VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosím o kontrolu logu - trojský kůn - fake email česke p.

https://forum.viry.cz:443/viewtopic.php?t=134580

Stránka 1 z 1

prosím o kontrolu logu - trojský kůn - fake email česke p.

Napsal: 10 pro 2013 13:44
od Semik
počítač jsem nechal projet ESET NOD32 ANTIVIRUS

Protokol o kontrole
Verze virové databáze: 9152 (20131209)
Datum: 10.12.2013 Čas: 9:02:54
Testované disky, adresáře a soubory: Operační paměť;C:\Boot sektor;D:\Boot sektor;C:\;D:\
Operační paměť » OnekeySupport.exe(2992) - varianta infiltrace Win32/Spy.Hesperbot.C trojský kůň - vyléčen smazáním [1]
Operační paměť » explorer.exe(2680) - varianta infiltrace Win32/Spy.Hesperbot.C trojský kůň - vyléčen smazáním [1]
Operační paměť » IAStorIcon.exe(3828) - varianta infiltrace Win32/Spy.Hesperbot.C trojský kůň - vyléčen smazáním [1]
Operační paměť » VM331_STI.EXE(3896) - varianta infiltrace Win32/Spy.Hesperbot.C trojský kůň - vyléčen smazáním [1]
Operační paměť » jusched.exe(3576) - varianta infiltrace Win32/Spy.Hesperbot.C trojský kůň - vyléčen smazáním [1]
Operační paměť » Skype.exe(3064) - varianta infiltrace Win32/Spy.Hesperbot.C trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.C trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » iexplore.exe(5832) - varianta infiltrace Win32/Spy.Hesperbot.H trojský kůň - vyléčen smazáním [1]
Operační paměť » TOTALCMD.EXE(2272) - varianta infiltrace Win32/Spy.Hesperbot.C trojský kůň - vyléčen smazáním [1]
C:\hiberfil.sys - chyba při otevírání [4]
C:\pagefile.sys - chyba při otevírání [4]
C:\###Radost###\OOo_3.3.0_Win_x86_install_cs.exe » NSIS » openofficeorg1.cab » CAB » testtar.tar » TAR » - poškozený archiv
Kontrola přerušena uživatelem!
Počet zkontrolovaných objektů: 5157
Počet nalezených hrozeb: 29
Počet vyléčených objektů: 29
Čas ukončení: 9:04:12 Celkový čas diagnostiky: 78 sek (00:01:18)

Poznámky:
[1] Objekt byl smazán, obsahoval pouze škodlivý kód.
[4] Objekt nelze otevřít ke čtení. Je využíván jinou aplikací (nebo operačním systémem), která ho otevřela výhradně pro sebe.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Sema at 2013-12-10 13:21:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 23 GB (5%) free of 432 GB
Total RAM: 3959 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:21:39, on 10.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Sema\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2AALCLP9\RSIT.exe
C:\Program Files (x86)\trend micro\Sema.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Sema\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Moveslink for Movestick Mini.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: CrossLoop Service (CrossLoopService) - CrossLoop Inc - C:\Users\Sema\AppData\Local\CrossLoop\CrossLoopService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\windows\system32\srvany.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Users\Sema\AppData\Local\CrossLoop\tvnserver.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13576 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Sema\AppData\Roaming\Mozilla\Firefox\Profiles\ekkcdbr4.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
mall-cz.xml

C:\Users\Sema\AppData\Roaming\Mozilla\Firefox\Profiles\ekkcdbr4.default\extensions\
battlefieldplay4free@ea.com
{0b457cAA-602d-484a-8fe7-c1d894a011ba}

C:\Users\Sema\AppData\Roaming\Mozilla\Firefox\Profiles\ekkcdbr4.default\searchplugins\
daemon-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331_STI.EXE [2010-01-15 536576]
"UCam_Menu"=C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"NeroFilterCheck"=C:\windows\system32\NeroCheck.exe [2004-02-13 155648]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-11-26 683576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-01-09 3093624]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\Lenovo\Bluetooth Software\BTTray.exe
Moveslink for Movestick Mini.lnk - C:\windows\Installer\{4D036ACA-DFDF-41B2-A680-E0D736F3E947}\_22A9010B636AF7A61D8E03.exe

C:\Users\Sema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Sema\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=3
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"msacm.clmp3enc"=C:\PROGRA~2\Lenovo\Power2Go\CLMP3Enc.ACM
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-12-10 13:21:33 ----D---- C:\Program Files (x86)\trend micro
2013-12-10 13:21:32 ----D---- C:\rsit
2013-12-10 11:40:58 ----D---- C:\windows\agen
2013-12-10 11:40:48 ----D---- C:\windows\smyf
2013-12-10 11:40:32 ----D---- C:\windows\urox
2013-12-10 11:40:22 ----D---- C:\windows\owaz
2013-12-10 11:40:11 ----D---- C:\windows\ivwr
2013-12-10 11:39:56 ----D---- C:\windows\ozpk
2013-12-10 11:39:45 ----D---- C:\windows\okrh
2013-12-10 11:39:30 ----D---- C:\windows\rmew
2013-12-10 11:39:25 ----D---- C:\windows\oxur
2013-12-10 11:39:04 ----D---- C:\windows\tpij
2013-12-10 11:38:49 ----D---- C:\windows\kdip
2013-12-10 11:38:39 ----D---- C:\windows\urux
2013-12-10 11:38:13 ----D---- C:\windows\wtik
2013-12-10 11:37:57 ----D---- C:\windows\ybsh
2013-12-10 11:37:32 ----D---- C:\windows\fxwg
2013-12-10 11:36:56 ----D---- C:\windows\dbom
2013-12-10 11:36:40 ----D---- C:\windows\wsib
2013-12-10 11:36:30 ----D---- C:\windows\rsok
2013-12-10 11:36:04 ----D---- C:\windows\ntob
2013-12-10 11:35:38 ----D---- C:\windows\ojjd
2013-12-10 11:34:47 ----D---- C:\windows\ipwx
2013-12-10 11:34:42 ----D---- C:\windows\avid
2013-12-10 11:34:31 ----D---- C:\windows\itym
2013-12-10 11:34:21 ----D---- C:\windows\ucug
2013-12-10 11:34:16 ----D---- C:\windows\nzek
2013-12-10 11:34:10 ----D---- C:\windows\jsot
2013-12-10 11:33:34 ----D---- C:\windows\ykyq
2013-12-10 11:33:19 ----D---- C:\windows\kwiw
2013-12-10 11:33:04 ----D---- C:\windows\orux
2013-12-10 11:32:53 ----D---- C:\windows\zfyt
2013-12-10 11:32:27 ----D---- C:\windows\uces
2013-12-10 11:32:22 ----D---- C:\windows\xmoz
2013-12-10 11:32:07 ----D---- C:\windows\ocph
2013-12-10 11:32:02 ----D---- C:\windows\ebek
2013-12-10 11:31:57 ----D---- C:\windows\icfc
2013-12-10 11:31:31 ----D---- C:\windows\oqep
2013-12-10 11:31:00 ----D---- C:\windows\snap
2013-12-10 11:30:24 ----D---- C:\windows\dvev
2013-12-10 11:29:43 ----D---- C:\windows\mbib
2013-12-10 11:29:23 ----D---- C:\windows\axap
2013-12-10 11:29:07 ----D---- C:\windows\orud
2013-12-10 11:28:37 ----D---- C:\windows\ojoj
2013-12-10 11:28:32 ----D---- C:\windows\yzih
2013-12-10 11:28:06 ----D---- C:\windows\avov
2013-12-10 11:27:51 ----D---- C:\windows\ejap
2013-12-10 11:27:45 ----D---- C:\windows\whys
2013-12-10 11:27:04 ----D---- C:\windows\lgep
2013-12-10 11:26:59 ----D---- C:\windows\igkj
2013-12-10 11:26:41 ----D---- C:\windows\nzlf
2013-12-10 11:26:19 ----D---- C:\windows\fdig
2013-12-10 11:26:14 ----D---- C:\windows\esut
2013-12-10 11:25:49 ----D---- C:\windows\tmmc
2013-12-10 11:25:18 ----D---- C:\windows\qzjt
2013-12-10 11:25:12 ----D---- C:\windows\ogsn
2013-12-10 11:24:39 ----D---- C:\windows\gxox
2013-12-10 11:23:53 ----D---- C:\windows\arod
2013-12-10 11:23:47 ----D---- C:\windows\insg
2013-12-10 11:23:23 ----D---- C:\windows\enon
2013-12-10 11:23:06 ----D---- C:\windows\ahfw
2013-12-10 11:23:00 ----D---- C:\windows\wcak
2013-12-10 11:22:47 ----D---- C:\windows\acyf
2013-12-10 11:22:41 ----D---- C:\windows\shaw
2013-12-10 11:22:20 ----D---- C:\windows\efdw
2013-12-10 11:21:28 ----D---- C:\windows\aqfj
2013-12-10 11:21:13 ----D---- C:\windows\yhyb
2013-12-10 11:20:52 ----D---- C:\windows\gqeg
2013-12-10 11:19:56 ----D---- C:\windows\atyk
2013-12-10 11:19:45 ----D---- C:\windows\erod
2013-12-10 11:19:09 ----D---- C:\windows\exej
2013-12-10 11:18:59 ----D---- C:\windows\igih
2013-12-10 11:18:49 ----D---- C:\windows\otoh
2013-12-10 11:18:43 ----D---- C:\windows\krbg
2013-12-10 11:18:27 ----D---- C:\windows\rfow
2013-12-10 11:18:16 ----D---- C:\windows\lhdt
2013-12-10 11:18:01 ----D---- C:\windows\tbks
2013-12-10 11:17:51 ----D---- C:\windows\ibys
2013-12-10 11:17:45 ----D---- C:\windows\zjap
2013-12-10 11:17:40 ----D---- C:\windows\lhot
2013-12-10 11:17:30 ----D---- C:\windows\adon
2013-12-10 11:17:20 ----D---- C:\windows\osum
2013-12-10 11:16:49 ----D---- C:\windows\ipir
2013-12-10 11:16:18 ----D---- C:\windows\qkow
2013-12-10 11:16:13 ----D---- C:\windows\ltuz
2013-12-10 11:16:08 ----D---- C:\windows\nhum
2013-12-10 11:15:58 ----D---- C:\windows\alaj
2013-12-10 11:15:32 ----D---- C:\windows\ezut
2013-12-10 11:15:27 ----D---- C:\windows\snyl
2013-12-10 11:15:01 ----D---- C:\windows\owug
2013-12-10 11:14:46 ----D---- C:\windows\axal
2013-12-10 11:13:54 ----D---- C:\windows\vded
2013-12-10 11:13:29 ----D---- C:\windows\udux
2013-12-10 11:13:18 ----D---- C:\windows\mkat
2013-12-10 11:12:11 ----D---- C:\windows\yqcd
2013-12-10 11:11:20 ----D---- C:\windows\izys
2013-12-10 11:11:04 ----D---- C:\windows\uxur
2013-12-10 11:10:49 ----D---- C:\windows\yxif
2013-12-10 11:10:44 ----D---- C:\windows\owjm
2013-12-10 11:10:38 ----D---- C:\windows\mgyr
2013-12-10 11:09:22 ----D---- C:\windows\ujej
2013-12-10 11:08:45 ----D---- C:\windows\ibiw
2013-12-10 11:08:35 ----D---- C:\windows\ahys
2013-12-10 11:08:25 ----D---- C:\windows\etyc
2013-12-10 11:08:03 ----D---- C:\windows\ocoh
2013-12-10 11:07:47 ----D---- C:\windows\edun
2013-12-10 11:07:37 ----D---- C:\windows\unqn
2013-12-10 11:07:16 ----D---- C:\windows\uguc
2013-12-10 11:07:01 ----D---- C:\windows\uxrd
2013-12-10 11:06:55 ----D---- C:\windows\qfuh
2013-12-10 11:06:45 ----D---- C:\windows\lbuc
2013-12-10 11:06:40 ----D---- C:\windows\ezrf
2013-12-10 11:06:35 ----D---- C:\windows\cqin
2013-12-10 11:06:30 ----D---- C:\windows\jdun
2013-12-10 11:06:25 ----D---- C:\windows\ywbz
2013-12-10 11:05:49 ----D---- C:\windows\eqdg
2013-12-10 11:05:44 ----D---- C:\windows\yqwn
2013-12-10 11:05:28 ----D---- C:\windows\ehrc
2013-12-10 11:05:23 ----D---- C:\windows\ebut
2013-12-10 11:04:52 ----D---- C:\windows\bsas
2013-12-10 11:04:22 ----D---- C:\windows\udun
2013-12-10 11:03:35 ----D---- C:\windows\dmoz
2013-12-10 11:03:30 ----D---- C:\windows\atav
2013-12-10 11:03:10 ----D---- C:\windows\usqk
2013-12-10 11:02:59 ----D---- C:\windows\yvar
2013-12-10 11:02:15 ----D---- C:\windows\zmyc
2013-12-10 11:01:54 ----D---- C:\windows\ijap
2013-12-10 11:01:23 ----D---- C:\windows\mxag
2013-12-10 11:00:53 ----D---- C:\windows\abts
2013-12-10 11:00:12 ----D---- C:\windows\ojex
2013-12-10 10:59:56 ----D---- C:\windows\hlyr
2013-12-10 10:59:46 ----D---- C:\windows\yxcl
2013-12-10 10:58:55 ----D---- C:\windows\uceb
2013-12-10 10:58:09 ----D---- C:\windows\utvs
2013-12-10 10:58:04 ----D---- C:\windows\hnap
2013-12-10 10:57:48 ----D---- C:\windows\orrn
2013-12-10 10:57:22 ----D---- C:\windows\ilyn
2013-12-10 10:57:17 ----D---- C:\windows\kpbj
2013-12-10 10:56:46 ----D---- C:\windows\hvyj
2013-12-10 10:56:36 ----D---- C:\windows\ufns
2013-12-10 10:56:31 ----D---- C:\windows\engn
2013-12-10 10:56:05 ----D---- C:\windows\ufrz
2013-12-10 10:55:59 ----D---- C:\windows\ocjw
2013-12-10 10:55:44 ----D---- C:\windows\ymic
2013-12-10 10:55:34 ----D---- C:\windows\bwab
2013-12-10 10:55:28 ----D---- C:\windows\pjqd
2013-12-10 10:55:23 ----D---- C:\windows\qder
2013-12-10 10:55:18 ----D---- C:\windows\fzth
2013-12-10 10:55:08 ----D---- C:\windows\szib
2013-12-10 10:55:03 ----D---- C:\windows\hwyw
2013-12-10 10:54:42 ----D---- C:\windows\ondj
2013-12-10 10:54:32 ----D---- C:\windows\iqfj
2013-12-10 10:54:16 ----D---- C:\windows\bhaz
2013-12-10 10:53:40 ----D---- C:\windows\lfos
2013-12-10 10:53:35 ----D---- C:\windows\ivix
2013-12-10 10:53:25 ----D---- C:\windows\ewgk
2013-12-10 10:53:15 ----D---- C:\windows\okuf
2013-12-10 10:53:09 ----D---- C:\windows\ynkq
2013-12-10 10:53:04 ----D---- C:\windows\ugvq
2013-12-10 10:52:54 ----D---- C:\windows\vqol
2013-12-10 10:52:49 ----D---- C:\windows\osot
2013-12-10 10:52:39 ----D---- C:\windows\efgs
2013-12-10 10:52:33 ----D---- C:\windows\xkuz
2013-12-10 10:52:13 ----D---- C:\windows\tdyv
2013-12-10 10:51:57 ----D---- C:\windows\axag
2013-12-10 10:51:16 ----D---- C:\windows\wsiw
2013-12-10 10:51:11 ----D---- C:\windows\oxej
2013-12-10 10:51:01 ----D---- C:\windows\ewpt
2013-12-10 10:50:30 ----D---- C:\windows\ivhn
2013-12-10 10:50:24 ----D---- C:\windows\tlij
2013-12-10 10:50:19 ----D---- C:\windows\ekuz
2013-12-10 10:49:43 ----D---- C:\windows\ulgq
2013-12-10 10:49:27 ----D---- C:\windows\gzok
2013-12-10 10:49:06 ----D---- C:\windows\qmit
2013-12-10 10:48:50 ----D---- C:\windows\ehef
2013-12-10 10:48:45 ----D---- C:\windows\esnf
2013-12-10 10:48:40 ----D---- C:\windows\idap
2013-12-10 10:48:35 ----D---- C:\windows\rkqs
2013-12-10 10:48:29 ----D---- C:\windows\ixal
2013-12-10 10:48:19 ----D---- C:\windows\acym
2013-12-10 10:48:09 ----D---- C:\windows\ithk
2013-12-10 10:48:04 ----D---- C:\windows\udex
2013-12-10 10:47:43 ----D---- C:\windows\ebqt
2013-12-10 10:47:38 ----D---- C:\windows\udon
2013-12-10 10:47:33 ----D---- C:\windows\zbih
2013-12-10 10:47:28 ----D---- C:\windows\ifkk
2013-12-10 10:47:22 ----D---- C:\windows\ecus
2013-12-10 10:47:07 ----D---- C:\windows\unrs
2013-12-10 10:47:02 ----D---- C:\windows\odjj
2013-12-10 10:46:46 ----D---- C:\windows\xpug
2013-12-10 10:46:35 ----D---- C:\windows\ylul
2013-12-10 10:46:25 ----D---- C:\windows\qwof
2013-12-10 10:45:49 ----D---- C:\windows\ekes
2013-12-10 10:45:43 ----D---- C:\windows\ofos
2013-12-10 10:45:38 ----D---- C:\windows\ypyr
2013-12-10 10:45:23 ----D---- C:\windows\aqbx
2013-12-10 10:45:12 ----D---- C:\windows\ymqb
2013-12-10 10:44:57 ----D---- C:\windows\emgz
2013-12-10 10:44:16 ----D---- C:\windows\cqyn
2013-12-10 10:44:00 ----D---- C:\windows\fxil
2013-12-10 10:43:55 ----D---- C:\windows\ycmm
2013-12-10 10:43:24 ----D---- C:\windows\nqoq
2013-12-10 10:43:08 ----D---- C:\windows\ybah
2013-12-10 10:43:03 ----D---- C:\windows\kftc
2013-12-10 10:42:47 ----D---- C:\windows\ivad
2013-12-10 10:42:37 ----D---- C:\windows\eqep
2013-12-10 10:42:11 ----D---- C:\windows\urov
2013-12-10 10:42:06 ----D---- C:\windows\kqhn
2013-12-10 10:42:00 ----D---- C:\windows\esxt
2013-12-10 10:41:55 ----D---- C:\windows\hnav
2013-12-10 10:41:45 ----D---- C:\windows\tkik
2013-12-10 10:41:40 ----D---- C:\windows\ahwh
2013-12-10 10:40:58 ----D---- C:\windows\ocqw
2013-12-10 10:40:07 ----D---- C:\windows\qkez
2013-12-10 10:39:41 ----D---- C:\windows\orvd
2013-12-10 10:39:35 ----D---- C:\windows\ybiw
2013-12-10 10:39:30 ----D---- C:\windows\egul
2013-12-10 10:39:20 ----D---- C:\windows\twtw
2013-12-10 10:38:54 ----D---- C:\windows\bfaf
2013-12-10 10:38:23 ----D---- C:\windows\xfuw
2013-12-10 10:38:03 ----D---- C:\windows\uzlf
2013-12-10 10:37:47 ----D---- C:\windows\iciq
2013-12-10 10:36:50 ----D---- C:\windows\ivid
2013-12-10 10:36:24 ----D---- C:\windows\yleq
2013-12-10 10:36:19 ----D---- C:\windows\ublt
2013-12-10 09:06:51 ----D---- C:\Program Files (x86)\ESET
2013-12-10 08:28:46 ----D---- C:\windows\ehkh
2013-12-10 08:28:24 ----D---- C:\windows\uvog
2013-12-10 08:28:12 ----D---- C:\windows\atim
2013-12-10 08:27:41 ----D---- C:\windows\vsof
2013-12-09 21:01:30 ----D---- C:\windows\ewvf
2013-12-09 21:01:25 ----D---- C:\windows\ypmj
2013-12-09 21:01:05 ----D---- C:\windows\mjiq
2013-12-09 21:00:59 ----D---- C:\windows\dwof
2013-12-09 21:00:49 ----D---- C:\windows\yqfx
2013-12-09 21:00:44 ----D---- C:\windows\idbp
2013-12-09 21:00:19 ----D---- C:\windows\uzdc
2013-12-09 20:59:53 ----D---- C:\windows\awcs
2013-12-09 20:59:43 ----D---- C:\windows\ijyq
2013-12-09 20:58:57 ----D---- C:\windows\gveq
2013-12-09 20:58:47 ----D---- C:\windows\emub
2013-12-09 20:58:26 ----D---- C:\windows\itwc
2013-12-09 20:58:01 ----D---- C:\windows\ojed
2013-12-09 20:57:46 ----D---- C:\windows\ukew
2013-12-09 20:57:35 ----D---- C:\windows\lfrz
2013-12-09 20:57:20 ----D---- C:\windows\ahah
2013-12-09 20:56:39 ----D---- C:\windows\wqmn
2013-12-09 20:56:34 ----D---- C:\windows\utew
2013-12-09 20:56:24 ----D---- C:\windows\jcqw
2013-12-09 20:56:19 ----D---- C:\windows\inig
2013-12-09 20:56:14 ----D---- C:\windows\htac
2013-12-09 20:55:58 ----D---- C:\windows\unel
2013-12-09 20:55:33 ----D---- C:\windows\evep
2013-12-09 20:55:18 ----D---- C:\windows\qcus
2013-12-09 20:55:12 ----D---- C:\windows\ezof
2013-12-09 20:55:07 ----D---- C:\windows\ivaj
2013-12-09 20:55:02 ----D---- C:\windows\awis
2013-12-09 20:54:57 ----D---- C:\windows\ggul
2013-12-09 20:54:47 ----D---- C:\windows\abkw
2013-12-09 20:54:42 ----D---- C:\windows\uxgn
2013-12-09 20:54:32 ----D---- C:\windows\dlog
2013-12-09 20:54:27 ----D---- C:\windows\hbiw
2013-12-09 20:54:11 ----D---- C:\windows\yqtd
2013-12-09 20:53:56 ----D---- C:\windows\jxer
2013-12-09 20:53:46 ----D---- C:\windows\akam
2013-12-09 20:53:35 ----D---- C:\windows\yzab
2013-12-09 20:53:30 ----D---- C:\windows\eroj
2013-12-09 20:53:20 ----D---- C:\windows\ykam
2013-12-09 20:53:05 ----D---- C:\windows\shyb
2013-12-09 20:52:44 ----D---- C:\windows\ogug
2013-12-09 20:52:29 ----D---- C:\windows\hdyp
2013-12-09 20:52:19 ----D---- C:\windows\fpar
2013-12-09 20:51:53 ----D---- C:\windows\ezum
2013-12-09 20:51:43 ----D---- C:\windows\tmyk
2013-12-09 20:51:18 ----D---- C:\windows\imsf
2013-12-09 20:51:13 ----D---- C:\windows\tsyb
2013-12-09 20:50:52 ----D---- C:\windows\yriv
2013-12-09 20:50:16 ----D---- C:\windows\wncl
2013-12-09 20:49:51 ----D---- C:\windows\rzpr
2013-12-09 20:49:20 ----D---- C:\windows\onrr
2013-12-09 20:48:55 ----D---- C:\windows\mtyc
2013-12-09 20:48:14 ----D---- C:\windows\umrs
2013-12-09 20:48:04 ----D---- C:\windows\spaj
2013-12-09 20:47:54 ----D---- C:\windows\htim
2013-12-09 20:47:18 ----D---- C:\windows\ajig
2013-12-09 20:46:57 ----D---- C:\windows\yrsp
2013-12-09 20:46:52 ----D---- C:\windows\dset
2013-12-09 20:46:42 ----D---- C:\windows\bcyc
2013-12-09 20:46:32 ----D---- C:\windows\ovep
2013-12-09 20:46:06 ----D---- C:\windows\xnod
2013-12-09 20:45:41 ----D---- C:\windows\xsef
2013-12-09 20:45:36 ----D---- C:\windows\ykcc
2013-12-09 20:45:31 ----D---- C:\windows\ysiz
2013-12-09 20:45:21 ----D---- C:\windows\kniq
2013-12-09 20:45:00 ----D---- C:\windows\oxrd
2013-12-09 20:44:55 ----D---- C:\windows\azws
2013-12-09 20:44:35 ----D---- C:\windows\idil
2013-12-09 20:44:30 ----D---- C:\windows\ylyn
2013-12-09 20:44:19 ----D---- C:\windows\olol
2013-12-09 20:44:14 ----D---- C:\windows\jvov
2013-12-09 20:44:09 ----D---- C:\windows\pjoj
2013-12-09 20:43:38 ----D---- C:\windows\ihkh
2013-12-09 20:43:33 ----D---- C:\windows\nduj
2013-12-09 20:43:23 ----D---- C:\windows\glqp
2013-12-09 20:43:13 ----D---- C:\windows\uxed
2013-12-09 20:43:08 ----D---- C:\windows\elvv
2013-12-09 20:43:03 ----D---- C:\windows\amtt
2013-12-09 20:42:53 ----D---- C:\windows\alar
2013-12-09 20:42:37 ----D---- C:\windows\ukeb
2013-12-09 20:42:22 ----D---- C:\windows\oxuj
2013-12-09 20:42:12 ----D---- C:\windows\oveg
2013-12-09 20:41:41 ----D---- C:\windows\lcnw
2013-12-09 20:41:16 ----D---- C:\windows\rjuj
2013-12-09 20:41:05 ----D---- C:\windows\edoq
2013-12-09 20:40:55 ----D---- C:\windows\epjl
2013-12-09 20:40:35 ----D---- C:\windows\ecuz
2013-12-09 20:40:25 ----D---- C:\windows\sshh
2013-12-09 20:40:19 ----D---- C:\windows\hhiz
2013-12-09 20:40:04 ----D---- C:\windows\yxiq
2013-12-09 20:39:33 ----D---- C:\windows\ydkl
2013-12-09 20:39:28 ----D---- C:\windows\iqsd
2013-12-09 20:39:23 ----D---- C:\windows\xcow
2013-12-09 20:39:18 ----D---- C:\windows\inav
2013-12-09 20:38:37 ----D---- C:\windows\epql
2013-12-09 20:38:22 ----D---- C:\windows\djud
2013-12-09 20:37:57 ----D---- C:\windows\awts
2013-12-09 20:37:46 ----D---- C:\windows\zsyh
2013-12-09 20:37:41 ----D---- C:\windows\opql
2013-12-09 20:37:05 ----D---- C:\windows\hsyw
2013-12-09 20:36:45 ----D---- C:\windows\ehov
2013-12-09 20:36:35 ----D---- C:\windows\ufeb
2013-12-09 20:36:25 ----D---- C:\windows\ixyv
2013-12-09 20:36:20 ----D---- C:\windows\ivyn
2013-12-09 20:36:04 ----D---- C:\windows\amfk
2013-12-09 20:35:54 ----D---- C:\windows\dlop
2013-12-09 20:35:49 ----D---- C:\windows\acyk
2013-12-09 20:35:44 ----D---- C:\windows\vrex
2013-12-09 20:35:29 ----D---- C:\windows\exdx
2013-12-09 20:35:18 ----D---- C:\windows\efus
2013-12-09 20:35:08 ----D---- C:\windows\ydig
2013-12-09 20:34:58 ----D---- C:\windows\yvbx
2013-12-09 20:34:22 ----D---- C:\windows\amak
2013-12-09 20:34:17 ----D---- C:\windows\edxn
2013-12-09 20:34:07 ----D---- C:\windows\obgc
2013-12-09 20:33:52 ----D---- C:\windows\wtyf
2013-12-09 20:33:46 ----D---- C:\windows\edlx
2013-12-09 20:33:21 ----D---- C:\windows\vven
2013-12-09 20:33:16 ----D---- C:\windows\ttat
2013-12-09 20:33:06 ----D---- C:\windows\abib
2013-12-09 20:32:55 ----D---- C:\windows\arfl
2013-12-09 20:32:50 ----D---- C:\windows\gzot
2013-12-09 20:32:40 ----D---- C:\windows\iktk
2013-12-09 20:32:15 ----D---- C:\windows\cpar
2013-12-09 20:31:54 ----D---- C:\windows\utez
2013-12-09 20:31:49 ----D---- C:\windows\hril
2013-12-09 20:31:44 ----D---- C:\windows\ewok
2013-12-09 20:31:39 ----D---- C:\windows\oxex
2013-12-09 20:31:29 ----D---- C:\windows\uveq
2013-12-09 20:31:13 ----D---- C:\windows\epol
2013-12-09 20:31:08 ----D---- C:\windows\cfym
2013-12-09 20:30:38 ----D---- C:\windows\otuh
2013-12-09 20:30:17 ----D---- C:\windows\ikyf
2013-12-09 20:29:47 ----D---- C:\windows\upol
2013-12-09 20:29:21 ----D---- C:\windows\ypsr
2013-12-09 20:29:01 ----D---- C:\windows\ahtb
2013-12-09 20:28:30 ----D---- C:\windows\gcoh
2013-12-09 20:28:25 ----D---- C:\windows\mdyq
2013-12-09 20:28:20 ----D---- C:\windows\hvij
2013-12-09 20:27:59 ----D---- C:\windows\asib
2013-12-09 20:27:29 ----D---- C:\windows\ocow
2013-12-09 20:27:08 ----D---- C:\windows\yhcr
2013-12-09 20:26:58 ----D---- C:\windows\oxor
2013-12-09 20:26:53 ----D---- C:\windows\qrux
2013-12-09 20:26:43 ----D---- C:\windows\ihas
2013-12-09 20:26:38 ----D---- C:\windows\lqul
2013-12-09 20:26:33 ----D---- C:\windows\pbot
2013-12-09 20:26:22 ----D---- C:\windows\hsab
2013-12-09 20:25:37 ----D---- C:\windows\fwiw
2013-12-09 20:25:31 ----D---- C:\windows\uxgr
2013-12-09 20:25:26 ----D---- C:\windows\ifif
2013-12-09 20:24:56 ----D---- C:\windows\usek
2013-12-09 20:24:51 ----D---- C:\windows\apij
2013-12-09 20:24:40 ----D---- C:\windows\asyh
2013-12-09 20:24:35 ----D---- C:\windows\epeg
2013-12-09 20:24:20 ----D---- C:\windows\ezxk
2013-12-09 20:24:10 ----D---- C:\windows\udap
2013-12-09 20:23:54 ----D---- C:\windows\uvvl
2013-12-09 20:23:14 ----D---- C:\windows\onux
2013-12-09 20:22:58 ----D---- C:\windows\odej
2013-12-09 20:22:17 ----D---- C:\windows\gcob
2013-12-09 20:22:12 ----D---- C:\windows\ecdz
2013-12-09 20:21:57 ----D---- C:\windows\orod
2013-12-09 20:21:52 ----D---- C:\windows\ysyh
2013-12-09 20:21:42 ----D---- C:\windows\aqkn
2013-12-09 20:21:37 ----D---- C:\windows\mdaq
2013-12-09 20:21:31 ----D---- C:\windows\irsp
2013-12-09 20:20:56 ----D---- C:\windows\xjud
2013-12-09 20:20:35 ----D---- C:\windows\esdt
2013-12-09 20:20:15 ----D---- C:\windows\etdh
2013-12-09 20:20:10 ----D---- C:\windows\gqeq
2013-12-09 20:19:55 ----D---- C:\windows\ovoq
2013-12-09 20:19:19 ----D---- C:\windows\eqrj
2013-12-09 20:19:14 ----D---- C:\windows\dpug
2013-12-09 20:18:58 ----D---- C:\windows\pkoh
2013-12-09 20:18:53 ----D---- C:\windows\knaq
2013-12-09 20:18:48 ----D---- C:\windows\nsef
2013-12-09 20:18:38 ----D---- C:\windows\equq
2013-12-09 20:17:06 ----D---- C:\windows\otjz
2013-12-09 20:17:01 ----D---- C:\windows\fjyp
2013-12-09 20:16:10 ----D---- C:\windows\yzyh
2013-12-09 20:15:44 ----D---- C:\windows\ikit
2013-12-09 20:15:39 ----D---- C:\windows\ujur
2013-12-09 20:15:19 ----D---- C:\windows\ihyh
2013-12-09 20:15:09 ----D---- C:\windows\ipad
2013-12-09 20:14:43 ----D---- C:\windows\inyg
2013-12-09 20:14:08 ----D---- C:\windows\rnux
2013-12-09 20:13:57 ----D---- C:\windows\yryg
2013-12-09 20:13:47 ----D---- C:\windows\avyr
2013-12-09 20:13:37 ----D---- C:\windows\osrc
2013-12-09 20:13:01 ----D---- C:\windows\ycfc
2013-12-09 20:12:36 ----D---- C:\windows\aniw
2013-12-09 20:12:31 ----D---- C:\windows\usum
2013-12-09 20:11:55 ----D---- C:\windows\ihiw
2013-12-09 20:11:29 ----D---- C:\windows\ecow
2013-12-09 20:11:04 ----D---- C:\windows\gwec
2013-12-09 20:10:49 ----D---- C:\windows\oguq
2013-12-09 20:10:43 ----D---- C:\windows\xjdr
2013-12-09 20:10:33 ----D---- C:\windows\etow
2013-12-09 20:10:18 ----D---- C:\windows\hbiz
2013-12-09 20:10:13 ----D---- C:\windows\akaf
2013-12-09 20:10:03 ----D---- C:\windows\alin
2013-12-09 20:09:52 ----D---- C:\windows\bdil
2013-12-09 20:09:17 ----D---- C:\windows\jvug
2013-12-09 20:09:12 ----D---- C:\windows\imac
2013-12-09 20:09:06 ----D---- C:\windows\ixiq
2013-12-09 20:08:51 ----D---- C:\windows\uhls
2013-12-09 20:08:46 ----D---- C:\windows\ptoh
2013-12-09 20:08:21 ----D---- C:\windows\ejed
2013-12-09 20:08:15 ----D---- C:\windows\mbab
2013-12-09 20:08:05 ----D---- C:\windows\umob
2013-12-09 20:07:30 ----D---- C:\windows\lgeg
2013-12-09 20:07:24 ----D---- C:\windows\ycck
2013-12-09 20:07:14 ----D---- C:\windows\nkgw
2013-12-09 20:07:09 ----D---- C:\windows\ixyp
2013-12-09 20:06:49 ----D---- C:\windows\ucos
2013-12-09 20:06:44 ----D---- C:\windows\ycig
2013-12-09 20:06:18 ----D---- C:\windows\vkuh
2013-12-09 20:06:13 ----D---- C:\windows\efes
2013-12-09 20:06:08 ----D---- C:\windows\azok
2013-12-09 20:05:58 ----D---- C:\windows\icsk
2013-12-09 20:05:53 ----D---- C:\windows\exux
2013-12-09 20:05:47 ----D---- C:\windows\abys
2013-12-09 20:05:42 ----D---- C:\windows\lluq
2013-12-09 20:05:27 ----D---- C:\windows\yhys
2013-12-09 20:05:17 ----D---- C:\windows\uruj
2013-12-09 20:05:12 ----D---- C:\windows\yqij
2013-12-09 20:04:51 ----D---- C:\windows\dtob
2013-12-09 20:03:50 ----D---- C:\windows\ojrj
2013-12-09 20:03:40 ----D---- C:\windows\gvuq
2013-12-09 20:03:35 ----D---- C:\windows\ywiz
2013-12-09 20:03:25 ----D---- C:\windows\msyz
2013-12-09 20:03:19 ----D---- C:\windows\osem
2013-12-09 20:02:59 ----D---- C:\windows\uwvf
2013-12-09 20:02:44 ----D---- C:\windows\ubqm
2013-12-09 20:02:28 ----D---- C:\windows\avyx
2013-12-09 20:02:13 ----D---- C:\windows\evoq
2013-12-09 20:02:03 ----D---- C:\windows\ahiz
2013-12-09 20:01:53 ----D---- C:\windows\yvix
2013-12-09 20:01:37 ----D---- C:\windows\iqix
2013-12-09 20:00:57 ----D---- C:\windows\afyf
2013-12-09 20:00:46 ----D---- C:\windows\zhis
2013-12-09 20:00:31 ----D---- C:\windows\ufoz
2013-12-09 20:00:05 ----D---- C:\windows\etes
2013-12-09 20:00:00 ----D---- C:\windows\sxyq
2013-12-09 19:59:40 ----D---- C:\windows\anil
2013-12-09 19:59:35 ----D---- C:\windows\ilwd
2013-12-09 19:59:20 ----D---- C:\windows\slyj
2013-12-09 19:59:09 ----D---- C:\windows\uzof
2013-12-09 19:59:04 ----D---- C:\windows\dzuk
2013-12-09 19:58:59 ----D---- C:\windows\ypcr
2013-12-09 19:58:34 ----D---- C:\windows\jvol
2013-12-09 19:58:29 ----D---- C:\windows\yfyt
2013-12-09 19:58:08 ----D---- C:\windows\ihib
2013-12-09 19:57:48 ----D---- C:\windows\ugug
2013-12-09 19:57:27 ----D---- C:\windows\upeq
2013-12-09 19:57:07 ----D---- C:\windows\ifwk
2013-12-09 19:56:57 ----D---- C:\windows\asab
2013-12-09 19:56:52 ----D---- C:\windows\bthc
2013-12-09 19:56:31 ----D---- C:\windows\oxod
2013-12-09 19:56:26 ----D---- C:\windows\awwb
2013-12-09 19:56:21 ----D---- C:\windows\ellg
2013-12-09 19:55:35 ----D---- C:\windows\ocob
2013-12-09 19:55:09 ----D---- C:\windows\agaj
2013-12-09 19:54:54 ----D---- C:\windows\yvad
2013-12-09 19:54:44 ----D---- C:\windows\wryl
2013-12-09 19:53:43 ----D---- C:\windows\ykyt
2013-12-09 19:53:22 ----D---- C:\windows\elol
2013-12-09 19:53:07 ----D---- C:\windows\kpix
2013-12-09 19:53:02 ----D---- C:\windows\owet
2013-12-09 19:52:57 ----D---- C:\windows\efuh
2013-12-09 19:52:11 ----D---- C:\windows\obqm
2013-12-09 19:51:35 ----D---- C:\windows\wwis
2013-12-09 19:51:30 ----D---- C:\windows\ycym
2013-12-09 19:51:25 ----D---- C:\windows\ejex
2013-12-09 19:51:10 ----D---- C:\windows\uxer
2013-12-09 19:51:05 ----D---- C:\windows\khiz
2013-12-09 19:50:49 ----D---- C:\windows\ojux
2013-12-09 19:50:44 ----D---- C:\windows\ywaw
2013-12-09 19:50:34 ----D---- C:\windows\ifft
2013-12-09 19:49:58 ----D---- C:\windows\evdl
2013-12-09 19:49:48 ----D---- C:\windows\yscw
2013-12-09 19:49:43 ----D---- C:\windows\uljv
2013-12-09 19:49:28 ----D---- C:\windows\awah
2013-12-09 19:49:23 ----D---- C:\windows\awys
2013-12-09 19:49:17 ----D---- C:\windows\opeg
2013-12-09 19:49:12 ----D---- C:\windows\zkyf
2013-12-09 19:49:07 ----D---- C:\windows\oron
2013-12-09 19:49:02 ----D---- C:\windows\bjtl
2013-12-09 19:48:52 ----D---- C:\windows\ylan
2013-12-09 19:48:31 ----D---- C:\windows\odod
2013-12-09 19:48:11 ----D---- C:\windows\idag
2013-12-09 19:47:51 ----D---- C:\windows\llel
2013-12-09 19:47:00 ----D---- C:\windows\klij
2013-12-09 19:46:44 ----D---- C:\windows\ucgb
2013-12-09 19:46:39 ----D---- C:\windows\ecoz
2013-12-09 19:46:29 ----D---- C:\windows\urun
2013-12-09 19:46:19 ----D---- C:\windows\ojod
2013-12-09 19:46:09 ----D---- C:\windows\igyr
2013-12-09 19:45:53 ----D---- C:\windows\jnor
2013-12-09 19:45:43 ----D---- C:\windows\epup
2013-12-09 19:45:33 ----D---- C:\windows\ipax
2013-12-09 19:45:28 ----D---- C:\windows\pmeh
2013-12-09 19:45:12 ----D---- C:\windows\axil
2013-12-09 19:44:57 ----D---- C:\windows\hhyh
2013-12-09 19:44:42 ----D---- C:\windows\ukgw
2013-12-09 19:44:37 ----D---- C:\windows\yjfq
2013-12-09 19:44:21 ----D---- C:\windows\bdag
2013-12-09 19:44:16 ----D---- C:\windows\mbem
2013-12-09 19:44:06 ----D---- C:\windows\jjon
2013-12-09 19:44:01 ----D---- C:\windows\wwah
2013-12-09 19:43:56 ----D---- C:\windows\nzok
2013-12-09 19:43:25 ----D---- C:\windows\agsr
2013-12-09 19:43:15 ----D---- C:\windows\gsoc
2013-12-09 19:43:05 ----D---- C:\windows\uqqv
2013-12-09 19:43:00 ----D---- C:\windows\attm
2013-12-09 19:42:49 ----D---- C:\windows\ahhs
2013-12-09 19:42:39 ----D---- C:\windows\uxex
2013-12-09 19:42:29 ----D---- C:\windows\yjyq
2013-12-09 19:42:14 ----D---- C:\windows\ibhb
2013-12-09 19:42:09 ----D---- C:\windows\abmb
2013-12-09 19:41:53 ----D---- C:\windows\obok
2013-12-09 19:41:48 ----D---- C:\windows\uleg
2013-12-09 19:41:43 ----D---- C:\windows\ugep
2013-12-09 19:41:38 ----D---- C:\windows\iczf
2013-12-09 19:41:33 ----D---- C:\windows\iwyz
2013-12-09 19:41:18 ----D---- C:\windows\dprv
2013-12-09 19:41:07 ----D---- C:\windows\ivyr
2013-12-09 19:40:47 ----D---- C:\windows\ywyh
2013-12-09 19:40:42 ----D---- C:\windows\olqp
2013-12-09 19:40:37 ----D---- C:\windows\rdux
2013-12-09 19:40:32 ----D---- C:\windows\ivyd
2013-12-09 19:40:21 ----D---- C:\windows\otuz
2013-12-09 19:40:06 ----D---- C:\windows\oqeq
2013-12-09 19:40:01 ----D---- C:\windows\nded
2013-12-09 19:39:56 ----D---- C:\windows\isbs
2013-12-09 19:39:51 ----D---- C:\windows\plog
2013-12-09 19:39:41 ----D---- C:\windows\adsq
2013-12-09 19:39:30 ----D---- C:\windows\ygyr
2013-12-09 19:39:15 ----D---- C:\windows\uqup
2013-12-09 19:39:00 ----D---- C:\windows\smac
2013-12-09 19:38:44 ----D---- C:\windows\ynyk
2013-12-09 19:38:39 ----D---- C:\windows\dblt
2013-12-09 19:38:34 ----D---- C:\windows\ecew
2013-12-09 19:38:19 ----D---- C:\windows\mzah
2013-12-09 19:38:04 ----D---- C:\windows\yxip
2013-12-09 19:37:28 ----D---- C:\windows\qpgl
2013-12-09 19:37:13 ----D---- C:\windows\eluq
2013-12-09 19:37:07 ----D---- C:\windows\fcic
2013-12-09 19:36:57 ----D---- C:\windows\ysis
2013-12-09 19:36:52 ----D---- C:\windows\uqol
2013-12-09 19:36:42 ----D---- C:\windows\zhiw
2013-12-09 19:36:37 ----D---- C:\windows\ynwq
2013-12-09 19:36:32 ----D---- C:\windows\ohef
2013-12-09 19:36:22 ----D---- C:\windows\ugeg
2013-12-09 19:36:11 ----D---- C:\windows\xlol
2013-12-09 19:36:01 ----D---- C:\windows\awkb
2013-12-09 19:35:56 ----D---- C:\windows\ogog
2013-12-09 19:35:51 ----D---- C:\windows\hcic
2013-12-09 19:35:46 ----D---- C:\windows\eqod
2013-12-09 19:35:31 ----D---- C:\windows\gpeq
2013-12-09 19:35:25 ----D---- C:\windows\fsis
2013-12-09 19:35:20 ----D---- C:\windows\dpeq
2013-12-09 19:35:05 ----D---- C:\windows\nzef
2013-12-09 19:35:00 ----D---- C:\windows\ywih
2013-12-09 19:34:45 ----D---- C:\windows\ythc
2013-12-09 19:34:29 ----D---- C:\windows\ozlk
2013-12-09 19:33:59 ----D---- C:\windows\ojor
2013-12-09 19:33:33 ----D---- C:\windows\lgup
2013-12-09 19:33:23 ----D---- C:\windows\uhet
2013-12-09 19:33:03 ----D---- C:\windows\okow
2013-12-09 19:32:58 ----D---- C:\windows\gwuk
2013-12-09 19:32:27 ----D---- C:\windows\hdig
2013-12-09 19:32:17 ----D---- C:\windows\enud
2013-12-09 19:32:12 ----D---- C:\windows\wkym
2013-12-09 19:32:01 ----D---- C:\windows\uned
2013-12-09 19:31:56 ----D---- C:\windows\agiz
2013-12-09 19:31:46 ----D---- C:\windows\arip
2013-12-09 19:31:36 ----D---- C:\windows\uwqc
2013-12-09 19:31:31 ----D---- C:\windows\hpir
2013-12-09 19:31:15 ----D---- C:\windows\ygar
2013-12-09 19:30:50 ----D---- C:\windows\aziw
2013-12-09 19:30:45 ----D---- C:\windows\aqyj
2013-12-09 19:30:14 ----D---- C:\windows\ulov
2013-12-09 19:29:54 ----D---- C:\windows\ovuq
2013-12-09 19:29:39 ----D---- C:\windows\yrkv
2013-12-09 19:29:33 ----D---- C:\windows\qbuc
2013-12-09 19:29:13 ----D---- C:\windows\yxal
2013-12-09 19:29:08 ----D---- C:\windows\aniv
2013-12-09 19:28:58 ----D---- C:\windows\mkyc
2013-12-09 19:28:53 ----D---- C:\windows\ukdb
2013-12-09 19:28:48 ----D---- C:\windows\mjal
2013-12-09 19:28:42 ----D---- C:\windows\osok
2013-12-09 19:28:37 ----D---- C:\windows\ddod
2013-12-09 19:28:22 ----D---- C:\windows\edjj
2013-12-09 19:28:17 ----D---- C:\windows\iwhz
2013-12-09 19:28:07 ----D---- C:\windows\ebet
2013-12-09 19:27:57 ----D---- C:\windows\ekew
2013-12-09 19:27:41 ----D---- C:\windows\ezem
2013-12-09 19:27:31 ----D---- C:\windows\okob
2013-12-09 19:27:21 ----D---- C:\windows\ibmb
2013-12-09 19:27:16 ----D---- C:\windows\upep
2013-12-09 19:27:11 ----D---- C:\windows\iwtw
2013-12-09 19:27:05 ----D---- C:\windows\rqup
2013-12-09 19:27:00 ----D---- C:\windows\ehom
2013-12-09 19:26:45 ----D---- C:\windows\tnig
2013-12-09 19:26:35 ----D---- C:\windows\okjs
2013-12-09 19:26:25 ----D---- C:\windows\ehrk
2013-12-09 19:26:20 ----D---- C:\windows\kqyd
2013-12-09 19:26:09 ----D---- C:\windows\kbyb
2013-12-09 19:25:29 ----D---- C:\windows\yfim
2013-12-09 19:25:18 ----D---- C:\windows\imyf
2013-12-09 19:25:13 ----D---- C:\windows\jrox
2013-12-09 19:25:03 ----D---- C:\windows\ynaq
2013-12-09 19:24:48 ----D---- C:\windows\khfs
2013-12-09 19:24:32 ----D---- C:\windows\ysak
2013-12-09 19:24:27 ----D---- C:\windows\fcac
2013-12-09 19:24:17 ----D---- C:\windows\zwaw
2013-12-09 19:24:12 ----D---- C:\windows\yjzl
2013-12-09 19:24:07 ----D---- C:\windows\anaq
2013-12-09 19:23:57 ----D---- C:\windows\isiz
2013-12-09 19:23:41 ----D---- C:\windows\asyw
2013-12-09 19:23:21 ----D---- C:\windows\ocrs
2013-12-09 19:23:06 ----D---- C:\windows\wkak
2013-12-09 19:23:00 ----D---- C:\windows\lrej
2013-12-09 19:22:35 ----D---- C:\windows\efuf
2013-12-09 19:22:15 ----D---- C:\windows\assw
2013-12-09 19:22:04 ----D---- C:\windows\ofuz
2013-12-09 19:21:24 ----D---- C:\windows\lwot
2013-12-09 19:21:18 ----D---- C:\windows\ygir
2013-12-09 19:21:03 ----D---- C:\windows\ugpv
2013-12-09 19:20:58 ----D---- C:\windows\akfm
2013-12-09 19:20:43 ----D---- C:\windows\yhaw
2013-12-09 19:20:22 ----D---- C:\windows\icam
2013-12-09 19:20:17 ----D---- C:\windows\ibaw
2013-12-09 19:20:07 ----D---- C:\windows\qwuk
2013-12-09 19:20:02 ----D---- C:\windows\ugog
2013-12-09 19:19:47 ----D---- C:\windows\jpeg
2013-12-09 19:19:36 ----D---- C:\windows\abah
2013-12-09 19:19:26 ----D---- C:\windows\ybab
2013-12-09 19:18:51 ----D---- C:\windows\qmos
2013-12-09 19:18:45 ----D---- C:\windows\inwq
2013-12-09 19:18:40 ----D---- C:\windows\xzem
2013-12-09 19:18:05 ----D---- C:\windows\lbec
2013-12-09 19:17:59 ----D---- C:\windows\qmus
2013-12-09 19:17:44 ----D---- C:\windows\iwyh
2013-12-09 19:17:39 ----D---- C:\windows\uqnl
2013-12-09 19:17:34 ----D---- C:\windows\bkyt
2013-12-09 19:17:14 ----D---- C:\windows\osec
2013-12-09 19:16:53 ----D---- C:\windows\ufuh
2013-12-09 19:16:48 ----D---- C:\windows\ixiv
2013-12-09 19:16:43 ----D---- C:\windows\epel
2013-12-09 19:16:28 ----D---- C:\windows\etqz
2013-12-09 19:16:22 ----D---- C:\windows\ydav
2013-12-09 19:16:17 ----D---- C:\windows\uhem
2013-12-09 19:16:12 ----D---- C:\windows\iraq
2013-12-09 19:16:07 ----D---- C:\windows\ocdz
2013-12-09 19:15:21 ----D---- C:\windows\avmr
2013-12-09 19:15:11 ----D---- C:\windows\acaf
2013-12-09 19:15:06 ----D---- C:\windows\uvug
2013-12-09 19:15:01 ----D---- C:\windows\upoq
2013-12-09 19:14:35 ----D---- C:\windows\rhof
2013-12-09 19:14:30 ----D---- C:\windows\iqkn
2013-12-09 19:14:25 ----D---- C:\windows\ehot
2013-12-09 19:14:20 ----D---- C:\windows\rmuz
2013-12-09 19:14:10 ----D---- C:\windows\urum
2013-12-09 19:13:54 ----D---- C:\windows\onej
2013-12-09 19:13:44 ----D---- C:\windows\ogoq
2013-12-09 19:13:34 ----D---- C:\windows\axyq
2013-12-09 19:13:24 ----D---- C:\windows\iteh
2013-12-09 19:13:14 ----D---- C:\windows\ibih
2013-12-09 19:13:08 ----D---- C:\windows\jvrg
2013-12-09 19:12:58 ----D---- C:\windows\ilkd
2013-12-09 19:12:38 ----D---- C:\windows\amyf
2013-12-09 19:12:28 ----D---- C:\windows\ubem
2013-12-09 19:12:17 ----D---- C:\windows\qkrz
2013-12-09 19:12:07 ----D---- C:\windows\ynag
2013-12-09 19:11:42 ----D---- C:\windows\yfsm
2013-12-09 19:11:26 ----D---- C:\windows\lluv
2013-12-09 19:11:16 ----D---- C:\windows\whis
2013-12-09 19:10:41 ----D---- C:\windows\elev
2013-12-09 19:10:20 ----D---- C:\windows\jfuw
2013-12-09 19:10:00 ----D---- C:\windows\ecuh
2013-12-09 19:09:44 ----D---- C:\windows\qgel
2013-12-09 19:09:24 ----D---- C:\windows\kxiq
2013-12-09 19:09:19 ----D---- C:\windows\oroj
2013-12-09 19:09:09 ----D---- C:\windows\ybys
2013-12-09 19:09:04 ----D---- C:\windows\ypij
2013-12-09 19:08:23 ----D---- C:\windows\wvyd
2013-12-09 19:08:13 ----D---- C:\windows\uspm
2013-12-09 19:08:02 ----D---- C:\windows\ityf
2013-12-09 19:07:57 ----D---- C:\windows\gjux
2013-12-09 19:07:42 ----D---- C:\windows\aqax
2013-12-09 19:07:37 ----D---- C:\windows\axzg
2013-12-09 19:07:16 ----D---- C:\windows\iqax
2013-12-09 19:06:56 ----D---- C:\windows\okoh
2013-12-09 19:06:51 ----D---- C:\windows\inyl
2013-12-09 19:06:46 ----D---- C:\windows\oqof
2013-12-09 19:06:36 ----D---- C:\windows\ujod
2013-12-09 19:06:30 ----D---- C:\windows\hbaz
2013-12-09 19:06:00 ----D---- C:\windows\ypkx
2013-12-09 19:05:55 ----D---- C:\windows\abaw
2013-12-09 19:05:44 ----D---- C:\windows\adyl
2013-12-09 19:05:34 ----D---- C:\windows\gvul
2013-12-09 19:05:14 ----D---- C:\windows\yxiv
2013-12-09 19:05:09 ----D---- C:\windows\ezom
2013-12-09 19:04:53 ----D---- C:\windows\uvdl
2013-12-09 19:04:33 ----D---- C:\windows\otob
2013-12-09 19:04:23 ----D---- C:\windows\qsxm
2013-12-09 19:04:13 ----D---- C:\windows\azsz
2013-12-09 19:04:08 ----D---- C:\windows\lqev
2013-12-09 19:03:57 ----D---- C:\windows\jjux
2013-12-09 19:03:52 ----D---- C:\windows\eleq
2013-12-09 19:03:47 ----D---- C:\windows\itik
2013-12-09 19:03:42 ----D---- C:\windows\exrd
2013-12-09 19:03:32 ----D---- C:\windows\rfeb
2013-12-09 19:03:22 ----D---- C:\windows\ssys
2013-12-09 19:03:16 ----D---- C:\windows\opog
2013-12-09 19:03:06 ----D---- C:\windows\ewec
2013-12-09 19:02:31 ----D---- C:\windows\ifsm
2013-12-09 19:02:25 ----D---- C:\windows\yhis
2013-12-09 19:02:20 ----D---- C:\windows\ovxg
2013-12-09 19:02:10 ----D---- C:\windows\dteb
2013-12-09 19:02:05 ----D---- C:\windows\irtq
2013-12-09 19:02:00 ----D---- C:\windows\nkos
2013-12-09 19:01:50 ----D---- C:\windows\iqzr
2013-12-09 19:01:34 ----D---- C:\windows\ilax
2013-12-09 19:00:33 ----D---- C:\windows\yqid
2013-12-09 19:00:23 ----D---- C:\windows\fgaj
2013-12-09 18:59:37 ----D---- C:\windows\ewrm
2013-12-09 18:59:27 ----D---- C:\windows\qgeg
2013-12-09 18:59:17 ----D---- C:\windows\onjn
2013-12-09 18:58:46 ----D---- C:\windows\amyt
2013-12-09 18:58:31 ----D---- C:\windows\jwok
2013-12-09 18:58:26 ----D---- C:\windows\aqhx
2013-12-09 18:58:21 ----D---- C:\windows\omgz
2013-12-09 18:58:16 ----D---- C:\windows\ubdk
2013-12-09 18:58:00 ----D---- C:\windows\ppog
2013-12-09 18:57:55 ----D---- C:\windows\ymyt
2013-12-09 18:57:50 ----D---- C:\windows\ecez
2013-12-09 18:57:40 ----D---- C:\windows\ixkp
2013-12-09 18:57:30 ----D---- C:\windows\ukpz
2013-12-09 18:57:24 ----D---- C:\windows\ijyv
2013-12-09 18:57:14 ----D---- C:\windows\ekpz
2013-12-09 18:56:54 ----D---- C:\windows\ihfw
2013-12-09 18:56:39 ----D---- C:\windows\kvij
2013-12-09 18:56:23 ----D---- C:\windows\agan
2013-12-09 18:56:18 ----D---- C:\windows\ufob
2013-12-09 18:55:58 ----D---- C:\windows\ipaj
2013-12-09 18:55:53 ----D---- C:\windows\owjc
2013-12-09 18:55:47 ----D---- C:\windows\ecph
2013-12-09 18:55:37 ----D---- C:\windows\eqov
2013-12-09 18:55:32 ----D---- C:\windows\tkyk
2013-12-09 18:55:27 ----D---- C:\windows\udoj
2013-12-09 18:55:17 ----D---- C:\windows\yfik
2013-12-09 18:55:12 ----D---- C:\windows\oqul
2013-12-09 18:55:02 ----D---- C:\windows\ejgr
2013-12-09 18:54:51 ----D---- C:\windows\idsq
2013-12-09 18:54:31 ----D---- C:\windows\jmos
2013-12-09 18:54:16 ----D---- C:\windows\ipyj
2013-12-09 18:54:11 ----D---- C:\windows\yrag
2013-12-09 18:54:05 ----D---- C:\windows\psjk
2013-12-09 18:54:00 ----D---- C:\windows\afak
2013-12-09 18:53:55 ----D---- C:\windows\upug
2013-12-09 18:53:45 ----D---- C:\windows\isaw
2013-12-09 18:53:35 ----D---- C:\windows\afik
2013-12-09 18:53:14 ----D---- C:\windows\orpr
2013-12-09 18:52:44 ----D---- C:\windows\yqyf
2013-12-09 18:52:39 ----D---- C:\windows\otub
2013-12-09 18:52:34 ----D---- C:\windows\osvt
2013-12-09 18:52:28 ----D---- C:\windows\slad
2013-12-09 18:52:23 ----D---- C:\windows\epop
2013-12-09 18:52:18 ----D---- C:\windows\ifat
2013-12-09 18:52:08 ----D---- C:\windows\emnz
2013-12-09 18:51:58 ----D---- C:\windows\yrwv
2013-12-09 18:51:53 ----D---- C:\windows\kral
2013-12-09 18:51:43 ----D---- C:\windows\qzem
2013-12-09 18:51:37 ----D---- C:\windows\esek
2013-12-09 18:51:27 ----D---- C:\windows\asah
2013-12-09 18:51:17 ----D---- C:\windows\ickt
2013-12-09 18:50:46 ----D---- C:\windows\jcph
2013-12-09 18:50:26 ----D---- C:\windows\upoj
2013-12-09 18:50:11 ----D---- C:\windows\hzaw
2013-12-09 18:49:50 ----D---- C:\windows\jqov
2013-12-09 18:49:04 ----D---- C:\windows\ufpb
2013-12-09 18:48:59 ----D---- C:\windows\tfkc
2013-12-09 18:48:44 ----D---- C:\windows\utej
2013-12-09 18:48:34 ----D---- C:\windows\yqix
2013-12-09 18:48:24 ----D---- C:\windows\ifam
2013-12-09 18:48:18 ----D---- C:\windows\drux
2013-12-09 18:48:08 ----D---- C:\windows\lxun
2013-12-09 18:47:48 ----D---- C:\windows\afim
2013-12-09 18:47:32 ----D---- C:\windows\akat
2013-12-09 18:47:17 ----D---- C:\windows\elpl
2013-12-09 18:46:57 ----D---- C:\windows\cmtf
2013-12-09 18:46:41 ----D---- C:\windows\cbah
2013-12-09 18:46:36 ----D---- C:\windows\owdf
2013-12-09 18:46:31 ----D---- C:\windows\igyx
2013-12-09 18:46:21 ----D---- C:\windows\uzuc
2013-12-09 18:46:16 ----D---- C:\windows\mvyj
2013-12-09 18:45:30 ----D---- C:\windows\ykwf
2013-12-09 18:45:25 ----D---- C:\windows\asas
2013-12-09 18:45:15 ----D---- C:\windows\itit
2013-12-09 18:45:10 ----D---- C:\windows\afsm
2013-12-09 18:45:04 ----D---- C:\windows\onvj
2013-12-09 18:44:59 ----D---- C:\windows\ugdq
2013-12-09 18:44:54 ----D---- C:\windows\adav
2013-12-09 18:44:49 ----D---- C:\windows\hlir
2013-12-09 18:44:39 ----D---- C:\windows\otos
2013-12-09 18:44:29 ----D---- C:\windows\ikif
2013-12-09 18:44:08 ----D---- C:\windows\ymhc
2013-12-09 18:44:03 ----D---- C:\windows\umej
2013-12-09 18:43:58 ----D---- C:\windows\ynap
2013-12-09 18:43:22 ----D---- C:\windows\lren
2013-12-09 18:43:12 ----D---- C:\windows\evev
2013-12-09 18:43:07 ----D---- C:\windows\oded
2013-12-09 18:43:02 ----D---- C:\windows\chas
2013-12-09 18:42:57 ----D---- C:\windows\evug
2013-12-09 18:42:36 ----D---- C:\windows\amit
2013-12-09 18:42:26 ----D---- C:\windows\ywyb
2013-12-09 18:42:21 ----D---- C:\windows\atat
2013-12-09 18:42:16 ----D---- C:\windows\qrud
2013-12-09 18:41:56 ----D---- C:\windows\awzs
2013-12-09 18:41:51 ----D---- C:\windows\egql
2013-12-09 18:41:35 ----D---- C:\windows\axwp
2013-12-09 18:41:15 ----D---- C:\windows\ebok
2013-12-09 18:41:10 ----D---- C:\windows\omuz
2013-12-09 18:41:05 ----D---- C:\windows\avax
2013-12-09 18:41:00 ----D---- C:\windows\ukuh
2013-12-09 18:40:44 ----D---- C:\windows\ivin
2013-12-09 18:40:39 ----D---- C:\windows\lkeb
2013-12-09 18:40:19 ----D---- C:\windows\xset
2013-12-09 18:40:14 ----D---- C:\windows\utus
2013-12-09 18:40:09 ----D---- C:\windows\adag
2013-12-09 18:39:58 ----D---- C:\windows\uror
2013-12-09 18:39:53 ----D---- C:\windows\ulol
2013-12-09 18:39:43 ----D---- C:\windows\pzoc
2013-12-09 18:39:33 ----D---- C:\windows\yxfv
2013-12-09 18:39:02 ----D---- C:\windows\ekuw
2013-12-09 18:38:21 ----D---- C:\windows\afyk
2013-12-09 18:38:06 ----D---- C:\windows\amic
2013-12-09 18:38:01 ----D---- C:\windows\arox
2013-12-09 18:37:46 ----D---- C:\windows\oxoj
2013-12-09 18:37:35 ----D---- C:\windows\imyc
2013-12-09 18:37:30 ----D---- C:\windows\enox
2013-12-09 18:37:20 ----D---- C:\windows\uzef
2013-12-09 18:37:05 ----D---- C:\windows\oset
2013-12-09 18:36:29 ----D---- C:\windows\atkc
2013-12-09 18:36:14 ----D---- C:\windows\epeq
2013-12-09 18:36:09 ----D---- C:\windows\afft
2013-12-09 18:35:59 ----D---- C:\windows\pdgj
2013-12-09 18:35:53 ----D---- C:\windows\tsfh
2013-12-09 18:35:48 ----D---- C:\windows\uner
2013-12-09 18:35:33 ----D---- C:\windows\rzot
2013-12-09 18:35:28 ----D---- C:\windows\omxs
2013-12-09 18:35:13 ----D---- C:\windows\ypyx
2013-12-09 18:35:07 ----D---- C:\windows\mhyb
2013-12-09 18:34:47 ----D---- C:\windows\ocub
2013-12-09 18:34:32 ----D---- C:\windows\ugup
2013-12-09 18:34:22 ----D---- C:\windows\omus
2013-12-09 18:34:16 ----D---- C:\windows\ynip
2013-12-09 18:34:06 ----D---- C:\windows\ehuf
2013-12-09 18:33:56 ----D---- C:\windows\ekeh
2013-12-09 18:33:41 ----D---- C:\windows\ylyj
2013-12-09 18:33:36 ----D---- C:\windows\emez
2013-12-09 18:32:50 ----D---- C:\windows\evvl
2013-12-09 18:32:34 ----D---- C:\windows\uhec
2013-12-09 18:32:29 ----D---- C:\windows\mryp
2013-12-09 18:32:24 ----D---- C:\windows\usok
2013-12-09 18:32:14 ----D---- C:\windows\izah
2013-12-09 18:31:54 ----D---- C:\windows\ydip
2013-12-09 18:31:49 ----D---- C:\windows\ehuk
2013-12-09 18:31:43 ----D---- C:\windows\pguv
2013-12-09 18:31:38 ----D---- C:\windows\ytak
2013-12-09 18:31:18 ----D---- C:\windows\ynal
2013-12-09 18:30:57 ----D---- C:\windows\ezec
2013-12-09 18:30:52 ----D---- C:\windows\ypyd
2013-12-09 18:30:47 ----D---- C:\windows\axav
2013-12-09 18:30:42 ----D---- C:\windows\okos
2013-12-09 18:30:32 ----D---- C:\windows\yqmx
2013-12-09 18:30:01 ----D---- C:\windows\lsok
2013-12-09 18:29:56 ----D---- C:\windows\alan
2013-12-09 18:29:46 ----D---- C:\windows\apyx
2013-12-09 18:29:41 ----D---- C:\windows\ictf
2013-12-09 18:29:36 ----D---- C:\windows\nrex
2013-12-09 18:29:15 ----D---- C:\windows\ikak
2013-12-09 18:29:00 ----D---- C:\windows\ipid
2013-12-09 18:28:55 ----D---- C:\windows\umes
2013-12-09 18:28:45 ----D---- C:\windows\ibab
2013-12-09 18:28:40 ----D---- C:\windows\iriv
2013-12-09 18:28:35 ----D---- C:\windows\ozut
2013-12-09 18:28:30 ----D---- C:\windows\iqhn
2013-12-09 18:28:24 ----D---- C:\windows\rfus
2013-12-09 18:28:14 ----D---- C:\windows\afzc
2013-12-09 18:27:33 ----D---- C:\windows\ihis
2013-12-09 18:27:23 ----D---- C:\windows\ulug
2013-12-09 18:27:13 ----D---- C:\windows\ljod
2013-12-09 18:27:08 ----D---- C:\windows\ckyf
2013-12-09 18:27:03 ----D---- C:\windows\nxoj
2013-12-09 18:26:58 ----D---- C:\windows\wbyz
2013-12-09 18:26:53 ----D---- C:\windows\ttit
2013-12-09 18:26:47 ----D---- C:\windows\oxux
2013-12-09 18:26:42 ----D---- C:\windows\iziz
2013-12-09 18:26:17 ----D---- C:\windows\stat
2013-12-09 18:26:12 ----D---- C:\windows\ejej
2013-12-09 18:26:02 ----D---- C:\windows\dtos
2013-12-09 18:25:51 ----D---- C:\windows\uhef
2013-12-09 18:25:46 ----D---- C:\windows\gqwn
2013-12-09 18:25:41 ----D---- C:\windows\acim
2013-12-09 18:25:36 ----D---- C:\windows\ybyz
2013-12-09 18:25:26 ----D---- C:\windows\atac
2013-12-09 18:25:21 ----D---- C:\windows\yvaj
2013-12-09 18:25:05 ----D---- C:\windows\hpax
2013-12-09 18:25:00 ----D---- C:\windows\etus
2013-12-09 18:24:40 ----D---- C:\windows\emus
2013-12-09 18:24:35 ----D---- C:\windows\ytkc
2013-12-09 18:24:20 ----D---- C:\windows\opop
2013-12-09 18:24:14 ----D---- C:\windows\odoj
2013-12-09 18:24:04 ----D---- C:\windows\emoz
2013-12-09 18:23:59 ----D---- C:\windows\tqyx
2013-12-09 18:23:39 ----D---- C:\windows\ozlf
2013-12-09 18:23:28 ----D---- C:\windows\yphj
2013-12-09 18:23:23 ----D---- C:\windows\jkew
2013-12-09 18:23:13 ----D---- C:\windows\lgop
2013-12-09 18:22:58 ----D---- C:\windows\uxld
2013-12-09 18:22:32 ----D---- C:\windows\ddox
2013-12-09 18:22:27 ----D---- C:\windows\hhyb
2013-12-09 18:22:22 ----D---- C:\windows\yrzq
2013-12-09 18:22:17 ----D---- C:\windows\wgyr
2013-12-09 18:22:12 ----D---- C:\windows\okuh
2013-12-09 18:22:02 ----D---- C:\windows\ebec
2013-12-09 18:21:57 ----D---- C:\windows\oklh
2013-12-09 18:21:31 ----D---- C:\windows\ijag
2013-12-09 18:21:21 ----D---- C:\windows\ucuh
2013-12-09 18:21:11 ----D---- C:\windows\olev
2013-12-09 18:20:55 ----D---- C:\windows\uqop
2013-12-09 18:20:45 ----D---- C:\windows\agyj
2013-12-09 18:20:40 ----D---- C:\windows\inip
2013-12-09 18:20:35 ----D---- C:\windows\amkm
2013-12-09 18:20:20 ----D---- C:\windows\ikyk
2013-12-09 18:20:09 ----D---- C:\windows\ekoh
2013-12-09 18:19:54 ----D---- C:\windows\gmuh
2013-12-09 18:19:39 ----D---- C:\windows\ejuj
2013-12-09 18:19:34 ----D---- C:\windows\ahaz
2013-12-09 18:19:13 ----D---- C:\windows\gdgd
2013-12-09 18:19:03 ----D---- C:\windows\ycak
2013-12-09 18:18:53 ----D---- C:\windows\yhms
2013-12-09 18:18:29 ----D---- C:\windows\ubeg
2013-12-09 18:18:20 ----D---- C:\windows\eteb
2013-12-09 18:18:10 ----D---- C:\windows\omob
2013-12-09 18:18:02 ----D---- C:\windows\ydfp
2013-12-09 18:17:48 ----D---- C:\windows\abab
2013-12-09 18:17:29 ----D---- C:\windows\ehoc
2013-12-09 18:17:19 ----D---- C:\windows\jqog
2013-12-09 18:16:56 ----D---- C:\windows\fmaf
2013-12-09 18:16:35 ----D---- C:\windows\yhwh
2013-12-09 18:16:25 ----D---- C:\windows\wnyq
2013-12-09 18:16:04 ----D---- C:\windows\yvyx
2013-12-09 18:15:59 ----D---- C:\windows\ezus
2013-12-09 18:15:54 ----D---- C:\windows\ilsx
2013-12-09 18:15:49 ----D---- C:\windows\tlin
2013-12-09 18:15:44 ----D---- C:\windows\okeb
2013-12-09 18:15:39 ----D---- C:\windows\ammc
2013-12-09 18:15:34 ----D---- C:\windows\udur
2013-12-09 18:15:28 ----D---- C:\windows\uzet
2013-12-09 18:15:18 ----D---- C:\windows\idyv
2013-12-09 18:14:48 ----D---- C:\windows\uhoc
2013-12-09 18:14:37 ----D---- C:\windows\agij
2013-12-09 18:14:27 ----D---- C:\windows\svar
2013-12-09 18:14:17 ----D---- C:\windows\aqan
2013-12-09 18:14:12 ----D---- C:\windows\ucuz
2013-12-09 18:14:07 ----D---- C:\windows\pwuc
2013-12-09 18:13:46 ----D---- C:\windows\xnrd
2013-12-09 18:13:36 ----D---- C:\windows\idyq
2013-12-09 18:13:26 ----D---- C:\windows\ocus
2013-12-09 18:13:21 ----D---- C:\windows\owuk
2013-12-09 18:13:10 ----D---- C:\windows\ysiw
2013-12-09 18:13:05 ----D---- C:\windows\ytat
2013-12-09 18:13:00 ----D---- C:\windows\oder
2013-12-09 18:12:55 ----D---- C:\windows\rhok
2013-12-09 18:12:50 ----D---- C:\windows\apid
2013-12-09 18:12:40 ----D---- C:\windows\rrdd
2013-12-09 18:12:30 ----D---- C:\windows\isyw
2013-12-09 18:12:04 ----D---- C:\windows\utos
2013-12-09 18:11:49 ----D---- C:\windows\efos
2013-12-09 18:11:23 ----D---- C:\windows\zkac
2013-12-09 18:11:07 ----D---- C:\windows\rsoc
2013-12-09 18:11:02 ----D---- C:\windows\ajaq
2013-12-09 18:10:57 ----D---- C:\windows\umuh
2013-12-09 18:10:47 ----D---- C:\windows\odnd
2013-12-09 18:10:31 ----D---- C:\windows\ajav
2013-12-09 18:10:20 ----D---- C:\windows\umym
2013-12-09 18:10:10 ----D---- C:\windows\ekez
2013-12-09 18:10:00 ----D---- C:\windows\kxyq
2013-12-09 18:09:49 ----D---- C:\windows\ilin
2013-12-09 18:09:34 ----D---- C:\windows\ydil
2013-12-09 18:09:24 ----D---- C:\windows\ovog
2013-12-09 18:09:14 ----D---- C:\windows\icik
2013-12-09 18:09:08 ----D---- C:\windows\rxjr
2013-12-09 18:09:03 ----D---- C:\windows\azyw
2013-12-09 18:08:48 ----D---- C:\windows\unud
2013-12-09 18:08:37 ----D---- C:\windows\erpr
2013-12-09 18:08:27 ----D---- C:\windows\scyt
2013-12-09 18:08:22 ----D---- C:\windows\ygit
2013-12-09 18:08:11 ----D---- C:\windows\ocew
2013-12-09 18:07:51 ----D---- C:\windows\uqgl
2013-12-09 18:07:30 ----D---- C:\windows\uzjt
2013-12-09 18:07:14 ----D---- C:\windows\iftc

Re: prosím o kontrolu logu - trojský kůn - fake email česke

Napsal: 10 pro 2013 13:45
od Semik
2013-12-09 18:07:09 ----D---- C:\windows\dnud
2013-12-09 18:06:59 ----D---- C:\windows\ccat
2013-12-09 18:06:44 ----D---- C:\windows\upup
2013-12-09 18:06:33 ----D---- C:\windows\yhzz
2013-12-09 18:06:18 ----D---- C:\windows\yxil
2013-12-09 18:06:13 ----D---- C:\windows\jhef
2013-12-09 18:06:08 ----D---- C:\windows\oprv
2013-12-09 18:06:03 ----D---- C:\windows\icif
2013-12-09 18:05:58 ----D---- C:\windows\ysyb
2013-12-09 18:05:53 ----D---- C:\windows\opug
2013-12-09 18:05:47 ----D---- C:\windows\ykfm
2013-12-09 18:05:27 ----D---- C:\windows\erer
2013-12-09 18:05:16 ----D---- C:\windows\owek
2013-12-09 18:05:06 ----D---- C:\windows\irag
2013-12-09 18:05:01 ----D---- C:\windows\ovug
2013-12-09 18:04:56 ----D---- C:\windows\swyh
2013-12-09 18:04:40 ----D---- C:\windows\egll
2013-12-09 18:04:35 ----D---- C:\windows\ccyc
2013-12-09 18:04:29 ----D---- C:\windows\addd
2013-12-09 18:03:59 ----D---- C:\windows\ajal
2013-12-09 18:03:54 ----D---- C:\windows\ikcc
2013-12-09 18:03:48 ----D---- C:\windows\ibib
2013-12-09 18:03:43 ----D---- C:\windows\eqpp
2013-12-09 18:03:33 ----D---- C:\windows\akht
2013-12-09 18:03:23 ----D---- C:\windows\dnor
2013-12-09 18:03:18 ----D---- C:\windows\ajyp
2013-12-09 18:03:02 ----D---- C:\windows\yryl
2013-12-09 18:02:57 ----D---- C:\windows\fjyq
2013-12-09 18:02:52 ----D---- C:\windows\oslc
2013-12-09 18:02:37 ----D---- C:\windows\utow
2013-12-09 18:02:32 ----D---- C:\windows\ylfn
2013-12-09 18:02:21 ----D---- C:\windows\ezuc
2013-12-09 18:02:16 ----D---- C:\windows\iqar
2013-12-09 18:02:06 ----D---- C:\windows\uhek
2013-12-09 18:02:00 ----D---- C:\windows\yvyj
2013-12-09 18:01:45 ----D---- C:\windows\dgol
2013-12-09 18:01:40 ----D---- C:\windows\izyz
2013-12-09 18:01:35 ----D---- C:\windows\oqev
2013-12-09 18:01:24 ----D---- C:\windows\edur
2013-12-09 18:01:19 ----D---- C:\windows\efuw
2013-12-09 18:01:04 ----D---- C:\windows\yceh
2013-12-09 18:00:48 ----D---- C:\windows\imam
2013-12-09 18:00:38 ----D---- C:\windows\dxen
2013-12-09 18:00:17 ----D---- C:\windows\wgar
2013-12-09 18:00:12 ----D---- C:\windows\alid
2013-12-09 18:00:01 ----D---- C:\windows\yfkk
2013-12-09 17:59:36 ----D---- C:\windows\exed
2013-12-09 17:59:25 ----D---- C:\windows\anag
2013-12-09 17:59:20 ----D---- C:\windows\flid
2013-12-09 17:59:15 ----D---- C:\windows\otlb
2013-12-09 17:59:10 ----D---- C:\windows\adiv
2013-12-09 17:59:00 ----D---- C:\windows\igid
2013-12-09 17:58:54 ----D---- C:\windows\emeb
2013-12-09 17:58:29 ----D---- C:\windows\acmm
2013-12-09 17:58:18 ----D---- C:\windows\afat
2013-12-09 17:58:08 ----D---- C:\windows\jfuh
2013-12-09 17:57:42 ----D---- C:\windows\pgoq
2013-12-09 17:57:37 ----D---- C:\windows\pgep
2013-12-09 17:57:27 ----D---- C:\windows\upuq
2013-12-09 17:57:22 ----D---- C:\windows\ffaf
2013-12-09 17:57:17 ----D---- C:\windows\qbec
2013-12-09 17:57:06 ----D---- C:\windows\ilyx
2013-12-09 17:57:01 ----D---- C:\windows\elog
2013-12-09 17:56:40 ----D---- C:\windows\owum
2013-12-09 17:56:30 ----D---- C:\windows\isyn
2013-12-09 17:56:25 ----D---- C:\windows\ysab
2013-12-09 17:55:54 ----D---- C:\windows\ihaz
2013-12-09 17:55:44 ----D---- C:\windows\jcoh
2013-12-09 17:55:34 ----D---- C:\windows\uvuq
2013-12-09 17:55:13 ----D---- C:\windows\ylyr
2013-12-09 17:55:03 ----D---- C:\windows\swiz
2013-12-09 17:54:52 ----D---- C:\windows\epov
2013-12-09 17:54:47 ----D---- C:\windows\rpev
2013-12-09 17:54:37 ----D---- C:\windows\rnuj
2013-12-09 17:54:31 ----D---- C:\windows\iwyb
2013-12-09 17:54:26 ----D---- C:\windows\uxxj
2013-12-09 17:54:21 ----D---- C:\windows\evun
2013-12-09 17:54:14 ----D---- C:\windows\oxpj
2013-12-09 17:53:50 ----D---- C:\windows\ulnq
2013-12-09 17:53:45 ----D---- C:\windows\adiq
2013-12-09 17:53:39 ----D---- C:\windows\esom
2013-12-09 17:53:34 ----D---- C:\windows\yqax
2013-12-09 17:53:19 ----D---- C:\windows\iphj
2013-12-09 17:53:09 ----D---- C:\windows\upov
2013-12-09 17:53:04 ----D---- C:\windows\amyk
2013-12-09 17:52:59 ----D---- C:\windows\exor
2013-12-09 17:52:54 ----D---- C:\windows\izyw
2013-12-09 17:51:52 ----D---- C:\windows\yvyd
2013-12-09 17:51:31 ----D---- C:\windows\jdur
2013-12-09 17:50:56 ----D---- C:\windows\urud
2013-12-09 17:50:30 ----D---- C:\windows\dvjq
2013-12-09 17:50:25 ----D---- C:\windows\schm
2013-12-09 17:50:15 ----D---- C:\windows\oces
2013-12-09 17:50:10 ----D---- C:\windows\ypan
2013-12-09 17:50:00 ----D---- C:\windows\ozuf
2013-12-09 17:49:54 ----D---- C:\windows\igaj
2013-12-09 17:49:49 ----D---- C:\windows\umjb
2013-12-09 17:49:24 ----D---- C:\windows\utuw
2013-12-09 17:49:09 ----D---- C:\windows\upop
2013-12-09 17:48:58 ----D---- C:\windows\vxex
2013-12-09 17:48:53 ----D---- C:\windows\ugjg
2013-12-09 17:48:48 ----D---- C:\windows\akyf
2013-12-09 17:48:33 ----D---- C:\windows\evov
2013-12-09 17:48:28 ----D---- C:\windows\acik
2013-12-09 17:48:07 ----D---- C:\windows\uquq
2013-12-09 17:47:52 ----D---- C:\windows\rhem
2013-12-09 17:47:47 ----D---- C:\windows\ilmd
2013-12-09 17:47:37 ----D---- C:\windows\tqix
2013-12-09 17:47:32 ----D---- C:\windows\emqb
2013-12-09 17:47:16 ----D---- C:\windows\oxun
2013-12-09 17:47:06 ----D---- C:\windows\anyv
2013-12-09 17:47:01 ----D---- C:\windows\uxjr
2013-12-09 17:46:56 ----D---- C:\windows\yswz
2013-12-09 17:46:51 ----D---- C:\windows\upog
2013-12-09 17:46:35 ----D---- C:\windows\uhjf
2013-12-09 17:46:30 ----D---- C:\windows\ajwg
2013-12-09 17:46:20 ----D---- C:\windows\hvyx
2013-12-09 17:46:10 ----D---- C:\windows\wtak
2013-12-09 17:46:05 ----D---- C:\windows\awas
2013-12-09 17:46:00 ----D---- C:\windows\ydyq
2013-12-09 17:45:44 ----D---- C:\windows\tjyq
2013-12-09 17:45:39 ----D---- C:\windows\knsg
2013-12-09 17:45:34 ----D---- C:\windows\aqfx
2013-12-09 17:45:19 ----D---- C:\windows\ykit
2013-12-09 17:45:14 ----D---- C:\windows\ysyz
2013-12-09 17:45:09 ----D---- C:\windows\ovup
2013-12-09 17:45:04 ----D---- C:\windows\akym
2013-12-09 17:44:59 ----D---- C:\windows\ojen
2013-12-09 17:44:48 ----D---- C:\windows\amif
2013-12-09 17:44:43 ----D---- C:\windows\ujxx
2013-12-09 17:44:28 ----D---- C:\windows\ogop
2013-12-09 17:44:23 ----D---- C:\windows\afwk
2013-12-09 17:44:13 ----D---- C:\windows\izab
2013-12-09 17:44:08 ----D---- C:\windows\ehec
2013-12-09 17:44:02 ----D---- C:\windows\hnyp
2013-12-09 17:43:47 ----D---- C:\windows\cnyp
2013-12-09 17:43:42 ----D---- C:\windows\phet
2013-12-09 17:43:27 ----D---- C:\windows\usof
2013-12-09 17:43:22 ----D---- C:\windows\apad
2013-12-09 17:43:17 ----D---- C:\windows\xtuw
2013-12-09 17:43:11 ----D---- C:\windows\emeh
2013-12-09 17:43:06 ----D---- C:\windows\ycik
2013-12-09 17:42:51 ----D---- C:\windows\ylfr
2013-12-09 17:42:36 ----D---- C:\windows\yntp
2013-12-09 17:42:31 ----D---- C:\windows\udot
2013-12-09 17:42:25 ----D---- C:\windows\yhyh
2013-12-09 17:42:15 ----D---- C:\windows\uduj
2013-12-09 17:42:10 ----D---- C:\windows\uceh
2013-12-09 17:42:00 ----D---- C:\windows\ofrz
2013-12-09 17:41:55 ----D---- C:\windows\dbof
2013-12-09 17:41:50 ----D---- C:\windows\ewef
2013-12-09 17:41:45 ----D---- C:\windows\avin
2013-12-09 17:41:40 ----D---- C:\windows\yrap
2013-12-09 17:41:34 ----D---- C:\windows\osuk
2013-12-09 17:41:29 ----D---- C:\windows\eqeq
2013-12-09 17:41:24 ----D---- C:\windows\ymym
2013-12-09 17:41:19 ----D---- C:\windows\ybyb
2013-12-09 17:41:04 ----D---- C:\windows\uddr
2013-12-09 17:40:54 ----D---- C:\windows\aril
2013-12-09 17:40:43 ----D---- C:\windows\hbab
2013-12-09 17:40:38 ----D---- C:\windows\egug
2013-12-09 17:40:33 ----D---- C:\windows\imkm
2013-12-09 17:40:23 ----D---- C:\windows\opng
2013-12-09 17:40:18 ----D---- C:\windows\iwas
2013-12-09 17:40:13 ----D---- C:\windows\exun
2013-12-09 17:39:57 ----D---- C:\windows\ypar
2013-12-09 17:39:52 ----D---- C:\windows\ijig
2013-12-09 17:39:47 ----D---- C:\windows\uzuk
2013-12-09 17:39:42 ----D---- C:\windows\afit
2013-12-09 17:39:22 ----D---- C:\windows\gfuz
2013-12-09 17:39:17 ----D---- C:\windows\ydyg
2013-12-09 17:38:56 ----D---- C:\windows\fqyr
2013-12-09 17:38:51 ----D---- C:\windows\ufqh
2013-12-09 17:38:46 ----D---- C:\windows\ahib
2013-12-09 17:38:36 ----D---- C:\windows\icyt
2013-12-09 17:38:31 ----D---- C:\windows\ordj
2013-12-09 17:38:21 ----D---- C:\windows\amcf
2013-12-09 17:38:15 ----D---- C:\windows\enod
2013-12-09 17:38:10 ----D---- C:\windows\ahaw
2013-12-09 17:38:05 ----D---- C:\windows\ogpv
2013-12-09 17:38:00 ----D---- C:\windows\ybaz
2013-12-09 17:37:55 ----D---- C:\windows\icac
2013-12-09 17:37:50 ----D---- C:\windows\vner
2013-12-09 17:37:45 ----D---- C:\windows\ahyz
2013-12-09 17:37:40 ----D---- C:\windows\equg
2013-12-09 17:37:35 ----D---- C:\windows\gpop
2013-12-09 17:37:24 ----D---- C:\windows\ujjd
2013-12-09 17:37:19 ----D---- C:\windows\abas
2013-12-09 17:37:04 ----D---- C:\windows\bdap
2013-12-09 17:36:59 ----D---- C:\windows\fhab
2013-12-09 17:36:54 ----D---- C:\windows\uluq
2013-12-09 17:36:49 ----D---- C:\windows\hkbm
2013-12-09 17:36:38 ----D---- C:\windows\evuq
2013-12-09 17:36:23 ----D---- C:\windows\ugrl
2013-12-09 17:36:13 ----D---- C:\windows\qnor
2013-12-09 17:36:03 ----D---- C:\windows\ysfs
2013-12-09 17:35:58 ----D---- C:\windows\uguv
2013-12-09 17:35:53 ----D---- C:\windows\wkam
2013-12-09 17:35:42 ----D---- C:\windows\orex
2013-12-09 17:35:32 ----D---- C:\windows\zfym
2013-12-09 17:35:17 ----D---- C:\windows\exer
2013-12-09 17:35:12 ----D---- C:\windows\asiz
2013-12-09 17:35:01 ----D---- C:\windows\gzef
2013-12-09 17:34:56 ----D---- C:\windows\abyh
2013-12-09 17:34:51 ----D---- C:\windows\evpg
2013-12-09 17:34:46 ----D---- C:\windows\yctf
2013-12-09 17:34:36 ----D---- C:\windows\iryq
2013-12-09 17:34:31 ----D---- C:\windows\ohot
2013-12-09 17:34:26 ----D---- C:\windows\ygad
2013-12-09 17:34:21 ----D---- C:\windows\efjh
2013-12-09 17:34:16 ----D---- C:\windows\kjag
2013-12-09 17:34:10 ----D---- C:\windows\agkj
2013-12-09 17:34:05 ----D---- C:\windows\ydal
2013-12-09 17:34:00 ----D---- C:\windows\ucez
2013-12-09 17:33:55 ----D---- C:\windows\ydap
2013-12-09 17:33:40 ----D---- C:\windows\ydyp
2013-12-09 17:33:35 ----D---- C:\windows\ezdc
2013-12-09 17:33:30 ----D---- C:\windows\ongx
2013-12-09 17:33:19 ----D---- C:\windows\egup
2013-12-09 17:33:14 ----D---- C:\windows\iwyw
2013-12-09 17:33:09 ----D---- C:\windows\uvev
2013-12-09 17:32:54 ----D---- C:\windows\equp
2013-12-09 17:32:49 ----D---- C:\windows\ikym
2013-12-09 17:32:39 ----D---- C:\windows\opel
2013-12-09 17:32:34 ----D---- C:\windows\hkyt
2013-12-09 17:32:18 ----D---- C:\windows\wgid
2013-12-09 17:32:13 ----D---- C:\windows\yriq
2013-12-09 17:32:08 ----D---- C:\windows\isiw
2013-12-09 17:32:03 ----D---- C:\windows\ejer
2013-12-09 17:31:53 ----D---- C:\windows\adal
2013-12-09 17:31:48 ----D---- C:\windows\antp
2013-12-09 17:31:42 ----D---- C:\windows\ewdf
2013-12-09 17:31:27 ----D---- C:\windows\onex
2013-12-09 17:31:22 ----D---- C:\windows\twmb
2013-12-09 17:30:57 ----D---- C:\windows\ybas
2013-12-09 17:30:46 ----D---- C:\windows\uxuj
2013-12-09 17:30:26 ----D---- C:\windows\odgj
2013-12-09 17:30:21 ----D---- C:\windows\jboc
2013-12-09 17:30:16 ----D---- C:\windows\yjig
2013-12-09 17:29:55 ----D---- C:\windows\ixil
2013-12-09 17:29:50 ----D---- C:\windows\iqin
2013-12-09 17:29:42 ----D---- C:\windows\ycit
2013-12-09 17:29:37 ----D---- C:\windows\oxer
2013-12-09 17:29:27 ----D---- C:\windows\irap
2013-12-09 17:28:56 ----D---- C:\windows\vwok
2013-12-09 17:28:51 ----D---- C:\windows\ipin
2013-12-09 17:28:36 ----D---- C:\windows\awaw
2013-12-09 17:28:20 ----D---- C:\windows\pden
2013-12-09 17:27:50 ----D---- C:\windows\egov
2013-12-09 17:27:45 ----D---- C:\windows\ycyt
2013-12-09 17:27:35 ----D---- C:\windows\yhas
2013-12-09 17:27:24 ----D---- C:\windows\orun
2013-12-09 17:27:19 ----D---- C:\windows\abyz
2013-12-09 17:27:14 ----D---- C:\windows\ovel
2013-12-09 17:27:04 ----D---- C:\windows\enjn
2013-12-09 17:26:59 ----D---- C:\windows\udod
2013-12-09 17:26:49 ----D---- C:\windows\ijip
2013-12-09 17:26:43 ----D---- C:\windows\owgk
2013-12-09 17:26:33 ----D---- C:\windows\dfoz
2013-12-09 17:26:28 ----D---- C:\windows\utoh
2013-12-09 17:26:02 ----D---- C:\windows\oned
2013-12-09 17:25:57 ----D---- C:\windows\gleq
2013-12-09 17:25:42 ----D---- C:\windows\ajfq
2013-12-09 17:25:37 ----D---- C:\windows\emes
2013-12-09 17:25:27 ----D---- C:\windows\owof
2013-12-09 17:25:22 ----D---- C:\windows\yqaj
2013-12-09 17:25:16 ----D---- C:\windows\otez
2013-12-09 17:25:11 ----D---- C:\windows\idaq
2013-12-09 17:25:01 ----D---- C:\windows\imyt
2013-12-09 17:24:46 ----D---- C:\windows\ihys
2013-12-09 17:24:36 ----D---- C:\windows\ytyt
2013-12-09 17:24:25 ----D---- C:\windows\uqeg
2013-12-09 17:24:20 ----D---- C:\windows\akac
2013-12-09 17:24:15 ----D---- C:\windows\axhq
2013-12-09 17:24:10 ----D---- C:\windows\esok
2013-12-09 17:23:39 ----D---- C:\windows\hcik
2013-12-09 17:23:24 ----D---- C:\windows\elel
2013-12-09 17:22:59 ----D---- C:\windows\lces
2013-12-09 17:22:53 ----D---- C:\windows\kgij
2013-12-09 17:22:38 ----D---- C:\windows\icak
2013-12-09 17:22:18 ----D---- C:\windows\ifzc
2013-12-09 17:22:08 ----D---- C:\windows\edod
2013-12-09 17:21:57 ----D---- C:\windows\lgug
2013-12-09 17:21:52 ----D---- C:\windows\ytyk
2013-12-09 17:21:42 ----D---- C:\windows\pglv
2013-12-09 17:21:16 ----D---- C:\windows\atym
2013-12-09 17:21:11 ----D---- C:\windows\enux
2013-12-09 17:20:56 ----D---- C:\windows\pzem
2013-12-09 17:20:46 ----D---- C:\windows\aryg
2013-12-09 17:20:41 ----D---- C:\windows\ehuc
2013-12-09 17:20:36 ----D---- C:\windows\aqyd
2013-12-09 17:20:31 ----D---- C:\windows\ucow
2013-12-09 17:20:25 ----D---- C:\windows\ohec
2013-12-09 17:20:20 ----D---- C:\windows\ejur
2013-12-09 17:20:15 ----D---- C:\windows\itak
2013-12-09 17:20:05 ----D---- C:\windows\olgp
2013-12-09 17:20:00 ----D---- C:\windows\imcf
2013-12-09 17:19:55 ----D---- C:\windows\ujdr
2013-12-09 17:19:14 ----D---- C:\windows\ojox
2013-12-09 17:19:04 ----D---- C:\windows\oqog
2013-12-09 17:18:48 ----D---- C:\windows\unon
2013-12-09 17:18:33 ----D---- C:\windows\ohek
2013-12-09 17:18:28 ----D---- C:\windows\gcub
2013-12-09 17:18:23 ----D---- C:\windows\ukrh
2013-12-09 17:18:18 ----D---- C:\windows\atit
2013-12-09 17:18:13 ----D---- C:\windows\dxox
2013-12-09 17:18:08 ----D---- C:\windows\enor
2013-12-09 17:17:52 ----D---- C:\windows\tvhr
2013-12-09 17:17:47 ----D---- C:\windows\jnen
2013-12-09 17:17:32 ----D---- C:\windows\yczf
2013-12-09 17:17:22 ----D---- C:\windows\xgev
2013-12-09 17:17:16 ----D---- C:\windows\atic
2013-12-09 17:17:11 ----D---- C:\windows\trap
2013-12-09 17:16:56 ----D---- C:\windows\udig
2013-12-09 17:16:51 ----D---- C:\windows\bwyh
2013-12-09 17:16:46 ----D---- C:\windows\elep
2013-12-09 17:16:41 ----D---- C:\windows\ulup
2013-12-09 17:16:25 ----D---- C:\windows\yvan
2013-12-09 17:16:20 ----D---- C:\windows\omos
2013-12-09 17:16:15 ----D---- C:\windows\anap
2013-12-09 17:16:05 ----D---- C:\windows\azvm
2013-12-09 17:16:00 ----D---- C:\windows\egep
2013-12-09 17:15:55 ----D---- C:\windows\olog
2013-12-09 17:15:44 ----D---- C:\windows\wltj
2013-12-09 17:15:34 ----D---- C:\windows\evlp
2013-12-09 17:15:29 ----D---- C:\windows\odox
2013-12-09 17:15:10 ----D---- C:\windows\esuk
2013-12-09 17:15:00 ----D---- C:\windows\oqel
2013-12-09 17:14:55 ----D---- C:\windows\uveg
2013-12-09 17:14:50 ----D---- C:\windows\ynuj
2013-12-09 17:14:45 ----D---- C:\windows\mqid
2013-12-09 17:14:39 ----D---- C:\windows\igix
2013-12-09 17:14:29 ----D---- C:\windows\ecgb
2013-12-09 17:14:24 ----D---- C:\windows\ldon
2013-12-09 17:14:19 ----D---- C:\windows\ykat
2013-12-09 17:14:14 ----D---- C:\windows\smik
2013-12-09 17:14:06 ----D---- C:\windows\elop
2013-12-09 17:14:01 ----D---- C:\windows\ihyw
2013-12-09 17:13:51 ----D---- C:\windows\uqel
2013-12-09 17:13:46 ----D---- C:\windows\ujux
2013-12-09 17:13:41 ----D---- C:\windows\fsys
2013-12-09 17:13:35 ----D---- C:\windows\ipix
2013-12-09 17:13:20 ----D---- C:\windows\acit
2013-12-09 17:13:15 ----D---- C:\windows\ysah
2013-12-09 17:13:10 ----D---- C:\windows\oxon
2013-12-09 17:12:59 ----D---- C:\windows\ohdm
2013-12-09 17:12:54 ----D---- C:\windows\utoz
2013-12-09 17:12:49 ----D---- C:\windows\ewek
2013-12-09 17:12:44 ----D---- C:\windows\ogol
2013-12-09 17:12:39 ----D---- C:\windows\ygaj
2013-12-09 17:12:33 ----D---- C:\windows\ezoc
2013-12-09 17:12:28 ----D---- C:\windows\ydag
2013-12-09 17:12:23 ----D---- C:\windows\apir
2013-12-09 17:12:18 ----D---- C:\windows\ajyg
2013-12-09 17:12:07 ----D---- C:\windows\wvax
2013-12-09 17:11:52 ----D---- C:\windows\ythk
2013-12-09 17:11:32 ----D---- C:\windows\iqsj
2013-12-09 17:11:26 ----D---- C:\windows\izws
2013-12-09 17:11:21 ----D---- C:\windows\iwaz
2013-12-09 17:11:16 ----D---- C:\windows\ugoq
2013-12-09 17:11:06 ----D---- C:\windows\ttyt
2013-12-09 17:11:01 ----D---- C:\windows\ugll
2013-12-09 17:10:56 ----D---- C:\windows\azyz
2013-12-09 17:10:45 ----D---- C:\windows\igyd
2013-12-09 17:10:40 ----D---- C:\windows\pwet
2013-12-09 17:10:35 ----D---- C:\windows\adip
2013-12-09 17:10:24 ----D---- C:\windows\apan
2013-12-09 17:10:19 ----D---- C:\windows\opan
2013-12-09 17:10:14 ----D---- C:\windows\awmz
2013-12-09 17:10:08 ----D---- C:\windows\isab
2013-12-09 17:09:58 ----D---- C:\windows\ychm
2013-12-09 17:09:53 ----D---- C:\windows\ngel
2013-12-09 17:09:47 ----D---- C:\windows\aksc
2013-12-09 17:09:32 ----D---- C:\windows\alir
2013-12-09 17:09:22 ----D---- C:\windows\agid
2013-12-09 17:09:16 ----D---- C:\windows\ipyd
2013-12-09 17:09:06 ----D---- C:\windows\iryl
2013-12-09 17:08:56 ----D---- C:\windows\efez
2013-12-09 17:08:50 ----D---- C:\windows\uwef
2013-12-09 17:08:45 ----D---- C:\windows\eqog
2013-12-09 17:08:30 ----D---- C:\windows\odgd
2013-12-09 17:08:09 ----D---- C:\windows\axyl
2013-12-09 17:08:03 ----D---- C:\windows\uwom
2013-12-09 17:07:53 ----D---- C:\windows\agin
2013-12-09 17:07:48 ----D---- C:\windows\ohut
2013-12-09 17:07:43 ----D---- C:\windows\ikyg
2013-12-09 17:07:37 ----D---- C:\windows\omew
2013-12-09 17:07:25 ----D---- C:\windows\iriq
2013-12-09 17:07:14 ----D---- C:\windows\iqan
2013-12-09 17:07:09 ----D---- C:\windows\eleg
2013-12-09 17:07:04 ----D---- C:\windows\acfc
2013-12-09 17:06:59 ----D---- C:\windows\akyk
2013-12-09 17:06:49 ----D---- C:\windows\ener
2013-12-09 17:06:33 ----D---- C:\windows\hgyd
2013-12-09 17:06:28 ----D---- C:\windows\okuz
2013-12-09 17:06:23 ----D---- C:\windows\anav
2013-12-09 17:06:18 ----D---- C:\windows\eboc
2013-12-09 17:06:13 ----D---- C:\windows\enen
2013-12-09 17:06:03 ----D---- C:\windows\mbyz
2013-12-09 17:05:58 ----D---- C:\windows\uqog
2013-12-09 17:05:52 ----D---- C:\windows\acif
2013-12-09 17:05:47 ----D---- C:\windows\oden
2013-12-09 17:05:41 ----D---- C:\windows\izaz
2013-12-09 17:05:35 ----D---- C:\windows\ymak
2013-12-09 17:05:30 ----D---- C:\windows\ifym
2013-12-09 17:05:10 ----D---- C:\windows\vmoh
2013-12-09 17:05:05 ----D---- C:\windows\lkoz
2013-12-09 17:05:00 ----D---- C:\windows\axiv
2013-12-09 17:04:49 ----D---- C:\windows\obem
2013-12-09 17:04:39 ----D---- C:\windows\egxv
2013-12-09 17:04:29 ----D---- C:\windows\orej
2013-12-09 17:04:24 ----D---- C:\windows\ibas
2013-12-09 17:04:19 ----D---- C:\windows\uvop
2013-12-09 17:04:08 ----D---- C:\windows\jxur
2013-12-09 17:03:53 ----D---- C:\windows\ymit
2013-12-09 17:03:48 ----D---- C:\windows\ymyf
2013-12-09 17:03:43 ----D---- C:\windows\imym
2013-12-09 17:03:38 ----D---- C:\windows\staf
2013-12-09 17:03:27 ----D---- C:\windows\yqin
2013-12-09 17:03:11 ----D---- C:\windows\yxig
2013-12-09 17:03:06 ----D---- C:\windows\ozef
2013-12-09 17:03:01 ----D---- C:\windows\itac
2013-12-09 17:02:55 ----D---- C:\windows\iwah
2013-12-09 17:02:49 ----D---- C:\windows\ihab
2013-12-09 17:02:33 ----D---- C:\windows\smic
2013-12-09 17:02:18 ----D---- C:\windows\isyz
2013-12-09 17:02:02 ----D---- C:\windows\mscw
2013-12-09 17:01:57 ----D---- C:\windows\azyh
2013-12-09 17:01:52 ----D---- C:\windows\evul
2013-12-09 17:01:47 ----D---- C:\windows\itaf
2013-12-09 17:01:37 ----D---- C:\windows\ofus
2013-12-09 17:01:32 ----D---- C:\windows\ixyl
2013-12-09 17:01:20 ----D---- C:\windows\ojuj
2013-12-09 17:01:09 ----D---- C:\windows\edvr
2013-12-09 17:01:03 ----D---- C:\windows\uqep
2013-12-09 17:00:57 ----D---- C:\windows\ogul
2013-12-09 17:00:51 ----D---- C:\windows\ikyc
2013-12-09 17:00:45 ----D---- C:\windows\thah
2013-12-09 17:00:34 ----D---- C:\windows\axkp
2013-12-09 17:00:27 ----D---- C:\windows\utub
2013-12-09 17:00:13 ----D---- C:\windows\opov
2013-12-09 17:00:07 ----D---- C:\windows\erex
2013-12-09 17:00:01 ----D---- C:\windows\ejvn
2013-12-09 16:59:49 ----D---- C:\windows\ergj
2013-12-09 16:59:44 ----D---- C:\windows\ikat
2013-12-09 16:59:39 ----D---- C:\windows\eguq
2013-12-09 16:59:34 ----D---- C:\windows\axaq
2013-12-09 16:59:08 ----D---- C:\windows\evrp
2013-12-09 16:59:03 ----D---- C:\windows\klan
2013-12-09 16:58:58 ----D---- C:\windows\ufuz
2013-12-09 16:58:53 ----D---- C:\windows\ixaq
2013-12-09 16:58:42 ----D---- C:\windows\svfx
2013-12-09 16:58:37 ----D---- C:\windows\ilix
2013-12-09 16:58:11 ----D---- C:\windows\qvev
2013-12-09 16:58:00 ----D---- C:\windows\ovov
2013-12-09 16:57:55 ----D---- C:\windows\ywis
2013-12-09 16:57:50 ----D---- C:\windows\ored
2013-12-09 16:57:45 ----D---- C:\windows\ctif
2013-12-09 16:57:40 ----D---- C:\windows\abyb
2013-12-09 16:57:34 ----D---- C:\windows\kfaf
2013-12-09 16:57:19 ----D---- C:\windows\uzot
2013-12-09 16:57:14 ----D---- C:\windows\udox
2013-12-09 16:56:48 ----D---- C:\windows\inyq
2013-12-09 16:56:43 ----D---- C:\windows\yrtp
2013-12-09 16:56:21 ----D---- C:\windows\uhdm
2013-12-09 16:56:06 ----D---- C:\windows\ific
2013-12-09 16:55:51 ----D---- C:\windows\ujex
2013-12-09 16:55:45 ----D---- C:\windows\edoj
2013-12-09 16:55:40 ----D---- C:\windows\ihyz
2013-12-09 16:55:25 ----D---- C:\windows\jtqz
2013-12-09 16:55:20 ----D---- C:\windows\omvh
2013-12-09 16:55:15 ----D---- C:\windows\vhum
2013-12-09 16:54:54 ----D---- C:\windows\adox
2013-12-09 16:54:49 ----D---- C:\windows\yxyv
2013-12-09 16:54:44 ----D---- C:\windows\dsgf
2013-12-09 16:54:33 ----D---- C:\windows\afif
2013-12-09 16:54:23 ----D---- C:\windows\kdyp
2013-12-09 16:54:18 ----D---- C:\windows\ipyr
2013-12-09 16:54:12 ----D---- C:\windows\okus
2013-12-09 16:54:07 ----D---- C:\windows\ydiv
2013-12-09 16:54:02 ----D---- C:\windows\ubot
2013-12-09 16:53:57 ----D---- C:\windows\ygax
2013-12-09 16:53:52 ----D---- C:\windows\bsys
2013-12-09 16:53:36 ----D---- C:\windows\ydiq
2013-12-09 16:53:31 ----D---- C:\windows\cjaq
2013-12-09 16:53:26 ----D---- C:\windows\ahyb
2013-12-09 16:53:11 ----D---- C:\windows\omud
2013-12-09 16:53:00 ----D---- C:\windows\etuh
2013-12-09 16:52:50 ----D---- C:\windows\opep
2013-12-09 16:52:45 ----D---- C:\windows\uqoq
2013-12-09 16:52:40 ----D---- C:\windows\epug
2013-12-09 16:52:29 ----D---- C:\windows\gwok
2013-12-09 16:52:19 ----D---- C:\windows\yvmn
2013-12-09 16:51:58 ----D---- C:\windows\ilyj
2013-12-09 16:51:53 ----D---- C:\windows\uvoz
2013-12-09 16:51:43 ----D---- C:\windows\ulop
2013-12-09 16:51:32 ----D---- C:\windows\enun
2013-12-09 16:51:22 ----D---- C:\windows\azbb
2013-12-09 16:51:13 ----D---- C:\windows\icit
2013-12-09 16:51:03 ----D---- C:\windows\avaj
2013-12-09 16:50:58 ----D---- C:\windows\umuz
2013-12-09 16:50:53 ----D---- C:\windows\ucjw
2013-12-09 16:50:48 ----D---- C:\windows\ukow
2013-12-09 16:50:37 ----D---- C:\windows\oblt
2013-12-09 16:50:32 ----D---- C:\windows\ewof
2013-12-09 16:50:21 ----D---- C:\windows\ivan
2013-12-09 16:50:11 ----D---- C:\windows\kryq
2013-12-09 16:50:06 ----D---- C:\windows\yfhq
2013-12-09 16:50:00 ----D---- C:\windows\nvul
2013-12-09 16:49:55 ----D---- C:\windows\exvx
2013-12-09 16:49:50 ----D---- C:\windows\prun
2013-12-09 16:49:45 ----D---- C:\windows\ivyj
2013-12-09 16:49:32 ----D---- C:\windows\ucus
2013-12-09 16:49:27 ----D---- C:\windows\oqeg
2013-12-09 16:49:17 ----D---- C:\windows\isys
2013-12-09 16:49:07 ----D---- C:\windows\atst
2013-12-09 16:48:56 ----D---- C:\windows\ofoh
2013-12-09 16:48:51 ----D---- C:\windows\iniq
2013-12-09 16:48:46 ----D---- C:\windows\arap
2013-12-09 16:48:41 ----D---- C:\windows\idkl
2013-12-09 16:48:31 ----D---- C:\windows\jfus
2013-12-09 16:48:15 ----D---- C:\windows\ewet
2013-12-09 16:48:10 ----D---- C:\windows\fvyn
2013-12-09 16:48:00 ----D---- C:\windows\aryv
2013-12-09 16:47:55 ----D---- C:\windows\ilad
2013-12-09 16:47:49 ----D---- C:\windows\idip
2013-12-09 16:47:39 ----D---- C:\windows\yqyn
2013-12-09 16:47:34 ----D---- C:\windows\igar
2013-12-09 16:47:28 ----D---- C:\windows\ucoh
2013-12-09 16:47:23 ----D---- C:\windows\gzut
2013-12-09 16:47:18 ----D---- C:\windows\utlb
2013-12-09 16:47:02 ----D---- C:\windows\jmow
2013-12-09 16:46:57 ----D---- C:\windows\iwkb
2013-12-09 16:46:52 ----D---- C:\windows\fziz
2013-12-09 16:46:47 ----D---- C:\windows\exuj
2013-12-09 16:46:37 ----D---- C:\windows\xfeb
2013-12-09 16:46:26 ----D---- C:\windows\itat
2013-12-09 16:46:21 ----D---- C:\windows\unej
2013-12-09 16:46:16 ----D---- C:\windows\odux
2013-12-09 16:46:06 ----D---- C:\windows\ijav
2013-12-09 16:46:00 ----D---- C:\windows\oteh
2013-12-09 16:45:54 ----D---- C:\windows\lzok
2013-12-09 16:45:49 ----D---- C:\windows\ecob
2013-12-09 16:45:44 ----D---- C:\windows\idfp
2013-12-09 16:45:39 ----D---- C:\windows\uxyv
2013-12-09 16:45:28 ----D---- C:\windows\oddr
2013-12-09 16:45:18 ----D---- C:\windows\ohuc
2013-12-09 16:45:08 ----D---- C:\windows\usef
2013-12-09 16:44:47 ----D---- C:\windows\ozec
2013-12-09 16:44:32 ----D---- C:\windows\ewoc
2013-12-09 16:44:27 ----D---- C:\windows\ezuk
2013-12-09 16:44:21 ----D---- C:\windows\olep
2013-12-09 16:44:11 ----D---- C:\windows\erux
2013-12-09 16:44:01 ----D---- C:\windows\yxap
2013-12-09 16:43:56 ----D---- C:\windows\yjaq
2013-12-09 16:43:51 ----D---- C:\windows\afyc
2013-12-09 16:43:46 ----D---- C:\windows\odex
2013-12-09 16:43:34 ----D---- C:\windows\isaz
2013-12-09 16:43:29 ----D---- C:\windows\evup
2013-12-09 16:43:14 ----D---- C:\windows\osxm
2013-12-09 16:43:09 ----D---- C:\windows\kpan
2013-12-09 16:43:04 ----D---- C:\windows\ezuf
2013-12-09 16:42:48 ----D---- C:\windows\anip
2013-12-09 16:42:38 ----D---- C:\windows\ytyc
2013-12-09 16:42:27 ----D---- C:\windows\ymyk
2013-12-09 16:42:21 ----D---- C:\windows\ujed
2013-12-09 16:42:11 ----D---- C:\windows\itam
2013-12-09 16:42:06 ----D---- C:\windows\fkit
2013-12-09 16:42:01 ----D---- C:\windows\atyc
2013-12-09 16:41:45 ----D---- C:\windows\usnk
2013-12-09 16:41:40 ----D---- C:\windows\ybaq
2013-12-09 16:41:35 ----D---- C:\windows\egol
2013-12-09 16:41:29 ----D---- C:\windows\yfwk
2013-12-09 16:41:14 ----D---- C:\windows\ypax
2013-12-09 16:41:09 ----D---- C:\windows\ivij
2013-12-09 16:41:04 ----D---- C:\windows\wpyn
2013-12-09 16:40:53 ----D---- C:\windows\aqaj
2013-12-09 16:40:48 ----D---- C:\windows\obuk
2013-12-09 16:40:43 ----D---- C:\windows\usem
2013-12-09 16:40:38 ----D---- C:\windows\ikyt
2013-12-09 16:40:22 ----D---- C:\windows\ijyp
2013-12-09 16:39:41 ----D---- C:\windows\ymik
2013-12-09 16:39:36 ----D---- C:\windows\oxed
2013-12-09 16:39:31 ----D---- C:\windows\oxxj
2013-12-09 16:39:21 ----D---- C:\windows\icat
2013-12-09 16:39:10 ----D---- C:\windows\edux
2013-12-09 16:39:00 ----D---- C:\windows\exur
2013-12-09 16:38:55 ----D---- C:\windows\rroj
2013-12-09 16:38:50 ----D---- C:\windows\exen
2013-12-09 16:38:39 ----D---- C:\windows\ylad
2013-12-09 16:38:34 ----D---- C:\windows\umez
2013-12-09 16:38:29 ----D---- C:\windows\yzys
2013-12-09 16:38:24 ----D---- C:\windows\zcaf
2013-12-09 16:38:09 ----D---- C:\windows\ifaf
2013-12-09 16:38:03 ----D---- C:\windows\uxox
2013-12-09 16:37:53 ----D---- C:\windows\ifyt
2013-12-09 16:37:48 ----D---- C:\windows\evol
2013-12-09 16:37:43 ----D---- C:\windows\afyt
2013-12-09 16:37:38 ----D---- C:\windows\ykif
2013-12-09 16:37:33 ----D---- C:\windows\ytim
2013-12-09 16:37:27 ----D---- C:\windows\awiw
2013-12-09 16:37:17 ----D---- C:\windows\emow
2013-12-09 16:37:12 ----D---- C:\windows\ykym
2013-12-09 16:37:01 ----D---- C:\windows\odjx
2013-12-09 16:36:40 ----D---- C:\windows\icaf
2013-12-09 16:36:34 ----D---- C:\windows\htic
2013-12-09 16:36:29 ----D---- C:\windows\smak
2013-12-09 16:36:24 ----D---- C:\windows\ixip
2013-12-09 16:36:19 ----D---- C:\windows\cgyr
2013-12-09 16:36:14 ----D---- C:\windows\ukuw
2013-12-09 16:36:09 ----D---- C:\windows\ijiq
2013-12-09 16:36:04 ----D---- C:\windows\irbl
2013-12-09 16:35:58 ----D---- C:\windows\ynyl
2013-12-09 16:35:48 ----D---- C:\windows\uwuc
2013-12-09 16:35:28 ----D---- C:\windows\alix
2013-12-09 16:35:22 ----D---- C:\windows\ymaf
2013-12-09 16:35:17 ----D---- C:\windows\upel
2013-12-09 16:35:12 ----D---- C:\windows\dpdp
2013-12-09 16:35:07 ----D---- C:\windows\ulel
2013-12-09 16:35:02 ----D---- C:\windows\ewum
2013-12-09 16:34:57 ----D---- C:\windows\sjyp
2013-12-09 16:34:51 ----D---- C:\windows\qsot
2013-12-09 16:34:46 ----D---- C:\windows\avyj
2013-12-09 16:34:41 ----D---- C:\windows\ybhb
2013-12-09 16:34:36 ----D---- C:\windows\atyt
2013-12-09 16:34:25 ----D---- C:\windows\kkym
2013-12-09 16:34:15 ----D---- C:\windows\hpyn
2013-12-09 16:34:10 ----D---- C:\windows\ofew
2013-12-09 16:34:05 ----D---- C:\windows\frav
2013-12-09 16:33:59 ----D---- C:\windows\oxgn
2013-12-09 16:33:49 ----D---- C:\windows\eqop
2013-12-09 16:33:38 ----D---- C:\windows\edex
2013-12-09 16:33:33 ----D---- C:\windows\ejdn
2013-12-09 16:33:23 ----D---- C:\windows\efeb
2013-12-09 16:33:18 ----D---- C:\windows\inil
2013-12-09 16:33:07 ----D---- C:\windows\yhyz
2013-12-09 16:33:02 ----D---- C:\windows\nvoq
2013-12-09 16:32:57 ----D---- C:\windows\exex
2013-12-09 16:32:52 ----D---- C:\windows\egev
2013-12-09 16:32:42 ----D---- C:\windows\djon
2013-12-09 16:32:36 ----D---- C:\windows\ijyh
2013-12-09 16:32:26 ----D---- C:\windows\ydwl
2013-12-09 16:32:21 ----D---- C:\windows\osuf
2013-12-09 16:32:16 ----D---- C:\windows\uzuf
2013-12-09 16:32:11 ----D---- C:\windows\yfam
2013-12-09 16:32:05 ----D---- C:\windows\qlup
2013-12-09 16:31:55 ----D---- C:\windows\ujer
2013-12-09 16:31:50 ----D---- C:\windows\udlx
2013-12-09 16:31:45 ----D---- C:\windows\ywaz
2013-12-09 16:31:39 ----D---- C:\windows\ycat
2013-12-09 16:31:28 ----D---- C:\windows\asyb
2013-12-09 16:31:23 ----D---- C:\windows\uzum
2013-12-09 16:31:12 ----D---- C:\windows\ahab
2013-12-09 16:31:02 ----D---- C:\windows\ozuk
2013-12-09 16:30:57 ----D---- C:\windows\cpad
2013-12-09 16:30:51 ----D---- C:\windows\esof
2013-12-09 16:30:46 ----D---- C:\windows\iqyr
2013-12-09 16:30:41 ----D---- C:\windows\qhuk
2013-12-09 16:30:36 ----D---- C:\windows\owut
2013-12-09 16:30:31 ----D---- C:\windows\ijyg
2013-12-09 16:30:26 ----D---- C:\windows\snkp
2013-12-09 16:30:20 ----D---- C:\windows\obut
2013-12-09 16:30:15 ----D---- C:\windows\ekob
2013-12-09 16:30:10 ----D---- C:\windows\ohgt
2013-12-09 16:30:05 ----D---- C:\windows\otrb
2013-12-09 16:30:00 ----D---- C:\windows\ahiw
2013-12-09 16:29:54 ----D---- C:\windows\eveg
2013-12-09 16:29:38 ----D---- C:\windows\yftc
2013-12-09 16:29:33 ----D---- C:\windows\iwih
2013-12-09 16:29:28 ----D---- C:\windows\imhc
2013-12-09 16:29:17 ----D---- C:\windows\uquv
2013-12-09 16:29:07 ----D---- C:\windows\zpaj
2013-12-09 16:29:02 ----D---- C:\windows\acos
2013-12-09 16:28:57 ----D---- C:\windows\ujdn
2013-12-09 16:28:52 ----D---- C:\windows\rxur
2013-12-09 16:28:40 ----D---- C:\windows\imit
2013-12-09 16:28:35 ----D---- C:\windows\onor
2013-12-09 16:28:30 ----D---- C:\windows\izib
2013-12-09 16:28:25 ----D---- C:\windows\yhah
2013-12-09 16:28:20 ----D---- C:\windows\tmym
2013-12-09 16:28:15 ----D---- C:\windows\elul
2013-12-09 16:27:59 ----D---- C:\windows\fctf
2013-12-09 16:27:54 ----D---- C:\windows\axyg
2013-12-09 16:27:44 ----D---- C:\windows\oteb
2013-12-09 16:27:39 ----D---- C:\windows\gvoq
2013-12-09 16:27:30 ----D---- C:\windows\ejrj
2013-12-09 16:27:25 ----D---- C:\windows\orer
2013-12-09 16:27:20 ----D---- C:\windows\ariv
2013-12-09 16:27:14 ----D---- C:\windows\owuc
2013-12-09 16:27:04 ----D---- C:\windows\ijcq
2013-12-09 16:26:59 ----D---- C:\windows\owok
2013-12-09 16:26:54 ----D---- C:\windows\ubuf
2013-12-09 16:26:49 ----D---- C:\windows\iniv
2013-12-09 16:26:44 ----D---- C:\windows\ohof
2013-12-09 16:26:38 ----D---- C:\windows\span
2013-12-09 16:26:33 ----D---- C:\windows\uguq
2013-12-09 16:26:23 ----D---- C:\windows\ityk
2013-12-09 16:26:18 ----D---- C:\windows\ejqd
2013-12-09 16:26:08 ----D---- C:\windows\fwaz
2013-12-09 16:26:03 ----D---- C:\windows\osek
2013-12-09 16:25:52 ----D---- C:\windows\ivar
2013-12-09 16:25:42 ----D---- C:\windows\arig
2013-12-09 16:25:36 ----D---- C:\windows\igsn
2013-12-09 16:25:26 ----D---- C:\windows\okes
2013-12-09 16:25:05 ----D---- C:\windows\yjiq
2013-12-09 16:25:00 ----D---- C:\windows\yrig
2013-12-09 16:24:49 ----D---- C:\windows\gkob
2013-12-09 16:24:44 ----D---- C:\windows\usoc
2013-12-09 16:24:28 ----D---- C:\windows\ohjf
2013-12-09 16:24:23 ----D---- C:\windows\ufdw
2013-12-09 16:24:18 ----D---- C:\windows\otow
2013-12-09 16:24:07 ----D---- C:\windows\adcq
2013-12-09 16:24:01 ----D---- C:\windows\eden
2013-12-09 16:23:55 ----D---- C:\windows\orox
2013-12-09 16:23:50 ----D---- C:\windows\rvog
2013-12-09 16:23:45 ----D---- C:\windows\urer
2013-12-09 16:23:40 ----D---- C:\windows\afhf
2013-12-09 16:23:35 ----D---- C:\windows\eren
2013-12-09 16:23:24 ----D---- C:\windows\uroj
2013-12-09 16:23:08 ----D---- C:\windows\yhyw
2013-12-09 16:22:42 ----D---- C:\windows\igzx
2013-12-09 16:22:31 ----D---- C:\windows\ijsv
2013-12-09 16:22:15 ----D---- C:\windows\uwok
2013-12-09 16:22:10 ----D---- C:\windows\uwoc
2013-12-09 16:22:00 ----D---- C:\windows\aryp
2013-12-09 16:21:55 ----D---- C:\windows\uwot
2013-12-09 16:21:50 ----D---- C:\windows\ogeg
2013-12-09 16:21:44 ----D---- C:\windows\uvoq
2013-12-09 16:21:34 ----D---- C:\windows\jzut
2013-12-09 16:21:24 ----D---- C:\windows\efob
2013-12-09 16:21:19 ----D---- C:\windows\yjag
2013-12-09 16:21:13 ----D---- C:\windows\avix
2013-12-09 16:21:03 ----D---- C:\windows\ycwt
2013-12-09 16:20:58 ----D---- C:\windows\oluq
2013-12-09 16:20:53 ----D---- C:\windows\ymsf
2013-12-09 16:20:47 ----D---- C:\windows\ycif
2013-12-09 16:20:42 ----D---- C:\windows\qrex
2013-12-09 16:20:37 ----D---- C:\windows\ahyw
2013-12-09 16:20:32 ----D---- C:\windows\yjaw
2013-12-09 16:20:27 ----D---- C:\windows\phxm
2013-12-09 16:20:16 ----D---- C:\windows\aqij
2013-12-09 16:20:01 ----D---- C:\windows\ykyk
2013-12-09 16:19:51 ----D---- C:\windows\uqoj
2013-12-09 16:19:46 ----D---- C:\windows\oleq
2013-12-09 16:19:35 ----D---- C:\windows\imaf
2013-12-09 16:19:25 ----D---- C:\windows\dkoh
2013-12-09 16:19:20 ----D---- C:\windows\apar
2013-12-09 16:19:09 ----D---- C:\windows\ocos
2013-12-09 16:19:04 ----D---- C:\windows\ypid
2013-12-09 16:18:59 ----D---- C:\windows\upuv
2013-12-09 16:18:54 ----D---- C:\windows\ovul
2013-12-09 16:18:49 ----D---- C:\windows\ftac
2013-12-09 16:18:23 ----D---- C:\windows\oduj
2013-12-09 16:18:18 ----D---- C:\windows\xdej
2013-12-09 16:18:02 ----D---- C:\windows\itbf
2013-12-09 16:17:57 ----D---- C:\windows\kwah
2013-12-09 16:17:52 ----D---- C:\windows\amam
2013-12-09 16:17:41 ----D---- C:\windows\urur
2013-12-09 16:17:36 ----D---- C:\windows\urod
2013-12-09 16:17:26 ----D---- C:\windows\vdox
2013-12-09 16:17:21 ----D---- C:\windows\anyl
2013-12-09 16:17:15 ----D---- C:\windows\apwx
2013-12-09 16:17:10 ----D---- C:\windows\umeh
2013-12-09 16:16:55 ----D---- C:\windows\icyk
2013-12-09 16:16:50 ----D---- C:\windows\exoj
2013-12-09 16:16:44 ----D---- C:\windows\okuw
2013-12-09 16:16:39 ----D---- C:\windows\arav
2013-12-09 16:16:34 ----D---- C:\windows\arhl
2013-12-09 16:16:29 ----D---- C:\windows\yjal
2013-12-09 16:16:23 ----D---- C:\windows\ypad
2013-12-09 16:16:13 ----D---- C:\windows\vcez
2013-12-09 16:16:08 ----D---- C:\windows\izas
2013-12-09 16:16:02 ----D---- C:\windows\ytic
2013-12-09 16:15:47 ----D---- C:\windows\uvov
2013-12-09 16:15:42 ----D---- C:\windows\ytit
2013-12-09 16:15:36 ----D---- C:\windows\eqeg
2013-12-09 16:15:31 ----D---- C:\windows\ornj
2013-12-09 16:15:26 ----D---- C:\windows\uxor
2013-12-09 16:15:21 ----D---- C:\windows\iloq
2013-12-09 16:15:05 ----D---- C:\windows\ufos
2013-12-09 16:15:00 ----D---- C:\windows\ibiz
2013-12-09 16:14:54 ----D---- C:\windows\odor
2013-12-09 16:14:44 ----D---- C:\windows\ivax
2013-12-09 16:14:33 ----D---- C:\windows\cnyl
2013-12-09 16:14:27 ----D---- C:\windows\jzuf
2013-12-09 16:14:07 ----D---- C:\windows\yvid
2013-12-09 16:14:02 ----D---- C:\windows\uleh
2013-12-09 16:13:45 ----D---- C:\windows\usuc
2013-12-09 16:13:40 ----D---- C:\windows\ehem
2013-12-09 16:13:35 ----D---- C:\windows\apax
2013-12-09 16:13:30 ----D---- C:\windows\usut
2013-12-09 16:13:25 ----D---- C:\windows\ezek
2013-12-09 16:13:20 ----D---- C:\windows\yxyl
2013-12-09 16:13:15 ----D---- C:\windows\ykip
2013-12-09 16:13:09 ----D---- C:\windows\qlgq
2013-12-09 16:13:04 ----D---- C:\windows\eruj
2013-12-09 16:12:59 ----D---- C:\windows\ofes
2013-12-09 16:12:54 ----D---- C:\windows\ywyw
2013-12-09 16:12:49 ----D---- C:\windows\ybyw
2013-12-09 16:12:43 ----D---- C:\windows\yzyb
2013-12-09 16:12:38 ----D---- C:\windows\ymtt
2013-12-09 16:12:33 ----D---- C:\windows\owem
2013-12-09 16:12:28 ----D---- C:\windows\ofuw
2013-12-09 16:12:23 ----D---- C:\windows\ewjc
2013-12-09 16:12:17 ----D---- C:\windows\ubum
2013-12-09 16:12:12 ----D---- C:\windows\yvyn
2013-12-09 16:12:02 ----D---- C:\windows\okub
2013-12-09 16:11:57 ----D---- C:\windows\dvoq
2013-12-09 16:11:41 ----D---- C:\windows\azas
2013-12-09 16:11:36 ----D---- C:\windows\oqol
2013-12-09 16:11:30 ----D---- C:\windows\ifim
2013-12-09 16:11:25 ----D---- C:\windows\ykyf
2013-12-09 16:11:20 ----D---- C:\windows\unux
2013-12-09 16:11:15 ----D---- C:\windows\ywiw
2013-12-09 16:11:10 ----D---- C:\windows\omqb
2013-12-09 16:11:05 ----D---- C:\windows\ajip
2013-12-09 16:11:00 ----D---- C:\windows\omub
2013-12-09 16:10:55 ----D---- C:\windows\inat
2013-12-09 16:10:49 ----D---- C:\windows\jsqc
2013-12-09 16:10:39 ----D---- C:\windows\efub
2013-12-09 16:10:24 ----D---- C:\windows\pfeh
2013-12-09 16:10:17 ----D---- C:\windows\vgol
2013-12-09 16:10:07 ----D---- C:\windows\cfik
2013-12-09 16:10:01 ----D---- C:\windows\ywys
2013-12-09 16:09:46 ----D---- C:\windows\iqyj
2013-12-09 16:09:41 ----D---- C:\windows\cdyl
2013-12-09 16:09:35 ----D---- C:\windows\utuh
2013-12-09 16:09:30 ----D---- C:\windows\yvkr
2013-12-09 16:09:25 ----D---- C:\windows\ntub
2013-12-09 16:09:20 ----D---- C:\windows\adyq
2013-12-09 16:09:14 ----D---- C:\windows\omuh
2013-12-09 16:09:09 ----D---- C:\windows\cvir
2013-12-09 16:09:04 ----D---- C:\windows\yqyj
2013-12-09 16:08:54 ----D---- C:\windows\dfeb
2013-12-09 16:08:48 ----D---- C:\windows\ybyh
2013-12-09 16:08:38 ----D---- C:\windows\uzrf
2013-12-09 16:08:27 ----D---- C:\windows\kzyw
2013-12-09 16:08:15 ----D---- C:\windows\onpd
2013-12-09 16:07:54 ----D---- C:\windows\ujud
2013-12-09 16:07:49 ----D---- C:\windows\ymyc
2013-12-09 16:07:44 ----D---- C:\windows\abaz
2013-12-09 16:07:37 ----D---- C:\windows\ojlj
2013-12-09 16:07:32 ----D---- C:\windows\isah
2013-12-09 16:07:26 ----D---- C:\windows\enur
2013-12-09 16:07:21 ----D---- C:\windows\ysat
2013-12-09 16:07:09 ----D---- C:\windows\egoq
2013-12-09 16:07:04 ----D---- C:\windows\azis
2013-12-09 16:06:54 ----D---- C:\windows\olul
2013-12-09 16:06:49 ----D---- C:\windows\ozet
2013-12-09 16:06:44 ----D---- C:\windows\aral
2013-12-09 16:06:39 ----D---- C:\windows\uwgk
2013-12-09 16:06:33 ----D---- C:\windows\yzqt
2013-12-09 16:06:22 ----D---- C:\windows\ulul
2013-12-09 16:06:16 ----D---- C:\windows\eldv
2013-12-09 16:06:10 ----D---- C:\windows\qpoq
2013-12-09 16:06:05 ----D---- C:\windows\asaw
2013-12-09 16:05:58 ----D---- C:\windows\hbsh
2013-12-09 16:05:53 ----D---- C:\windows\izhw
2013-12-09 16:05:47 ----D---- C:\windows\ovuv
2013-12-09 16:05:42 ----D---- C:\windows\ndoj
2013-12-09 16:05:37 ----D---- C:\windows\ysas
2013-12-09 16:05:32 ----D---- C:\windows\yjtl
2013-12-09 16:05:27 ----D---- C:\windows\iryp
2013-12-09 16:05:16 ----D---- C:\windows\adyg
2013-12-09 16:05:11 ----D---- C:\windows\asaz
2013-12-09 16:05:01 ----D---- C:\windows\ibis
2013-12-09 16:04:56 ----D---- C:\windows\uqev
2013-12-09 16:04:50 ----D---- C:\windows\tlan
2013-12-09 16:04:45 ----D---- C:\windows\ylyx
2013-12-09 16:04:33 ----D---- C:\windows\yqyx
2013-12-09 16:04:23 ----D---- C:\windows\ynav
2013-12-09 16:04:12 ----D---- C:\windows\wdip
2013-12-09 16:04:07 ----D---- C:\windows\rdox
2013-12-09 16:04:01 ----D---- C:\windows\djun
2013-12-09 16:03:56 ----D---- C:\windows\djen
2013-12-09 16:03:50 ----D---- C:\windows\ugev
2013-12-09 16:03:45 ----D---- C:\windows\yhab
2013-12-09 16:03:40 ----D---- C:\windows\ysib
2013-12-09 16:03:35 ----D---- C:\windows\acyt
2013-12-09 16:03:30 ----D---- C:\windows\ubec
2013-12-09 16:03:14 ----D---- C:\windows\igin
2013-12-09 16:03:09 ----D---- C:\windows\wvid
2013-12-09 16:02:58 ----D---- C:\windows\gxhp
2013-12-09 16:02:53 ----D---- C:\windows\imak
2013-12-09 16:02:46 ----D---- C:\windows\eloq
2013-12-09 16:02:35 ----D---- C:\windows\uwuk
2013-12-09 16:02:29 ----D---- C:\windows\iqij
2013-12-09 16:02:13 ----D---- C:\windows\amyc
2013-12-09 16:02:07 ----D---- C:\windows\fsaw
2013-12-09 16:02:00 ----D---- C:\windows\isis
2013-12-09 16:01:55 ----D---- C:\windows\unun
2013-12-09 16:01:49 ----D---- C:\windows\ebuf
2013-12-09 16:01:43 ----D---- C:\windows\akir
2013-12-09 16:01:33 ----D---- C:\windows\onun
2013-12-09 16:01:28 ----D---- C:\windows\ycac
2013-12-09 16:01:17 ----D---- C:\windows\yvij
2013-12-09 16:01:12 ----D---- C:\windows\adyp
2013-12-09 16:01:02 ----D---- C:\windows\eder
2013-12-09 16:00:51 ----D---- C:\windows\ejen
2013-12-09 16:00:46 ----D---- C:\windows\ened
2013-12-09 16:00:41 ----D---- C:\windows\azaw
2013-12-09 16:00:36 ----D---- C:\windows\etuw
2013-12-09 16:00:20 ----D---- C:\windows\yskz
2013-12-09 16:00:15 ----D---- C:\windows\kzyb
2013-12-09 16:00:09 ----D---- C:\windows\ytif
2013-12-09 16:00:02 ----D---- C:\windows\yzaw
2013-12-09 15:59:54 ----D---- C:\windows\ykim
2013-12-09 15:59:43 ----D---- C:\windows\oqgv
2013-12-09 15:59:32 ----D---- C:\windows\yzah
2013-12-09 15:59:22 ----D---- C:\windows\yktk
2013-12-09 15:59:16 ----D---- C:\windows\plov
2013-12-09 15:59:11 ----D---- C:\windows\szyb
2013-12-09 15:59:06 ----D---- C:\windows\ysaw
2013-12-09 15:59:01 ----D---- C:\windows\ejod
2013-12-09 15:58:56 ----D---- C:\windows\egop
2013-12-09 15:58:40 ----D---- C:\windows\ygyj
2013-12-09 15:58:35 ----D---- C:\windows\xtus
2013-12-09 15:58:30 ----D---- C:\windows\yxaq
2013-12-09 15:58:20 ----D---- C:\windows\yqsd
2013-12-09 15:58:09 ----D---- C:\windows\lpop
2013-12-09 15:58:04 ----D---- C:\windows\ymkm
2013-12-09 15:57:54 ----D---- C:\windows\cpid
2013-12-09 15:57:37 ----D---- C:\windows\egeq
2013-12-09 15:57:32 ----D---- C:\windows\bkyf
2013-12-09 15:57:21 ----D---- C:\windows\atwc
2013-12-09 15:57:16 ----D---- C:\windows\uzks
2013-12-09 15:57:10 ----D---- C:\windows\umub
2013-12-09 15:56:59 ----D---- C:\windows\usom
2013-12-09 15:56:54 ----D---- C:\windows\acac
2013-12-09 15:56:43 ----D---- C:\windows\ewqc
2013-12-09 15:56:38 ----D---- C:\windows\oxud
2013-12-09 15:56:33 ----D---- C:\windows\wzis
2013-12-09 15:56:28 ----D---- C:\windows\qlop
2013-12-09 15:56:13 ----D---- C:\windows\ariq
2013-12-09 15:56:07 ----D---- C:\windows\ukob
2013-12-09 15:56:02 ----D---- C:\windows\idyg
2013-12-09 15:55:51 ----D---- C:\windows\ejux
2013-12-09 15:55:46 ----D---- C:\windows\edej
2013-12-09 15:55:41 ----D---- C:\windows\aqyx
2013-12-09 15:55:30 ----D---- C:\windows\ysyw
2013-12-09 15:55:25 ----D---- C:\windows\oqov
2013-12-09 15:55:20 ----D---- C:\windows\azah
2013-12-09 15:55:15 ----D---- C:\windows\oxld
2013-12-09 15:55:10 ----D---- C:\windows\enoj
2013-12-09 15:54:48 ----D---- C:\windows\ubof
2013-12-09 15:54:43 ----D---- C:\windows\ajyv
2013-12-09 15:54:37 ----D---- C:\windows\inap
2013-12-09 15:54:32 ----D---- C:\windows\ygsn
2013-12-09 15:54:26 ----D---- C:\windows\ynig
2013-12-09 15:54:19 ----D---- C:\windows\ewuk
2013-12-09 15:54:07 ----D---- C:\windows\awok
2013-12-09 15:54:02 ----D---- C:\windows\ugol
2013-12-09 15:53:57 ----D---- C:\windows\erud
2013-12-09 15:53:36 ----D---- C:\windows\amat
2013-12-09 15:53:31 ----D---- C:\windows\evqq
2013-12-09 15:53:25 ----D---- C:\windows\esuv
2013-12-09 15:53:18 ----D---- C:\windows\esuf
2013-12-09 15:53:13 ----D---- C:\windows\ilan
2013-12-09 15:53:08 ----D---- C:\windows\uzom
2013-12-09 15:52:45 ----D---- C:\windows\onxd
2013-12-09 15:52:34 ----D---- C:\windows\esoc
2013-12-09 15:52:29 ----D---- C:\windows\wpin
2013-12-09 15:52:24 ----D---- C:\windows\yfif
2013-12-09 15:52:18 ----D---- C:\windows\amym
2013-12-09 15:52:13 ----D---- C:\windows\onen
2013-12-09 15:52:08 ----D---- C:\windows\xfow
2013-12-09 15:51:57 ----D---- C:\windows\ipyn
2013-12-09 15:51:52 ----D---- C:\windows\umoh
2013-12-09 15:51:47 ----D---- C:\windows\rjoj
2013-12-09 15:51:37 ----D---- C:\windows\irkq
2013-12-09 15:51:32 ----D---- C:\windows\ysih
2013-12-09 15:51:27 ----D---- C:\windows\ddjj
2013-12-09 15:51:16 ----D---- C:\windows\ahkh
2013-12-09 15:51:11 ----D---- C:\windows\ykyc
2013-12-09 15:51:05 ----D---- C:\windows\oqop
2013-12-09 15:51:00 ----D---- C:\windows\ikic
2013-12-09 15:50:55 ----D---- C:\windows\oror
2013-12-09 15:50:50 ----D---- C:\windows\ihiz
2013-12-09 15:50:45 ----D---- C:\windows\iziw
2013-12-09 15:50:39 ----D---- C:\windows\elum
2013-12-09 15:50:34 ----D---- C:\windows\ikam
2013-12-09 15:50:29 ----D---- C:\windows\ujon
2013-12-09 15:50:24 ----D---- C:\windows\yziw
2013-12-09 15:50:18 ----D---- C:\windows\omez
2013-12-09 15:50:13 ----D---- C:\windows\ohet
2013-12-09 15:50:07 ----D---- C:\windows\esum
2013-12-09 15:49:57 ----D---- C:\windows\ikik
2013-12-09 15:49:52 ----D---- C:\windows\iwis
2013-12-09 15:49:42 ----D---- C:\windows\ebem
2013-12-09 15:49:36 ----D---- C:\windows\hral
2013-12-09 15:49:28 ----D---- C:\windows\iril
2013-12-09 15:49:23 ----D---- C:\windows\qzut
2013-12-09 15:49:18 ----D---- C:\windows\eqlq
2013-12-09 15:49:13 ----D---- C:\windows\equv
2013-12-09 15:49:08 ----D---- C:\windows\iwab
2013-12-09 15:49:03 ----D---- C:\windows\usdt
2013-12-09 15:48:57 ----D---- C:\windows\dtes
2013-12-09 15:48:47 ----D---- C:\windows\usuf
2013-12-09 15:48:42 ----D---- C:\windows\owot
2013-12-09 15:48:37 ----D---- C:\windows\tbyz
2013-12-09 15:48:31 ----D---- C:\windows\atam
2013-12-09 15:48:26 ----D---- C:\windows\evel
2013-12-09 15:48:19 ----D---- C:\windows\yhiw
2013-12-09 15:48:13 ----D---- C:\windows\jpel
2013-12-09 15:48:08 ----D---- C:\windows\eguv
2013-12-09 15:48:03 ----D---- C:\windows\ywib
2013-12-09 15:47:47 ----D---- C:\windows\ozuc
2013-12-09 15:47:42 ----D---- C:\windows\uhok
2013-12-09 15:47:37 ----D---- C:\windows\amwm
2013-12-09 15:47:32 ----D---- C:\windows\yqir
2013-12-09 15:47:26 ----D---- C:\windows\aqyr
2013-12-09 15:47:21 ----D---- C:\windows\alyx
2013-12-09 15:47:11 ----D---- C:\windows\dcuw
2013-12-09 15:47:00 ----D---- C:\windows\fvir
2013-12-09 15:46:55 ----D---- C:\windows\ufez
2013-12-09 15:46:47 ----D---- C:\windows\yral
2013-12-09 15:46:41 ----D---- C:\windows\bgix
2013-12-09 15:46:33 ----D---- C:\windows\ucub
2013-12-09 15:46:27 ----D---- C:\windows\yrip
2013-12-09 15:46:21 ----D---- C:\windows\xwok
2013-12-09 15:46:15 ----D---- C:\windows\yrav
2013-12-09 15:46:07 ----D---- C:\windows\iqyx
2013-12-09 15:45:58 ----D---- C:\windows\eded
2013-12-09 15:45:47 ----D---- C:\windows\uxux
2013-12-09 15:45:41 ----D---- C:\windows\obof
2013-12-09 15:45:35 ----D---- C:\windows\ytam
2013-12-09 15:45:29 ----D---- C:\windows\ogup
2013-12-09 15:45:24 ----D---- C:\windows\uder
2013-12-09 15:45:18 ----D---- C:\windows\olel
2013-12-09 15:45:07 ----D---- C:\windows\oner
2013-12-09 15:45:01 ----D---- C:\windows\owod
2013-12-09 15:44:56 ----D---- C:\windows\ijiv
2013-12-09 15:44:50 ----D---- C:\windows\ekeb
2013-12-09 15:44:44 ----D---- C:\windows\ynyp
2013-12-09 15:44:27 ----D---- C:\windows\ycic
2013-12-09 15:44:16 ----D---- C:\windows\wjav
2013-12-09 15:44:11 ----D---- C:\windows\iqid
2013-12-09 15:44:05 ----D---- C:\windows\astb
2013-12-09 15:43:59 ----D---- C:\windows\elug
2013-12-09 15:43:48 ----D---- C:\windows\ofub
2013-12-09 15:43:37 ----D---- C:\windows\ajyq
2013-12-09 15:43:25 ----D---- C:\windows\ohoc
2013-12-09 15:43:07 ----D---- C:\windows\ofeb
2013-12-09 15:43:01 ----D---- C:\windows\dhem
2013-12-09 15:42:54 ----D---- C:\windows\yril
2013-12-09 15:42:49 ----D---- C:\windows\adwl
2013-12-09 15:42:43 ----D---- C:\windows\dbuf
2013-12-09 15:42:31 ----D---- C:\windows\ihaw
2013-12-09 15:42:26 ----D---- C:\windows\xjor
2013-12-09 15:42:20 ----D---- C:\windows\axig
2013-12-09 15:42:08 ----D---- C:\windows\ukeh
2013-12-09 15:42:03 ----D---- C:\windows\ugul
2013-12-09 15:41:57 ----D---- C:\windows\olov
2013-12-09 15:41:51 ----D---- C:\windows\yfyk
2013-12-09 15:41:39 ----D---- C:\windows\irip
2013-12-09 15:41:32 ----D---- C:\windows\spad
2013-12-09 15:41:27 ----D---- C:\windows\ylij
2013-12-09 15:41:21 ----D---- C:\windows\igad
2013-12-09 15:41:14 ----D---- C:\windows\ipar
2013-12-09 15:41:09 ----D---- C:\windows\sraq
2013-12-09 15:41:03 ----D---- C:\windows\ycyf
2013-12-09 15:40:57 ----D---- C:\windows\eqel
2013-12-09 15:40:51 ----D---- C:\windows\odon
2013-12-09 15:40:45 ----D---- C:\windows\apbd
2013-12-09 15:40:32 ----D---- C:\windows\ojgr
2013-12-09 15:40:26 ----D---- C:\windows\hhaw
2013-12-09 15:40:21 ----D---- C:\windows\ysys
2013-12-09 15:40:14 ----D---- C:\windows\yfyf
2013-12-09 15:40:09 ----D---- C:\windows\uvuv
2013-12-09 15:40:02 ----D---- C:\windows\uqvg
2013-12-09 15:39:57 ----D---- C:\windows\yhiz
2013-12-09 15:39:50 ----D---- C:\windows\onod
2013-12-09 15:39:45 ----D---- C:\windows\ygmj
2013-12-09 15:39:39 ----D---- C:\windows\ozoc
2013-12-09 15:39:28 ----D---- C:\windows\gqug
2013-12-09 15:39:16 ----D---- C:\windows\ujun
2013-12-09 15:39:11 ----D---- C:\windows\idyp
2013-12-09 15:39:05 ----D---- C:\windows\uzok
2013-12-09 15:38:48 ----D---- C:\windows\uxud
2013-12-09 15:38:42 ----D---- C:\windows\opul
2013-12-09 15:38:36 ----D---- C:\windows\esec
2013-12-09 15:38:30 ----D---- C:\windows\yjyp
2013-12-09 15:38:19 ----D---- C:\windows\awtw
2013-12-09 15:38:07 ----D---- C:\windows\ycyc
2013-12-09 15:38:02 ----D---- C:\windows\ujxl
2013-12-09 15:37:56 ----D---- C:\windows\uvqq
2013-12-09 15:37:50 ----D---- C:\windows\ulev
2013-12-09 15:37:45 ----D---- C:\windows\unrr
2013-12-09 15:37:39 ----D---- C:\windows\izyh
2013-12-09 15:37:33 ----D---- C:\windows\fzih
2013-12-09 15:37:22 ----D---- C:\windows\yvyr
2013-12-09 15:37:16 ----D---- C:\windows\ofoz
2013-12-09 15:37:10 ----D---- C:\windows\umow
2013-12-09 15:37:04 ----D---- C:\windows\exox
2013-12-09 15:36:59 ----D---- C:\windows\oquq
2013-12-09 15:36:53 ----D---- C:\windows\ifyf
2013-12-09 15:36:47 ----D---- C:\windows\ogev
2013-12-09 15:36:41 ----D---- C:\windows\oguv
2013-12-09 15:36:35 ----D---- C:\windows\ifac
2013-12-09 15:36:29 ----D---- C:\windows\yxyq
2013-12-09 15:36:24 ----D---- C:\windows\ipij
2013-12-09 15:36:18 ----D---- C:\windows\ypyj
2013-12-09 15:36:07 ----D---- C:\windows\adap
2013-12-09 15:36:02 ----D---- C:\windows\yxzg
2013-12-09 15:35:56 ----D---- C:\windows\jbec
2013-12-09 15:35:50 ----D---- C:\windows\xwum
2013-12-09 15:35:39 ----D---- C:\windows\oloq
2013-12-09 15:35:33 ----D---- C:\windows\yzyw
2013-12-09 15:35:28 ----D---- C:\windows\yttm
2013-12-09 15:35:22 ----D---- C:\windows\uron
2013-12-09 15:35:17 ----D---- C:\windows\ibah
2013-12-09 15:35:12 ----D---- C:\windows\isib
2013-12-09 15:35:06 ----D---- C:\windows\izaw
2013-12-09 15:35:00 ----D---- C:\windows\emxs
2013-12-09 15:34:54 ----D---- C:\windows\emew
2013-12-09 15:34:49 ----D---- C:\windows\jwet
2013-12-09 15:34:43 ----D---- C:\windows\atus
2013-12-09 15:34:38 ----D---- C:\windows\olrg
2013-12-09 15:34:32 ----D---- C:\windows\expj
2013-12-09 15:34:26 ----D---- C:\windows\ssas
2013-12-09 15:34:14 ----D---- C:\windows\ihah
2013-12-09 15:34:08 ----D---- C:\windows\yghd
2013-12-09 15:34:02 ----D---- C:\windows\ekus
2013-12-09 15:33:56 ----D---- C:\windows\wnyl
2013-12-09 15:33:51 ----D---- C:\windows\azih
2013-12-09 15:33:45 ----D---- C:\windows\edor
2013-12-09 15:33:39 ----D---- C:\windows\uqeq
2013-12-09 15:33:33 ----D---- C:\windows\egqg
2013-12-09 15:33:23 ----D---- C:\windows\ymzt
2013-12-09 15:33:17 ----D---- C:\windows\udej
2013-12-09 15:33:11 ----D---- C:\windows\egog
2013-12-09 15:33:06 ----D---- C:\windows\hfit
2013-12-09 15:33:00 ----D---- C:\windows\icbc
2013-12-09 15:32:43 ----D---- C:\windows\oqug
2013-12-09 15:32:38 ----D---- C:\windows\ysaz
2013-12-09 15:32:32 ----D---- C:\windows\ifyc
2013-12-09 15:32:21 ----D---- C:\windows\kdwl
2013-12-09 15:32:14 ----D---- C:\windows\qkew
2013-12-09 15:32:08 ----D---- C:\windows\igan
2013-12-09 15:32:02 ----D---- C:\windows\ewpf
2013-12-09 15:31:57 ----D---- C:\windows\iryg
2013-12-09 15:31:51 ----D---- C:\windows\sgix
2013-12-09 15:31:45 ----D---- C:\windows\uwem
2013-12-09 15:31:40 ----D---- C:\windows\alij
2013-12-09 15:31:34 ----D---- C:\windows\umeb
2013-12-09 15:31:29 ----D---- C:\windows\exnn
2013-12-09 15:31:23 ----D---- C:\windows\sfak
2013-12-09 15:31:17 ----D---- C:\windows\xnep
2013-12-09 15:31:12 ----D---- C:\windows\fkym
2013-12-09 15:31:01 ----D---- C:\windows\opuv
2013-12-09 15:30:55 ----D---- C:\windows\ehet
2013-12-09 15:30:49 ----D---- C:\windows\ecos
2013-12-09 15:30:44 ----D---- C:\windows\anal
2013-12-09 15:30:32 ----D---- C:\windows\ikac
2013-12-09 15:30:21 ----D---- C:\windows\ijil
2013-12-09 15:30:15 ----D---- C:\windows\inkq
2013-12-09 15:30:09 ----D---- C:\windows\yvwr
2013-12-09 15:29:52 ----D---- C:\windows\opup
2013-12-09 15:29:34 ----D---- C:\windows\gnen
2013-12-09 15:29:23 ----D---- C:\windows\aziz
2013-12-09 15:29:10 ----D---- C:\windows\avwr
2013-12-09 15:29:05 ----D---- C:\windows\ylir
2013-12-09 15:28:59 ----D---- C:\windows\ecuw
2013-12-09 15:28:53 ----D---- C:\windows\ojun
2013-12-09 15:28:48 ----D---- C:\windows\olop
2013-12-09 15:28:42 ----D---- C:\windows\onoj
2013-12-09 15:28:36 ----D---- C:\windows\avis
2013-12-09 15:28:30 ----D---- C:\windows\otes
2013-12-09 15:28:18 ----D---- C:\windows\iqir
2013-12-09 15:28:13 ----D---- C:\windows\agyd
2013-12-09 15:28:07 ----D---- C:\windows\ajag
2013-12-09 15:28:01 ----D---- C:\windows\ozek
2013-12-09 15:27:55 ----D---- C:\windows\obpf
2013-12-09 15:27:49 ----D---- C:\windows\ipkx
2013-12-09 15:27:43 ----D---- C:\windows\alyn
2013-12-09 15:27:37 ----D---- C:\windows\tmik
2013-12-09 15:27:31 ----D---- C:\windows\issw
2013-12-09 15:27:25 ----D---- C:\windows\ywyz
2013-12-09 15:27:20 ----D---- C:\windows\izis
2013-12-09 15:27:14 ----D---- C:\windows\icyf
2013-12-09 15:27:08 ----D---- C:\windows\wbyh
2013-12-09 15:26:57 ----D---- C:\windows\hniq
2013-12-09 15:26:51 ----D---- C:\windows\gbum
2013-12-09 15:26:46 ----D---- C:\windows\ivir
2013-12-09 15:26:41 ----D---- C:\windows\onuj
2013-12-09 15:26:30 ----D---- C:\windows\imyk
2013-12-09 15:26:24 ----D---- C:\windows\vbot
2013-12-09 15:26:13 ----D---- C:\windows\klyr
2013-12-09 15:26:08 ----D---- C:\windows\ezot
2013-12-09 15:26:02 ----D---- C:\windows\yhkh
2013-12-09 15:25:57 ----D---- C:\windows\yziz
2013-12-09 15:25:46 ----D---- C:\windows\owyw
2013-12-09 15:25:40 ----D---- C:\windows\tlyx
2013-12-09 15:25:35 ----D---- C:\windows\vsef
2013-12-09 15:25:29 ----D---- C:\windows\yqar
2013-12-09 15:25:23 ----D---- C:\windows\icim
2013-12-09 15:25:18 ----D---- C:\windows\rkoh
2013-12-09 15:25:12 ----D---- C:\windows\inyv
2013-12-09 15:25:06 ----D---- C:\windows\ewom
2013-12-09 15:25:01 ----D---- C:\windows\kdaq
2013-12-09 15:24:49 ----D---- C:\windows\ezlf
2013-12-09 15:24:32 ----D---- C:\windows\ywah
2013-12-09 15:24:25 ----D---- C:\windows\uhut
2013-12-09 15:24:20 ----D---- C:\windows\jspm
2013-12-09 15:24:14 ----D---- C:\windows\mxig
2013-12-09 15:24:08 ----D---- C:\windows\uclh
2013-12-09 15:24:02 ----D---- C:\windows\ocuh
2013-12-09 15:23:57 ----D---- C:\windows\ufew
2013-12-09 15:23:51 ----D---- C:\windows\gdod
2013-12-09 15:23:45 ----D---- C:\windows\yhih
2013-12-09 15:23:34 ----D---- C:\windows\adil
2013-12-09 15:23:29 ----D---- C:\windows\yxav
2013-12-09 15:23:23 ----D---- C:\windows\ubet
2013-12-09 15:23:17 ----D---- C:\windows\ekuh
2013-12-09 15:23:11 ----D---- C:\windows\etnh
2013-12-09 15:23:01 ----D---- C:\windows\svir
2013-12-09 15:22:56 ----D---- C:\windows\ekow
2013-12-09 15:22:51 ----D---- C:\windows\imic
2013-12-09 15:22:40 ----D---- C:\windows\ojud
2013-12-09 15:22:35 ----D---- C:\windows\ikwf
2013-12-09 15:22:30 ----D---- C:\windows\upev
2013-12-09 15:22:25 ----D---- C:\windows\evog
2013-12-09 15:22:20 ----D---- C:\windows\wjig
2013-12-09 15:22:15 ----D---- C:\windows\djed
2013-12-09 15:22:09 ----D---- C:\windows\acak
2013-12-09 15:22:04 ----D---- C:\windows\iwiz
2013-12-09 15:21:59 ----D---- C:\windows\ycyk
2013-12-09 15:21:53 ----D---- C:\windows\imik
2013-12-09 15:21:48 ----D---- C:\windows\ebuc
2013-12-09 15:21:43 ----D---- C:\windows\dsot
2013-12-09 15:21:38 ----D---- C:\windows\spyr
2013-12-09 15:21:32 ----D---- C:\windows\unor
2013-12-09 15:21:27 ----D---- C:\windows\ovop
2013-12-09 15:21:22 ----D---- C:\windows\rloq
2013-12-09 15:21:16 ----D---- C:\windows\urex
2013-12-09 15:21:11 ----D---- C:\windows\ovpg
2013-12-09 15:21:05 ----D---- C:\windows\oxox
2013-12-09 15:20:59 ----D---- C:\windows\udud
2013-12-09 15:20:54 ----D---- C:\windows\isas
2013-12-09 15:20:49 ----D---- C:\windows\exud
2013-12-09 15:20:43 ----D---- C:\windows\yzis
2013-12-09 15:20:37 ----D---- C:\windows\uqul
2013-12-09 15:20:32 ----D---- C:\windows\ufer
2013-12-09 15:20:26 ----D---- C:\windows\ukes
2013-12-09 15:20:21 ----D---- C:\windows\yxag
2013-12-09 15:20:15 ----D---- C:\windows\erej
2013-12-09 15:20:10 ----D---- C:\windows\agyx
2013-12-09 15:20:05 ----D---- C:\windows\iqad
2013-12-09 15:19:59 ----D---- C:\windows\kpyj
2013-12-09 15:19:49 ----D---- C:\windows\upul
2013-12-09 15:19:43 ----D---- C:\windows\ikim
2013-12-09 15:19:38 ----D---- C:\windows\yfaf
2013-12-09 15:19:22 ----D---- C:\windows\omug
2013-12-09 15:19:12 ----D---- C:\windows\ajyl
2013-12-09 15:19:07 ----D---- C:\windows\yvin
2013-12-09 15:18:56 ----D---- C:\windows\unuj
2013-12-09 15:18:51 ----D---- C:\windows\azhs
2013-12-09 15:18:46 ----D---- C:\windows\iqvg
2013-12-09 15:18:41 ----D---- C:\windows\ufub
2013-12-09 15:18:35 ----D---- C:\windows\usrc
2013-12-09 15:18:30 ----D---- C:\windows\owuf
2013-12-09 15:18:25 ----D---- C:\windows\ucew
2013-12-09 15:18:20 ----D---- C:\windows\yjyv
2013-12-09 15:18:15 ----D---- C:\windows\ipan
2013-12-09 15:18:09 ----D---- C:\windows\emuh
2013-12-09 15:18:03 ----D---- C:\windows\epev
2013-12-09 15:17:58 ----D---- C:\windows\ovol
2013-12-09 15:17:53 ----D---- C:\windows\itim
2013-12-09 15:17:48 ----D---- C:\windows\uhuk
2013-12-09 15:17:42 ----D---- C:\windows\fpad
2013-12-09 15:17:36 ----D---- C:\windows\yryp
2013-12-09 15:17:31 ----D---- C:\windows\yjil
2013-12-09 15:17:19 ----D---- C:\windows\yqyr
2013-12-09 15:17:13 ----D---- C:\windows\apin
2013-12-09 15:17:08 ----D---- C:\windows\irav
2013-12-09 15:17:03 ----D---- C:\windows\ynil
2013-12-09 15:16:58 ----D---- C:\windows\ehek
2013-12-09 15:16:53 ----D---- C:\windows\alax
2013-12-09 15:16:48 ----D---- C:\windows\omrw
2013-12-09 15:16:37 ----D---- C:\windows\uhom
2013-12-09 15:16:32 ----D---- C:\windows\ilar
2013-12-09 15:16:27 ----D---- C:\windows\uqij
2013-12-09 15:16:17 ----D---- C:\windows\edox
2013-12-09 15:16:11 ----D---- C:\windows\ahis
2013-12-09 15:16:06 ----D---- C:\windows\epoq
2013-12-09 15:15:45 ----D---- C:\windows\ipyx
2013-12-09 15:15:40 ----D---- C:\windows\ygix
2013-12-09 15:15:30 ----D---- C:\windows\okdb
2013-12-09 15:15:24 ----D---- C:\windows\udgd
2013-12-09 15:15:14 ----D---- C:\windows\olug
2013-12-09 15:15:04 ----D---- C:\windows\asys
2013-12-09 15:14:59 ----D---- C:\windows\uznm
2013-12-09 15:14:53 ----D---- C:\windows\igax
2013-12-09 15:14:47 ----D---- C:\windows\lzoc
2013-12-09 15:14:42 ----D---- C:\windows\ixav
2013-12-09 15:14:37 ----D---- C:\windows\uwof
2013-12-09 15:14:27 ----D---- C:\windows\esjk
2013-12-09 15:14:22 ----D---- C:\windows\yfym
2013-12-09 15:14:16 ----D---- C:\windows\fkif
2013-12-09 15:14:11 ----D---- C:\windows\ymat
2013-12-09 15:14:06 ----D---- C:\windows\uxqr
2013-12-09 15:14:01 ----D---- C:\windows\uxen
2013-12-09 15:13:56 ----D---- C:\windows\ihyb
2013-12-09 15:13:51 ----D---- C:\windows\yjav
2013-12-09 15:13:46 ----D---- C:\windows\ajiv
2013-12-09 15:13:41 ----D---- C:\windows\yqyd
2013-12-09 15:13:35 ----D---- C:\windows\etob
2013-12-09 15:13:25 ----D---- C:\windows\ubek
2013-12-09 15:13:15 ----D---- C:\windows\ixag
2013-12-09 15:13:10 ----D---- C:\windows\erur
2013-12-09 15:13:05 ----D---- C:\windows\iwaw
2013-12-09 15:13:00 ----D---- C:\windows\opev
2013-12-09 15:12:54 ----D---- C:\windows\afym
2013-12-09 15:12:49 ----D---- C:\windows\epuv
2013-12-09 15:12:44 ----D---- C:\windows\ydyl
2013-12-09 15:12:38 ----D---- C:\windows\obot
2013-12-09 15:12:33 ----D---- C:\windows\apaj
2013-12-09 15:12:28 ----D---- C:\windows\aqar
2013-12-09 15:12:23 ----D---- C:\windows\ajtl
2013-12-09 15:12:18 ----D---- C:\windows\uzec
2013-12-09 15:12:13 ----D---- C:\windows\ylin
2013-12-09 15:12:08 ----D---- C:\windows\ojej
2013-12-09 15:12:02 ----D---- C:\windows\anyq
2013-12-09 15:11:57 ----D---- C:\windows\wqir
2013-12-09 15:11:51 ----D---- C:\windows\ocnb
2013-12-09 15:11:46 ----D---- C:\windows\anig
2013-12-09 15:11:41 ----D---- C:\windows\igir
2013-12-09 15:11:36 ----D---- C:\windows\ozjt
2013-12-09 15:11:31 ----D---- C:\windows\ataf
2013-12-09 15:11:25 ----D---- C:\windows\isih
2013-12-09 15:11:20 ----D---- C:\windows\eveq
2013-12-09 15:11:14 ----D---- C:\windows\ydej
2013-12-09 15:11:03 ----D---- C:\windows\abiz
2013-12-09 15:10:58 ----D---- C:\windows\oquv
2013-12-09 15:10:53 ----D---- C:\windows\etuz
2013-12-09 15:10:42 ----D---- C:\windows\ukos
2013-12-09 15:10:36 ----D---- C:\windows\ywtw
2013-12-09 15:10:31 ----D---- C:\windows\izih
2013-12-09 15:10:26 ----D---- C:\windows\iwib
2013-12-09 15:10:21 ----D---- C:\windows\hqad
2013-12-09 15:10:11 ----D---- C:\windows\owef
2013-12-09 15:10:05 ----D---- C:\windows\ykik
2013-12-09 15:10:00 ----D---- C:\windows\ylix
2013-12-09 15:09:54 ----D---- C:\windows\ozem
2013-12-09 15:09:49 ----D---- C:\windows\ozum
2013-12-09 15:09:44 ----D---- C:\windows\omes
2013-12-09 15:09:39 ----D---- C:\windows\uwut
2013-12-09 15:09:33 ----D---- C:\windows\ehok
2013-12-09 15:09:28 ----D---- C:\windows\wjal
2013-12-09 15:09:18 ----D---- C:\windows\unex
2013-12-09 15:09:13 ----D---- C:\windows\akif
2013-12-09 15:09:07 ----D---- C:\windows\yzyz
2013-12-09 15:09:02 ----D---- C:\windows\wrfg
2013-12-09 15:08:57 ----D---- C:\windows\umos
2013-12-09 15:08:52 ----D---- C:\windows\efuz
2013-12-09 15:08:47 ----D---- C:\windows\ydaq
2013-12-09 15:08:37 ----D---- C:\windows\iqyn
2013-12-09 15:08:31 ----D---- C:\windows\afic
2013-12-09 15:08:26 ----D---- C:\windows\awbh
2013-12-09 15:08:21 ----D---- C:\windows\ibyh
2013-12-09 15:08:16 ----D---- C:\windows\ubis
2013-12-09 15:08:11 ----D---- C:\windows\uhqk
2013-12-09 15:08:06 ----D---- C:\windows\ezok
2013-12-09 15:08:01 ----D---- C:\windows\yqan
2013-12-09 15:07:55 ----D---- C:\windows\utuz
2013-12-09 15:07:50 ----D---- C:\windows\ilir
2013-12-09 15:07:45 ----D---- C:\windows\ownk
2013-12-09 15:07:35 ----D---- C:\windows\yjiv
2013-12-09 15:07:30 ----D---- C:\windows\eblt
2013-12-09 15:07:19 ----D---- C:\windows\ynyg
2013-12-09 15:07:09 ----D---- C:\windows\axyv
2013-12-09 15:07:04 ----D---- C:\windows\obuf
2013-12-09 15:06:58 ----D---- C:\windows\alyd
2013-12-09 15:06:53 ----D---- C:\windows\ywas
2013-12-09 15:06:48 ----D---- C:\windows\ibyw
2013-12-09 15:06:43 ----D---- C:\windows\ugel
2013-12-09 15:06:38 ----D---- C:\windows\awyz
2013-12-09 15:06:33 ----D---- C:\windows\awyb
2013-12-09 15:06:28 ----D---- C:\windows\dlup
2013-12-09 15:06:22 ----D---- C:\windows\apyd
2013-12-09 15:06:17 ----D---- C:\windows\ebum
2013-12-09 15:06:12 ----D---- C:\windows\wlax
2013-12-09 15:06:07 ----D---- C:\windows\usuk
2013-12-09 15:06:02 ----D---- C:\windows\ekos
2013-12-09 15:05:57 ----D---- C:\windows\yraq
2013-12-09 15:05:52 ----D---- C:\windows\uteb
2013-12-09 15:05:46 ----D---- C:\windows\ujqd
2013-12-09 15:05:41 ----D---- C:\windows\amik
2013-12-09 15:05:36 ----D---- C:\windows\awiz
2013-12-09 15:05:31 ----D---- C:\windows\ivtd
2013-12-09 15:05:25 ----D---- C:\windows\ixwp
2013-12-09 15:05:20 ----D---- C:\windows\adaq
2013-12-09 15:05:10 ----D---- C:\windows\ucuw
2013-12-09 15:05:05 ----D---- C:\windows\qtus
2013-12-09 15:05:00 ----D---- C:\windows\obet
2013-12-09 15:04:49 ----D---- C:\windows\yniv
2013-12-09 15:04:44 ----D---- C:\windows\aqyn
2013-12-09 15:04:39 ----D---- C:\windows\iwmz
2013-12-09 15:04:32 ----D---- C:\windows\awih
2013-12-09 15:04:27 ----D---- C:\windows\ugeq
2013-12-09 15:04:22 ----D---- C:\windows\edqj
2013-12-09 15:04:17 ----D---- C:\windows\onur
2013-12-09 15:04:12 ----D---- C:\windows\iwys
2013-12-09 15:04:06 ----D---- C:\windows\ofob
2013-12-09 15:03:56 ----D---- C:\windows\uhuf
2013-12-09 15:03:51 ----D---- C:\windows\inhv
2013-12-09 15:03:46 ----D---- C:\windows\eset
2013-12-09 15:03:41 ----D---- C:\windows\ykic
2013-12-09 15:03:36 ----D---- C:\windows\xrod
2013-12-09 15:03:30 ----D---- C:\windows\whih
2013-12-09 15:03:25 ----D---- C:\windows\aqad
2013-12-09 15:03:20 ----D---- C:\windows\emuw
2013-12-09 15:03:15 ----D---- C:\windows\anyp
2013-12-09 15:03:10 ----D---- C:\windows\ygid
2013-12-09 15:03:05 ----D---- C:\windows\apyr
2013-12-09 15:02:59 ----D---- C:\windows\ujpx
2013-12-09 15:02:54 ----D---- C:\windows\dhih
2013-12-09 15:02:49 ----D---- C:\windows\idav
2013-12-09 15:02:44 ----D---- C:\windows\ygin
2013-12-09 15:02:39 ----D---- C:\windows\ehum
2013-12-09 15:02:34 ----D---- C:\windows\abis
2013-12-09 15:02:18 ----D---- C:\windows\agyr
2013-12-09 15:02:13 ----D---- C:\windows\igyn
2013-12-09 15:02:08 ----D---- C:\windows\axyp
2013-12-09 15:02:03 ----D---- C:\windows\apfd
2013-12-09 15:01:58 ----D---- C:\windows\ekxz
2013-12-09 15:01:53 ----D---- C:\windows\avan
2013-12-09 15:01:47 ----D---- C:\windows\gfos
2013-12-09 15:01:42 ----D---- C:\windows\kjyg
2013-12-09 15:01:37 ----D---- C:\windows\ohuf
2013-12-09 15:01:32 ----D---- C:\windows\ebom
2013-12-09 15:01:26 ----D---- C:\windows\ifik
2013-12-09 15:01:21 ----D---- C:\windows\uxun
2013-12-09 15:01:16 ----D---- C:\windows\ejlj
2013-12-09 15:01:11 ----D---- C:\windows\ypfd
2013-12-09 15:01:06 ----D---- C:\windows\ozok
2013-12-09 15:00:55 ----D---- C:\windows\avyn
2013-12-09 15:00:50 ----D---- C:\windows\okeh
2013-12-09 15:00:45 ----D---- C:\windows\uppq
2013-12-09 15:00:40 ----D---- C:\windows\ikaf
2013-12-09 15:00:35 ----D---- C:\windows\uvol
2013-12-09 15:00:30 ----D---- C:\windows\oqup
2013-12-09 15:00:19 ----D---- C:\windows\ugov
2013-12-09 15:00:14 ----D---- C:\windows\fkcm
2013-12-09 15:00:09 ----D---- C:\windows\ytik
2013-12-09 15:00:04 ----D---- C:\windows\unod
2013-12-09 14:59:58 ----D---- C:\windows\izyb
2013-12-09 14:59:53 ----D---- C:\windows\zzib
2013-12-09 14:59:48 ----D---- C:\windows\epep
2013-12-09 14:59:43 ----D---- C:\windows\acam
2013-12-09 14:59:38 ----D---- C:\windows\ymwm
2013-12-09 14:59:32 ----D---- C:\windows\afaf
2013-12-09 14:59:27 ----D---- C:\windows\mtak
2013-12-09 14:59:22 ----D---- C:\windows\exod
2013-12-09 14:59:17 ----D---- C:\windows\amaf
2013-12-09 14:59:12 ----D---- C:\windows\ypyn
2013-12-09 14:59:06 ----D---- C:\windows\ijhp
2013-12-09 14:58:56 ----D---- C:\windows\pzuk
2013-12-09 14:58:50 ----D---- C:\windows\ukoh
2013-12-09 14:58:45 ----D---- C:\windows\ilaj
2013-12-09 14:58:40 ----D---- C:\windows\atyf
2013-12-09 14:58:35 ----D---- C:\windows\ztif
2013-12-09 14:58:25 ----D---- C:\windows\ijam
2013-12-09 14:58:19 ----D---- C:\windows\obef
2013-12-09 14:58:14 ----D---- C:\windows\inag
2013-12-09 14:58:09 ----D---- C:\windows\esuc
2013-12-09 14:58:04 ----D---- C:\windows\ybts
2013-12-09 14:57:59 ----D---- C:\windows\akyt
2013-12-09 14:57:53 ----D---- C:\windows\yvfx
2013-12-09 14:57:48 ----D---- C:\windows\yltj
2013-12-09 14:57:43 ----D---- C:\windows\ilij
2013-12-09 14:57:38 ----D---- C:\windows\akic
2013-12-09 14:57:28 ----D---- C:\windows\abiw
2013-12-09 14:57:22 ----D---- C:\windows\ynsg
2013-12-09 14:57:17 ----D---- C:\windows\ubuk
2013-12-09 14:57:12 ----D---- C:\windows\tdyq
2013-12-09 14:57:07 ----D---- C:\windows\esot
2013-12-09 14:56:56 ----D---- C:\windows\yjip
2013-12-09 14:56:51 ----D---- C:\windows\sjap
2013-12-09 14:56:46 ----D---- C:\windows\ixap
2013-12-09 14:56:41 ----D---- C:\windows\imyq
2013-12-09 14:56:36 ----D---- C:\windows\ejon
2013-12-09 14:56:31 ----D---- C:\windows\ejox
2013-12-09 14:56:24 ----D---- C:\windows\exjr
2013-12-09 14:56:19 ----D---- C:\windows\dlol
2013-12-09 14:56:14 ----D---- C:\windows\ogep
2013-12-09 14:56:04 ----D---- C:\windows\evuv
2013-12-09 14:55:59 ----D---- C:\windows\azib
2013-12-09 14:55:43 ----D---- C:\windows\oruj
2013-12-09 14:55:38 ----D---- C:\windows\hfyf
2013-12-09 14:55:33 ----D---- C:\windows\ifhf
2013-12-09 14:55:28 ----D---- C:\windows\akak
2013-12-09 14:55:22 ----D---- C:\windows\akit
2013-12-09 14:55:17 ----D---- C:\windows\drnx
2013-12-09 14:55:11 ----D---- C:\windows\ityc
2013-12-09 14:55:06 ----D---- C:\windows\yfat
2013-12-09 14:55:01 ----D---- C:\windows\ywab
2013-12-09 14:54:56 ----D---- C:\windows\afam
2013-12-09 14:54:46 ----D---- C:\windows\ymac
2013-12-09 14:54:40 ----D---- C:\windows\abbz
2013-12-09 14:54:35 ----D---- C:\windows\yzas
2013-12-09 14:54:29 ----D---- C:\windows\tssw
2013-12-09 14:54:24 ----D---- C:\windows\abih
2013-12-09 14:54:19 ----D---- C:\windows\vnuj
2013-12-09 14:54:14 ----D---- C:\windows\amsf
2013-12-09 14:54:08 ----D---- C:\windows\ygyd
2013-12-09 14:54:03 ----D---- C:\windows\umew
2013-12-09 14:53:58 ----D---- C:\windows\osut
2013-12-09 14:53:53 ----D---- C:\windows\ukoz
2013-12-09 14:53:48 ----D---- C:\windows\ufoh
2013-12-09 14:53:43 ----D---- C:\windows\yniq
2013-12-09 14:53:37 ----D---- C:\windows\yzaz
2013-12-09 14:53:32 ----D---- C:\windows\ejoj
2013-12-09 14:53:27 ----D---- C:\windows\asis
2013-12-09 14:53:22 ----D---- C:\windows\aqeq
2013-12-09 14:53:17 ----D---- C:\windows\ocuz
2013-12-09 14:53:12 ----D---- C:\windows\apyn
2013-12-09 14:53:06 ----D---- C:\windows\owec
2013-12-09 14:53:01 ----D---- C:\windows\unlr
2013-12-09 14:52:56 ----D---- C:\windows\eduj
2013-12-09 14:52:50 ----D---- C:\windows\akim
2013-12-09 14:52:45 ----D---- C:\windows\imif
2013-12-09 14:52:40 ----D---- C:\windows\ujen
2013-12-09 14:52:35 ----D---- C:\windows\smaz
2013-12-09 14:52:29 ----D---- C:\windows\eqol
2013-12-09 14:52:24 ----D---- C:\windows\ambk
2013-12-09 14:52:19 ----D---- C:\windows\amac
2013-12-09 14:52:14 ----D---- C:\windows\yxyp
2013-12-09 14:52:08 ----D---- C:\windows\ebef
2013-12-09 14:52:03 ----D---- C:\windows\sgyx
2013-12-09 14:51:58 ----D---- C:\windows\uhuc
2013-12-09 14:51:52 ----D---- C:\windows\ixhq
2013-12-09 14:51:47 ----D---- C:\windows\ijyl
2013-12-09 14:51:42 ----D---- C:\windows\yjyg
2013-12-09 14:51:37 ----D---- C:\windows\lkeh
2013-12-09 14:51:32 ----D---- C:\windows\utes
2013-12-09 14:51:26 ----D---- C:\windows\aqtr
2013-12-09 14:51:21 ----D---- C:\windows\ohok
2013-12-09 14:51:16 ----D---- C:\windows\umuw
2013-12-09 14:51:11 ----D---- C:\windows\ixig
2013-12-09 14:51:06 ----D---- C:\windows\pcjw
2013-12-09 14:50:55 ----D---- C:\windows\irig
2013-12-09 14:50:50 ----D---- C:\windows\iqyd
2013-12-09 14:50:45 ----D---- C:\windows\zbyz
2013-12-09 14:50:40 ----D---- C:\windows\ibaz
2013-12-09 14:50:35 ----D---- C:\windows\ybiz
2013-12-09 14:50:29 ----D---- C:\windows\absh
2013-12-09 14:50:24 ----D---- C:\windows\uboc
2013-12-09 14:50:19 ----D---- C:\windows\ocez
2013-12-09 14:50:14 ----D---- C:\windows\ypir
2013-12-09 14:50:08 ----D---- C:\windows\ykaf
2013-12-09 14:50:03 ----D---- C:\windows\eron
2013-12-09 14:49:58 ----D---- C:\windows\urln
2013-12-09 14:49:52 ----D---- C:\windows\pzrk
2013-12-09 14:49:47 ----D---- C:\windows\akyc
2013-12-09 14:49:42 ----D---- C:\windows\udqj
2013-12-09 14:49:37 ----D---- C:\windows\qjux
2013-12-09 14:49:32 ----D---- C:\windows\exon
2013-12-09 14:49:26 ----D---- C:\windows\ibyz
2013-12-09 14:49:21 ----D---- C:\windows\zbiz
2013-12-09 14:49:16 ----D---- C:\windows\uren
2013-12-09 14:49:11 ----D---- C:\windows\gbdk
2013-12-09 14:49:06 ----D---- C:\windows\usot
2013-12-09 14:49:01 ----D---- C:\windows\alyj
2013-12-09 14:48:55 ----D---- C:\windows\akik
2013-12-09 14:48:50 ----D---- C:\windows\osom
2013-12-09 14:48:44 ----D---- C:\windows\ozof
2013-12-09 14:48:39 ----D---- C:\windows\ygan
2013-12-09 14:48:29 ----D---- C:\windows\ejor
2013-12-09 14:48:24 ----D---- C:\windows\yhib
2013-12-09 14:48:19 ----D---- C:\windows\ajil
2013-12-09 14:48:13 ----D---- C:\windows\obuc
2013-12-09 14:48:08 ----D---- C:\windows\omlw
2013-12-09 14:48:03 ----D---- C:\windows\usec
2013-12-09 14:47:58 ----D---- C:\windows\osuc
2013-12-09 14:47:52 ----D---- C:\windows\ilfn
2013-12-09 14:47:47 ----D---- C:\windows\ubef
2013-12-09 14:47:42 ----D---- C:\windows\ehut
2013-12-09 14:47:37 ----D---- C:\windows\etub
2013-12-09 14:47:32 ----D---- C:\windows\inal
2013-12-09 14:47:26 ----D---- C:\windows\ufow
2013-12-09 14:47:21 ----D---- C:\windows\ufuw
2013-12-09 14:47:16 ----D---- C:\windows\emuz
2013-12-09 14:47:11 ----D---- C:\windows\agar
2013-12-09 14:47:06 ----D---- C:\windows\ytym
2013-12-09 14:47:00 ----D---- C:\windows\azaz
2013-12-09 14:46:55 ----D---- C:\windows\enex
2013-12-09 14:46:50 ----D---- C:\windows\yjap
2013-12-09 14:46:39 ----D---- C:\windows\ixcl
2013-12-09 14:46:34 ----D---- C:\windows\evop
2013-12-09 14:46:29 ----D---- C:\windows\xpol
2013-12-09 14:46:24 ----D---- C:\windows\ibkw
2013-12-09 14:46:19 ----D---- C:\windows\qzot
2013-12-09 14:46:14 ----D---- C:\windows\agyn
2013-12-09 14:46:08 ----D---- C:\windows\avyd
2013-12-09 14:46:03 ----D---- C:\windows\epyn
2013-12-09 14:45:58 ----D---- C:\windows\asih
2013-12-09 14:45:52 ----D---- C:\windows\ycam
2013-12-09 14:45:47 ----D---- C:\windows\ozrf
2013-12-09 14:45:37 ----D---- C:\windows\ypaj
2013-12-09 14:45:26 ----D---- C:\windows\axiq
2013-12-09 14:45:21 ----D---- C:\windows\alyr
2013-12-09 14:45:16 ----D---- C:\windows\okew
2013-12-09 14:45:11 ----D---- C:\windows\iqaj
2013-12-09 14:45:06 ----D---- C:\windows\ilyd
2013-12-09 14:45:01 ----D---- C:\windows\ivyx
2013-12-09 14:44:56 ----D---- C:\windows\ecoh
2013-12-09 14:44:50 ----D---- C:\windows\yjfp
2013-12-09 14:44:45 ----D---- C:\windows\araq
2013-12-09 14:44:40 ----D---- C:\windows\ufus
2013-12-09 14:44:35 ----D---- C:\windows\etew
2013-12-09 14:44:30 ----D---- C:\windows\yfak
2013-12-09 14:44:25 ----D---- C:\windows\iwts
2013-12-09 14:44:19 ----D---- C:\windows\yhaz
2013-12-09 14:44:14 ----D---- C:\windows\elup
2013-12-09 14:44:09 ----D---- C:\windows\yhsb
2013-12-09 14:44:04 ----D---- C:\windows\asyz
2013-12-09 14:43:59 ----D---- C:\windows\ixyg
2013-12-09 14:43:53 ----D---- C:\windows\ehof
2013-12-09 14:43:48 ----D---- C:\windows\agir
2013-12-09 14:43:43 ----D---- C:\windows\ahas
2013-12-09 14:43:38 ----D---- C:\windows\eqev
2013-12-09 14:43:33 ----D---- C:\windows\erun
2013-12-09 14:43:28 ----D---- C:\windows\akzk
2013-12-09 14:43:23 ----D---- C:\windows\asfs
2013-12-09 14:43:17 ----D---- C:\windows\onon
2013-12-09 14:43:07 ----D---- C:\windows\ygyn
2013-12-09 14:43:02 ----D---- C:\windows\uwdk
2013-12-09 14:42:57 ----D---- C:\windows\ered
2013-12-09 14:42:47 ----D---- C:\windows\atak
2013-12-09 14:42:41 ----D---- C:\windows\uvup
2013-12-09 14:42:36 ----D---- C:\windows\ogov
2013-12-09 14:42:31 ----D---- C:\windows\qgog
2013-12-09 14:42:26 ----D---- C:\windows\elov
2013-12-09 14:42:21 ----D---- C:\windows\icyc
2013-12-09 14:42:16 ----D---- C:\windows\ylid
2013-12-09 14:42:10 ----D---- C:\windows\efew
2013-12-09 14:42:05 ----D---- C:\windows\ajap
2013-12-09 14:42:00 ----D---- C:\windows\icym
2013-12-09 14:41:55 ----D---- C:\windows\ifyk
2013-12-09 14:41:50 ----D---- C:\windows\epog
2013-12-09 14:41:45 ----D---- C:\windows\bzyh
2013-12-09 14:41:39 ----D---- C:\windows\ullg
2013-12-09 14:41:34 ----D---- C:\windows\ujoj
2013-12-09 14:41:28 ----D---- C:\windows\edud
2013-12-09 14:41:23 ----D---- C:\windows\ybib
2013-12-09 14:41:18 ----D---- C:\windows\ddud
2013-12-09 14:41:13 ----D---- C:\windows\xbuk
2013-12-09 14:41:07 ----D---- C:\windows\otoz
2013-12-09 14:41:02 ----D---- C:\windows\idiv
2013-12-09 14:40:57 ----D---- C:\windows\uqov
2013-12-09 14:40:51 ----D---- C:\windows\yfit
2013-12-09 14:40:46 ----D---- C:\windows\oren
2013-12-09 14:40:41 ----D---- C:\windows\tbyh
2013-12-09 14:40:36 ----D---- C:\windows\edon
2013-12-09 14:40:31 ----D---- C:\windows\omow
2013-12-09 14:40:26 ----D---- C:\windows\yryq
2013-12-09 14:40:21 ----D---- C:\windows\mnwq
2013-12-09 14:40:15 ----D---- C:\windows\etoz
2013-12-09 14:40:10 ----D---- C:\windows\flad
2013-12-09 14:40:05 ----D---- C:\windows\yvsj
2013-12-09 14:40:00 ----D---- C:\windows\axsl
2013-12-09 14:39:55 ----D---- C:\windows\ekrh
2013-12-09 14:39:50 ----D---- C:\windows\axip
2013-12-09 14:39:44 ----D---- C:\windows\unen
2013-12-09 14:39:39 ----D---- C:\windows\amim
2013-12-09 14:39:34 ----D---- C:\windows\gkup
2013-12-09 14:39:29 ----D---- C:\windows\emos
2013-12-09 14:39:24 ----D---- C:\windows\etoh
2013-12-09 14:39:19 ----D---- C:\windows\efoz
2013-12-09 14:39:13 ----D---- C:\windows\txyp
2013-12-09 14:39:08 ----D---- C:\windows\ilyr
2013-12-09 14:39:02 ----D---- C:\windows\apix
2013-12-09 14:38:56 ----D---- C:\windows\ured
2013-12-09 14:38:51 ----D---- C:\windows\oveq
2013-12-09 14:38:46 ----D---- C:\windows\ogel
2013-12-09 14:38:40 ----D---- C:\windows\kdwv
2013-12-09 14:38:35 ----D---- C:\windows\anyg
2013-12-09 14:38:24 ----D---- C:\windows\acwt
2013-12-09 14:38:18 ----D---- C:\windows\ahcb
2013-12-09 14:38:12 ----D---- C:\windows\yqtr
2013-12-09 14:38:07 ----D---- C:\windows\uwuf
2013-12-09 14:38:02 ----D---- C:\windows\gfoz
2013-12-09 14:37:56 ----D---- C:\windows\ebuk
2013-12-09 14:37:51 ----D---- C:\windows\lfus
2013-12-09 14:37:45 ----D---- C:\windows\uwec
2013-12-09 11:40:28 ----D---- C:\ProgramData\ESET
2013-12-09 09:03:48 ----D---- C:\windows\udor
2013-12-09 08:57:24 ----D---- C:\windows\ogeq
2013-12-09 08:57:19 ----D---- C:\windows\ejun
2013-12-09 08:57:13 ----D---- C:\windows\ulep
2013-12-09 08:57:08 ----D---- C:\windows\opoq
2013-12-09 08:57:03 ----D---- C:\windows\opuq
2013-12-09 08:56:58 ----D---- C:\windows\ixis
2013-12-09 08:56:51 ----D---- C:\windows\idcq
2013-12-09 08:55:21 ----D---- C:\windows\aryl
2013-12-09 08:55:15 ----D---- C:\windows\omuw
2013-12-09 08:55:10 ----D---- C:\windows\urej
2013-12-09 08:55:05 ----D---- C:\windows\aqid
2013-12-09 08:55:00 ----D---- C:\windows\ibyb
2013-12-09 08:54:55 ----D---- C:\windows\ycaf
2013-12-09 08:54:50 ----D---- C:\windows\ykak
2013-12-09 08:54:45 ----D---- C:\windows\onud
2013-12-09 08:54:39 ----D---- C:\windows\umus
2013-12-09 08:54:34 ----D---- C:\windows\oceh
2013-12-09 08:54:29 ----D---- C:\windows\okgw
2013-12-09 08:54:24 ----D---- C:\windows\abyw
2013-12-09 08:54:19 ----D---- C:\windows\uluv
2013-12-09 08:54:14 ----D---- C:\windows\azab
2013-12-09 08:52:40 ----D---- C:\windows\pceb
2013-12-09 08:52:33 ----D---- C:\windows\iwiw
2013-12-09 08:52:28 ----D---- C:\windows\oboc
2013-12-09 08:52:22 ----D---- C:\windows\ozom
2013-12-09 08:52:17 ----D---- C:\windows\pvop
2013-12-09 08:52:11 ----D---- C:\windows\ytyf
2013-12-09 08:52:06 ----D---- C:\windows\uqug
2013-12-09 08:52:01 ----D---- C:\windows\lbuk
2013-12-09 08:51:56 ----D---- C:\windows\yqis
2013-12-09 08:51:51 ----D---- C:\windows\asiw
2013-12-09 08:51:46 ----D---- C:\windows\ifit
2013-12-09 08:51:40 ----D---- C:\windows\avir
2013-12-09 08:51:29 ----D---- C:\windows\uxoj
2013-12-09 08:51:12 ----D---- C:\windows\awyw
2013-12-04 16:19:21 ----D---- C:\windows\orig
2013-12-04 16:19:19 ----D---- C:\ProgramData\ekapjdax
2013-11-15 22:15:08 ----A---- C:\windows\SysWOW64\ieui.dll
2013-11-15 22:15:07 ----A---- C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-15 22:15:07 ----A---- C:\windows\SysWOW64\iesysprep.dll
2013-11-15 22:15:07 ----A---- C:\windows\SysWOW64\iesetup.dll
2013-11-15 22:15:07 ----A---- C:\windows\SysWOW64\iernonce.dll
2013-11-15 22:15:06 ----A---- C:\windows\SysWOW64\iertutil.dll
2013-11-15 22:15:05 ----A---- C:\windows\SysWOW64\msfeeds.dll
2013-11-15 22:15:05 ----A---- C:\windows\SysWOW64\jscript.dll
2013-11-15 22:15:04 ----A---- C:\windows\SysWOW64\jscript9.dll
2013-11-15 22:15:03 ----A---- C:\windows\SysWOW64\urlmon.dll
2013-11-15 22:15:02 ----A---- C:\windows\SysWOW64\wininet.dll
2013-11-15 22:15:02 ----A---- C:\windows\SysWOW64\jsproxy.dll
2013-11-15 22:15:00 ----A---- C:\windows\SysWOW64\ieframe.dll
2013-11-15 22:14:56 ----A---- C:\windows\SysWOW64\mshtml.dll
2013-11-14 09:25:44 ----A---- C:\windows\SysWOW64\crypt32.dll
2013-11-14 09:25:38 ----A---- C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 09:25:38 ----A---- C:\windows\SysWOW64\credui.dll
2013-11-14 09:25:38 ----A---- C:\windows\SysWOW64\authui.dll
2013-11-14 09:25:31 ----A---- C:\windows\SysWOW64\sspicli.dll
2013-11-14 09:25:31 ----A---- C:\windows\SysWOW64\schannel.dll
2013-11-14 09:25:31 ----A---- C:\windows\SysWOW64\secur32.dll
2013-11-14 09:25:31 ----A---- C:\windows\SysWOW64\ncrypt.dll
2013-11-14 09:25:29 ----A---- C:\windows\SysWOW64\gdi32.dll
2013-11-14 09:25:28 ----A---- C:\windows\SysWOW64\nshwfp.dll
2013-11-14 09:25:28 ----A---- C:\windows\SysWOW64\FWPUCLNT.DLL

-----------------EOF-----------------

======List of files/folders modified in the last 1 month======

2013-12-10 13:21:39 ----D---- C:\windows\Prefetch
2013-12-10 13:21:37 ----D---- C:\windows\Temp
2013-12-10 13:21:33 ----RD---- C:\Program Files (x86)
2013-12-10 12:09:48 ----D---- C:\Users\Sema\AppData\Roaming\Dropbox
2013-12-10 11:42:34 ----A---- C:\windows\SysWOW64\log.txt
2013-12-10 11:40:58 ----D---- C:\Windows
2013-12-10 11:37:52 ----D---- C:\Users\Sema\AppData\Roaming\Skype
2013-12-10 10:33:19 ----D---- C:\Games
2013-12-10 10:04:14 ----D---- C:\backup
2013-12-10 08:32:13 ----D---- C:\windows\System32
2013-12-10 08:32:13 ----D---- C:\windows\inf
2013-12-09 11:57:22 ----SHD---- C:\System Volume Information
2013-12-09 11:41:19 ----SHD---- C:\windows\Installer
2013-12-09 11:40:28 ----RD---- C:\Program Files
2013-12-09 11:40:28 ----HD---- C:\ProgramData
2013-12-09 11:04:06 ----D---- C:\ProgramData\Sun
2013-11-26 16:11:42 ----D---- C:\windows\SysWOW64
2013-11-26 09:15:23 ----D---- C:\ProgramData\Skype
2013-11-26 09:15:17 ----RD---- C:\Program Files (x86)\Skype
2013-11-26 09:02:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-22 13:23:43 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-18 12:20:17 ----D---- C:\windows\rescache
2013-11-15 22:20:32 ----D---- C:\windows\winsxs
2013-11-15 22:17:00 ----D---- C:\Program Files (x86)\Internet Explorer
2013-11-15 22:16:59 ----D---- C:\windows\SysWOW64\cs-CZ
2013-11-15 22:14:49 ----D---- C:\ProgramData\Microsoft Help
2013-11-15 22:08:25 ----D---- C:\Program Files (x86)\Steam
2013-11-12 09:45:36 ----D---- C:\Users\Sema\AppData\Roaming\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys []
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys []
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys []
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys []
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys []
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys []
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys []
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys []
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys []
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys []
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys []
R3 tap0901;TAP-Win32 Adapter V9; C:\windows\system32\DRIVERS\tap0901.sys []
R3 vm331avs;Digital Camera 1; C:\windows\System32\Drivers\vm331avs.sys []
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys []
S3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys []
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys []
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys []
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60a.sys []
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\windows\system32\DRIVERS\LHidFilt.Sys []
S3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0; C:\windows\system32\DRIVERS\libusb0.sys []
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\windows\system32\DRIVERS\LMouFilt.Sys []
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\windows\System32\Drivers\LUsbFilt.Sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\windows\system32\DRIVERS\netw5v64.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys []
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys []
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys []
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys []
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys []
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-11-26 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-11-26 440376]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-08-11 864032]
R2 CrossLoopService;CrossLoop Service; C:\Users\Sema\AppData\Local\CrossLoop\CrossLoopService.exe [2011-04-07 560880]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2013-09-12 1337752]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 KMService;KMService; C:\windows\system32\srvany.exe [2011-10-06 8192]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-09 268824]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe []
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2012-12-31 76888]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-15 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-15 116648]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 357456]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-05 117656]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2010-11-08 36352]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-10-14 566696]
S3 tvnserver;TightVNC Server; C:\Users\Sema\AppData\Local\CrossLoop\tvnserver.exe [2010-07-21 814080]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe []
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

Re: prosím o kontrolu logu - trojský kůn - fake email česke

Napsal: 10 pro 2013 16:34
od vyosek
Zdravim :)

:arrow: Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz