VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosim o kontrolu logu ( zavirovany system )

https://forum.viry.cz:443/viewtopic.php?t=133790

Stránka 2 z 3

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 09 lis 2013 14:01
od mirecek
ComboFix 13-11-07.01 - Tatana 09.11.2013 13:45:15.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4074.2475 [GMT 1:00]
Spuštěný z: c:\users\Tatana\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Windows Live\Messenger\msacm32.dll
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-09 do 2013-11-09 )))))))))))))))))))))))))))))))
.
.
2013-11-09 12:50 . 2013-11-09 12:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-08 14:44 . 2013-10-16 00:20 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E8B05C1B-3760-4C4B-985D-22511BE3A24D}\mpengine.dll
2013-11-04 21:51 . 2013-11-05 15:28 -------- d-----w- C:\AdwCleaner
2013-11-02 16:29 . 2013-11-02 16:29 -------- d-----w- c:\programdata\Malwarebytes
2013-11-02 15:39 . 2013-11-02 15:39 -------- d-----w- c:\program files\trend micro
2013-11-02 15:39 . 2013-11-02 15:40 -------- d-----w- C:\rsit
2013-10-30 06:37 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-10-30 06:36 . 2013-07-03 04:05 76800 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-10-30 06:35 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2013-10-30 06:34 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-10-30 06:33 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-10-30 06:32 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-10-30 06:32 . 2012-06-06 06:05 61440 ----a-w- c:\program files\Common Files\System\ado\msador15.dll
2013-10-30 06:32 . 2012-06-06 06:05 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2013-10-30 06:32 . 2012-06-06 06:05 1499136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2013-10-30 06:32 . 2012-06-06 06:05 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2013-10-30 06:32 . 2012-06-06 06:02 1133568 ----a-w- c:\windows\system32\cdosys.dll
2013-10-30 06:32 . 2012-06-06 05:05 143360 ----a-w- c:\program files (x86)\Common Files\System\ado\msjro.dll
2013-10-30 06:32 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2013-10-30 06:32 . 2012-06-06 05:05 57344 ----a-w- c:\program files (x86)\Common Files\System\ado\msador15.dll
2013-10-30 06:32 . 2012-06-06 05:05 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2013-10-30 06:32 . 2012-06-06 05:05 212992 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2013-10-30 06:32 . 2012-06-06 05:05 1019904 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2013-10-30 06:32 . 2012-06-06 05:03 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2013-10-30 06:22 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-10-30 06:22 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-10-30 06:22 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-10-30 06:22 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2013-10-30 06:22 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-10-30 06:06 . 2013-10-30 06:06 -------- d-----w- c:\windows\SysWow64\Wat
2013-10-30 06:06 . 2013-10-30 06:06 -------- d-----w- c:\windows\system32\Wat
2013-10-30 04:51 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-10-30 04:51 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-10-30 04:51 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-10-30 04:44 . 2013-10-30 04:44 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-10-30 04:24 . 2013-10-30 04:24 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-10-30 04:18 . 2013-10-30 04:18 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-10-30 04:18 . 2013-10-30 04:18 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-10-30 03:58 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-10-30 03:58 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-10-30 03:58 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-10-30 03:58 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-10-30 03:58 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-10-30 03:58 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-10-30 03:58 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-10-30 03:45 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-10-30 03:45 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-10-30 03:45 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-10-30 03:45 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-10-30 03:45 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-10-29 23:57 . 2013-10-29 23:57 -------- d-----w- c:\program files (x86)\TeamViewer
2013-10-29 20:52 . 2013-10-29 20:52 -------- d-----w- C:\13f5c8c266c21ce85f7afc69
2013-10-29 20:03 . 2013-10-29 20:40 -------- d-----w- C:\d3a2fb96d16e6833d95c8fa1
2013-10-29 03:43 . 2012-06-22 11:01 22704 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2013-10-29 03:43 . 2013-10-29 03:43 -------- d-----w- C:\sh4ldr
2013-10-29 03:43 . 2013-10-29 03:43 -------- d-----w- c:\program files\Enigma Software Group
2013-10-29 03:43 . 2013-10-29 03:43 -------- d-----w- c:\windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-29 03:10 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll
2013-10-29 03:10 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-10-29 03:10 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-10-29 03:10 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2013-10-29 03:10 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2013-10-29 03:04 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2013-10-29 03:03 . 2011-11-17 06:35 395776 ----a-w- c:\windows\system32\webio.dll
2013-10-29 03:02 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-10-28 04:01 . 2013-10-28 04:01 -------- d-----w- c:\windows\OemDrv
2013-10-28 03:58 . 2013-10-28 03:58 -------- d-----w- c:\program files (x86)\TOSHIBA Corporation
2013-10-28 03:58 . 2013-10-28 03:58 -------- d-----w- c:\windows\SysWow64\Macromed
2013-10-28 03:54 . 2013-10-28 03:56 -------- d-----w- c:\programdata\TOSHIBA
2013-10-28 03:54 . 2011-02-17 15:42 99320 ----a-w- c:\windows\system32\tosWirelessLANIndicatorCP.dll
2013-10-28 03:54 . 2010-03-18 08:36 827728 ----a-w- c:\windows\system32\msvcr100.dll
2013-10-28 03:54 . 2010-03-18 08:36 607568 ----a-w- c:\windows\system32\msvcp100.dll
2013-10-28 03:53 . 2013-10-28 03:53 -------- d-----w- c:\windows\SysWow64\sda
2013-10-28 03:53 . 2010-07-20 16:43 247400 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2013-10-28 03:53 . 2010-07-20 16:42 9112168 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll
2013-10-28 03:53 . 2010-07-20 16:42 422504 ----a-w- c:\windows\system32\RtsUStor.dll
2013-10-28 03:52 . 2009-06-18 20:42 40832 ----a-w- c:\windows\system32\drivers\TosBtCi.dll
2013-10-28 03:49 . 2013-10-28 03:49 -------- d-----w- c:\program files\Synaptics
2013-10-28 03:48 . 2013-10-28 03:48 -------- d-----w- c:\windows\system32\nn-NO
2013-10-28 03:48 . 2013-10-28 03:48 -------- d-----w- c:\windows\Options
2013-10-28 03:48 . 2013-10-28 03:48 -------- d-----w- c:\program files (x86)\Atheros
2013-10-28 03:48 . 2010-12-20 18:20 63648 ----a-w- c:\windows\system32\athihvui.dll
2013-10-28 03:48 . 2010-12-20 18:20 443040 ----a-w- c:\windows\system32\athihvs.dll
2013-10-28 03:48 . 2010-12-17 18:46 2675712 ----a-w- c:\windows\system32\drivers\athrx.sys
2013-10-28 03:47 . 2013-10-28 03:48 -------- d-----w- c:\programdata\Atheros
2013-10-28 03:46 . 2013-10-28 03:46 -------- d-----w- c:\windows\SysWow64\RTCOM
2013-10-28 03:46 . 2013-10-28 03:46 -------- d-----w- c:\program files\Realtek
2013-10-28 03:43 . 2010-12-02 00:12 1359976 ----a-w- c:\windows\system32\nvgenco64hda.dll
2013-10-28 03:43 . 2010-11-11 14:10 29288 ----a-w- c:\windows\system32\nvhdap64.dll
2013-10-28 03:43 . 2010-11-11 14:10 155752 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2013-10-28 03:39 . 2013-10-28 03:55 -------- d-----w- c:\windows\Downloaded Installations
2013-10-28 03:37 . 2011-01-12 16:51 439320 ----a-w- c:\windows\system32\drivers\iaStor.sys
2013-10-28 03:37 . 2013-10-28 03:37 -------- d-----w- c:\programdata\NVIDIA
2013-10-28 03:35 . 2013-10-28 03:35 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-10-28 03:31 . 2011-02-01 12:06 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2013-10-28 03:31 . 2013-10-28 03:31 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2013-10-28 03:31 . 2013-10-28 03:31 -------- d-----w- C:\Intel
2013-10-28 03:29 . 2013-10-28 03:37 -------- d-----w- c:\program files (x86)\Intel
2013-10-28 03:29 . 2010-10-04 12:02 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2013-10-28 01:43 . 2013-11-05 15:28 -------- d-----w- c:\programdata\Uniblue
2013-10-28 01:27 . 2013-10-28 01:44 -------- d-----w- c:\program files (x86)\Mobogenie
2013-10-28 01:27 . 2013-10-28 01:27 -------- d-----w- c:\program files (x86)\iRobinHood
2013-10-28 01:12 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-10-28 01:12 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-10-28 01:12 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-10-28 01:08 . 2013-10-28 01:08 -------- d--h--w- c:\windows\msdownld.tmp
2013-10-28 01:07 . 2013-10-28 01:08 -------- d-----w- c:\program files (x86)\eBay
2013-10-28 01:06 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-10-28 01:06 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-10-28 01:06 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-10-28 01:06 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-10-28 01:06 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-10-28 01:06 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-10-28 01:06 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-10-28 01:06 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-10-28 01:06 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-10-28 01:05 . 2013-10-28 01:05 -------- d-----w- c:\programdata\ToshibaEurope
2013-10-28 01:02 . 2013-10-29 20:41 -------- d-----w- c:\users\Tatana
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-30 04:25 . 2013-10-30 04:25 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-10-30 04:25 . 2013-10-30 04:25 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-10-28 01:03 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-10-02 21:14 . 2013-10-02 21:14 58192 ----a-w- c:\windows\system32\drivers\lsnfd.sys
2013-09-03 13:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-11-02 15:29 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{54E67346-EE5A-45B6-82AA-4F0BB28C79C2}]
2013-10-23 12:58 769320 ----a-w- c:\program files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-02-18 845176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2011-01-07 1406248]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-11-09 532480]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2010-08-16 34160]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-11-29 1294712]
"mobilegeni daemon"="c:\program files (x86)\Mobogenie\DaemonProcess.exe" [2013-10-28 738496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-02-18 845176]
.
c:\users\Tatana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TeamViewer 8.lnk - c:\program files (x86)\TeamViewer\Version8\TeamViewer.exe [2013-10-30 12631904]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 lsnfd;lsnfd;c:\windows\system32\drivers\lsnfd.sys;c:\windows\SYSNATIVE\drivers\lsnfd.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 CeKbFilter;CeKbFilter;c:\windows\system32\DRIVERS\CeKbFilter.sys;c:\windows\SYSNATIVE\DRIVERS\CeKbFilter.sys [x]
S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-11 11776104]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-12-08 710040]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba Registration"="c:\program files\TOSHIBA\Registration\ToshibaReminder.exe" [2011-05-03 150992]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Přidat do aplikace TOSHIBA Bulletin Board - c:\program files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
IE: {{54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - c:\program files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{298cb7ae-9843-494b-ac62-9fffff634973} - c:\program files (x86)\Pass-Widget\134.dll
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Linksicle - c:\program files (x86)\Linksicle\Uninstall.exe
AddRemove-{858366ac-2d91-41f0-8765-0c809058bbeb} - c:\program files (x86)\Pass-Widget\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-11-09 13:52:15
ComboFix-quarantined-files.txt 2013-11-09 12:52
.
Před spuštěním: Volných bajtů: 273 624 576 000
Po spuštění: Volných bajtů: 276 473 303 040
.
- - End Of File - - 4C58411B4FF2CFC6CA1438ED202DD689

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 09 lis 2013 16:13
od Márty84
:???: Proc nepouzivate antivir?


:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{54E67346-EE5A-45B6-82AA-4F0BB28C79C2}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"NBAgent"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]

DDS::
IE: {{54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - c:\program files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll

Driver::
McAfee SiteAdvisor Service
BBSvc
NAUpdate
SpyHunter 4 Service

Reboot::
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 13 lis 2013 06:22
od mirecek
nevim jestli to je ono .... snad ano ...

ComboFix 13-11-07.01 - Tatana 12.11.2013 17:18:55.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4074.2602 [GMT 1:00]
Spuštěný z: C:\Users\Tatana\Desktop\ComboFix.exe
Použité ovládací přepínače :: C:\Users\Tatana\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení


((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))



((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_BBSvc
-------\Service_McAfee SiteAdvisor Service
-------\Service_NAUpdate
-------\Service_SpyHunter 4 Service


((((((((((((((((((((((((( Soubory vytvořené od 2013-10-12 do 2013-11-12 )))))))))))))))))))))))))))))))

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 13 lis 2013 13:04
od Márty84
Je to ono, ale nejak tomu chybi zbytek. Nic vic tam nebylo?

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 13 lis 2013 16:43
od mirecek
ne nebylo bohuzel ... :/

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 14 lis 2013 02:40
od Márty84
Zopakujte to v nouzovem rezimu.

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 14 lis 2013 19:57
od mirecek
tak nakonec se mi to asi povedlo ...

ComboFix 13-11-12.01 - Tatana 14.11.2013 19:14:25.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4074.2691 [GMT 1:00]
Spuštěný z: c:\users\Tatana\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tatana\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BBSvc
-------\Service_McAfee SiteAdvisor Service
-------\Service_NAUpdate
-------\Service_SpyHunter 4 Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-14 do 2013-11-14 )))))))))))))))))))))))))))))))
.
.
2013-11-14 18:22 . 2013-11-14 18:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-13 04:57 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 04:56 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-11-13 04:56 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-13 04:56 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-13 04:56 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-11-13 04:56 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-11-12 06:06 . 2013-10-16 00:20 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D278BBBA-DE61-411A-9EE5-A02EA23D9FF3}\mpengine.dll
2013-11-09 12:35 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-09 12:35 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-09 12:35 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-09 12:35 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-09 12:35 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-09 12:35 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-11-09 12:35 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-04 21:51 . 2013-11-05 15:28 -------- d-----w- C:\AdwCleaner
2013-11-02 16:29 . 2013-11-02 16:29 -------- d-----w- c:\programdata\Malwarebytes
2013-11-02 15:39 . 2013-11-02 15:39 -------- d-----w- c:\program files\trend micro
2013-11-02 15:39 . 2013-11-02 15:40 -------- d-----w- C:\rsit
2013-10-30 06:37 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-10-30 06:36 . 2013-07-03 04:05 76800 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-10-30 06:35 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2013-10-30 06:34 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-10-30 06:33 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-10-30 06:32 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-10-30 06:32 . 2012-06-06 06:05 61440 ----a-w- c:\program files\Common Files\System\ado\msador15.dll
2013-10-30 06:32 . 2012-06-06 06:05 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2013-10-30 06:32 . 2012-06-06 06:05 1499136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2013-10-30 06:32 . 2012-06-06 06:05 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2013-10-30 06:32 . 2012-06-06 06:02 1133568 ----a-w- c:\windows\system32\cdosys.dll
2013-10-30 06:32 . 2012-06-06 05:05 143360 ----a-w- c:\program files (x86)\Common Files\System\ado\msjro.dll
2013-10-30 06:32 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2013-10-30 06:32 . 2012-06-06 05:05 57344 ----a-w- c:\program files (x86)\Common Files\System\ado\msador15.dll
2013-10-30 06:32 . 2012-06-06 05:05 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2013-10-30 06:32 . 2012-06-06 05:05 212992 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2013-10-30 06:32 . 2012-06-06 05:05 1019904 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2013-10-30 06:32 . 2012-06-06 05:03 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2013-10-30 06:22 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-10-30 06:22 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-10-30 06:22 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-10-30 06:22 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2013-10-30 06:22 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-10-30 06:06 . 2013-10-30 06:06 -------- d-----w- c:\windows\SysWow64\Wat
2013-10-30 06:06 . 2013-10-30 06:06 -------- d-----w- c:\windows\system32\Wat
2013-10-30 04:51 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-10-30 04:51 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-10-30 04:51 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-10-30 04:44 . 2013-10-30 04:44 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-10-30 04:24 . 2013-10-30 04:24 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-10-30 04:18 . 2013-10-30 04:18 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-10-30 04:18 . 2013-10-30 04:18 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-10-30 03:58 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-10-30 03:58 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-10-30 03:58 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-10-30 03:58 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-10-30 03:58 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-10-30 03:58 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-10-30 03:58 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-10-30 03:45 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-10-30 03:45 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-10-30 03:45 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-10-30 03:45 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-10-30 03:45 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-10-29 23:57 . 2013-10-29 23:57 -------- d-----w- c:\program files (x86)\TeamViewer
2013-10-29 20:52 . 2013-10-29 20:52 -------- d-----w- C:\13f5c8c266c21ce85f7afc69
2013-10-29 20:03 . 2013-10-29 20:40 -------- d-----w- C:\d3a2fb96d16e6833d95c8fa1
2013-10-29 03:43 . 2013-10-29 03:43 -------- d-----w- c:\program files\Enigma Software Group
2013-10-29 03:43 . 2013-11-14 18:06 -------- d-----w- c:\windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-29 03:10 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll
2013-10-29 03:10 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-10-29 03:10 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-10-29 03:10 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2013-10-29 03:10 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2013-10-29 03:04 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2013-10-29 03:03 . 2011-11-17 06:35 395776 ----a-w- c:\windows\system32\webio.dll
2013-10-29 03:03 . 2011-11-17 05:35 314880 ----a-w- c:\windows\SysWow64\webio.dll
2013-10-29 03:03 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-10-29 03:03 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-10-29 03:03 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-10-29 03:03 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2013-10-29 03:03 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2013-10-29 03:03 . 2013-07-19 01:58 2048 ----a-w- c:\windows\system32\tzres.dll
2013-10-29 03:03 . 2013-07-19 01:41 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-10-29 03:02 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-10-28 04:01 . 2013-10-28 04:01 -------- d-----w- c:\windows\OemDrv
2013-10-28 03:58 . 2013-10-28 03:58 -------- d-----w- c:\program files (x86)\TOSHIBA Corporation
2013-10-28 03:58 . 2013-10-28 03:58 -------- d-----w- c:\windows\SysWow64\Macromed
2013-10-28 03:54 . 2013-10-28 03:56 -------- d-----w- c:\programdata\TOSHIBA
2013-10-28 03:54 . 2011-02-17 15:42 99320 ----a-w- c:\windows\system32\tosWirelessLANIndicatorCP.dll
2013-10-28 03:54 . 2010-03-18 08:36 827728 ----a-w- c:\windows\system32\msvcr100.dll
2013-10-28 03:54 . 2010-03-18 08:36 607568 ----a-w- c:\windows\system32\msvcp100.dll
2013-10-28 03:53 . 2013-10-28 03:53 -------- d-----w- c:\windows\SysWow64\sda
2013-10-28 03:53 . 2010-07-20 16:43 247400 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2013-10-28 03:53 . 2010-07-20 16:42 9112168 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll
2013-10-28 03:53 . 2010-07-20 16:42 422504 ----a-w- c:\windows\system32\RtsUStor.dll
2013-10-28 03:52 . 2009-06-18 20:42 40832 ----a-w- c:\windows\system32\drivers\TosBtCi.dll
2013-10-28 03:49 . 2013-10-28 03:49 -------- d-----w- c:\program files\Synaptics
2013-10-28 03:48 . 2013-10-28 03:48 -------- d-----w- c:\windows\system32\nn-NO
2013-10-28 03:48 . 2013-10-28 03:48 -------- d-----w- c:\windows\Options
2013-10-28 03:48 . 2013-10-28 03:48 -------- d-----w- c:\program files (x86)\Atheros
2013-10-28 03:48 . 2010-12-20 18:20 63648 ----a-w- c:\windows\system32\athihvui.dll
2013-10-28 03:48 . 2010-12-20 18:20 443040 ----a-w- c:\windows\system32\athihvs.dll
2013-10-28 03:48 . 2010-12-17 18:46 2675712 ----a-w- c:\windows\system32\drivers\athrx.sys
2013-10-28 03:47 . 2013-10-28 03:48 -------- d-----w- c:\programdata\Atheros
2013-10-28 03:46 . 2013-10-28 03:46 -------- d-----w- c:\windows\SysWow64\RTCOM
2013-10-28 03:46 . 2013-10-28 03:46 -------- d-----w- c:\program files\Realtek
2013-10-28 03:43 . 2010-12-02 00:12 1359976 ----a-w- c:\windows\system32\nvgenco64hda.dll
2013-10-28 03:43 . 2010-11-11 14:10 29288 ----a-w- c:\windows\system32\nvhdap64.dll
2013-10-28 03:43 . 2010-11-11 14:10 155752 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2013-10-28 03:39 . 2013-10-28 03:55 -------- d-----w- c:\windows\Downloaded Installations
2013-10-28 03:37 . 2011-01-12 16:51 439320 ----a-w- c:\windows\system32\drivers\iaStor.sys
2013-10-28 03:37 . 2013-10-28 03:37 -------- d-----w- c:\programdata\NVIDIA
2013-10-28 03:35 . 2013-10-28 03:35 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-10-28 03:31 . 2011-02-01 12:06 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2013-10-28 03:31 . 2013-10-28 03:31 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2013-10-28 03:31 . 2013-10-28 03:31 -------- d-----w- C:\Intel
2013-10-28 03:29 . 2013-10-28 03:37 -------- d-----w- c:\program files (x86)\Intel
2013-10-28 03:29 . 2010-10-04 12:02 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2013-10-28 01:43 . 2013-11-05 15:28 -------- d-----w- c:\programdata\Uniblue
2013-10-28 01:27 . 2013-10-28 01:44 -------- d-----w- c:\program files (x86)\Mobogenie
2013-10-28 01:27 . 2013-10-28 01:27 -------- d-----w- c:\program files (x86)\iRobinHood
2013-10-28 01:12 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-10-28 01:12 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-10-28 01:12 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-10-28 01:08 . 2013-10-28 01:08 -------- d--h--w- c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-30 04:25 . 2013-10-30 04:25 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-10-30 04:25 . 2013-10-30 04:25 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-10-28 01:03 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-10-02 21:14 . 2013-10-02 21:14 58192 ----a-w- c:\windows\system32\drivers\lsnfd.sys
2013-09-25 01:57 . 2013-11-13 04:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-03 13:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-11-02 15:29 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{298cb7ae-9843-494b-ac62-9fffff634973}]
c:\program files (x86)\Pass-Widget\134.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{54E67346-EE5A-45B6-82AA-4F0BB28C79C2}]
2013-10-23 12:58 769320 ----a-w- c:\program files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-02-18 845176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-11-09 532480]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2010-08-16 34160]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-11-29 1294712]
"mobilegeni daemon"="c:\program files (x86)\Mobogenie\DaemonProcess.exe" [2013-10-28 738496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-02-18 845176]
.
c:\users\Tatana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TeamViewer 8.lnk - c:\program files (x86)\TeamViewer\Version8\TeamViewer.exe [2013-10-30 12631904]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 lsnfd;lsnfd;c:\windows\system32\drivers\lsnfd.sys;c:\windows\SYSNATIVE\drivers\lsnfd.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 CeKbFilter;CeKbFilter;c:\windows\system32\DRIVERS\CeKbFilter.sys;c:\windows\SYSNATIVE\DRIVERS\CeKbFilter.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-11 11776104]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-12-08 710040]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba Registration"="c:\program files\TOSHIBA\Registration\ToshibaReminder.exe" [2011-05-03 150992]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Přidat do aplikace TOSHIBA Bulletin Board - c:\program files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
IE: {{54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - c:\program files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-Linksicle - c:\program files (x86)\Linksicle\Uninstall.exe
AddRemove-{858366ac-2d91-41f0-8765-0c809058bbeb} - c:\program files (x86)\Pass-Widget\Uninstall.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2013-11-14 19:33:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-14 18:33
ComboFix2.txt 2013-11-09 12:52
.
Před spuštěním: Volných bajtů: 280 366 284 800
Po spuštění: Volných bajtů: 279 931 637 760
.
- - End Of File - - A8BE7A2DDD58F5FBA4489725DC7FF7DA

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 15 lis 2013 04:36
od Márty84
Fajn, dejte novy log z RSIT

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 15 lis 2013 18:21
od mirecek
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tatana at 2013-11-15 18:19:36
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 267 GB (87%) free of 305 GB
Total RAM: 4074 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:19:38, on 15.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\trend micro\Tatana.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PassWidget - {298cb7ae-9843-494b-ac62-9fffff634973} - C:\Program Files (x86)\Pass-Widget\134.dll (file missing)
O2 - BHO: iRobin Hood Addon - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TeamViewer 8.lnk = C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
O8 - Extra context menu item: Přidat do aplikace TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: iRobinHood Partners V Addon - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10485 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 27232800
\??\C:\Windows\system32\conhost.exe "-48539660110420372381795616603-664775534-2093172429-13977777692109452416-899119951
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1660
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe" /STAR
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" /START
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files (x86)\Mobogenie\DaemonProcess.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskeng.exe {24776A69-3395-491D-A4B8-706EF8822FA8}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Windows\system32\wuauclt.exe"
"c:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe" --IPCport 5939
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Tatana\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{298cb7ae-9843-494b-ac62-9fffff634973}]
PassWidget - C:\Program Files (x86)\Pass-Widget\134.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54E67346-EE5A-45B6-82AA-4F0BB28C79C2}]
IEiRobinHoodAddon Class - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll [2013-10-23 769320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2011-03-03 597928]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-12-14 38304]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2011-03-02 566696]
"TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-12-15 973176]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-11 11776104]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-01-18 2188904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-03 2679592]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-12-08 710040]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [2011-05-03 150992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2011-02-18 845176]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2010-11-09 532480]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2010-03-04 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2010-08-16 34160]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2010-11-29 1294712]
"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [2013-10-28 738496]

C:\Users\Tatana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TeamViewer 8.lnk - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-11-14 19:33:48 ----D---- C:\Windows\temp
2013-11-14 19:33:39 ----A---- C:\ComboFix.txt
2013-11-14 19:24:18 ----D---- C:\$RECYCLE.BIN
2013-11-13 06:22:22 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-11-13 06:22:22 ----A---- C:\Windows\system32\ieui.dll
2013-11-13 06:22:21 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-13 06:22:21 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-13 06:22:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-13 06:22:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-11-13 06:22:21 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-13 06:22:21 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 06:22:21 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-13 06:22:21 ----A---- C:\Windows\system32\iesetup.dll
2013-11-13 06:22:21 ----A---- C:\Windows\system32\iernonce.dll
2013-11-13 06:22:21 ----A---- C:\Windows\system32\ie4uinit.exe
2013-11-13 06:22:20 ----A---- C:\Windows\system32\iertutil.dll
2013-11-13 06:22:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-13 06:22:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-13 06:22:19 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-13 06:22:19 ----A---- C:\Windows\system32\jscript.dll
2013-11-13 06:22:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-11-13 06:22:18 ----A---- C:\Windows\system32\jscript9.dll
2013-11-13 06:22:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-11-13 06:22:17 ----A---- C:\Windows\system32\urlmon.dll
2013-11-13 06:22:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-11-13 06:22:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-11-13 06:22:16 ----A---- C:\Windows\system32\wininet.dll
2013-11-13 06:22:16 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-13 06:22:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-11-13 06:22:13 ----A---- C:\Windows\system32\mshtml.dll
2013-11-13 06:22:13 ----A---- C:\Windows\system32\ieframe.dll
2013-11-13 06:22:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-11-13 05:57:09 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-11-13 05:57:09 ----A---- C:\Windows\system32\crypt32.dll
2013-11-13 05:57:07 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-13 05:57:07 ----A---- C:\Windows\system32\authui.dll
2013-11-13 05:57:06 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-13 05:57:06 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-11-13 05:57:06 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-11-13 05:57:06 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 05:57:06 ----A---- C:\Windows\system32\credui.dll
2013-11-13 05:57:03 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-11-13 05:57:03 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-11-13 05:57:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-11-13 05:57:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-11-13 05:57:03 ----A---- C:\Windows\system32\sspisrv.dll
2013-11-13 05:57:03 ----A---- C:\Windows\system32\sspicli.dll
2013-11-13 05:57:03 ----A---- C:\Windows\system32\schannel.dll
2013-11-13 05:57:03 ----A---- C:\Windows\system32\secur32.dll
2013-11-13 05:57:03 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-13 05:57:03 ----A---- C:\Windows\system32\lsass.exe
2013-11-13 05:57:03 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-13 05:57:03 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-11-13 05:57:03 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-13 05:57:03 ----A---- C:\Windows\system32\drivers\cng.sys
2013-11-13 05:57:00 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-11-13 05:57:00 ----A---- C:\Windows\system32\gdi32.dll
2013-11-13 05:56:58 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-11-13 05:56:58 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-11-13 05:56:58 ----A---- C:\Windows\system32\nshwfp.dll
2013-11-13 05:56:58 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-13 05:56:58 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-09 13:44:17 ----A---- C:\Windows\zip.exe
2013-11-09 13:44:17 ----A---- C:\Windows\SWSC.exe
2013-11-09 13:44:17 ----A---- C:\Windows\SWREG.exe
2013-11-09 13:44:17 ----A---- C:\Windows\sed.exe
2013-11-09 13:44:17 ----A---- C:\Windows\PEV.exe
2013-11-09 13:44:17 ----A---- C:\Windows\NIRCMD.exe
2013-11-09 13:44:17 ----A---- C:\Windows\MBR.exe
2013-11-09 13:44:17 ----A---- C:\Windows\grep.exe
2013-11-09 13:35:13 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-11-09 13:35:13 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-11-09 13:35:13 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-11-09 13:35:13 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-11-09 13:35:13 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-11-09 13:35:13 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-11-09 13:35:13 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-11-04 22:51:07 ----D---- C:\AdwCleaner
2013-11-02 17:29:42 ----D---- C:\Users\Tatana\AppData\Roaming\Malwarebytes
2013-11-02 17:29:32 ----D---- C:\ProgramData\Malwarebytes
2013-11-02 16:39:51 ----D---- C:\Program Files\trend micro
2013-11-02 16:39:50 ----D---- C:\rsit
2013-11-02 16:29:49 ----A---- C:\Windows\system32\KernelBase.dll
2013-11-02 16:29:49 ----A---- C:\Windows\system32\kernel32.dll
2013-11-02 16:29:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-11-02 16:29:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-11-02 16:29:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-11-02 16:29:48 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-11-02 16:29:48 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-11-02 16:29:48 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-11-02 16:29:48 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-11-02 16:29:48 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-11-02 16:29:48 ----A---- C:\Windows\system32\winsrv.dll
2013-11-02 16:29:48 ----A---- C:\Windows\system32\smss.exe
2013-11-02 16:29:48 ----A---- C:\Windows\system32\csrsrv.dll
2013-11-02 16:29:48 ----A---- C:\Windows\system32\conhost.exe
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-11-02 16:29:47 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-11-02 16:29:47 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-11-02 16:29:47 ----A---- C:\Windows\system32\apisetschema.dll
2013-11-02 16:29:42 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2013-11-02 16:29:42 ----A---- C:\Windows\SYSWOW64\esent.dll
2013-11-02 16:29:42 ----A---- C:\Windows\system32\fsutil.exe
2013-11-02 16:29:42 ----A---- C:\Windows\system32\esent.dll
2013-11-02 16:29:42 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2013-11-02 16:29:42 ----A---- C:\Windows\system32\drivers\storport.sys
2013-11-02 16:29:42 ----A---- C:\Windows\system32\drivers\nvstor.sys
2013-11-02 16:29:42 ----A---- C:\Windows\system32\drivers\nvraid.sys
2013-11-02 16:29:42 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2013-11-02 16:29:42 ----A---- C:\Windows\system32\drivers\amdxata.sys
2013-11-02 16:29:42 ----A---- C:\Windows\system32\drivers\amdsata.sys
2013-11-02 16:29:36 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-11-02 16:29:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-11-02 16:29:35 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-11-02 16:29:35 ----A---- C:\Windows\system32\tdh.dll
2013-11-02 16:29:35 ----A---- C:\Windows\system32\ntdll.dll
2013-11-02 16:29:35 ----A---- C:\Windows\system32\advapi32.dll
2013-11-02 16:29:34 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-11-02 16:29:34 ----A---- C:\Windows\SYSWOW64\user.exe
2013-11-02 16:29:34 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-11-02 16:29:34 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-11-02 16:29:34 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-11-02 16:29:34 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-11-02 16:29:34 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-11-02 16:29:34 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-11-02 16:29:34 ----A---- C:\Windows\system32\wow64.dll
2013-11-02 16:29:31 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-11-02 16:29:31 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-10-30 07:37:34 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-10-30 07:37:34 ----A---- C:\Windows\system32\DWrite.dll
2013-10-30 07:37:22 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-30 07:37:22 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-30 07:37:22 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-30 07:37:22 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-30 07:37:22 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-30 07:37:22 ----A---- C:\Windows\system32\lpk.dll
2013-10-30 07:37:22 ----A---- C:\Windows\system32\fontsub.dll
2013-10-30 07:37:22 ----A---- C:\Windows\system32\dciman32.dll
2013-10-30 07:37:22 ----A---- C:\Windows\system32\atmlib.dll
2013-10-30 07:37:22 ----A---- C:\Windows\system32\atmfd.dll
2013-10-30 07:37:20 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-10-30 07:37:20 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-10-30 07:37:16 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-10-30 07:37:16 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-10-30 07:37:14 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-10-30 07:37:13 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-10-30 07:37:13 ----A---- C:\Windows\system32\rdpwsx.dll
2013-10-30 07:37:13 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-10-30 07:37:07 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-30 07:37:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-10-30 07:37:05 ----A---- C:\Windows\system32\rpcrt4.dll
2013-10-30 07:37:04 ----A---- C:\Windows\system32\msxml6.dll
2013-10-30 07:37:04 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-30 07:37:04 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-30 07:37:03 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-10-30 07:37:03 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2013-10-30 07:37:03 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-10-30 07:37:03 ----A---- C:\Windows\system32\msxml3r.dll
2013-10-30 07:37:03 ----A---- C:\Windows\system32\msxml3.dll
2013-10-30 07:37:01 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-10-30 07:37:01 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-10-30 07:37:01 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-10-30 07:37:01 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-10-30 07:37:01 ----A---- C:\Windows\system32\nlasvc.dll
2013-10-30 07:37:01 ----A---- C:\Windows\system32\nlaapi.dll
2013-10-30 07:37:01 ----A---- C:\Windows\system32\netevent.dll
2013-10-30 07:37:01 ----A---- C:\Windows\system32\netcorehc.dll
2013-10-30 07:37:01 ----A---- C:\Windows\system32\ncsi.dll
2013-10-30 07:37:01 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-10-30 07:37:01 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-10-30 07:36:55 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-30 07:36:55 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-30 07:36:54 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2013-10-30 07:36:53 ----A---- C:\Windows\system32\profsvc.dll
2013-10-30 07:36:28 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-30 07:36:28 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-30 07:36:28 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-30 07:36:28 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-30 07:36:28 ----A---- C:\Windows\system32\davclnt.dll
2013-10-30 07:36:27 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-10-30 07:36:27 ----A---- C:\Windows\system32\dpnet.dll
2013-10-30 07:36:26 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-10-30 07:36:26 ----A---- C:\Windows\system32\qedit.dll
2013-10-30 07:36:09 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-10-30 07:35:45 ----A---- C:\Windows\system32\drivers\srvnet.sys
2013-10-30 07:35:45 ----A---- C:\Windows\system32\drivers\srv2.sys
2013-10-30 07:35:45 ----A---- C:\Windows\system32\drivers\srv.sys
2013-10-30 07:35:42 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-10-30 07:35:42 ----A---- C:\Windows\system32\usp10.dll
2013-10-30 07:35:39 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-10-30 07:35:36 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-30 07:35:36 ----A---- C:\Windows\system32\mswsock.dll
2013-10-30 07:35:36 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-30 07:35:33 ----A---- C:\Windows\system32\Wpc.dll
2013-10-30 07:35:33 ----A---- C:\Windows\system32\gameux.dll
2013-10-30 07:35:32 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-10-30 07:35:32 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-10-30 07:35:17 ----A---- C:\Windows\system32\win32k.sys
2013-10-30 07:35:16 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2013-10-30 07:35:16 ----A---- C:\Windows\system32\psisdecd.dll
2013-10-30 07:35:10 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-10-30 07:34:47 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-10-30 07:34:46 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-10-30 07:34:46 ----A---- C:\Windows\system32\kerberos.dll
2013-10-30 07:34:41 ----A---- C:\Windows\SYSWOW64\msi.dll
2013-10-30 07:34:41 ----A---- C:\Windows\system32\msi.dll
2013-10-30 07:34:34 ----A---- C:\Windows\system32\wow64win.dll
2013-10-30 07:34:34 ----A---- C:\Windows\system32\wow64cpu.dll
2013-10-30 07:34:34 ----A---- C:\Windows\system32\ntvdm64.dll
2013-10-30 07:34:09 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-10-30 07:34:09 ----A---- C:\Windows\system32\synceng.dll
2013-10-30 07:34:06 ----A---- C:\Windows\system32\shell32.dll
2013-10-30 07:34:05 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-10-30 07:34:05 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-10-30 07:34:05 ----A---- C:\Windows\system32\shdocvw.dll
2013-10-30 07:33:52 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-10-30 07:33:52 ----A---- C:\Windows\system32\win32spl.dll
2013-10-30 07:33:47 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-10-30 07:33:47 ----A---- C:\Windows\system32\cryptdlg.dll
2013-10-30 07:33:30 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-30 07:33:30 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-30 07:33:28 ----A---- C:\Windows\system32\drivers\netio.sys
2013-10-30 07:33:28 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-10-30 07:33:25 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2013-10-30 07:33:25 ----A---- C:\Windows\SYSWOW64\browcli.dll
2013-10-30 07:33:25 ----A---- C:\Windows\system32\netapi32.dll
2013-10-30 07:33:25 ----A---- C:\Windows\system32\browser.dll
2013-10-30 07:33:25 ----A---- C:\Windows\system32\browcli.dll
2013-10-30 07:33:23 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2013-10-30 07:33:23 ----A---- C:\Windows\system32\prevhost.exe
2013-10-30 07:33:22 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-10-30 07:33:21 ----A---- C:\Windows\SYSWOW64\srclient.dll
2013-10-30 07:33:21 ----A---- C:\Windows\system32\srcore.dll
2013-10-30 07:33:21 ----A---- C:\Windows\system32\inetcomm.dll
2013-10-30 07:33:20 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2013-10-30 07:33:19 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2013-10-30 07:33:19 ----A---- C:\Windows\system32\msvcrt.dll
2013-10-30 07:33:16 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-10-30 07:33:16 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-10-30 07:33:16 ----A---- C:\Windows\system32\certutil.exe
2013-10-30 07:33:16 ----A---- C:\Windows\system32\certenc.dll
2013-10-30 07:33:05 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2013-10-30 07:33:05 ----A---- C:\Windows\system32\oleaut32.dll
2013-10-30 07:33:05 ----A---- C:\Windows\system32\oleacc.dll
2013-10-30 07:33:05 ----A---- C:\Windows\system32\localspl.dll
2013-10-30 07:33:04 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2013-10-30 07:33:03 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2013-10-30 07:33:03 ----A---- C:\Windows\system32\EncDec.dll
2013-10-30 07:33:02 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-10-30 07:33:02 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-30 07:33:02 ----A---- C:\Windows\system32\cdd.dll
2013-10-30 07:32:43 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2013-10-30 07:32:43 ----A---- C:\Windows\system32\cdosys.dll
2013-10-30 07:22:23 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-30 07:22:20 ----A---- C:\Windows\system32\spoolsv.exe
2013-10-30 07:22:20 ----A---- C:\Windows\splwow64.exe
2013-10-30 07:22:09 ----A---- C:\Windows\SYSWOW64\packager.dll
2013-10-30 07:22:09 ----A---- C:\Windows\system32\packager.dll
2013-10-30 07:06:02 ----D---- C:\Windows\SYSWOW64\Wat
2013-10-30 07:06:02 ----D---- C:\Windows\system32\Wat
2013-10-30 05:51:02 ----A---- C:\Windows\system32\Wdfres.dll
2013-10-30 05:51:02 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-10-30 05:44:27 ----D---- C:\Program Files (x86)\MSXML 4.0
2013-10-30 05:25:59 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-10-30 05:25:58 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-10-30 05:25:58 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-10-30 05:25:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-10-30 05:25:58 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-10-30 05:25:58 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-10-30 05:25:58 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-10-30 05:25:58 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-10-30 05:25:58 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-10-30 05:25:58 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-10-30 05:25:58 ----A---- C:\Windows\system32\elshyph.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\url.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-10-30 05:25:57 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\wextract.exe
2013-10-30 05:25:56 ----A---- C:\Windows\system32\webcheck.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\vbscript.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\url.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-10-30 05:25:56 ----A---- C:\Windows\system32\pngfilt.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\occache.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\msrating.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\msls31.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\mshtmler.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\mshtmled.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\mshta.exe
2013-10-30 05:25:56 ----A---- C:\Windows\system32\msfeedssync.exe
2013-10-30 05:25:56 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\licmgr10.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\inseng.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\imgutil.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\iexpress.exe
2013-10-30 05:25:56 ----A---- C:\Windows\system32\ieUnatt.exe
2013-10-30 05:25:56 ----A---- C:\Windows\system32\iepeers.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\iedkcs32.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\ieapfltr.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\ieapfltr.dat
2013-10-30 05:25:56 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\icardie.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\dxtrans.dll
2013-10-30 05:25:56 ----A---- C:\Windows\system32\dxtmsft.dll
2013-10-30 05:24:41 ----A---- C:\Windows\system32\taskhost.exe
2013-10-30 05:20:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-10-30 05:20:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-10-30 05:20:16 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-10-30 05:20:16 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-10-30 05:20:16 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-10-30 05:20:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-10-30 05:20:16 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-10-30 05:20:16 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-10-30 05:20:16 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-10-30 05:20:16 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-10-30 05:20:16 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-10-30 05:20:16 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-10-30 05:20:16 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-10-30 05:20:16 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-10-30 05:20:16 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-10-30 05:20:16 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\XpsPrint.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\WMPhoto.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\UIAnimation.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\FntCache.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\dxgi.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\d3d10warp.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\d3d10level9.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\d3d10core.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\d3d10_1.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\d3d10.dll
2013-10-30 05:20:16 ----A---- C:\Windows\system32\d2d1.dll
2013-10-30 05:18:06 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-10-30 05:18:06 ----A---- C:\Windows\system32\d3d11.dll
2013-10-30 04:58:23 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-10-30 04:58:23 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-10-30 04:58:22 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-10-30 04:58:22 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-10-30 04:58:21 ----A---- C:\Windows\system32\WUDFx.dll
2013-10-30 04:58:21 ----A---- C:\Windows\system32\WUDFHost.exe
2013-10-30 04:58:21 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-10-30 04:45:17 ----A---- C:\Windows\SYSWOW64\wmi.dll
2013-10-30 04:45:17 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-10-30 04:45:17 ----A---- C:\Windows\system32\wmi.dll
2013-10-30 04:45:17 ----A---- C:\Windows\system32\imagehlp.dll
2013-10-30 04:45:17 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-10-30 01:19:01 ----D---- C:\Qoobox
2013-10-30 01:18:15 ----D---- C:\Windows\erdnt
2013-10-30 00:57:15 ----D---- C:\Program Files (x86)\TeamViewer
2013-10-29 21:58:40 ----A---- C:\Windows\ntbtlog.txt
2013-10-29 21:52:35 ----D---- C:\13f5c8c266c21ce85f7afc69
2013-10-29 21:03:54 ----D---- C:\d3a2fb96d16e6833d95c8fa1
2013-10-29 20:02:24 ----D---- C:\Config.Msi
2013-10-29 04:44:02 ----A---- C:\autoexec.bat
2013-10-29 04:43:32 ----D---- C:\Program Files\Enigma Software Group
2013-10-29 04:43:00 ----D---- C:\Windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-29 04:10:11 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2013-10-29 04:10:11 ----A---- C:\Windows\system32\xmllite.dll
2013-10-29 04:10:03 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-10-29 04:10:03 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-10-29 04:10:03 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-10-29 04:10:03 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-10-29 04:09:58 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2013-10-29 04:09:58 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2013-10-29 04:09:58 ----A---- C:\Windows\SYSWOW64\devobj.dll
2013-10-29 04:09:58 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2013-10-29 04:09:58 ----A---- C:\Windows\system32\umpnpmgr.dll
2013-10-29 04:09:55 ----A---- C:\Windows\system32\poqexec.exe
2013-10-29 04:09:54 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2013-10-29 04:09:54 ----A---- C:\Windows\system32\odbccu32.dll
2013-10-29 04:09:54 ----A---- C:\Windows\system32\odbccr32.dll
2013-10-29 04:09:53 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2013-10-29 04:09:53 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2013-10-29 04:09:53 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2013-10-29 04:09:53 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2013-10-29 04:09:53 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2013-10-29 04:09:53 ----A---- C:\Windows\system32\odbctrac.dll
2013-10-29 04:09:53 ----A---- C:\Windows\system32\odbccp32.dll
2013-10-29 04:09:45 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-29 04:09:45 ----A---- C:\Windows\system32\comctl32.dll
2013-10-29 04:09:22 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-10-29 04:09:22 ----A---- C:\Windows\system32\mstscax.dll
2013-10-29 04:09:21 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-10-29 04:09:21 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-10-29 04:09:21 ----A---- C:\Windows\system32\tsgqec.dll
2013-10-29 04:09:21 ----A---- C:\Windows\system32\aaclient.dll
2013-10-29 04:09:12 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-10-29 04:09:12 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-10-29 04:09:12 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-10-29 04:09:12 ----A---- C:\Windows\system32\wintrust.dll
2013-10-29 04:09:12 ----A---- C:\Windows\system32\cryptsvc.dll
2013-10-29 04:09:12 ----A---- C:\Windows\system32\cryptnet.dll
2013-10-29 04:04:45 ----A---- C:\Windows\SYSWOW64\explorer.exe
2013-10-29 04:04:45 ----A---- C:\Windows\explorer.exe
2013-10-29 04:04:31 ----A---- C:\Windows\SYSWOW64\quartz.dll
2013-10-29 04:04:31 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-10-29 04:04:31 ----A---- C:\Windows\system32\quartz.dll
2013-10-29 04:04:30 ----A---- C:\Windows\system32\qdvd.dll
2013-10-29 04:04:27 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2013-10-29 04:04:27 ----A---- C:\Windows\system32\ntshrui.dll
2013-10-29 04:04:25 ----A---- C:\Windows\SYSWOW64\tquery.dll
2013-10-29 04:04:25 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2013-10-29 04:04:25 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2013-10-29 04:04:25 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2013-10-29 04:04:25 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2013-10-29 04:04:25 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2013-10-29 04:04:25 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2013-10-29 04:04:25 ----A---- C:\Windows\SYSWOW64\mssph.dll
2013-10-29 04:04:25 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2013-10-29 04:04:25 ----A---- C:\Windows\system32\tquery.dll
2013-10-29 04:04:25 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2013-10-29 04:04:25 ----A---- C:\Windows\system32\SearchIndexer.exe
2013-10-29 04:04:25 ----A---- C:\Windows\system32\SearchFilterHost.exe
2013-10-29 04:04:25 ----A---- C:\Windows\system32\mssvp.dll
2013-10-29 04:04:25 ----A---- C:\Windows\system32\mssrch.dll
2013-10-29 04:04:25 ----A---- C:\Windows\system32\mssphtb.dll
2013-10-29 04:04:25 ----A---- C:\Windows\system32\mssph.dll
2013-10-29 04:04:25 ----A---- C:\Windows\system32\msscntrs.dll
2013-10-29 04:04:17 ----A---- C:\Windows\system32\consent.exe
2013-10-29 04:04:17 ----A---- C:\Windows\system32\appinfo.dll
2013-10-29 04:04:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2013-10-29 04:04:01 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2013-10-29 04:04:01 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2013-10-29 04:03:58 ----A---- C:\Windows\SYSWOW64\webio.dll
2013-10-29 04:03:58 ----A---- C:\Windows\system32\webio.dll
2013-10-29 04:03:56 ----A---- C:\Windows\system32\wwansvc.dll
2013-10-29 04:03:56 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-10-29 04:03:56 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-10-29 04:03:12 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-10-29 04:03:12 ----A---- C:\Windows\system32\tzres.dll
2013-10-29 04:02:47 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-10-28 05:01:55 ----D---- C:\Windows\OemDrv
2013-10-28 05:01:30 ----D---- C:\Program Files (x86)\Microsoft Office
2013-10-28 04:59:16 ----A---- C:\Windows\NDSTray.INI
2013-10-28 04:58:42 ----D---- C:\Program Files (x86)\TOSHIBA Corporation
2013-10-28 04:58:01 ----D---- C:\Windows\SYSWOW64\Macromed
2013-10-28 04:57:25 ----A---- C:\Windows\system32\drivers\PGEffect.sys
2013-10-28 04:54:53 ----D---- C:\ProgramData\TOSHIBA
2013-10-28 04:54:14 ----A---- C:\Windows\system32\tosWirelessLANIndicatorCP.dll
2013-10-28 04:54:14 ----A---- C:\Windows\system32\msvcr100.dll
2013-10-28 04:54:14 ----A---- C:\Windows\system32\msvcp100.dll
2013-10-28 04:53:55 ----D---- C:\Windows\SYSWOW64\sda
2013-10-28 04:53:52 ----A---- C:\Windows\SYSWOW64\RtsUStoricon.dll
2013-10-28 04:53:52 ----A---- C:\Windows\system32\RtsUStor.dll
2013-10-28 04:53:52 ----A---- C:\Windows\system32\drivers\RtsUStor.sys
2013-10-28 04:52:34 ----A---- C:\Windows\system32\drivers\TosBtCi.dll
2013-10-28 04:49:18 ----D---- C:\Program Files\Synaptics
2013-10-28 04:48:25 ----D---- C:\Windows\system32\nn-NO
2013-10-28 04:48:25 ----D---- C:\Windows\Options
2013-10-28 04:48:25 ----D---- C:\Program Files (x86)\Atheros
2013-10-28 04:48:25 ----A---- C:\Windows\system32\drivers\athrx.sys
2013-10-28 04:48:25 ----A---- C:\Windows\system32\athihvui.dll
2013-10-28 04:48:25 ----A---- C:\Windows\system32\athihvs.dll
2013-10-28 04:47:57 ----D---- C:\ProgramData\Atheros
2013-10-28 04:46:00 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-10-28 04:46:00 ----D---- C:\Program Files\Realtek
2013-10-28 04:45:39 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\WavesGUILib.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\SRSWOW64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\SRSTSX64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\SRSTSH64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\SRSHP64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\SFSS_APO.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\SFNHK64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\SFCOM64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\SFAPO64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\RtPgEx64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\RtkCfg64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\RtkApi64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\RTEEP64A.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\RTEEL64A.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\RTEEG64A.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\RTEED64A.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\RTCOM64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\RP3DHT64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\RP3DAA64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\RCoRes64.dat
2013-10-28 04:45:39 ----A---- C:\Windows\system32\RCoInst64.dll
2013-10-28 04:45:39 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2013-10-28 04:45:38 ----HD---- C:\Program Files (x86)\Temp
2013-10-28 04:45:38 ----D---- C:\Program Files (x86)\Realtek
2013-10-28 04:45:38 ----A---- C:\Windows\system32\R4EEP64A.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\R4EEL64A.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\R4EEG64A.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\R4EED64A.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\R4EEA64A.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\MaxxAudioRealtek.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\FMAPO64.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\AERTAR64.dll
2013-10-28 04:45:38 ----A---- C:\Windows\system32\AERTAC64.dll
2013-10-28 04:45:37 ----A---- C:\Windows\RtlExUpd.dll
2013-10-28 04:43:41 ----A---- C:\Windows\system32\nvhdap64.dll
2013-10-28 04:43:41 ----A---- C:\Windows\system32\nvgenco64hda.dll
2013-10-28 04:43:41 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2013-10-28 04:40:45 ----A---- C:\Windows\SYSWOW64\TSCI.dll
2013-10-28 04:40:45 ----A---- C:\Windows\SYSWOW64\THCI.dll
2013-10-28 04:40:28 ----DC---- C:\Windows\system32\DRVSTORE
2013-10-28 04:40:28 ----A---- C:\Windows\system32\drivers\CeKbFilter.sys
2013-10-28 04:40:25 ----D---- C:\Windows\SYSWOW64\Microsoft.VC80.MFC
2013-10-28 04:40:24 ----D---- C:\ProgramData\xp
2013-10-28 04:40:24 ----D---- C:\ProgramData\win7_64
2013-10-28 04:40:24 ----D---- C:\ProgramData\win7_32
2013-10-28 04:40:24 ----D---- C:\ProgramData\vista64
2013-10-28 04:40:24 ----D---- C:\ProgramData\vista32
2013-10-28 04:40:02 ----A---- C:\Windows\system32\TSBWLS.dll
2013-10-28 04:40:02 ----A---- C:\Windows\system32\HWS_Ctrl.dll
2013-10-28 04:39:41 ----D---- C:\Windows\system32\Microsoft.VC80.MFC
2013-10-28 04:39:28 ----D---- C:\Windows\Downloaded Installations
2013-10-28 04:37:41 ----A---- C:\Windows\system32\drivers\iaStor.sys
2013-10-28 04:37:07 ----D---- C:\ProgramData\NVIDIA
2013-10-28 04:35:34 ----D---- C:\Windows\SoftwareDistribution
2013-10-28 04:35:34 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-10-28 04:34:55 ----D---- C:\ProgramData\NVIDIA Corporation
2013-10-28 04:34:35 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2013-10-28 04:34:35 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-10-28 04:34:35 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-10-28 04:34:35 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-10-28 04:34:35 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-10-28 04:34:35 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-10-28 04:34:35 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-10-28 04:34:35 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-10-28 04:34:35 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-10-28 04:34:35 ----A---- C:\Windows\system32\OpenCL.dll
2013-10-28 04:34:35 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-10-28 04:34:35 ----A---- C:\Windows\system32\nvoglv64.dll
2013-10-28 04:34:35 ----A---- C:\Windows\system32\nvgenco642040.dll
2013-10-28 04:34:35 ----A---- C:\Windows\system32\nvdispco642090.dll
2013-10-28 04:34:35 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-10-28 04:34:35 ----A---- C:\Windows\system32\nvcuvid.dll
2013-10-28 04:34:35 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-10-28 04:34:35 ----A---- C:\Windows\system32\nvcuda.dll
2013-10-28 04:34:35 ----A---- C:\Windows\system32\nvcompiler.dll
2013-10-28 04:34:35 ----A---- C:\Windows\system32\nvapi64.dll
2013-10-28 04:34:35 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-10-28 04:34:14 ----D---- C:\Program Files\NVIDIA Corporation
2013-10-28 04:31:59 ----A---- C:\Windows\system32\drivers\IntelMEFWVer.dll
2013-10-28 04:31:56 ----A---- C:\Windows\SYSWOW64\log.txt
2013-10-28 04:31:47 ----D---- C:\Intel
2013-10-28 04:29:29 ----D---- C:\Program Files (x86)\Intel
2013-10-28 04:29:29 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2013-10-28 04:25:11 ----SHD---- C:\System Volume Information
2013-10-28 04:25:11 ----ASH---- C:\pagefile.sys
2013-10-28 04:25:11 ----ASH---- C:\hiberfil.sys
2013-10-28 02:43:03 ----D---- C:\ProgramData\Uniblue
2013-10-28 02:34:35 ----D---- C:\ProgramData\TEMP
2013-10-28 02:29:07 ----D---- C:\Users\Tatana\AppData\Roaming\TOSHIBA Online Product Information
2013-10-28 02:27:55 ----D---- C:\Program Files (x86)\Mobogenie
2013-10-28 02:27:27 ----D---- C:\Program Files (x86)\iRobinHood
2013-10-28 02:21:03 ----D---- C:\Users\Tatana\AppData\Roaming\Adobe
2013-10-28 02:12:28 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2013-10-28 02:12:28 ----A---- C:\Windows\system32\rdpcore.dll
2013-10-28 02:12:27 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2013-10-28 02:08:11 ----HD---- C:\Windows\msdownld.tmp
2013-10-28 02:07:43 ----D---- C:\Program Files (x86)\eBay
2013-10-28 02:07:33 ----D---- C:\Users\Tatana\AppData\Roaming\Toshiba
2013-10-28 02:06:38 ----A---- C:\Windows\system32\wups2.dll
2013-10-28 02:06:38 ----A---- C:\Windows\system32\wucltux.dll
2013-10-28 02:06:38 ----A---- C:\Windows\system32\wuaueng.dll
2013-10-28 02:06:38 ----A---- C:\Windows\system32\wuauclt.exe
2013-10-28 02:06:20 ----A---- C:\Windows\system32\wups.dll
2013-10-28 02:06:20 ----A---- C:\Windows\system32\wudriver.dll
2013-10-28 02:06:20 ----A---- C:\Windows\system32\wuapi.dll
2013-10-28 02:06:19 ----D---- C:\Users\Tatana\AppData\Roaming\Identities
2013-10-28 02:06:08 ----A---- C:\Windows\system32\wuwebv.dll
2013-10-28 02:06:08 ----A---- C:\Windows\system32\wuapp.exe
2013-10-28 02:05:00 ----D---- C:\ProgramData\ToshibaEurope
2013-10-28 02:02:42 ----SD---- C:\Users\Tatana\AppData\Roaming\Microsoft
2013-10-28 02:02:42 ----D---- C:\Users\Tatana\AppData\Roaming\Media Center Programs
2013-10-28 02:02:42 ----D---- C:\Users\Tatana\AppData\Roaming\Macromedia
2013-10-28 02:00:59 ----SHD---- C:\ProgramData\Šablony
2013-10-28 02:00:59 ----SHD---- C:\ProgramData\Plocha
2013-10-28 02:00:59 ----SHD---- C:\ProgramData\Oblíbené položky
2013-10-28 02:00:59 ----SHD---- C:\ProgramData\Nabídka Start
2013-10-28 02:00:59 ----SHD---- C:\ProgramData\Dokumenty
2013-10-28 02:00:59 ----SHD---- C:\ProgramData\Data aplikací

======List of files/folders modified in the last 1 month======

2013-11-15 14:26:26 ----D---- C:\Windows\system32\config
2013-11-14 19:33:52 ----D---- C:\Windows\system32\drivers
2013-11-14 19:33:48 ----D---- C:\Windows
2013-11-14 19:24:27 ----A---- C:\Windows\system.ini
2013-11-14 19:24:17 ----D---- C:\Windows\system32\drivers\etc
2013-11-14 19:17:00 ----D---- C:\Windows\SYSWOW64\drivers
2013-11-14 19:17:00 ----D---- C:\Windows\SysWOW64
2013-11-14 19:17:00 ----D---- C:\Windows\AppPatch
2013-11-14 19:16:59 ----D---- C:\Program Files (x86)\Common Files
2013-11-14 19:06:42 ----SHD---- C:\Windows\Installer
2013-11-14 18:50:45 ----D---- C:\Windows\Prefetch
2013-11-13 14:09:10 ----D---- C:\Windows\rescache
2013-11-13 13:40:07 ----D---- C:\Windows\winsxs
2013-11-13 13:38:08 ----D---- C:\Program Files (x86)\Internet Explorer
2013-11-13 13:38:06 ----D---- C:\Windows\System32
2013-11-13 13:38:05 ----D---- C:\Program Files\Internet Explorer
2013-11-13 13:38:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-11-13 13:38:02 ----D---- C:\Windows\system32\cs-CZ
2013-11-13 06:22:47 ----D---- C:\Windows\system32\catroot
2013-11-13 06:22:45 ----D---- C:\Windows\system32\catroot2
2013-11-12 06:55:09 ----D---- C:\Windows\system32\wdi
2013-11-09 18:33:42 ----D---- C:\Windows\system32\DriverStore
2013-11-05 16:43:32 ----D---- C:\Program Files\Windows Sidebar
2013-11-05 16:43:32 ----D---- C:\Program Files\Windows Mail
2013-11-05 16:43:30 ----D---- C:\Program Files\Windows Media Player
2013-11-05 16:43:29 ----D---- C:\Program Files\Windows Journal
2013-11-05 16:43:28 ----D---- C:\Program Files\Common Files\System
2013-11-05 16:43:27 ----D---- C:\Program Files\Windows Photo Viewer
2013-11-05 16:43:27 ----D---- C:\Program Files\Windows Defender
2013-11-05 16:43:27 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-11-05 16:43:25 ----D---- C:\Program Files (x86)\Windows Media Player
2013-11-05 16:43:25 ----D---- C:\Program Files (x86)\Windows Mail
2013-11-05 16:43:24 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2013-11-05 16:43:23 ----D---- C:\Windows\servicing
2013-11-05 16:43:23 ----D---- C:\Program Files (x86)\Windows Defender
2013-11-05 16:43:22 ----D---- C:\Windows\SYSWOW64\winrm
2013-11-05 16:43:22 ----D---- C:\Windows\SYSWOW64\migwiz
2013-11-05 16:43:22 ----D---- C:\Windows\SYSWOW64\en
2013-11-05 16:43:22 ----D---- C:\Windows\ehome
2013-11-05 16:43:21 ----D---- C:\Windows\SYSWOW64\slmgr
2013-11-05 16:43:21 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-11-05 16:42:57 ----D---- C:\Windows\SYSWOW64\en-US
2013-11-05 16:42:57 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2013-11-05 16:42:35 ----D---- C:\Windows\SYSWOW64\WCN
2013-11-05 16:42:35 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2013-11-05 16:42:35 ----D---- C:\Windows\SYSWOW64\DriverStore
2013-11-05 16:42:35 ----D---- C:\Windows\SYSWOW64\Dism
2013-11-05 16:42:31 ----D---- C:\Windows\en-US
2013-11-05 16:42:29 ----D---- C:\Windows\system32\winrm
2013-11-05 16:42:29 ----D---- C:\Windows\system32\sysprep
2013-11-05 16:42:29 ----D---- C:\Windows\system32\slmgr
2013-11-05 16:42:29 ----D---- C:\Windows\system32\sk-SK
2013-11-05 16:42:29 ----D---- C:\Windows\system32\oobe
2013-11-05 16:42:29 ----D---- C:\Windows\system32\migwiz
2013-11-05 16:42:29 ----D---- C:\Windows\system32\en
2013-11-05 16:42:29 ----D---- C:\Windows\system32\Boot
2013-11-05 16:42:01 ----D---- C:\Windows\system32\en-US
2013-11-05 16:41:33 ----D---- C:\Windows\system32\drivers\en-US
2013-11-05 16:41:30 ----D---- C:\Windows\system32\WCN
2013-11-05 16:41:30 ----D---- C:\Windows\system32\Dism
2013-11-05 16:41:17 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2013-11-05 16:40:09 ----D---- C:\Windows\SYSWOW64\el-GR
2013-11-05 16:39:22 ----D---- C:\Windows\SYSWOW64\migration
2013-11-05 16:39:21 ----D---- C:\Windows\SYSWOW64\XPSViewer
2013-11-05 16:39:20 ----D---- C:\Windows\SYSWOW64\MUI
2013-11-05 16:39:18 ----D---- C:\Windows\SYSWOW64\com
2013-11-05 16:39:18 ----D---- C:\Windows\IME
2013-11-05 16:39:16 ----D---- C:\Windows\inf
2013-11-05 16:39:14 ----D---- C:\Windows\system32\el-GR
2013-11-05 16:38:15 ----D---- C:\Windows\system32\migration
2013-11-05 16:38:11 ----D---- C:\Windows\system32\MUI
2013-11-05 16:38:11 ----D---- C:\Windows\system32\drivers\UMDF
2013-11-05 16:37:51 ----D---- C:\Windows\system32\com
2013-11-05 16:36:35 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-11-05 16:35:19 ----D---- C:\Windows\system32\pl-PL
2013-11-05 16:33:05 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-11-05 16:31:53 ----D---- C:\Windows\system32\hu-HU
2013-11-05 16:30:16 ----D---- C:\Program Files\DVD Maker
2013-11-05 16:29:20 ----D---- C:\Windows\Speech
2013-11-05 16:28:29 ----RD---- C:\Program Files (x86)
2013-11-05 16:28:29 ----RD---- C:\Program Files
2013-11-05 16:28:29 ----D---- C:\Windows\Tasks
2013-11-05 16:28:29 ----D---- C:\Windows\system32\Tasks
2013-11-05 16:28:29 ----D---- C:\ProgramData
2013-11-04 00:10:15 ----D---- C:\Windows\system32\LogFiles
2013-11-03 23:44:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-02 18:55:50 ----D---- C:\Windows\Microsoft.NET
2013-11-02 18:49:47 ----RSD---- C:\Windows\assembly
2013-11-02 16:09:44 ----RSD---- C:\Windows\Fonts
2013-10-30 07:08:42 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-10-30 07:08:40 ----D---- C:\Windows\system32\wbem
2013-10-30 07:07:23 ----D---- C:\Windows\PolicyDefinitions
2013-10-30 07:06:37 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-10-30 07:06:36 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-10-30 07:06:36 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-10-30 07:06:36 ----D---- C:\Windows\SYSWOW64\it-IT
2013-10-30 07:06:35 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-10-30 07:06:34 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-10-30 07:06:34 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-10-30 07:06:34 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-10-30 07:06:34 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-10-30 07:06:34 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-10-30 07:06:33 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-10-30 07:06:33 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-10-30 07:06:33 ----D---- C:\Windows\SYSWOW64\es-ES
2013-10-30 07:06:33 ----D---- C:\Windows\SYSWOW64\de-DE
2013-10-30 07:06:32 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-10-30 07:06:31 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-10-30 07:06:31 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-10-30 07:06:31 ----D---- C:\Windows\SYSWOW64\da-DK
2013-10-30 07:06:26 ----D---- C:\Windows\system32\pt-BR
2013-10-30 07:06:26 ----D---- C:\Windows\system32\it-IT
2013-10-30 07:06:25 ----D---- C:\Windows\system32\pt-PT
2013-10-30 07:06:24 ----D---- C:\Windows\system32\ko-KR
2013-10-30 07:06:23 ----D---- C:\Windows\system32\zh-HK
2013-10-30 07:06:23 ----D---- C:\Windows\system32\nl-NL
2013-10-30 07:06:23 ----D---- C:\Windows\system32\fr-FR
2013-10-30 07:06:23 ----D---- C:\Windows\system32\fi-FI
2013-10-30 07:06:21 ----D---- C:\Windows\system32\tr-TR
2013-10-30 07:06:21 ----D---- C:\Windows\system32\sv-SE
2013-10-30 07:06:21 ----D---- C:\Windows\system32\es-ES
2013-10-30 07:06:20 ----D---- C:\Windows\system32\zh-TW
2013-10-30 07:06:20 ----D---- C:\Windows\system32\de-DE
2013-10-30 07:06:19 ----D---- C:\Windows\system32\zh-CN
2013-10-30 07:06:19 ----D---- C:\Windows\system32\ja-JP
2013-10-30 07:06:18 ----D---- C:\Windows\system32\ru-RU
2013-10-30 07:06:18 ----D---- C:\Windows\system32\nb-NO
2013-10-30 07:06:18 ----D---- C:\Windows\system32\da-DK
2013-10-30 05:43:59 ----D---- C:\Windows\Logs
2013-10-29 21:41:36 ----RSD---- C:\Windows\Media
2013-10-29 21:41:36 ----D---- C:\Windows\SYSWOW64\wbem
2013-10-29 21:36:22 ----D---- C:\Windows\registration
2013-10-29 21:12:42 ----D---- C:\Program Files (x86)\McAfee
2013-10-29 04:06:04 ----D---- C:\ProgramData\McAfee
2013-10-29 04:06:04 ----D---- C:\Program Files\Common Files
2013-10-28 23:57:09 ----D---- C:\Windows\debug
2013-10-28 05:02:17 ----D---- C:\Windows\Panther
2013-10-28 05:01:59 ----D---- C:\Windows\SYSWOW64\sysprep
2013-10-28 05:00:54 ----D---- C:\Program Files\TOSHIBA
2013-10-28 04:58:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-10-28 04:58:42 ----D---- C:\Program Files (x86)\TOSHIBA
2013-10-28 04:35:17 ----D---- C:\Windows\Help
2013-10-28 02:44:21 ----D---- C:\Windows\system32\NDF
2013-10-28 02:08:24 ----D---- C:\Toshiba
2013-10-28 02:05:35 ----D---- C:\Windows\system32\restore
2013-10-28 02:02:42 ----RD---- C:\Users
2013-10-28 02:00:59 ----D---- C:\Program Files\Windows NT
2013-10-28 02:00:56 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2010-03-22 46192]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 lsnfd;lsnfd; C:\Windows\system32\drivers\lsnfd.sys [2013-10-02 58192]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-12-17 2675712]
R3 CeKbFilter;CeKbFilter; C:\Windows\system32\DRIVERS\CeKbFilter.sys [2013-10-28 20592]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-11 2739176]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-11-11 155752]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2011-02-08 38096]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-02-03 1413680]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2010-06-18 18872]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-07-20 247400]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 67384]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2010-08-04 1809920]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-02-18 993896]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2010-10-20 138656]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-12-09 489384]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 137632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-04-12 196976]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-10-30 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 15 lis 2013 23:20
od Márty84
:!: Nainstalujte nejaky antivir.



:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 17 lis 2013 00:57
od mirecek
OTL logfile created on: 11/16/2013 11:59:08 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tatana\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.98 Gb Total Physical Memory | 2.61 Gb Available Physical Memory | 65.56% Memory free
7.95 Gb Paging File | 6.31 Gb Available in Paging File | 79.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298.09 Gb Total Space | 260.23 Gb Free Space | 87.30% Space Free | Partition Type: NTFS
Drive D: | 297.69 Gb Total Space | 118.01 Gb Free Space | 39.64% Space Free | Partition Type: NTFS

Computer Name: TATANA-TOSHIBA | User Name: Tatana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/16 23:55:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tatana\Desktop\OTL.exe
PRC - [2013/11/16 23:29:53 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/11/16 23:29:53 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/10/28 02:44:10 | 000,738,496 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
PRC - [2013/10/01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/10/01 13:14:40 | 004,536,672 | ---- | M] (TeamViewer GmbH) -- c:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Desktop.exe
PRC - [2013/10/01 13:14:39 | 012,631,904 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013/10/01 13:05:43 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2011/02/25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/01 13:24:42 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 13:24:40 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/12/03 14:57:16 | 000,304,560 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2010/08/16 10:54:50 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2010/08/04 17:11:34 | 001,809,920 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
PRC - [2009/07/28 20:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/07/22 13:40:00 | 000,083,336 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/16 23:29:54 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/10/28 02:44:10 | 000,738,496 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/16 23:29:53 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/12/09 17:45:26 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/12/08 15:42:54 | 000,137,632 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2010/10/20 14:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/10/01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2011/02/25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/10 08:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2011/02/01 13:24:42 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 13:24:40 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/29 14:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/08/04 17:11:34 | 001,809,920 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010/04/12 10:45:00 | 000,196,976 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/28 16:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2013/11/16 23:36:46 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2013/11/16 23:29:55 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/11/16 23:29:55 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/11/16 23:29:55 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/11/16 23:29:55 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/11/16 23:29:55 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/11/16 23:29:55 | 000,065,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/11/16 23:29:55 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/10/28 04:40:14 | 000,020,592 | ---- | M] (Compal Electronics, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CeKbFilter.sys -- (CeKbFilter)
DRV:64bit: - [2013/10/02 22:14:52 | 000,058,192 | ---- | M] (Linksicle) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\lsnfd.sys -- (lsnfd)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 19:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2011/02/03 19:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/01/27 15:27:04 | 000,067,384 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2011/01/13 19:58:30 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/01/12 17:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/17 19:46:46 | 002,675,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/11 15:10:50 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/18 14:14:02 | 000,042,096 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010/07/20 17:43:22 | 000,247,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/06/18 16:45:00 | 000,018,872 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2010/03/22 10:55:20 | 000,046,192 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/07/30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {2FD85D18-792F-4827-9612-DDF6708C0C4C}
IE:64bit: - HKLM\..\SearchScopes\{2FD85D18-792F-4827-9612-DDF6708C0C4C}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2FD85D18-792F-4827-9612-DDF6708C0C4C}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://toshiba.eu/places?touch=4&cat=1 [binary data]
IE - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000\..\SearchScopes,DefaultScope = {2FD85D18-792F-4827-9612-DDF6708C0C4C}
IE - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000\..\SearchScopes\{9AB2515E-F02C-4409-9C90-E2E5B2DC33CF}: "URL" = http://www.amazon.co.uk/gp/search?ie=UT ... nkCode=ur2
IE - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000\..\SearchScopes\{A6406EA1-B95A-4EC3-8BEB-95AEBD68378F}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000\..\SearchScopes\{F7FA7753-2AA8-444C-9717-61F0705F4B4B}: "URL" = http://rover.ebay.com/rover/1/710-71511 ... earchTerms}
IE - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{1cf9e0e8-d896-4ef9-8cf2-33d79e8dfa10}: C:\Program Files (x86)\Pass-Widget\134.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}: C:\Users\Tatana\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\


O1 HOSTS File: ([2013/11/14 19:24:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (PassWidget) - {298cb7ae-9843-494b-ac62-9fffff634973} - C:\Program Files (x86)\Pass-Widget\134.dll File not found
O2 - BHO: (IEiRobinHoodAddon Class) - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll (iRobinHood)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe ()
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKU\.DEFAULT..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Tatana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamViewer 8.lnk = C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Přidat do aplikace TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O8 - Extra context menu item: Přidat do aplikace TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9:64bit: - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9 - Extra Button: iRobinHood Partners V Addon - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll (iRobinHood)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9 - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4110F1C-B03A-41C6-AFA7-1B6ED974D1EA}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/10/29 04:44:02 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013/11/16 23:55:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tatana\Desktop\OTL.exe
[2013/11/16 23:31:45 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Roaming\AVAST Software
[2013/11/16 23:30:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2013/11/16 23:30:03 | 000,065,264 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013/11/16 23:30:01 | 001,032,416 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/11/16 23:30:01 | 000,409,832 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys.1384641406
[2013/11/16 23:30:01 | 000,409,832 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2013/11/16 23:30:01 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013/11/16 23:30:01 | 000,084,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/11/16 23:30:01 | 000,038,984 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013/11/16 23:29:57 | 000,334,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/11/16 23:29:55 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/11/16 23:29:39 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/11/16 23:29:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/11/14 19:33:48 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/11/14 19:24:18 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/11/13 06:22:22 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/13 06:22:22 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/13 06:22:21 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/13 06:22:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/13 06:22:21 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/13 06:22:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/13 06:22:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/11/13 06:22:21 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/11/13 06:22:21 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/13 06:22:21 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/11/13 06:22:21 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/11/13 06:22:19 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/13 06:22:19 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/13 06:22:19 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/13 06:22:18 | 003,959,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/13 05:57:09 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/11/13 05:57:07 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/11/13 05:57:06 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/11/13 05:57:06 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013/11/13 05:57:06 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013/11/13 05:57:06 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013/11/13 05:57:03 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/11/13 05:57:03 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/11/13 05:57:03 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/11/13 05:57:03 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/11/13 05:57:03 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/11/13 05:57:00 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/11/13 05:56:58 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/11/13 05:56:58 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/11/13 05:56:58 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/11/13 05:56:58 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/11/09 13:44:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/11/09 13:44:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/11/09 13:44:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/11/09 13:42:18 | 005,147,957 | R--- | C] (Swearware) -- C:\Users\Tatana\Desktop\ComboFix.exe
[2013/11/09 13:35:13 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/11/09 13:35:13 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/11/07 06:12:47 | 000,000,000 | ---D | C] -- C:\Users\Tatana\Desktop\RK_Quarantine
[2013/11/06 00:04:12 | 087,227,720 | ---- | C] (AVAST Software) -- C:\Users\Tatana\Desktop\avast_free_antivirus_setup.exe
[2013/11/04 22:51:07 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/02 17:29:42 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Roaming\Malwarebytes
[2013/11/02 17:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/11/02 16:39:51 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/11/02 16:39:50 | 000,000,000 | ---D | C] -- C:\rsit
[2013/11/02 16:29:49 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/11/02 16:29:49 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/11/02 16:29:48 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/11/02 16:29:48 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/11/02 16:29:48 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013/11/02 16:29:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/11/02 16:29:48 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/11/02 16:29:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/11/02 16:29:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/11/02 16:29:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/11/02 16:29:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/11/02 16:29:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/11/02 16:29:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013/11/02 16:29:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013/11/02 16:29:47 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/11/02 16:29:47 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/11/02 16:29:47 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/11/02 16:29:47 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/11/02 16:29:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/11/02 16:29:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/11/02 16:29:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/11/02 16:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/11/02 16:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/11/02 16:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/11/02 16:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/11/02 16:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/11/02 16:29:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/11/02 16:29:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/11/02 16:29:42 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2013/11/02 16:29:42 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2013/11/02 16:29:42 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2013/11/02 16:29:42 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2013/11/02 16:29:42 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2013/11/02 16:29:42 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2013/11/02 16:29:42 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2013/11/02 16:29:36 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/11/02 16:29:36 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/11/02 16:29:35 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/11/02 16:29:35 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/11/02 16:29:35 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2013/11/02 16:29:35 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2013/11/02 16:29:34 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2013/11/02 16:29:34 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/11/02 16:29:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/11/02 16:29:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/11/02 16:29:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/11/02 16:29:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/11/02 16:29:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/11/02 16:29:31 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/10/30 07:37:34 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/10/30 07:37:22 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/10/30 07:37:22 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/10/30 07:37:22 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/10/30 07:37:22 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/10/30 07:37:22 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/10/30 07:37:22 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2013/10/30 07:37:22 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/10/30 07:37:22 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013/10/30 07:37:20 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2013/10/30 07:37:16 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/10/30 07:37:16 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/10/30 07:37:14 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/10/30 07:37:13 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2013/10/30 07:37:13 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2013/10/30 07:37:13 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2013/10/30 07:37:05 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/10/30 07:37:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2013/10/30 07:37:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2013/10/30 07:37:01 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2013/10/30 07:37:01 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013/10/30 07:37:01 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2013/10/30 07:37:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2013/10/30 07:37:01 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013/10/30 07:37:01 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2013/10/30 07:36:55 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013/10/30 07:36:55 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2013/10/30 07:36:54 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2013/10/30 07:36:28 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2013/10/30 07:36:27 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2013/10/30 07:36:27 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2013/10/30 07:36:26 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013/10/30 07:36:26 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013/10/30 07:36:09 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2013/10/30 07:35:42 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/10/30 07:35:33 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/10/30 07:35:33 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/10/30 07:35:33 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/10/30 07:35:33 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/10/30 07:35:33 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/10/30 07:35:33 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/10/30 07:35:33 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/10/30 07:35:33 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/10/30 07:35:33 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/10/30 07:35:33 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/10/30 07:35:33 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/10/30 07:35:33 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/10/30 07:35:33 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/10/30 07:35:33 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/10/30 07:35:33 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/10/30 07:35:33 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/10/30 07:35:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/10/30 07:35:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/10/30 07:35:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/10/30 07:35:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/10/30 07:35:33 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/10/30 07:35:33 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/10/30 07:35:32 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/10/30 07:35:32 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/10/30 07:35:32 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/10/30 07:35:32 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/10/30 07:35:32 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/10/30 07:35:32 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/10/30 07:35:32 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/10/30 07:35:32 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/10/30 07:35:32 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/10/30 07:35:32 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/10/30 07:35:16 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2013/10/30 07:35:16 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2013/10/30 07:35:16 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2013/10/30 07:35:16 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2013/10/30 07:34:41 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2013/10/30 07:34:34 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/10/30 07:34:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/10/30 07:34:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/10/30 07:34:09 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2013/10/30 07:34:09 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2013/10/30 07:34:05 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013/10/30 07:33:52 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/10/30 07:33:52 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/10/30 07:33:47 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013/10/30 07:33:47 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013/10/30 07:33:30 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/10/30 07:33:30 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/30 07:33:28 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2013/10/30 07:33:28 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013/10/30 07:33:25 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2013/10/30 07:33:25 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2013/10/30 07:33:25 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2013/10/30 07:33:23 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2013/10/30 07:33:23 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2013/10/30 07:33:21 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2013/10/30 07:33:19 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2013/10/30 07:33:16 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013/10/30 07:33:16 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013/10/30 07:33:16 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013/10/30 07:33:16 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013/10/30 07:33:05 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013/10/30 07:33:05 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013/10/30 07:33:05 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2013/10/30 07:33:03 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2013/10/30 07:33:03 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2013/10/30 07:33:02 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013/10/30 07:33:02 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013/10/30 07:32:43 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2013/10/30 07:32:43 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2013/10/30 07:22:23 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2013/10/30 07:22:20 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2013/10/30 07:22:09 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2013/10/30 07:22:09 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2013/10/30 07:06:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/10/30 07:06:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/10/30 05:51:02 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/10/30 05:51:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013/10/30 05:44:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/10/30 05:25:59 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/10/30 05:25:58 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/10/30 05:25:58 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/10/30 05:25:58 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/10/30 05:25:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/10/30 05:25:58 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/10/30 05:25:58 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/10/30 05:25:58 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/10/30 05:25:58 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/10/30 05:25:57 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/10/30 05:25:57 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/10/30 05:25:57 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/10/30 05:25:57 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/10/30 05:25:57 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/10/30 05:25:57 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/10/30 05:25:57 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/10/30 05:25:57 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/10/30 05:25:57 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/10/30 05:25:57 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/10/30 05:25:57 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/10/30 05:25:57 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/10/30 05:25:57 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/10/30 05:25:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/10/30 05:25:57 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/10/30 05:25:57 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/10/30 05:25:56 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/10/30 05:25:56 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/10/30 05:25:56 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/10/30 05:25:56 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/10/30 05:25:56 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/10/30 05:25:56 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/10/30 05:25:56 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/10/30 05:25:56 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/10/30 05:25:56 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/10/30 05:25:56 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/10/30 05:25:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/10/30 05:25:56 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/10/30 05:25:56 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/10/30 05:25:56 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/10/30 05:25:56 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/10/30 05:25:56 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/10/30 05:25:56 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/10/30 05:25:56 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/10/30 05:25:56 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/10/30 05:25:56 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/10/30 05:25:56 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/10/30 05:25:56 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/10/30 05:25:56 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/10/30 05:25:56 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/10/30 05:25:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/10/30 05:25:56 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/10/30 05:25:56 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/10/30 05:25:56 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/10/30 05:24:41 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/10/30 05:20:16 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/10/30 05:20:16 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/10/30 05:20:16 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/10/30 05:20:16 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/10/30 05:20:16 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/10/30 05:20:16 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/10/30 05:20:16 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/10/30 05:20:16 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/10/30 05:20:16 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/10/30 05:20:16 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/10/30 05:20:16 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/10/30 05:20:16 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/10/30 05:20:16 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/10/30 05:20:16 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/10/30 05:20:16 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/10/30 05:20:16 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/10/30 05:20:16 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/10/30 05:20:16 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/10/30 05:20:16 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/10/30 05:20:16 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/10/30 05:20:16 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/10/30 05:20:16 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/10/30 05:20:16 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/10/30 05:20:16 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/10/30 05:20:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/10/30 05:20:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/10/30 05:20:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/10/30 05:20:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/10/30 05:20:16 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/10/30 05:18:06 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/10/30 05:18:06 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/10/30 04:58:22 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013/10/30 04:58:21 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013/10/30 04:58:21 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013/10/30 04:58:21 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013/10/30 04:45:17 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/10/30 04:45:17 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2013/10/30 01:19:01 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/10/30 01:18:15 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/10/30 00:57:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013/10/29 21:52:35 | 000,000,000 | ---D | C] -- C:\13f5c8c266c21ce85f7afc69
[2013/10/29 21:03:54 | 000,000,000 | ---D | C] -- C:\d3a2fb96d16e6833d95c8fa1
[2013/10/29 20:02:24 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/10/29 04:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/10/29 04:10:11 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2013/10/29 04:10:03 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2013/10/29 04:10:03 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2013/10/29 04:10:03 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013/10/29 04:09:58 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2013/10/29 04:09:58 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2013/10/29 04:09:55 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2013/10/29 04:09:54 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2013/10/29 04:09:54 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2013/10/29 04:09:54 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2013/10/29 04:09:53 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2013/10/29 04:09:53 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2013/10/29 04:09:53 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2013/10/29 04:09:53 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2013/10/29 04:09:53 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2013/10/29 04:09:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2013/10/29 04:09:53 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2013/10/29 04:09:45 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/10/29 04:09:22 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/10/29 04:09:22 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/10/29 04:09:21 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/10/29 04:09:21 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/10/29 04:09:21 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/10/29 04:09:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/10/29 04:09:12 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/10/29 04:09:12 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/10/29 04:04:45 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/10/29 04:04:45 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013/10/29 04:04:31 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2013/10/29 04:04:31 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013/10/29 04:04:31 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/10/29 04:04:30 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/10/29 04:04:27 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2013/10/29 04:04:25 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2013/10/29 04:04:25 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2013/10/29 04:04:25 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2013/10/29 04:04:25 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2013/10/29 04:04:25 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2013/10/29 04:04:25 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2013/10/29 04:04:25 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2013/10/29 04:04:25 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2013/10/29 04:04:25 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2013/10/29 04:04:25 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2013/10/29 04:04:25 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2013/10/29 04:04:25 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2013/10/29 04:04:25 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2013/10/29 04:04:17 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013/10/29 04:03:58 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2013/10/29 04:03:58 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2013/10/29 04:03:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013/10/29 04:03:53 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2013/10/29 04:03:53 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2013/10/29 04:02:47 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2013/10/28 05:01:55 | 000,000,000 | ---D | C] -- C:\Windows\OemDrv
[2013/10/28 05:01:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/10/28 04:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TOSHIBA Corporation
[2013/10/28 04:58:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013/10/28 04:57:25 | 000,038,096 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\drivers\PGEffect.sys
[2013/10/28 04:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\TOSHIBA
[2013/10/28 04:54:14 | 000,827,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2013/10/28 04:54:14 | 000,607,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp100.dll
[2013/10/28 04:54:14 | 000,099,320 | ---- | C] (TOSHIBA CORPORATION) -- C:\Windows\SysNative\tosWirelessLANIndicatorCP.dll
[2013/10/28 04:53:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2013/10/28 04:53:52 | 009,112,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsUStoricon.dll
[2013/10/28 04:53:52 | 000,422,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtsUStor.dll
[2013/10/28 04:53:52 | 000,247,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys
[2013/10/28 04:52:34 | 000,040,832 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\drivers\TosBtCi.dll
[2013/10/28 04:49:18 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013/10/28 04:48:25 | 002,675,712 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2013/10/28 04:48:25 | 000,443,040 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2013/10/28 04:48:25 | 000,063,648 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll
[2013/10/28 04:48:25 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2013/10/28 04:48:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO
[2013/10/28 04:48:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2013/10/28 04:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2013/10/28 04:46:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013/10/28 04:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/10/28 04:45:39 | 002,841,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013/10/28 04:45:39 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2013/10/28 04:45:39 | 002,358,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013/10/28 04:45:39 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013/10/28 04:45:39 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013/10/28 04:45:39 | 000,819,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2013/10/28 04:45:39 | 000,638,056 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013/10/28 04:45:39 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013/10/28 04:45:39 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013/10/28 04:45:39 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013/10/28 04:45:39 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013/10/28 04:45:39 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013/10/28 04:45:39 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll
[2013/10/28 04:45:39 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013/10/28 04:45:39 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013/10/28 04:45:39 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013/10/28 04:45:39 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013/10/28 04:45:39 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013/10/28 04:45:39 | 000,121,744 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2013/10/28 04:45:39 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013/10/28 04:45:39 | 000,083,560 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2013/10/28 04:45:39 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll
[2013/10/28 04:45:39 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013/10/28 04:45:39 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll
[2013/10/28 04:45:39 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2013/10/28 04:45:38 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2013/10/28 04:45:38 | 001,943,616 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013/10/28 04:45:38 | 001,868,944 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2013/10/28 04:45:38 | 001,718,616 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2013/10/28 04:45:38 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2013/10/28 04:45:38 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2013/10/28 04:45:38 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2013/10/28 04:45:38 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2013/10/28 04:45:38 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2013/10/28 04:45:38 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2013/10/28 04:45:38 | 000,421,720 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2013/10/28 04:45:38 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2013/10/28 04:45:38 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2013/10/28 04:45:38 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013/10/28 04:45:38 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2013/10/28 04:45:38 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2013/10/28 04:45:38 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2013/10/28 04:45:38 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013/10/28 04:45:38 | 000,127,832 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2013/10/28 04:45:38 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2013/10/28 04:45:38 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2013/10/28 04:45:38 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2013/10/28 04:45:38 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2013/10/28 04:45:38 | 000,108,888 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2013/10/28 04:45:38 | 000,074,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2013/10/28 04:45:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013/10/28 04:45:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013/10/28 04:45:37 | 001,284,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013/10/28 04:45:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013/10/28 04:43:41 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64hda.dll
[2013/10/28 04:43:41 | 000,155,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013/10/28 04:43:41 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 17 lis 2013 00:58
od mirecek
[2013/10/28 04:40:45 | 000,024,576 | ---- | C] (Toshiba) -- C:\Windows\SysWow64\TSCI.dll
[2013/10/28 04:40:45 | 000,024,576 | ---- | C] (Toshiba) -- C:\Windows\SysWow64\THCI.dll
[2013/10/28 04:40:28 | 000,020,592 | ---- | C] (Compal Electronics, INC.) -- C:\Windows\SysNative\drivers\CeKbFilter.sys
[2013/10/28 04:40:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013/10/28 04:40:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Microsoft.VC80.MFC
[2013/10/28 04:40:24 | 000,000,000 | ---D | C] -- C:\ProgramData\xp
[2013/10/28 04:40:24 | 000,000,000 | ---D | C] -- C:\ProgramData\win7_64
[2013/10/28 04:40:24 | 000,000,000 | ---D | C] -- C:\ProgramData\win7_32
[2013/10/28 04:40:24 | 000,000,000 | ---D | C] -- C:\ProgramData\vista64
[2013/10/28 04:40:24 | 000,000,000 | ---D | C] -- C:\ProgramData\vista32
[2013/10/28 04:40:02 | 000,295,936 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Windows\SysNative\HWS_Ctrl.dll
[2013/10/28 04:40:02 | 000,008,192 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Windows\SysNative\TSBWLS.dll
[2013/10/28 04:39:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Microsoft.VC80.MFC
[2013/10/28 04:39:28 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2013/10/28 04:37:41 | 000,439,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2013/10/28 04:37:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013/10/28 04:35:34 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/10/28 04:35:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/10/28 04:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/10/28 04:34:35 | 020,456,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013/10/28 04:34:35 | 018,580,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013/10/28 04:34:35 | 015,039,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013/10/28 04:34:35 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013/10/28 04:34:35 | 012,840,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013/10/28 04:34:35 | 010,059,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013/10/28 04:34:35 | 007,715,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013/10/28 04:34:35 | 006,597,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013/10/28 04:34:35 | 005,639,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013/10/28 04:34:35 | 004,936,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013/10/28 04:34:35 | 003,182,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013/10/28 04:34:35 | 002,954,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013/10/28 04:34:35 | 002,871,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013/10/28 04:34:35 | 002,579,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013/10/28 04:34:35 | 002,206,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013/10/28 04:34:35 | 001,969,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013/10/28 04:34:35 | 001,614,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642090.dll
[2013/10/28 04:34:35 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642040.dll
[2013/10/28 04:34:35 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/10/28 04:34:35 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/10/28 04:34:35 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2013/10/28 04:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/10/28 04:31:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2013/10/28 04:31:47 | 000,000,000 | ---D | C] -- C:\Intel
[2013/10/28 04:29:29 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2013/10/28 04:29:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/10/28 04:25:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/10/28 02:43:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2013/10/28 02:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/10/28 02:29:09 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Local\Programs
[2013/10/28 02:29:07 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Roaming\TOSHIBA Online Product Information
[2013/10/28 02:28:48 | 000,000,000 | ---D | C] -- C:\Users\Tatana\Documents\Mobogenie
[2013/10/28 02:28:48 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Local\Mobogenie
[2013/10/28 02:28:48 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Local\cache
[2013/10/28 02:28:09 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
[2013/10/28 02:27:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie
[2013/10/28 02:27:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iRobinHood
[2013/10/28 02:22:17 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Local\Diagnostics
[2013/10/28 02:21:03 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Roaming\Adobe
[2013/10/28 02:12:28 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2013/10/28 02:12:28 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2013/10/28 02:07:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay
[2013/10/28 02:07:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eBay
[2013/10/28 02:07:33 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Roaming\Toshiba
[2013/10/28 02:07:13 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Local\Toshiba
[2013/10/28 02:06:38 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013/10/28 02:06:38 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013/10/28 02:06:38 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013/10/28 02:06:35 | 000,000,000 | R--D | C] -- C:\Users\Tatana\Searches
[2013/10/28 02:06:35 | 000,000,000 | R--D | C] -- C:\Users\Tatana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/10/28 02:06:20 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013/10/28 02:06:20 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013/10/28 02:06:20 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013/10/28 02:06:19 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Roaming\Identities
[2013/10/28 02:06:08 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013/10/28 02:06:08 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013/10/28 02:06:08 | 000,000,000 | R--D | C] -- C:\Users\Tatana\Contacts
[2013/10/28 02:06:02 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Local\VirtualStore
[2013/10/28 02:05:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ToshibaEurope
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\AppData\Local\Temporary Internet Files
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\Soubory cookie
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\SendTo
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\Šablony
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\Poslední
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\Okolní tiskárny
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\Okolní síť
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\Documents\Obrázky
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\Nabídka Start
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\Local Settings
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\Documents\Hudba
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\AppData\Local\History
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\Documents\Filmy
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\Dokumenty
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\Data aplikací
[2013/10/28 02:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Tatana\AppData\Local\Data aplikací
[2013/10/28 02:02:42 | 000,000,000 | --SD | C] -- C:\Users\Tatana\AppData\Roaming\Microsoft
[2013/10/28 02:02:42 | 000,000,000 | R--D | C] -- C:\Users\Tatana\Videos
[2013/10/28 02:02:42 | 000,000,000 | R--D | C] -- C:\Users\Tatana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/10/28 02:02:42 | 000,000,000 | R--D | C] -- C:\Users\Tatana\Saved Games
[2013/10/28 02:02:42 | 000,000,000 | R--D | C] -- C:\Users\Tatana\Pictures
[2013/10/28 02:02:42 | 000,000,000 | R--D | C] -- C:\Users\Tatana\Music
[2013/10/28 02:02:42 | 000,000,000 | R--D | C] -- C:\Users\Tatana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/10/28 02:02:42 | 000,000,000 | R--D | C] -- C:\Users\Tatana\Links
[2013/10/28 02:02:42 | 000,000,000 | R--D | C] -- C:\Users\Tatana\Favorites
[2013/10/28 02:02:42 | 000,000,000 | R--D | C] -- C:\Users\Tatana\Downloads
[2013/10/28 02:02:42 | 000,000,000 | R--D | C] -- C:\Users\Tatana\Documents
[2013/10/28 02:02:42 | 000,000,000 | R--D | C] -- C:\Users\Tatana\Desktop
[2013/10/28 02:02:42 | 000,000,000 | R--D | C] -- C:\Users\Tatana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/10/28 02:02:42 | 000,000,000 | -H-D | C] -- C:\Users\Tatana\AppData
[2013/10/28 02:02:42 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Local\Temp
[2013/10/28 02:02:42 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Local\Microsoft
[2013/10/28 02:02:42 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Roaming\Media Center Programs
[2013/10/28 02:02:42 | 000,000,000 | ---D | C] -- C:\Users\Tatana\AppData\Roaming\Macromedia
[2013/10/28 02:00:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2013/10/28 02:00:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2013/10/28 02:00:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2013/10/28 02:00:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2013/10/28 02:00:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2013/10/28 02:00:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2013/10/28 02:00:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2013/10/28 02:00:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2013/10/28 02:00:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/17 00:01:30 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/11/16 23:55:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tatana\Desktop\OTL.exe
[2013/11/16 23:41:23 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/16 23:41:23 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/16 23:36:46 | 000,409,832 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2013/11/16 23:33:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/16 23:33:53 | 3203,735,552 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/16 23:30:16 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/11/16 23:29:55 | 001,032,416 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/11/16 23:29:55 | 000,409,832 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys.1384641406
[2013/11/16 23:29:55 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/11/16 23:29:55 | 000,205,320 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/11/16 23:29:55 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013/11/16 23:29:55 | 000,084,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/11/16 23:29:55 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/11/16 23:29:55 | 000,065,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013/11/16 23:29:55 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/11/16 23:29:55 | 000,038,984 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013/11/14 19:24:17 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/11/14 18:40:15 | 005,147,957 | R--- | M] (Swearware) -- C:\Users\Tatana\Desktop\ComboFix.exe
[2013/11/07 06:10:59 | 003,538,944 | ---- | M] () -- C:\Users\Tatana\Desktop\RogueKiller.exe
[2013/11/06 00:06:44 | 087,227,720 | ---- | M] (AVAST Software) -- C:\Users\Tatana\Desktop\avast_free_antivirus_setup.exe
[2013/11/04 22:49:40 | 001,073,258 | ---- | M] () -- C:\Users\Tatana\Desktop\adwcleaner.exe
[2013/11/03 23:44:48 | 003,710,570 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/03 23:44:48 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013/11/03 23:44:48 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/03 23:44:48 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013/11/03 23:44:48 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/03 14:16:39 | 000,277,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/02 15:20:06 | 000,935,175 | ---- | M] () -- C:\Users\Tatana\Desktop\RSITx64.exe
[2013/10/30 05:25:59 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/10/30 05:25:58 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/10/30 05:25:58 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/10/30 05:25:58 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/10/30 05:25:58 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/10/30 05:25:58 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/10/30 05:25:58 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/10/30 05:25:58 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/10/30 05:25:58 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/10/30 05:25:57 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/10/30 05:25:57 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/10/30 05:25:57 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/10/30 05:25:57 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/10/30 05:25:57 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/10/30 05:25:57 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/10/30 05:25:57 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/10/30 05:25:57 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/10/30 05:25:57 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/10/30 05:25:57 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/10/30 05:25:57 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/10/30 05:25:57 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/10/30 05:25:57 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/10/30 05:25:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/10/30 05:25:57 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/10/30 05:25:57 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/10/30 05:25:57 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/10/30 05:25:56 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/10/30 05:25:56 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/10/30 05:25:56 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/10/30 05:25:56 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/10/30 05:25:56 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/10/30 05:25:56 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/10/30 05:25:56 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/10/30 05:25:56 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/10/30 05:25:56 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/10/30 05:25:56 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/10/30 05:25:56 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/10/30 05:25:56 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/10/30 05:25:56 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/10/30 05:25:56 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/10/30 05:25:56 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/10/30 05:25:56 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/10/30 05:25:56 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/10/30 05:25:56 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/10/30 05:25:56 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/10/30 05:25:56 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/10/30 05:25:56 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/10/30 05:25:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/10/30 05:25:56 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/10/30 05:25:56 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/10/30 05:25:56 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/10/30 05:25:56 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/10/30 05:25:56 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/10/30 05:25:56 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/10/30 05:25:56 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/10/30 05:24:41 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/10/30 05:20:16 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/10/30 05:20:16 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/10/30 05:20:16 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/10/30 05:20:16 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/10/30 05:20:16 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/10/30 05:20:16 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/10/30 05:20:16 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/10/30 05:20:16 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/10/30 05:20:16 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/10/30 05:20:16 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/10/30 05:20:16 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/10/30 05:20:16 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/10/30 05:20:16 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/10/30 05:20:16 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/10/30 05:20:16 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/10/30 05:20:16 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/10/30 05:20:16 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/10/30 05:20:16 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/10/30 05:20:16 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/10/30 05:20:16 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/10/30 05:20:16 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/10/30 05:20:16 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/10/30 05:20:16 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/10/30 05:20:16 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/10/30 05:20:16 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/10/30 05:20:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/10/30 05:20:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/10/30 05:20:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/10/30 05:20:16 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/10/30 05:20:16 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/10/30 05:18:06 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/10/30 05:18:06 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/10/30 00:57:17 | 000,001,173 | ---- | M] () -- C:\Users\Tatana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamViewer 8.lnk
[2013/10/29 04:51:38 | 000,002,087 | ---- | M] () -- C:\Users\Public\Desktop\Registrace záruky společnosti Toshiba.lnk
[2013/10/29 04:44:02 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013/10/28 23:59:26 | 000,289,413 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/10/28 23:59:26 | 000,289,413 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/10/28 05:03:23 | 000,000,000 | RHS- | M] () -- C:\Windows\SysWow64\drivers\TOSHIBA_SATELLITE C660_14719-CZ_PSC1QE-01V00.MRK
[2013/10/28 05:01:43 | 000,001,564 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Office 2010.lnk
[2013/10/28 04:59:16 | 000,000,000 | ---- | M] () -- C:\Windows\NDSTray.INI
[2013/10/28 04:49:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013/10/28 04:40:14 | 000,020,592 | ---- | M] (Compal Electronics, INC.) -- C:\Windows\SysNative\drivers\CeKbFilter.sys
[2013/10/28 02:30:08 | 000,000,620 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013/10/28 02:28:09 | 000,001,030 | ---- | M] () -- C:\Users\Tatana\Desktop\Mobogenie.lnk
[2013/10/28 02:08:06 | 000,000,408 | ---- | M] () -- C:\Users\Public\Desktop\Toshiba Places.lnk
[2013/10/28 02:08:05 | 000,000,484 | ---- | M] () -- C:\Users\Public\Desktop\Toshiba Music Place.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/17 00:01:30 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/11/16 23:30:16 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/11/16 23:30:02 | 000,205,320 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/11/16 23:30:01 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/11/09 13:44:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/11/09 13:44:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/11/09 13:44:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/11/09 13:44:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/11/09 13:44:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/11/07 06:11:11 | 003,538,944 | ---- | C] () -- C:\Users\Tatana\Desktop\RogueKiller.exe
[2013/11/04 22:49:31 | 001,073,258 | ---- | C] () -- C:\Users\Tatana\Desktop\adwcleaner.exe
[2013/11/02 15:19:59 | 000,935,175 | ---- | C] () -- C:\Users\Tatana\Desktop\RSITx64.exe
[2013/10/30 05:51:03 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/10/30 05:25:56 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/10/30 05:25:56 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/10/30 04:58:21 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/10/30 00:57:17 | 000,001,185 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013/10/30 00:57:17 | 000,001,173 | ---- | C] () -- C:\Users\Tatana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamViewer 8.lnk
[2013/10/29 04:44:02 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013/10/28 05:03:23 | 000,000,000 | RHS- | C] () -- C:\Windows\SysWow64\drivers\TOSHIBA_SATELLITE C660_14719-CZ_PSC1QE-01V00.MRK
[2013/10/28 05:01:43 | 000,001,564 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office 2010.lnk
[2013/10/28 05:01:30 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
[2013/10/28 04:59:16 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2013/10/28 04:49:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013/10/28 04:34:35 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013/10/28 04:31:59 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2013/10/28 04:25:11 | 3203,735,552 | -HS- | C] () -- C:\hiberfil.sys
[2013/10/28 02:30:03 | 000,000,620 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013/10/28 02:28:09 | 000,001,030 | ---- | C] () -- C:\Users\Tatana\Desktop\Mobogenie.lnk
[2013/10/28 02:08:07 | 000,002,087 | ---- | C] () -- C:\Users\Public\Desktop\Registrace záruky společnosti Toshiba.lnk
[2013/10/28 02:08:06 | 000,000,408 | ---- | C] () -- C:\Users\Public\Desktop\Toshiba Places.lnk
[2013/10/28 02:08:06 | 000,000,408 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Places.lnk
[2013/10/28 02:08:05 | 000,000,484 | ---- | C] () -- C:\Users\Public\Desktop\Toshiba Music Place.lnk
[2013/10/28 02:08:05 | 000,000,484 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Music Place.lnk
[2013/10/28 02:06:39 | 000,001,404 | ---- | C] () -- C:\Users\Tatana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/16 23:31:45 | 000,000,000 | ---D | M] -- C:\Users\Tatana\AppData\Roaming\AVAST Software
[2013/10/28 02:09:37 | 000,000,000 | ---D | M] -- C:\Users\Tatana\AppData\Roaming\Toshiba
[2013/10/28 02:29:07 | 000,000,000 | ---D | M] -- C:\Users\Tatana\AppData\Roaming\TOSHIBA Online Product Information

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,014,824 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

< >

< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010/11/21 04:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013/05/10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013/07/09 15:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013/10/05 03:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013/05/10 06:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 06:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2010/11/21 04:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013/05/10 06:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013/05/13 06:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013/10/05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2011/01/12 17:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\drivers\iaStor.sys
[2011/01/12 17:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_a36325196df56f7d\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010/11/21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\erdnt\cache64\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\SysNative\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2012/06/04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2013/09/25 02:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\erdnt\cache64\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010/11/21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013/08/29 02:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013/08/02 06:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013/03/19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013/08/02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\erdnt\cache64\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010/11/21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013/07/06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2011/03/19 08:45:16 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2012/10/03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011/03/19 08:39:54 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010/11/21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013/10/28 02:21:03 | 000,000,000 | ---D | M] -- C:\Users\Tatana\AppData\Roaming\Adobe
[2013/11/16 23:31:45 | 000,000,000 | ---D | M] -- C:\Users\Tatana\AppData\Roaming\AVAST Software
[2013/10/28 02:06:19 | 000,000,000 | ---D | M] -- C:\Users\Tatana\AppData\Roaming\Identities
[2011/05/03 10:05:08 | 000,000,000 | ---D | M] -- C:\Users\Tatana\AppData\Roaming\Macromedia
[2013/11/02 17:29:42 | 000,000,000 | ---D | M] -- C:\Users\Tatana\AppData\Roaming\Malwarebytes
[2010/11/21 08:16:41 | 000,000,000 | ---D | M] -- C:\Users\Tatana\AppData\Roaming\Media Center Programs
[2013/11/07 23:09:37 | 000,000,000 | --SD | M] -- C:\Users\Tatana\AppData\Roaming\Microsoft
[2013/10/28 02:09:37 | 000,000,000 | ---D | M] -- C:\Users\Tatana\AppData\Roaming\Toshiba
[2013/10/28 02:29:07 | 000,000,000 | ---D | M] -- C:\Users\Tatana\AppData\Roaming\TOSHIBA Online Product Information

< %APPDATA%\*.exe /s >
[2010/09/20 15:39:48 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Tatana\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 17 lis 2013 00:59
od mirecek
< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013/11/16 23:36:17 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"TOPI.EXE" = C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARm32\log.txt -> [2013/11/16 23:36:17 | 000,000,018 | ---- | M] () -- [2011/02/18 16:02:50 | 000,845,176 | ---- | M] (TOSHIBA)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/11/17 00:01:30 | 000,000,512 | ---- | M] () MD5=EEB49A56CA45DC9CCA58B9E3F995E28C -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2011/02/25 09:46:24 | 000,005,987 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\scripts\io\downloader.js
[2013/10/28 02:44:17 | 000,002,545 | ---- | M] () -- \Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\dark_rounded\loader.gif
[2013/10/28 02:44:17 | 000,002,545 | ---- | M] () -- \Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\dark_square\loader.gif
[2013/10/28 02:44:17 | 000,006,331 | ---- | M] () -- \Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\default\loader.gif
[2013/10/28 02:44:17 | 000,002,545 | ---- | M] () -- \Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\facebook\loader.gif
[2013/10/28 02:44:17 | 000,002,545 | ---- | M] () -- \Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\light_rounded\loader.gif
[2013/10/28 02:44:17 | 000,002,545 | ---- | M] () -- \Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\light_square\loader.gif
[2009/05/31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009/05/31 03:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2010/09/23 09:12:18 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2010/09/23 09:12:18 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013/10/28 02:23:28 | 000,000,673 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2IXEI033\loader_sym_darkbg[1].gif
[2013/10/29 03:14:35 | 000,018,160 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2IXEI033\photopicker_loader_52x52[1].gif
[2013/10/28 02:24:20 | 000,003,061 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2IXEI033\rmsloaderdelayeddiv[1].js
[2013/10/28 02:28:24 | 000,058,667 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2IXEI033\sf_preloader[1].js
[2013/11/02 17:25:14 | 000,058,667 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5DYR25IK\sf_preloader[2].js
[2013/10/29 19:36:58 | 000,009,427 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ADLCBJ4B\ajax-loader[1].gif
[2013/10/30 04:41:26 | 000,003,208 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ADLCBJ4B\ajax-loader[2].gif
[2013/10/29 19:30:25 | 000,058,668 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JNCR9V3O\sf_preloader[1].js
[2013/10/29 03:59:33 | 000,002,892 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JRHZN1PY\loader[1].gif
[2013/10/29 04:25:16 | 000,009,792 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JRHZN1PY\loader[1].js
[2013/10/29 03:55:06 | 000,058,667 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JRHZN1PY\sf_preloader[1].js
[2013/10/29 03:59:41 | 000,001,624 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KDD3G7SI\ask-loader[1].gif
[2013/11/02 16:30:38 | 000,058,668 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PC2WHOVW\sf_preloader[1].js
[2013/11/02 17:28:31 | 000,058,667 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PC2WHOVW\sf_preloader[2].js
[2013/10/30 00:54:53 | 000,000,673 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TJRBBRAY\loader.white[1].gif
[2013/10/30 00:55:02 | 000,058,667 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TJRBBRAY\sf_preloader[1].js
[2013/10/29 04:25:22 | 000,009,792 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UK9LBJV9\loader[2].js
[2013/10/28 02:28:07 | 000,058,668 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UK9LBJV9\sf_preloader[1].js
[2013/10/29 03:09:48 | 000,058,667 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UK9LBJV9\sf_preloader[3].js
[2013/11/02 16:30:39 | 000,003,061 | ---- | M] () -- \Users\Tatana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WX0BGVL8\rmsloaderdelayeddiv[1].js
[2013/10/28 02:44:17 | 000,002,545 | ---- | M] () -- \Users\Tatana\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_rounded\loader.gif
[2013/10/28 02:44:17 | 000,002,545 | ---- | M] () -- \Users\Tatana\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_square\loader.gif
[2013/10/28 02:44:17 | 000,006,331 | ---- | M] () -- \Users\Tatana\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\default\loader.gif
[2013/10/28 02:44:17 | 000,002,545 | ---- | M] () -- \Users\Tatana\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\facebook\loader.gif
[2013/10/28 02:44:17 | 000,002,545 | ---- | M] () -- \Users\Tatana\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_rounded\loader.gif
[2013/10/28 02:44:17 | 000,002,545 | ---- | M] () -- \Users\Tatana\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_square\loader.gif
[2012/10/04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\20a0241289deea96b9f0b7d45706bc13\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\20a0241289deea96b9f0b7d45706bc13\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\20a0241289deea96b9f0b7d45706bc13\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\20a0241289deea96b9f0b7d45706bc13\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/10/30 05:22:06 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/10/30 05:23:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/10/30 05:22:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/10/30 05:23:22 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/02/14 09:36:52 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011/02/14 09:36:52 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011/02/14 09:36:52 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011/02/14 09:36:52 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011/02/14 09:36:52 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011/05/03 09:33:38 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/05/03 09:33:38 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/05/03 09:33:38 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/05/03 09:33:38 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/05/03 09:33:38 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011/02/14 09:31:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010/11/21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/10/30 05:22:06 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/10/30 05:23:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/10/30 05:22:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/10/30 05:23:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2010/08/20 09:43:02 | 000,242,984 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\BDCore10\boost_serialization-mt.dll
[2010/08/20 09:43:16 | 000,165,160 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\BDCore10\boost_wserialization-mt.dll
[2010/04/01 00:20:06 | 000,413,696 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.0.50401.0\System.Runtime.Serialization.dll
[2011/05/03 10:06:03 | 001,186,304 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.0.50401.0\System.Runtime.Serialization.ni.dll
[2011/01/07 17:48:14 | 000,775,464 | ---- | M] () -- \Program Files (x86)\Nero\Nero 10\Nero BackItUp\SetSerial.exe
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011/02/14 09:35:36 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010/04/14 17:20:46 | 000,415,592 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.dll
[2010/04/14 17:20:46 | 000,141,168 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.Json.dll
[2010/04/14 17:20:46 | 000,321,376 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Xml.Serialization.dll
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011/02/14 09:35:36 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011/04/21 09:57:08 | 000,063,360 | ---- | M] () -- \Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIInternal.XmlSerializers.dll
[2011/02/14 09:34:38 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/10/30 07:18:33 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ae204a1bdea82e97f3b8634984b9ad1c\System.Runtime.Serialization.ni.dll
[2013/10/30 07:17:38 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b529b5a5f171d31bcf4838ba229cfe50\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/11/02 17:18:48 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/11/02 18:36:52 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013/10/30 07:22:21 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\6c07fd381f3ae772ebe6c3db0570c543\System.Runtime.Serialization.ni.dll
[2013/11/02 17:22:44 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/10/30 07:20:16 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\970dd2f9ebf8f1f79f37bb91823a0fa4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/11/02 18:04:26 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013/10/30 06:55:16 | 002,659,328 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
[2013/10/30 06:55:24 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/05/03 10:08:10 | 000,310,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/05/03 10:08:03 | 002,625,024 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
[2013/10/30 06:58:48 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2011/05/03 10:13:32 | 003,375,616 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\08fba6b56d838ad48b4451c82e5728d4\System.Runtime.Serialization.ni.dll
[2013/10/30 06:40:55 | 003,425,792 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\4d6c50c63ff4757f8825b82fb18eae3d\System.Runtime.Serialization.ni.dll
[2011/05/03 10:13:41 | 000,374,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b468f9d8655e91b7a6aa11473eca4a97\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/10/30 06:41:11 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd2da26160fba6400b0353e558e35da6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/10/30 06:46:50 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2010/03/18 12:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.amd64
[2010/03/18 12:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.x86
[2013/10/30 06:33:37 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/10/30 06:33:36 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/10/30 06:33:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011/02/14 09:34:48 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 06:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011/02/14 09:34:30 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 06:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011/02/14 09:33:55 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011/02/14 09:33:55 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011/02/14 09:34:30 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011/02/14 09:34:51 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009/07/14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011/02/14 09:35:36 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011/02/14 09:34:58 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010/11/21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011/05/03 09:33:38 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/05/03 09:33:38 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011/02/14 09:36:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009/07/14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011/02/14 09:36:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009/07/14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/21 04:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010/11/21 04:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010/11/21 04:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011/02/14 09:32:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012/10/05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012/10/05 20:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010/11/21 04:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010/11/21 04:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011/02/14 09:34:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011/02/14 09:35:36 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010/11/13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010/11/13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010/11/21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011/02/14 09:34:48 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011/02/14 09:33:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011/02/14 09:35:36 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010/11/21 04:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 17 lis 2013 01:00
od mirecek
OTL Extras logfile created on: 11/16/2013 11:59:08 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tatana\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.98 Gb Total Physical Memory | 2.61 Gb Available Physical Memory | 65.56% Memory free
7.95 Gb Paging File | 6.31 Gb Available in Paging File | 79.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298.09 Gb Total Space | 260.23 Gb Free Space | 87.30% Space Free | Partition Type: NTFS
Drive D: | 297.69 Gb Total Space | 118.01 Gb Free Space | 39.64% Space Free | Partition Type: NTFS

Computer Name: TATANA-TOSHIBA | User Name: Tatana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{033AD159-6C2E-460C-A699-EDD035618215}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{0985C006-4682-4DCF-BF17-28BC869DB92A}" = lport=139 | protocol=6 | dir=in | app=system |
"{0AF502E4-991B-43DC-9FD6-9113ECBBA304}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1F1E63D2-3249-43DE-8285-23079A8458D0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{270AB0F6-5111-4403-8C4A-FB3E8C108539}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2B3FFFAE-CC49-4D4A-B8CF-45DF2C3EFC37}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2EA9A3FD-66F6-4E23-9A32-EB5061F0A8E2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3CEAA196-AD24-4C8A-A0E7-8A3A6212ECAD}" = rport=445 | protocol=6 | dir=out | app=system |
"{3EA4B07C-A1B7-406C-B658-4D5E5BA084A5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{44445728-8347-47A5-8538-574D0E9DA0E6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{49BF8869-5833-4609-8ACE-F58D2FE24DA0}" = lport=137 | protocol=17 | dir=in | app=system |
"{4CB35D96-324A-484D-891D-2F2F20837E3D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{69E674F8-5284-4DB5-A09B-7E30E57DBB98}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{70CA8F76-B7AA-4A4E-A80E-77F37E7350F7}" = rport=139 | protocol=6 | dir=out | app=system |
"{733B5770-423B-4CA4-A29A-06B44DF03193}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{75DD5DF5-2851-4815-ACF4-4876462F047D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{94581E2B-6FE1-41AB-8BF4-D056B3F649DA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9F19E2B3-8CB8-4B1D-B56A-AF9BF56D75BF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A3E76D6E-5E5F-4BDA-8BC7-037CF63C2DEA}" = rport=137 | protocol=17 | dir=out | app=system |
"{B53A5F6E-871A-47FC-B761-C2850A63813C}" = lport=138 | protocol=17 | dir=in | app=system |
"{E47E2970-F5D6-412C-98EA-A40B4E03CCE2}" = rport=138 | protocol=17 | dir=out | app=system |
"{F87DF1CE-3142-42A0-95E5-D31C28E4F2A0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F8B7A7BE-BEE1-476C-B088-FD2111555190}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FDC488-8D91-43F6-9DFC-7E6654BF41B3}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{069C7700-641B-48B5-8EE9-07D5790A91FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{09B583E4-D42B-4CC9-85C3-FE9EDFD924B4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1C7C8DF6-3A21-4B34-8A31-0026334C839C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1EE419B2-685F-47FE-B7E6-C3C0126AD630}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4055CF0E-B594-4832-9A49-4F384A3F9A96}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{40D2C5E8-BB85-4B14-A941-22DB52FDC264}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4D9089BA-AC19-41FE-8AFD-2B7E7199E32D}" = dir=in | app=c:\program files (x86)\iminent\iminent.messengers.exe |
"{515B1F1C-D0C1-4B39-BD74-DD7CCE5EF91D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5197A76C-3E26-4668-B574-F7BA5F5B5216}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{54068768-C0B7-4640-B2F3-362DC3042FD0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{562C3BEC-619A-44A6-9173-E4F887961545}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5686BCBD-C23C-488B-A6F4-EF8BA67529AF}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{58AC5FC1-B16A-4EEC-9F3F-23C400F08459}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{69B8B842-7EC7-447A-8BE8-A544ABEC4D60}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{714D4015-567C-4104-A683-9CAFBE4B6BE7}" = dir=in | app=c:\program files (x86)\iminent\iminent.exe |
"{7389CC1D-5119-4B28-A48E-9BB17859A4D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{808C9A47-D9E4-4C8C-B9AF-26C847419B49}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{88154DCE-CA4B-467A-8170-56D3D558B6EC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{8BC12268-4092-4A29-BB08-81B7DCD9A482}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{8D072F17-380D-42D5-98DC-DD04FA981639}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9CD9FD23-A9FE-4552-ABB8-1E9A3A97FA9E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{CBE77B65-C6BB-4C1B-913F-BBA2724A9441}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D12CDBCC-9B83-4B57-866C-7AD5DB3F2B61}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{D5CEA634-F05E-40CC-B813-1EFCE5311A54}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{E3CF8738-47DA-41FF-8350-8077A1F630D4}" = protocol=6 | dir=out | app=system |
"{ED1E8BDB-B869-4893-8F3B-B39D7AFFFDA3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EDC86D6C-FAF9-4C45-B7A0-6F6F9420CEF0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F4E5820E-F2E1-4BD8-BA70-C9089B4E60C0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F56B76E8-302F-4C4E-BA3F-EB2BE7B0A448}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F7406AD1-887D-43FE-A437-84E6F9331F29}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{43DBC64B-3DD1-47E2-8788-D3C3B110C574}" = TOSHIBA Bulletin Board
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0FF68F26-416C-4954-ACA5-6AD5F9DE99C1}" = Nero Multimedia Suite 10 Essentials
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{38C52F7D-A6CB-4CE7-A189-8AABE8774D8A}" = TOSHIBA ConfigFree
"{3D047C6C-19EE-46E3-C14B-9FA84260DF9B}" = Photo Service - powered by myphotobook
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{461F6F0D-7173-4902-9604-AB1A29108AF2}" = TOSHIBA Places Icon Utility
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}" = TOSHIBA Resolution+ Plug-in for Windows Media Player
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{858366ac-2d91-41f0-8765-0c809058bbeb}" = PassWidget
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{973DD1DF-D51D-46BB-B6AC-D56617D133C1}" = Iminent
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7A4F26F-F9B0-41B2-8659-99181108CDE3}" = TOSHIBA Media Controller
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CDADE9BC-612C-42B8-B929-5C6A823E7FF9}" = TOSHIBA Wireless LAN Indicator
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F082CB11-4794-4259-99A1-D91BA762AD15}" = TOSHIBA TEMPRO
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FDE58148-57E7-43BF-879A-29CCE818C078}" = eBay
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Avast" = avast! Free Antivirus
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}" = TOSHIBA Bulletin Board
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"iRobinHood Addon" = iRobinHood Partners V Addon
"Linksicle" = Linksicle
"Mobogenie" = Mobogenie
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"TeamViewer 8" = TeamViewer 8
"WinLiveSuite" = Podstawowe programy Windows Live

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/29/2013 8:18:29 PM | Computer Name = Tatana-TOSHIBA | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 0.0.0.0, časové razítko:
0x4e06cfe8 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00030fdf ID chybujícího procesu: 0x145c Čas spuštění
chybující aplikace: 0x01ced5058cec9762 Cesta k chybující aplikaci: C:\32788R22FWJFW\License\iexplore.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: cd1555ad-40f8-11e3-8e8d-e2b51f446e52

Error - 10/29/2013 8:18:29 PM | Computer Name = Tatana-TOSHIBA | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 0.0.0.0, časové razítko:
0x4e06cfe8 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00030fdf ID chybujícího procesu: 0x1178 Čas spuštění
chybující aplikace: 0x01ced5058ce1e901 Cesta k chybující aplikaci: C:\32788R22FWJFW\License\iexplore.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: cd19263d-40f8-11e3-8e8d-e2b51f446e52

Error - 10/29/2013 8:18:29 PM | Computer Name = Tatana-TOSHIBA | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 0.0.0.0, časové razítko:
0x4e06cfe8 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00030fdf ID chybujícího procesu: 0x1648 Čas spuštění
chybující aplikace: 0x01ced5058cde1871 Cesta k chybující aplikaci: C:\32788R22FWJFW\License\iexplore.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: cd1f40be-40f8-11e3-8e8d-e2b51f446e52

Error - 10/29/2013 8:18:29 PM | Computer Name = Tatana-TOSHIBA | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 0.0.0.0, časové razítko:
0x4e06cfe8 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00030fdf ID chybujícího procesu: 0x153c Čas spuštění
chybující aplikace: 0x01ced5058ce80382 Cesta k chybující aplikaci: C:\32788R22FWJFW\License\iexplore.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: cd261e8f-40f8-11e3-8e8d-e2b51f446e52

Error - 10/29/2013 8:18:29 PM | Computer Name = Tatana-TOSHIBA | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 0.0.0.0, časové razítko:
0x4e06cfe8 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00030fdf ID chybujícího procesu: 0xe50 Čas spuštění
chybující aplikace: 0x01ced5058ce432f2 Cesta k chybující aplikaci: C:\32788R22FWJFW\License\iexplore.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: cd26e1df-40f8-11e3-8e8d-e2b51f446e52

Error - 10/29/2013 8:18:29 PM | Computer Name = Tatana-TOSHIBA | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 0.0.0.0, časové razítko:
0x4e06cfe8 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00030fdf ID chybujícího procesu: 0x1774 Čas spuštění
chybující aplikace: 0x01ced5058cf5bf23 Cesta k chybující aplikaci: C:\32788R22FWJFW\License\iexplore.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: cd27a52f-40f8-11e3-8e8d-e2b51f446e52

Error - 10/29/2013 11:35:07 PM | Computer Name = Tatana-TOSHIBA | Source = WinMgmt | ID = 10
Description =

Error - 10/29/2013 11:36:20 PM | Computer Name = Tatana-TOSHIBA | Source = Application Error | ID = 1000
Description = Název chybující aplikace: NDSTray.exe, verze: 8.0.0.48, časové razítko:
0x4cf8869a Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17514, časové razítko:
0x4ce7ba58 Kód výjimky: 0xc0000005 Posun chyby: 0x0002e046 ID chybujícího procesu:
0x1384 Čas spuštění chybující aplikace: 0x01ced521158df861 Cesta k chybující aplikaci:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe Cesta k chybujícímu modulu:
C:\Windows\SysWOW64\ntdll.dll ID zprávy: 70c4f708-4114-11e3-9389-a60571c74e57

Error - 10/29/2013 11:36:42 PM | Computer Name = Tatana-TOSHIBA | Source = Iminent | ID = 0
Description =

Error - 10/29/2013 11:42:02 PM | Computer Name = Tatana-TOSHIBA | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16421, časové
razítko: 0x4d76255d Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17514,
časové razítko: 0x4ce7ba58 Kód výjimky: 0xc0000374 Posun chyby: 0x000ce653 ID chybujícího
procesu: 0x598 Čas spuštění chybující aplikace: 0x01ced521c61f775b Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: 3c6369c7-4115-11e3-9389-a60571c74e57

[ System Events ]
Error - 11/2/2013 12:14:28 PM | Computer Name = Tatana-TOSHIBA | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby ConfigFree Service bylo dosaženo časového
limitu (30000 ms).

Error - 11/2/2013 12:14:28 PM | Computer Name = Tatana-TOSHIBA | Source = Service Control Manager | ID = 7000
Description = Služba ConfigFree Service neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 11/2/2013 12:14:29 PM | Computer Name = Tatana-TOSHIBA | Source = Service Control Manager | ID = 7023
Description = Služba Windows Defender byla ukončena s následující chybou: %%-2147416365

Error - 11/2/2013 12:16:04 PM | Computer Name = Tatana-TOSHIBA | Source = Service Control Manager | ID = 7000
Description = Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 11/2/2013 3:08:50 PM | Computer Name = Tatana-TOSHIBA | Source = DCOM | ID = 10010
Description =

Error - 11/3/2013 9:16:58 AM | Computer Name = Tatana-TOSHIBA | Source = Service Control Manager | ID = 7000
Description = Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 11/3/2013 7:57:05 PM | Computer Name = Tatana-TOSHIBA | Source = Service Control Manager | ID = 7000
Description = Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 11/3/2013 10:19:20 PM | Computer Name = Tatana-TOSHIBA | Source = Service Control Manager | ID = 7000
Description = Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 11/5/2013 7:31:00 AM | Computer Name = Tatana-TOSHIBA | Source = Service Control Manager | ID = 7000
Description = Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 11/5/2013 11:46:33 AM | Computer Name = Tatana-TOSHIBA | Source = Service Control Manager | ID = 7000
Description = Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku
následující chyby: %%2


< End of report >

Re: prosim o kontrolu logu ( zavirovany system )

Napsal: 17 lis 2013 10:32
od Márty84
:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
esgiguard
SeaPort

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {2FD85D18-792F-4827-9612-DDF6708C0C4C}
IE:64bit: - HKLM\..\SearchScopes\{2FD85D18-792F-4827-9612-DDF6708C0C4C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2FD85D18-792F-4827-9612-DDF6708C0C4C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000\..\SearchScopes,DefaultScope = {2FD85D18-792F-4827-9612-DDF6708C0C4C}
IE - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000\..\SearchScopes\{9AB2515E-F02C-4409-9C90-E2E5B2DC33CF}: "URL" = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
IE - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000\..\SearchScopes\{A6406EA1-B95A-4EC3-8BEB-95AEBD68378F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKU\S-1-5-21-3060094655-4242149613-3613117635-1000\..\SearchScopes\{F7FA7753-2AA8-444C-9717-61F0705F4B4B}: "URL" = http://rover.ebay.com/rover/1/710-71511 ... 4?satitle={searchTerms}
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{1cf9e0e8-d896-4ef9-8cf2-33d79e8dfa10}: C:\Program Files (x86)\Pass-Widget\134.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}: C:\Users\Tatana\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{298cb7ae-9843-494b-ac62-9fffff634973}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54E67346-EE5A-45B6-82AA-4F0BB28C79C2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{8dcb7100-df86-4384-8842-8fa844297b3f}"=-
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Všechny časy jsou v UTC+01:00
Stránka 2 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz