dll
[2014.11.11 16:15:23 | 000,084,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dot3api.dll
[2014.11.11 16:15:22 | 001,009,152 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mcmde.dll
[2014.11.11 16:15:22 | 000,403,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\gdi32.dll
[2014.11.11 16:15:22 | 000,288,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\MSNP.ax
[2014.11.11 16:15:22 | 000,220,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mcbuilder.exe
[2014.11.11 16:15:22 | 000,183,808 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\prncache.dll
[2014.11.11 16:15:21 | 001,555,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\certmgr.dll
[2014.11.11 16:15:21 | 001,441,280 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wlanpref.dll
[2014.11.11 16:15:21 | 001,243,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WMNetMgr.dll
[2014.11.11 16:15:21 | 000,285,696 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\schtasks.exe
[2014.11.11 16:15:21 | 000,263,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vpnike.dll
[2014.11.11 16:15:20 | 001,712,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\xpsservices.dll
[2014.11.11 16:15:20 | 000,630,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\evr.dll
[2014.11.11 16:15:20 | 000,409,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\photowiz.dll
[2014.11.11 16:15:20 | 000,323,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\drvstore.dll
[2014.11.11 16:15:20 | 000,220,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wintrust.dll
[2014.11.11 16:15:20 | 000,169,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tspubwmi.dll
[2014.11.11 16:15:20 | 000,109,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\userenv.dll
[2014.11.11 16:15:19 | 000,296,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\AudioSes.dll
[2014.11.11 16:15:19 | 000,279,040 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\framedyn.dll
[2014.11.11 16:15:18 | 002,262,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\SyncCenter.dll
[2014.11.11 16:15:18 | 002,072,576 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WMPEncEn.dll
[2014.11.11 16:15:18 | 001,082,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sppobjs.dll
[2014.11.11 16:15:18 | 001,024,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmpmde.dll
[2014.11.11 16:15:18 | 000,605,696 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmpeffects.dll
[2014.11.11 16:15:18 | 000,412,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\aepdu.dll
[2014.11.11 16:15:18 | 000,302,592 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\cmd.exe
[2014.11.11 16:15:18 | 000,257,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mfreadwrite.dll
[2014.11.11 16:15:18 | 000,200,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tscfgwmi.dll
[2014.11.11 16:15:17 | 000,492,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\win32spl.dll
[2014.11.11 16:15:17 | 000,424,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\aeinv.dll
[2014.11.11 16:15:17 | 000,244,224 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vmicsvc.exe
[2014.11.11 16:15:17 | 000,206,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\framedynos.dll
[2014.11.11 16:15:17 | 000,178,176 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpinit.exe
[2014.11.11 16:15:17 | 000,171,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fde.dll
[2014.11.11 16:15:16 | 000,501,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WinSATAPI.dll
[2014.11.11 16:15:16 | 000,296,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mfds.dll
[2014.11.11 16:15:15 | 000,551,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\localsec.dll
[2014.11.11 16:15:15 | 000,503,296 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\imapi2.dll
[2014.11.11 16:15:15 | 000,324,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netdiagfx.dll
[2014.11.11 16:15:15 | 000,298,104 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\bcryptprimitives.dll
[2014.11.11 16:15:15 | 000,257,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\stobject.dll
[2014.11.11 16:15:15 | 000,197,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\credui.dll
[2014.11.11 16:15:15 | 000,144,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cdd.dll
[2014.11.11 16:15:15 | 000,140,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rdpendp.dll
[2014.11.11 16:15:14 | 000,166,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\inetpp.dll
[2014.11.11 16:15:14 | 000,165,376 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netid.dll
[2014.11.11 16:15:13 | 000,762,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\azroles.dll
[2014.11.11 16:15:13 | 000,504,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\biocpl.dll
[2014.11.11 16:15:13 | 000,498,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cscui.dll
[2014.11.11 16:15:13 | 000,378,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msinfo32.exe
[2014.11.11 16:15:13 | 000,339,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\appmgr.dll
[2014.11.11 16:15:13 | 000,253,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\tcpipcfg.dll
[2014.11.11 16:15:13 | 000,244,224 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\spp.dll
[2014.11.11 16:15:13 | 000,223,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\QSHVHOST.DLL
[2014.11.11 16:15:13 | 000,152,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ncsi.dll
[2014.11.11 16:15:13 | 000,100,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\davclnt.dll
[2014.11.11 16:15:12 | 002,755,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\themeui.dll
[2014.11.11 16:15:12 | 002,746,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\gameux.dll
[2014.11.11 16:15:12 | 001,050,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\printui.dll
[2014.11.11 16:15:12 | 000,571,904 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mspbda.dll
[2014.11.11 16:15:12 | 000,303,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\scansetting.dll
[2014.11.11 16:15:11 | 000,716,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\jscript.dll
[2014.11.11 16:15:11 | 000,477,696 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PhotoScreensaver.scr
[2014.11.11 16:15:11 | 000,337,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\conhost.exe
[2014.11.11 16:15:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\splwow64.exe
[2014.11.11 16:15:10 | 000,577,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\AdmTmpl.dll
[2014.11.11 16:15:10 | 000,552,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msdri.dll
[2014.11.11 16:15:10 | 000,307,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wusa.exe
[2014.11.11 16:15:10 | 000,145,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\IPHLPAPI.DLL
[2014.11.11 16:15:10 | 000,122,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\aitagent.exe
[2014.11.11 16:15:09 | 000,934,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\FirewallControlPanel.dll
[2014.11.11 16:15:09 | 000,854,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\dbghelp.dll
[2014.11.11 16:15:09 | 000,625,664 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mscms.dll
[2014.11.11 16:15:09 | 000,442,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winspool.drv
[2014.11.11 16:15:09 | 000,199,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PkgMgr.exe
[2014.11.11 16:15:09 | 000,196,608 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mfreadwrite.dll
[2014.11.11 16:15:09 | 000,187,904 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rpchttp.dll
[2014.11.11 16:15:09 | 000,144,768 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\basecsp.dll
[2014.11.11 16:15:08 | 003,211,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msi.dll
[2014.11.11 16:15:08 | 000,488,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\evr.dll
[2014.11.11 16:15:08 | 000,405,504 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wisptis.exe
[2014.11.11 16:15:08 | 000,305,152 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\taskcomp.dll
[2014.11.11 16:15:08 | 000,229,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\XpsRasterService.dll
[2014.11.11 16:15:08 | 000,186,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ocsetup.exe
[2014.11.11 16:15:07 | 001,031,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpcore.dll
[2014.11.11 16:15:07 | 000,776,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\calc.exe
[2014.11.11 16:15:07 | 000,459,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\DXP.dll
[2014.11.11 16:15:07 | 000,418,816 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sppwinob.dll
[2014.11.11 16:15:07 | 000,335,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WinSATAPI.dll
[2014.11.11 16:15:07 | 000,207,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cfgmgr32.dll
[2014.11.11 16:15:07 | 000,161,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ocsetapi.dll
[2014.11.11 16:15:06 | 000,780,008 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ci.dll
[2014.11.11 16:15:06 | 000,778,240 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\sqlsrv32.dll
[2014.11.11 16:15:06 | 000,534,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\EncDec.dll
[2014.11.11 16:15:06 | 000,509,952 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\ntshrui.dll
[2014.11.11 16:15:06 | 000,348,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\eapp3hst.dll
[2014.11.11 16:15:05 | 002,983,424 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\UIRibbon.dll
[2014.11.11 16:15:05 | 000,850,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mmsys.cpl
[2014.11.11 16:15:05 | 000,303,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\eapphost.dll
[2014.11.11 16:15:05 | 000,264,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\upnp.dll
[2014.11.11 16:15:05 | 000,221,184 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mprapi.dll
[2014.11.11 16:15:05 | 000,148,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\t2embed.dll
[2014.11.11 16:15:05 | 000,128,000 | ---- | C] (Microsoft) -- E:\Windows\SysNative\Robocopy.exe
[2014.11.11 16:15:05 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- E:\Windows\SysNative\drivers\HpSAMD.sys
[2014.11.11 16:15:04 | 002,494,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netshell.dll
[2014.11.11 16:15:04 | 000,263,040 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\hal.dll
[2014.11.11 16:15:04 | 000,176,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ie4uinit.exe
[2014.11.11 16:15:04 | 000,112,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\thumbcache.dll
[2014.11.11 16:15:03 | 001,457,664 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\DxpTaskSync.dll
[2014.11.11 16:15:03 | 001,160,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\MSMPEG2ENC.DLL
[2014.11.11 16:15:03 | 000,658,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\PerfCenterCPL.dll
[2014.11.11 16:15:03 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\SysNative\atmfd.dll
[2014.11.11 16:15:03 | 000,232,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\scecli.dll
[2014.11.11 16:15:03 | 000,128,512 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dwmredir.dll
[2014.11.11 16:15:02 | 002,851,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\themeui.dll
[2014.11.11 16:15:02 | 000,568,832 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\scrptadm.dll
[2014.11.11 16:15:02 | 000,429,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\puiobj.dll
[2014.11.11 16:15:02 | 000,179,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\Classpnp.sys
[2014.11.11 16:15:02 | 000,136,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sspicli.dll
[2014.11.11 16:15:02 | 000,116,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\prncache.dll
[2014.11.11 16:15:02 | 000,046,592 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msasn1.dll
[2014.11.11 16:15:02 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- E:\Windows\SysNative\drivers\amdxata.sys
[2014.11.11 16:15:01 | 000,932,352 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\printui.dll
[2014.11.11 16:15:01 | 000,675,328 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\DXPTaskRingtone.dll
[2014.11.11 16:15:01 | 000,235,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\onex.dll
[2014.11.11 16:15:00 | 000,352,256 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wmpeffects.dll
[2014.11.11 16:15:00 | 000,158,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\aaclient.dll
[2014.11.11 16:15:00 | 000,142,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\net1.exe
[2014.11.11 16:15:00 | 000,139,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rpchttp.dll
[2014.11.11 16:14:59 | 001,363,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wdc.dll
[2014.11.11 16:14:59 | 001,163,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mfc42u.dll
[2014.11.11 16:14:59 | 000,243,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wow64.dll
[2014.11.11 16:14:58 | 001,120,768 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sdengin2.dll
[2014.11.11 16:14:58 | 000,799,744 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msftedit.dll
[2014.11.11 16:14:58 | 000,475,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wlangpui.dll
[2014.11.11 16:14:58 | 000,406,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\scesrv.dll
[2014.11.11 16:14:58 | 000,325,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\usbport.sys
[2014.11.11 16:14:58 | 000,246,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\scansetting.dll
[2014.11.11 16:14:57 | 001,689,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netcenter.dll
[2014.11.11 16:14:57 | 000,691,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\VAN.dll
[2014.11.11 16:14:57 | 000,483,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\StructuredQuery.dll
[2014.11.11 16:14:57 | 000,462,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wiadefui.dll
[2014.11.11 16:14:57 | 000,273,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\SndVol.exe
[2014.11.11 16:14:57 | 000,239,616 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dskquoui.dll
[2014.11.11 16:14:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\samcli.dll
[2014.11.11 16:14:57 | 000,063,488 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wscapi.dll
[2014.11.11 16:14:56 | 000,411,648 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wlangpui.dll
[2014.11.11 16:14:56 | 000,167,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\QSHVHOST.DLL
[2014.11.11 16:14:56 | 000,131,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\aaclient.dll
[2014.11.11 16:14:56 | 000,112,000 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\consent.exe
[2014.11.11 16:14:56 | 000,107,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\QUTIL.DLL
[2014.11.11 16:14:56 | 000,095,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\regapi.dll
[2014.11.11 16:14:55 | 001,750,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\pnidui.dll
[2014.11.11 16:14:55 | 000,782,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\webservices.dll
[2014.11.11 16:14:55 | 000,515,584 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\timedate.cpl
[2014.11.11 16:14:55 | 000,464,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\scrptadm.dll
[2014.11.11 16:14:55 | 000,340,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\srchadmin.dll
[2014.11.11 16:14:55 | 000,124,416 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\fde.dll
[2014.11.11 16:14:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\t2embed.dll
[2014.11.11 16:14:54 | 002,146,304 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\SyncCenter.dll
[2014.11.11 16:14:54 | 000,684,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\TabletPC.cpl
[2014.11.11 16:14:54 | 000,424,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rastls.dll
[2014.11.11 16:14:54 | 000,248,832 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wksprt.exe
[2014.11.11 16:14:54 | 000,225,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netdiagfx.dll
[2014.11.11 16:14:54 | 000,088,576 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\setupcl.exe
[2014.11.11 16:14:54 | 000,069,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\taskhost.exe
[2014.11.11 16:14:53 | 000,726,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\appwiz.cpl
[2014.11.11 16:14:53 | 000,560,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wuapi.dll
[2014.11.11 16:14:53 | 000,051,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wscapi.dll
[2014.11.11 16:14:51 | 000,332,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\hgcpl.dll
[2014.11.11 16:14:51 | 000,300,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\msconfig.exe
[2014.11.11 16:14:51 | 000,215,552 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netiohlp.dll
[2014.11.11 16:14:51 | 000,139,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\cscobj.dll
[2014.11.11 16:14:51 | 000,041,472 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mimefilt.dll
[2014.11.11 16:14:50 | 000,314,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\clusapi.dll
[2014.11.11 16:14:50 | 000,166,784 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\basecsp.dll
[2014.11.11 16:14:50 | 000,072,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fdeploy.dll
[2014.11.11 16:14:50 | 000,050,176 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\lsmproxy.dll
[2014.11.11 16:14:49 | 001,538,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\inetcpl.cpl
[2014.11.11 16:14:49 | 000,974,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\WFS.exe
[2014.11.11 16:14:49 | 000,830,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\MSMPEG2ENC.DLL
[2014.11.11 16:14:49 | 000,826,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rdpcore.dll
[2014.11.11 16:14:49 | 000,726,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2014.11.11 16:14:49 | 000,372,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mtxclu.dll
[2014.11.11 16:14:49 | 000,258,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mpg2splt.ax
[2014.11.11 16:14:49 | 000,186,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\iepeers.dll
[2014.11.11 16:14:49 | 000,040,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014.11.11 16:14:48 | 000,633,344 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\riched20.dll
[2014.11.11 16:14:48 | 000,630,784 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\DXPTaskRingtone.dll
[2014.11.11 16:14:48 | 000,392,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\imapi2.dll
[2014.11.11 16:14:48 | 000,214,016 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\winsrv.dll
[2014.11.11 16:14:48 | 000,027,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\Diskdump.sys
[2014.11.11 16:14:47 | 002,576,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\gameux.dll
[2014.11.11 16:14:47 | 000,118,272 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\dnscmmc.dll
[2014.11.11 16:14:46 | 000,486,400 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\powercpl.dll
[2014.11.11 16:14:46 | 000,199,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\onex.dll
[2014.11.11 16:14:46 | 000,186,880 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\logoncli.dll
[2014.11.11 16:14:46 | 000,065,536 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\RpcRtRemote.dll
[2014.11.11 16:14:45 | 001,624,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WMPEncEn.dll
[2014.11.11 16:14:45 | 000,666,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mssvp.dll
[2014.11.11 16:14:45 | 000,357,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sharemediacpl.dll
[2014.11.11 16:14:44 | 002,193,920 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\themecpl.dll
[2014.11.11 16:14:44 | 000,090,112 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\nci.dll
[2014.11.11 16:14:43 | 002,250,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\SensorsCpl.dll
[2014.11.11 16:14:43 | 000,658,944 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\autofmt.exe
[2014.11.11 16:14:43 | 000,359,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\eudcedit.exe
[2014.11.11 16:14:43 | 000,355,328 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Faultrep.dll
[2014.11.11 16:14:43 | 000,188,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\netjoin.dll
[2014.11.11 16:14:43 | 000,066,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\hbaapi.dll
[2014.11.11 16:14:42 | 001,077,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Narrator.exe
[2014.11.11 16:14:42 | 000,166,400 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netiohlp.dll
[2014.11.11 16:14:42 | 000,057,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\licmgr10.dll
[2014.11.11 16:14:41 | 000,668,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\autochk.exe
[2014.11.11 16:14:41 | 000,038,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\vpnikeapi.dll
[2014.11.11 16:14:40 | 000,633,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\comctl32.dll
[2014.11.11 16:14:40 | 000,232,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sppcomapi.dll
[2014.11.11 16:14:40 | 000,139,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\cabview.dll
[2014.11.11 16:14:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\proquota.exe
[2014.11.11 16:14:39 | 000,777,728 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\autochk.exe
[2014.11.11 16:14:39 | 000,763,904 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\autofmt.exe
[2014.11.11 16:14:39 | 000,679,424 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\autoconv.exe
[2014.11.11 16:14:39 | 000,167,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msutb.dll
[2014.11.11 16:14:38 | 000,793,088 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\autoconv.exe
[2014.11.11 16:14:38 | 000,400,896 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ipsmsnap.dll
[2014.11.11 16:14:38 | 000,303,104 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msinfo32.exe
[2014.11.11 16:14:38 | 000,072,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\regapi.dll
[2014.11.11 16:14:38 | 000,042,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mimefilt.dll
[2014.11.11 16:14:37 | 000,850,432 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\sbe.dll
[2014.11.11 16:14:37 | 000,611,840 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wpd_ci.dll
[2014.11.11 16:14:37 | 000,455,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\nshipsec.dll
[2014.11.11 16:14:37 | 000,301,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\srchadmin.dll
[2014.11.11 16:14:37 | 000,181,760 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\tcpipcfg.dll
[2014.11.11 16:14:37 | 000,179,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\schtasks.exe
[2014.11.11 16:14:37 | 000,130,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\shsetup.dll
[2014.11.11 16:14:37 | 000,126,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\audiodg.exe
[2014.11.11 16:14:37 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- E:\Windows\SysNative\fms.dll
[2014.11.11 16:14:36 | 001,264,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\sdclt.exe
[2014.11.11 16:14:36 | 000,441,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\powercpl.dll
[2014.11.11 16:14:36 | 000,222,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\eapphost.dll
[2014.11.11 16:14:36 | 000,202,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\framedyn.dll
[2014.11.11 16:14:36 | 000,168,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\bcdsrv.dll
[2014.11.11 16:14:35 | 001,466,368 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\inetcpl.cpl
[2014.11.11 16:14:35 | 000,905,216 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mmsys.cpl
[2014.11.11 16:14:35 | 000,665,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2014.11.11 16:14:35 | 000,414,208 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wlanui.dll
[2014.11.11 16:14:35 | 000,337,408 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msihnd.dll
[2014.11.11 16:14:35 | 000,222,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wwanconn.dll
[2014.11.11 16:14:35 | 000,171,392 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\scsiport.sys
[2014.11.11 16:14:35 | 000,156,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\prntvpt.dll
[2014.11.11 16:14:35 | 000,155,472 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mscorier.dll
[2014.11.11 16:14:35 | 000,154,960 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mscorier.dll
[2014.11.11 16:14:34 | 000,933,376 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\SmiEngine.dll
[2014.11.11 16:14:34 | 000,861,184 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fontext.dll
[2014.11.11 16:14:34 | 000,478,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\timedate.cpl
[2014.11.11 16:14:34 | 000,171,520 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\QAGENT.DLL
[2014.11.11 16:14:34 | 000,066,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rdpsign.exe
[2014.11.11 16:14:33 | 001,066,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\Display.dll
[2014.11.11 16:14:33 | 000,211,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mprddm.dll
[2014.11.11 16:14:33 | 000,117,248 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\netid.dll
[2014.11.11 16:14:32 | 000,624,128 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\qedit.dll
[2014.11.11 16:14:32 | 000,267,264 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\FXSCOVER.exe
[2014.11.11 16:14:31 | 001,227,776 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wdc.dll
[2014.11.11 16:14:31 | 000,749,568 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\batmeter.dll
[2014.11.11 16:14:31 | 000,204,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\MSNP.ax
[2014.11.11 16:14:31 | 000,076,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\hidclass.sys
[2014.11.11 16:14:31 | 000,020,992 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\drivers\rdpvideominiport.sys
[2014.11.11 16:14:30 | 000,957,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\mblctr.exe
[2014.11.11 16:14:30 | 000,933,376 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\Vault.dll
[2014.11.11 16:14:30 | 000,372,224 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\rastls.dll
[2014.11.11 16:14:30 | 000,346,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\untfs.dll
[2014.11.11 16:14:30 | 000,307,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\scesrv.dll
[2014.11.11 16:14:30 | 000,223,232 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\wmpsrcwp.dll
[2014.11.11 16:14:30 | 000,100,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\fontsub.dll
[2014.11.11 16:14:30 | 000,078,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\nci.dll
[2014.11.11 16:14:29 | 001,326,592 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\wlanpref.dll
[2014.11.11 16:14:29 | 001,202,176 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\DiagCpl.dll
[2014.11.11 16:14:29 | 001,003,008 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\WMNetMgr.dll
[2014.11.11 16:14:29 | 000,625,664 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\usercpl.dll
[2014.11.11 16:14:29 | 000,052,224 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysNative\rtutils.dll
[2014.11.11 16:14:29 | 000,044,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\licmgr10.dll