Velice časté zamrzání počítače

[Iman]

Dobrý den,

psala jsem Vám ohledně viru policie čr. Přeinstalovala jsem počítač. Vypadalo to, že bude vše v pořádku. Ale počítač je pomalý, pomalu se načítají internetové stránky, velice často počítač zamrzne a funkce se obnoví až, když ho natvrdo vypnu a opět zapnu. Když je počítač delší dobu v režimu spánku, lze ho probudit pouze opět vypnutím a zapnutím. Počítač začne stávkovat i v případě otevřených více běžných internetových stránek. Mohl by jste mi ještě poradit, zda je nutné znovu přeinstalovat nebo postupovat zcela jinak?

Děkuji Iman.

[Márty84]

Zdravim

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=30&t=130787 a podivame se na to.

[Iman]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Imanka at 2014-06-22 11:00:50
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 385 GB (89%) free of 432 GB
Total RAM: 4040 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:01:02, on 22.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\cmd.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Imanka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110905123252.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\windows\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12600 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\system32\HPSIsvc.exe
"C:\windows\system32\mfevtps.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
taskeng.exe {769D3E47-BC15-4620-9D35-66DB28ED3533}
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\Explorer.EXE
"C:\windows\system32\Dwm.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskeng.exe {14EAB513-94B0-4826-A762-AD936DDA5322}
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3844.0.1725704972\687986340" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.813.3.2000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\USB Camera\VM331_STI.EXE"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\mcafee.com\agent\mcagent.exe" /runkey
"C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_03/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="3844.2.1412369993\956498373" /prefetch:673131151
C:\windows\system32\cmd.exe /c "C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" --parent-window=0 chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ < \\.\pipe\chrome.nativeMessaging.in.d0bf7ed920eaa57 > \\.\pipe\chrome.nativeMessaging.out.d0bf7ed920eaa57
\??\C:\windows\system32\conhost.exe "-980732775-2773364831721674269521319381013239-529430415-1083659347-341958621
"C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" --parent-window=0 chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/
"c:\PROGRA~2\mcafee\SITEAD~1\saui.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_03/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="3844.5.784008041\1797640700" /prefetch:673131151
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait
"C:\windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\sppsvc.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 6104
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Imanka\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110905123252.dll [2011-03-13 92888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner64.dll [2011-09-05 750064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-06-18 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-06-18 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-01-24 301104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110905123252.dll [2011-03-13 78456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner.dll [2011-09-05 433648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-18 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-06-18 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-01-24 252664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-01-24 301104]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-06-18 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-01-24 252664]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-06-18 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-03-26 418840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-08 2741544]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2011-09-05 114688]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2011-09-05 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2011-09-05 5908928]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-25 336384]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331_STI.EXE [2011-06-15 548864]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-26 222504]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2011-03-12 1658440]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"VeriFaceManager"=C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2011-09-05 329056]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-06-18 3890208]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 959904]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-03-25 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-06-22 11:00:50 ----D---- C:\rsit
2014-06-22 11:00:50 ----D---- C:\Program Files\trend micro
2014-06-21 15:30:30 ----HD---- C:\ProgramData\CanonIJScan
2014-06-21 15:30:03 ----D---- C:\Users\Imanka\AppData\Roaming\Canon
2014-06-21 15:28:44 ----HD---- C:\ProgramData\CanonIJEGV
2014-06-20 21:51:30 ----D---- C:\Users\Imanka\AppData\Roaming\vlc
2014-06-20 17:39:51 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2014-06-20 17:39:51 ----A---- C:\windows\system32\WMPhoto.dll
2014-06-20 17:39:49 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-20 17:39:40 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2014-06-20 17:39:40 ----A---- C:\windows\system32\d3d10warp.dll
2014-06-20 17:39:39 ----A---- C:\windows\SYSWOW64\d2d1.dll
2014-06-20 17:39:39 ----A---- C:\windows\system32\d2d1.dll
2014-06-20 17:39:35 ----A---- C:\windows\system32\drivers\BTHUSB.SYS
2014-06-20 17:39:35 ----A---- C:\windows\system32\drivers\bthport.sys
2014-06-20 17:39:32 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2014-06-20 17:39:32 ----A---- C:\windows\system32\WindowsCodecs.dll
2014-06-20 17:39:29 ----A---- C:\windows\system32\spoolsv.exe
2014-06-20 17:39:28 ----A---- C:\windows\splwow64.exe
2014-06-20 13:19:35 ----D---- C:\windows\SYSWOW64\Wat
2014-06-20 13:19:34 ----D---- C:\windows\system32\Wat
2014-06-20 13:18:47 ----SD---- C:\windows\system32\CompatTel
2014-06-19 22:23:39 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2014-06-19 22:23:38 ----A---- C:\windows\SYSWOW64\wmp.dll
2014-06-19 22:09:51 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2014-06-19 22:07:01 ----D---- C:\windows\Migration
2014-06-19 21:58:28 ----A---- C:\windows\system32\IEUDINIT.EXE
2014-06-19 21:46:05 ----A---- C:\windows\SYSWOW64\elshyph.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\wextract.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\webcheck.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\url.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\occache.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msls31.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshta.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jsIntl.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jscript.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\inseng.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\imgutil.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iexpress.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iepeers.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieapfltr.dat
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\icardie.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\wininet.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\wextract.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\webcheck.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\vbscript.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\urlmon.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\url.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\pngfilt.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\occache.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\msrating.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\msls31.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshtmler.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshtmled.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\MshtmlDac.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshtml.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshta.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\msfeedssync.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\msfeedsbs.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\msfeeds.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\licmgr10.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jsproxy.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jsIntl.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jscript9diag.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jscript9.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jscript.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\inseng.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\imgutil.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iexpress.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieUnatt.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieui.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iesysprep.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iesetup.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iertutil.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iernonce.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iepeers.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieframe.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieetwcollector.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\iedkcs32.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieapfltr.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieapfltr.dat
2014-06-19 21:45:59 ----A---- C:\windows\system32\IEAdvpack.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ie4uinit.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\icardie.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\elshyph.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\dxtrans.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\dxtmsft.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\XpsPrint.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\XpsGdiConverter.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\WindowsCodecsExt.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\UIAnimation.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\dxgi.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\DWrite.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10level9.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10core.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10_1core.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10_1.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\XpsPrint.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\XpsGdiConverter.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\WindowsCodecsExt.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\UIAnimation.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\msmpeg2vdec.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\FntCache.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\dxgi.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\DWrite.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10level9.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10core.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10_1core.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10_1.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10.dll
2014-06-19 21:00:15 ----A---- C:\windows\system32\browserchoice.exe
2014-06-19 20:45:41 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2014-06-19 20:45:41 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2014-06-19 20:45:40 ----A---- C:\windows\system32\WUDFSvc.dll
2014-06-19 20:45:40 ----A---- C:\windows\system32\WUDFPlatform.dll
2014-06-19 20:45:38 ----A---- C:\windows\system32\WUDFx.dll
2014-06-19 20:45:38 ----A---- C:\windows\system32\WUDFHost.exe
2014-06-19 20:45:38 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2014-06-19 20:31:03 ----A---- C:\windows\system32\drivers\fs_rec.sys
2014-06-19 20:31:02 ----A---- C:\windows\SYSWOW64\wmi.dll
2014-06-19 20:31:02 ----A---- C:\windows\system32\wmi.dll
2014-06-19 20:29:07 ----D---- C:\Program Files\Microsoft Silverlight
2014-06-19 20:29:07 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-06-19 14:11:11 ----A---- C:\windows\system32\drivers\RNDISMP.sys
2014-06-19 14:11:11 ----A---- C:\windows\system32\drivers\ndis.sys
2014-06-19 14:10:55 ----A---- C:\windows\SYSWOW64\xmllite.dll
2014-06-19 14:10:55 ----A---- C:\windows\system32\xmllite.dll
2014-06-19 14:10:42 ----A---- C:\windows\system32\msieftp.dll
2014-06-19 14:10:41 ----A---- C:\windows\SYSWOW64\msieftp.dll
2014-06-19 14:10:40 ----A---- C:\windows\system32\odbccu32.dll
2014-06-19 14:10:40 ----A---- C:\windows\system32\odbccr32.dll
2014-06-19 14:10:39 ----A---- C:\windows\SYSWOW64\odbcjt32.dll
2014-06-19 14:10:39 ----A---- C:\windows\system32\odbctrac.dll
2014-06-19 14:10:39 ----A---- C:\windows\system32\odbccp32.dll
2014-06-19 14:10:38 ----A---- C:\windows\SYSWOW64\odbccu32.dll
2014-06-19 14:10:38 ----A---- C:\windows\SYSWOW64\odbccr32.dll
2014-06-19 14:10:38 ----A---- C:\windows\SYSWOW64\odbccp32.dll
2014-06-19 14:10:36 ----A---- C:\windows\SYSWOW64\odbctrac.dll
2014-06-19 14:10:33 ----A---- C:\windows\system32\wwansvc.dll
2014-06-19 14:10:33 ----A---- C:\windows\system32\wwanprotdim.dll
2014-06-19 14:10:28 ----A---- C:\windows\system32\comctl32.dll
2014-06-19 14:10:27 ----A---- C:\windows\SYSWOW64\comctl32.dll
2014-06-19 14:09:53 ----A---- C:\windows\system32\poqexec.exe
2014-06-19 14:09:52 ----A---- C:\windows\SYSWOW64\poqexec.exe
2014-06-19 14:09:48 ----A---- C:\windows\SYSWOW64\dhcpcsvc6.dll
2014-06-19 14:09:48 ----A---- C:\windows\SYSWOW64\dhcpcore6.dll
2014-06-19 14:09:48 ----A---- C:\windows\system32\dhcpcsvc6.dll
2014-06-19 14:09:48 ----A---- C:\windows\system32\dhcpcore6.dll
2014-06-19 14:09:33 ----A---- C:\windows\system32\mstscax.dll
2014-06-19 14:09:32 ----A---- C:\windows\SYSWOW64\mstscax.dll
2014-06-19 14:09:31 ----A---- C:\windows\SYSWOW64\aaclient.dll
2014-06-19 14:09:30 ----A---- C:\windows\system32\tsgqec.dll
2014-06-19 14:09:30 ----A---- C:\windows\system32\aaclient.dll
2014-06-19 14:09:29 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2014-06-19 14:09:11 ----A---- C:\windows\system32\shell32.dll
2014-06-19 14:09:10 ----A---- C:\windows\SYSWOW64\shell32.dll
2014-06-19 14:09:05 ----A---- C:\windows\system32\wintrust.dll
2014-06-19 14:09:04 ----A---- C:\windows\SYSWOW64\wintrust.dll
2014-06-19 14:08:36 ----A---- C:\windows\system32\quartz.dll
2014-06-19 14:08:35 ----A---- C:\windows\SYSWOW64\quartz.dll
2014-06-19 14:08:34 ----A---- C:\windows\SYSWOW64\qdvd.dll
2014-06-19 14:08:34 ----A---- C:\windows\system32\qdvd.dll
2014-06-19 14:08:29 ----A---- C:\windows\SYSWOW64\ntshrui.dll
2014-06-19 14:08:24 ----A---- C:\windows\SYSWOW64\mssrch.dll
2014-06-19 14:08:23 ----A---- C:\windows\SYSWOW64\tquery.dll
2014-06-19 14:08:22 ----A---- C:\windows\SYSWOW64\SearchProtocolHost.exe
2014-06-19 14:08:22 ----A---- C:\windows\SYSWOW64\SearchIndexer.exe
2014-06-19 14:08:22 ----A---- C:\windows\SYSWOW64\mssph.dll
2014-06-19 14:08:21 ----A---- C:\windows\system32\mssvp.dll
2014-06-19 14:08:21 ----A---- C:\windows\system32\mssphtb.dll
2014-06-19 14:08:20 ----A---- C:\windows\SYSWOW64\SearchFilterHost.exe
2014-06-19 14:08:20 ----A---- C:\windows\SYSWOW64\mssvp.dll
2014-06-19 14:08:20 ----A---- C:\windows\system32\msscntrs.dll
2014-06-19 14:08:19 ----A---- C:\windows\SYSWOW64\mssphtb.dll
2014-06-19 14:08:19 ----A---- C:\windows\SYSWOW64\msscntrs.dll
2014-06-19 14:08:09 ----A---- C:\windows\system32\consent.exe
2014-06-19 14:08:09 ----A---- C:\windows\system32\appinfo.dll
2014-06-19 14:07:43 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2014-06-19 14:06:46 ----A---- C:\windows\SYSWOW64\wer.dll
2014-06-19 14:06:41 ----A---- C:\windows\SYSWOW64\crypt32.dll
2014-06-19 14:06:41 ----A---- C:\windows\system32\cryptsvc.dll
2014-06-19 14:06:41 ----A---- C:\windows\system32\cryptnet.dll
2014-06-19 14:06:41 ----A---- C:\windows\system32\crypt32.dll
2014-06-19 14:06:40 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2014-06-19 14:06:40 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2014-06-19 14:06:18 ----A---- C:\windows\system32\imagehlp.dll
2014-06-19 14:06:17 ----A---- C:\windows\SYSWOW64\imagehlp.dll
2014-06-19 14:06:15 ----A---- C:\windows\system32\drivers\tcpip.sys
2014-06-19 14:06:15 ----A---- C:\windows\system32\drivers\netio.sys
2014-06-19 14:06:15 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-19 14:06:07 ----A---- C:\windows\system32\tzres.dll
2014-06-19 14:06:06 ----A---- C:\windows\SYSWOW64\tzres.dll
2014-06-19 14:05:38 ----A---- C:\windows\system32\msxml6.dll
2014-06-19 14:05:37 ----A---- C:\windows\SYSWOW64\msxml6.dll
2014-06-19 14:05:36 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2014-06-19 14:05:36 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-06-19 14:05:36 ----A---- C:\windows\system32\msxml6r.dll
2014-06-19 14:05:35 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-06-19 14:05:35 ----A---- C:\windows\system32\msxml3r.dll
2014-06-19 14:05:03 ----A---- C:\windows\system32\drivers\afd.sys
2014-06-19 14:04:58 ----A---- C:\windows\system32\drivers\portcls.sys
2014-06-19 14:04:58 ----A---- C:\windows\system32\drivers\drmk.sys
2014-06-19 14:04:47 ----A---- C:\windows\system32\win32k.sys
2014-06-19 14:04:45 ----A---- C:\windows\system32\drivers\ataport.sys
2014-06-19 14:04:34 ----A---- C:\windows\system32\authui.dll
2014-06-19 14:04:33 ----A---- C:\windows\SYSWOW64\authui.dll
2014-06-19 14:04:33 ----A---- C:\windows\system32\SmartcardCredentialProvider.dll
2014-06-19 14:04:33 ----A---- C:\windows\system32\credui.dll
2014-06-19 14:04:32 ----A---- C:\windows\SYSWOW64\SmartcardCredentialProvider.dll
2014-06-19 14:04:32 ----A---- C:\windows\SYSWOW64\credui.dll
2014-06-19 14:04:16 ----A---- C:\windows\SYSWOW64\atmfd.dll
2014-06-19 14:04:16 ----A---- C:\windows\system32\atmfd.dll
2014-06-19 14:04:15 ----A---- C:\windows\SYSWOW64\atmlib.dll
2014-06-19 14:04:15 ----A---- C:\windows\system32\lpk.dll
2014-06-19 14:04:15 ----A---- C:\windows\system32\dciman32.dll
2014-06-19 14:04:15 ----A---- C:\windows\system32\atmlib.dll
2014-06-19 14:04:14 ----A---- C:\windows\SYSWOW64\lpk.dll
2014-06-19 14:04:14 ----A---- C:\windows\SYSWOW64\dciman32.dll
2014-06-19 14:04:14 ----A---- C:\windows\system32\fontsub.dll
2014-06-19 14:04:13 ----A---- C:\windows\SYSWOW64\fontsub.dll
2014-06-19 14:04:09 ----A---- C:\windows\system32\RMActivate_isv.exe
2014-06-19 14:04:09 ----A---- C:\windows\system32\RMActivate.exe
2014-06-19 14:04:08 ----A---- C:\windows\SYSWOW64\RMActivate_isv.exe
2014-06-19 14:04:08 ----A---- C:\windows\SYSWOW64\RMActivate.exe
2014-06-19 14:04:07 ----A---- C:\windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-06-19 14:04:07 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe
2014-06-19 14:04:07 ----A---- C:\windows\system32\RMActivate_ssp.exe
2014-06-19 14:04:05 ----A---- C:\windows\SYSWOW64\secproc_isv.dll
2014-06-19 14:04:05 ----A---- C:\windows\SYSWOW64\RMActivate_ssp.exe
2014-06-19 14:04:05 ----A---- C:\windows\system32\secproc_isv.dll
2014-06-19 14:04:04 ----A---- C:\windows\SYSWOW64\secproc.dll
2014-06-19 14:04:04 ----A---- C:\windows\system32\secproc.dll
2014-06-19 14:04:04 ----A---- C:\windows\system32\msdrm.dll
2014-06-19 14:04:03 ----A---- C:\windows\SYSWOW64\msdrm.dll
2014-06-19 14:04:03 ----A---- C:\windows\system32\secproc_ssp_isv.dll
2014-06-19 14:04:03 ----A---- C:\windows\system32\secproc_ssp.dll
2014-06-19 14:04:02 ----A---- C:\windows\SYSWOW64\secproc_ssp_isv.dll
2014-06-19 14:04:02 ----A---- C:\windows\SYSWOW64\secproc_ssp.dll
2014-06-19 14:03:45 ----A---- C:\windows\system32\drivers\usbehci.sys
2014-06-19 14:03:44 ----A---- C:\windows\system32\drivers\usbport.sys
2014-06-19 14:03:44 ----A---- C:\windows\system32\drivers\usbhub.sys
2014-06-19 14:03:44 ----A---- C:\windows\system32\drivers\usbd.sys
2014-06-19 14:03:44 ----A---- C:\windows\system32\drivers\usbccgp.sys
2014-06-19 14:03:42 ----A---- C:\windows\SYSWOW64\d3d11.dll
2014-06-19 14:03:42 ----A---- C:\windows\system32\d3d11.dll
2014-06-19 14:03:05 ----A---- C:\windows\system32\drivers\usbvideo.sys
2014-06-19 14:03:05 ----A---- C:\windows\system32\drivers\usbcir.sys
2014-06-19 14:02:29 ----A---- C:\windows\system32\ntoskrnl.exe
2014-06-19 14:02:28 ----A---- C:\windows\system32\schannel.dll
2014-06-19 14:02:28 ----A---- C:\windows\system32\lsasrv.dll
2014-06-19 14:02:27 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2014-06-19 14:02:27 ----A---- C:\windows\system32\kerberos.dll
2014-06-19 14:02:26 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2014-06-19 14:02:26 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-06-19 14:02:25 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-06-19 14:02:25 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-06-19 14:02:25 ----A---- C:\windows\system32\winlogon.exe
2014-06-19 14:02:25 ----A---- C:\windows\system32\msv1_0.dll
2014-06-19 14:02:25 ----A---- C:\windows\system32\KernelBase.dll
2014-06-19 14:02:24 ----A---- C:\windows\system32\objsel.dll
2014-06-19 14:02:24 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2014-06-19 14:02:24 ----A---- C:\windows\system32\drivers\cng.sys
2014-06-19 14:02:23 ----A---- C:\windows\SYSWOW64\objsel.dll
2014-06-19 14:02:22 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2014-06-19 14:02:22 ----A---- C:\windows\system32\TSpkg.dll
2014-06-19 14:02:21 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2014-06-19 14:02:21 ----A---- C:\windows\system32\wdigest.dll
2014-06-19 14:02:20 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-06-19 14:02:20 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-06-19 14:02:19 ----A---- C:\windows\system32\smss.exe
2014-06-19 14:02:19 ----A---- C:\windows\system32\drivers\ksecdd.sys
2014-06-19 14:02:19 ----A---- C:\windows\system32\dimsroam.dll
2014-06-19 14:02:18 ----A---- C:\windows\SYSWOW64\dimsroam.dll
2014-06-19 14:02:18 ----A---- C:\windows\SYSWOW64\cngprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\SYSWOW64\capiprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\SYSWOW64\adprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\system32\lsass.exe
2014-06-19 14:02:18 ----A---- C:\windows\system32\dpapiprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\system32\cngprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\system32\capiprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\system32\adprovider.dll
2014-06-19 14:02:17 ----A---- C:\windows\SYSWOW64\dpapiprovider.dll
2014-06-19 14:02:17 ----A---- C:\windows\system32\sspicli.dll
2014-06-19 14:02:17 ----A---- C:\windows\system32\csrsrv.dll
2014-06-19 14:02:16 ----A---- C:\windows\SYSWOW64\wincredprovider.dll
2014-06-19 14:02:16 ----A---- C:\windows\system32\wincredprovider.dll
2014-06-19 14:02:15 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-06-19 14:02:15 ----A---- C:\windows\system32\secur32.dll
2014-06-19 14:02:15 ----A---- C:\windows\system32\credssp.dll
2014-06-19 14:02:14 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-06-19 14:02:14 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-06-19 14:02:14 ----A---- C:\windows\system32\sspisrv.dll
2014-06-19 14:02:03 ----A---- C:\windows\system32\apisetschema.dll
2014-06-19 14:02:02 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2014-06-19 14:01:06 ----A---- C:\windows\system32\WMVDECOD.DLL
2014-06-19 14:01:05 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2014-06-19 14:01:04 ----A---- C:\windows\system32\drivers\usb8023.sys
2014-06-19 14:01:01 ----A---- C:\windows\system32\rdrmemptylst.exe
2014-06-19 14:01:01 ----A---- C:\windows\system32\rdpwsx.dll
2014-06-19 14:01:01 ----A---- C:\windows\system32\rdpcorekmts.dll
2014-06-19 14:00:52 ----A---- C:\windows\system32\Wdfres.dll
2014-06-19 14:00:52 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2014-06-19 14:00:52 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2014-06-19 14:00:51 ----A---- C:\windows\system32\rpcrt4.dll
2014-06-19 14:00:50 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2014-06-19 14:00:49 ----A---- C:\windows\system32\profsvc.dll
2014-06-19 14:00:44 ----A---- C:\windows\SYSWOW64\ncsi.dll
2014-06-19 14:00:44 ----A---- C:\windows\system32\ncsi.dll
2014-06-19 14:00:43 ----A---- C:\windows\SYSWOW64\netcorehc.dll
2014-06-19 14:00:43 ----A---- C:\windows\system32\nlasvc.dll
2014-06-19 14:00:43 ----A---- C:\windows\system32\netcorehc.dll
2014-06-19 14:00:43 ----A---- C:\windows\system32\iphlpsvc.dll
2014-06-19 14:00:42 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2014-06-19 14:00:39 ----A---- C:\windows\system32\nlaapi.dll
2014-06-19 14:00:39 ----A---- C:\windows\system32\drivers\tcpipreg.sys
2014-06-19 14:00:37 ----A---- C:\windows\SYSWOW64\netevent.dll
2014-06-19 14:00:37 ----A---- C:\windows\system32\netevent.dll
2014-06-19 14:00:25 ----A---- C:\windows\system32\drivers\usbscan.sys
2014-06-19 14:00:25 ----A---- C:\windows\system32\drivers\hidparse.sys
2014-06-19 14:00:25 ----A---- C:\windows\system32\drivers\hidclass.sys
2014-06-19 14:00:23 ----A---- C:\windows\system32\psisdecd.dll
2014-06-19 14:00:22 ----A---- C:\windows\SYSWOW64\psisdecd.dll
2014-06-19 13:59:10 ----A---- C:\windows\SYSWOW64\WebClnt.dll
2014-06-19 13:59:10 ----A---- C:\windows\system32\WebClnt.dll
2014-06-19 13:59:09 ----A---- C:\windows\SYSWOW64\davclnt.dll
2014-06-19 13:59:09 ----A---- C:\windows\system32\drivers\mrxdav.sys
2014-06-19 13:59:09 ----A---- C:\windows\system32\davclnt.dll
2014-06-19 13:59:07 ----A---- C:\windows\SYSWOW64\dpnet.dll
2014-06-19 13:59:07 ----A---- C:\windows\system32\dpnet.dll
2014-06-19 13:58:54 ----A---- C:\windows\system32\tdh.dll
2014-06-19 13:58:54 ----A---- C:\windows\system32\ntdll.dll
2014-06-19 13:58:54 ----A---- C:\windows\system32\advapi32.dll
2014-06-19 13:58:53 ----A---- C:\windows\SYSWOW64\tdh.dll
2014-06-19 13:58:53 ----A---- C:\windows\SYSWOW64\ntdll.dll
2014-06-19 13:58:52 ----A---- C:\windows\SYSWOW64\advapi32.dll
2014-06-19 13:58:33 ----A---- C:\windows\system32\OxpsConverter.exe
2014-06-19 13:58:27 ----A---- C:\windows\system32\mswsock.dll
2014-06-19 13:58:26 ----A---- C:\windows\SYSWOW64\mswsock.dll
2014-06-19 13:58:21 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2014-06-19 13:58:19 ----A---- C:\windows\system32\drivers\rdpwd.sys
2014-06-19 13:58:04 ----A---- C:\windows\system32\Wpc.dll
2014-06-19 13:58:03 ----A---- C:\windows\SYSWOW64\Wpc.dll
2014-06-19 13:58:03 ----A---- C:\windows\SYSWOW64\gameux.dll
2014-06-19 13:58:03 ----A---- C:\windows\system32\gameux.dll
2014-06-19 13:54:50 ----A---- C:\windows\system32\aepdu.dll
2014-06-19 13:54:50 ----A---- C:\windows\system32\aeinv.dll
2014-06-19 13:54:45 ----A---- C:\windows\system32\drivers\partmgr.sys
2014-06-19 13:54:40 ----A---- C:\windows\system32\msi.dll
2014-06-19 13:54:39 ----A---- C:\windows\SYSWOW64\msi.dll
2014-06-19 13:54:37 ----A---- C:\windows\SYSWOW64\synceng.dll
2014-06-19 13:54:37 ----A---- C:\windows\system32\synceng.dll
2014-06-19 13:54:26 ----A---- C:\windows\system32\drivers\storport.sys
2014-06-19 13:54:26 ----A---- C:\windows\system32\drivers\msiscsi.sys
2014-06-19 13:54:25 ----A---- C:\windows\system32\drivers\Diskdump.sys
2014-06-19 13:54:24 ----A---- C:\windows\SYSWOW64\iologmsg.dll
2014-06-19 13:54:24 ----A---- C:\windows\system32\iologmsg.dll
2014-06-19 13:54:04 ----A---- C:\windows\SYSWOW64\shdocvw.dll
2014-06-19 13:54:04 ----A---- C:\windows\system32\shdocvw.dll
2014-06-19 13:53:51 ----A---- C:\windows\SYSWOW64\win32spl.dll
2014-06-19 13:53:51 ----A---- C:\windows\system32\win32spl.dll
2014-06-19 13:53:49 ----A---- C:\windows\system32\gdi32.dll
2014-06-19 13:53:48 ----A---- C:\windows\SYSWOW64\gdi32.dll
2014-06-19 13:53:47 ----A---- C:\windows\system32\taskhost.exe
2014-06-19 13:53:46 ----A---- C:\windows\SYSWOW64\qedit.dll
2014-06-19 13:53:46 ----A---- C:\windows\system32\qedit.dll
2014-06-19 13:53:42 ----A---- C:\windows\system32\drivers\fvevol.sys
2014-06-19 13:53:40 ----A---- C:\windows\system32\srcore.dll
2014-06-19 13:53:39 ----A---- C:\windows\SYSWOW64\srclient.dll
2014-06-19 13:53:29 ----A---- C:\windows\SYSWOW64\cryptdlg.dll
2014-06-19 13:53:29 ----A---- C:\windows\system32\cryptdlg.dll
2014-06-19 13:53:07 ----A---- C:\windows\system32\umpnpmgr.dll
2014-06-19 13:53:06 ----A---- C:\windows\SYSWOW64\drvinst.exe
2014-06-19 13:53:06 ----A---- C:\windows\SYSWOW64\devrtl.dll
2014-06-19 13:53:06 ----A---- C:\windows\SYSWOW64\devobj.dll
2014-06-19 13:53:06 ----A---- C:\windows\SYSWOW64\cfgmgr32.dll
2014-06-19 13:52:58 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-19 13:52:58 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-19 13:52:57 ----A---- C:\windows\system32\netapi32.dll
2014-06-19 13:52:57 ----A---- C:\windows\system32\browser.dll
2014-06-19 13:52:57 ----A---- C:\windows\system32\browcli.dll
2014-06-19 13:52:56 ----A---- C:\windows\SYSWOW64\netapi32.dll
2014-06-19 13:52:56 ----A---- C:\windows\SYSWOW64\browcli.dll
2014-06-19 13:52:48 ----A---- C:\windows\system32\wow64win.dll
2014-06-19 13:52:48 ----A---- C:\windows\system32\wow64.dll
2014-06-19 13:52:48 ----A---- C:\windows\system32\kernel32.dll
2014-06-19 13:52:47 ----A---- C:\windows\SYSWOW64\kernel32.dll
2014-06-19 13:52:47 ----A---- C:\windows\system32\winsrv.dll
2014-06-19 13:52:47 ----A---- C:\windows\system32\conhost.exe
2014-06-19 13:52:46 ----A---- C:\windows\SYSWOW64\setup16.exe
2014-06-19 13:52:46 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2014-06-19 13:52:46 ----A---- C:\windows\system32\ntvdm64.dll
2014-06-19 13:52:45 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-19 13:52:45 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-19 13:52:45 ----A---- C:\windows\SYSWOW64\instnm.exe
2014-06-19 13:52:45 ----A---- C:\windows\system32\wow64cpu.dll
2014-06-19 13:52:44 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-06-19 13:52:44 ----A---- C:\windows\SYSWOW64\wow32.dll
2014-06-19 13:52:43 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-06-19 13:52:43 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-19 13:52:43 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-06-19 13:52:43 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-19 13:52:43 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-06-19 13:52:39 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-19 13:52:39 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-06-19 13:52:39 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-19 13:52:39 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-06-19 13:52:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-06-19 13:52:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-06-19 13:52:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-19 13:52:36 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-06-19 13:52:34 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-06-19 13:52:34 ----A---- C:\windows\SYSWOW64\user.exe
2014-06-19 13:52:31 ----A---- C:\windows\system32\drivers\bowser.sys
2014-06-19 13:52:23 ----A---- C:\windows\system32\msvcrt.dll
2014-06-19 13:52:22 ----A---- C:\windows\SYSWOW64\msvcrt.dll
2014-06-19 13:52:18 ----A---- C:\windows\system32\drivers\ntfs.sys
2014-06-19 13:52:11 ----A---- C:\windows\SYSWOW64\certutil.exe
2014-06-19 13:52:11 ----A---- C:\windows\system32\certutil.exe
2014-06-19 13:52:09 ----A---- C:\windows\SYSWOW64\certenc.dll
2014-06-19 13:52:09 ----A---- C:\windows\system32\certenc.dll
2014-06-19 13:51:52 ----A---- C:\windows\system32\localspl.dll
2014-06-19 13:51:50 ----A---- C:\windows\SYSWOW64\wscript.exe
2014-06-19 13:51:50 ----A---- C:\windows\SYSWOW64\scrrun.dll
2014-06-19 13:51:50 ----A---- C:\windows\SYSWOW64\cscript.exe
2014-06-19 13:51:50 ----A---- C:\windows\system32\wscript.exe
2014-06-19 13:51:50 ----A---- C:\windows\system32\scrrun.dll
2014-06-19 13:51:50 ----A---- C:\windows\system32\cscript.exe
2014-06-19 13:51:47 ----A---- C:\windows\SYSWOW64\EncDec.dll
2014-06-19 13:51:47 ----A---- C:\windows\system32\EncDec.dll
2014-06-19 13:51:45 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2014-06-19 13:51:45 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2014-06-19 13:51:45 ----A---- C:\windows\system32\cdd.dll
2014-06-19 13:51:44 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2014-06-19 13:51:44 ----A---- C:\windows\SYSWOW64\oleacc.dll
2014-06-19 13:51:44 ----A---- C:\windows\system32\oleaut32.dll
2014-06-19 13:51:44 ----A---- C:\windows\system32\oleacc.dll
2014-06-19 13:51:33 ----A---- C:\windows\SYSWOW64\cdosys.dll
2014-06-19 13:51:32 ----A---- C:\windows\system32\cdosys.dll
2014-06-19 13:51:11 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2014-06-19 13:51:11 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2014-06-19 13:51:11 ----A---- C:\windows\system32\nshwfp.dll
2014-06-19 13:51:11 ----A---- C:\windows\system32\IKEEXT.DLL
2014-06-19 13:51:11 ----A---- C:\windows\system32\FWPUCLNT.DLL
2014-06-19 13:51:08 ----A---- C:\windows\system32\scavengeui.dll
2014-06-19 13:08:42 ----A---- C:\windows\SYSWOW64\packager.dll
2014-06-19 13:08:42 ----A---- C:\windows\system32\packager.dll
2014-06-18 21:01:19 ----SHD---- C:\windows\ftpcache
2014-06-18 21:00:47 ----A---- C:\windows\system32\HPSIsvc.exe
2014-06-18 21:00:39 ----A---- C:\windows\system32\HP1100SM.EXE
2014-06-18 21:00:39 ----A---- C:\windows\system32\HP1100LM.DLL
2014-06-18 20:59:48 ----A---- C:\windows\system32\mvhlewsi.DLL
2014-06-18 20:59:46 ----D---- C:\Program Files\HP
2014-06-18 20:59:38 ----A---- C:\windows\system32\HP1100SMs.dll
2014-06-18 17:43:14 ----SHD---- C:\System Volume Information
2014-06-18 17:43:14 ----ASH---- C:\pagefile.sys
2014-06-18 17:43:07 ----ASH---- C:\hiberfil.sys
2014-06-18 17:20:18 ----D---- C:\Program Files (x86)\ArcSoft
2014-06-18 17:20:18 ----A---- C:\windows\PCDLIB32.DLL
2014-06-18 17:19:19 ----D---- C:\Program Files\Common Files\CANON
2014-06-18 17:17:51 ----HD---- C:\windows\system32\CanonIJ Uninstaller Information
2014-06-18 17:17:17 ----A---- C:\windows\system32\CNQ4807O.DLL
2014-06-18 17:17:17 ----A---- C:\windows\system32\CNQ4807L.DLL
2014-06-18 17:17:17 ----A---- C:\windows\system32\CNQ4807I.DLL
2014-06-18 17:17:17 ----A---- C:\windows\system32\CNQ4807C.DLL
2014-06-18 17:17:16 ----HD---- C:\Program Files\CanonBJ
2014-06-18 17:16:15 ----D---- C:\Program Files (x86)\Canon
2014-06-18 17:13:17 ----D---- C:\Program Files (x86)\VideoLAN
2014-06-18 17:06:27 ----D---- C:\Program Files (x86)\Microsoft Works
2014-06-18 17:05:57 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2014-06-18 17:05:15 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-06-18 17:03:29 ----D---- C:\Program Files\Microsoft Office
2014-06-18 17:03:22 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-06-18 17:02:41 ----D---- C:\ProgramData\Microsoft Help
2014-06-18 17:02:25 ----RHD---- C:\MSOCache
2014-06-18 16:58:40 ----D---- C:\Program Files (x86)\SETOUT
2014-06-18 16:38:32 ----D---- C:\Program Files (x86)\Adobe
2014-06-18 16:37:43 ----D---- C:\ProgramData\Adobe
2014-06-18 16:32:18 ----D---- C:\Program Files (x86)\LinguArabica
2014-06-18 16:18:20 ----D---- C:\Users\Imanka\AppData\Roaming\AVAST Software
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswVmm.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswstm.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswsp.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswsnx.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswHwid.sys
2014-06-18 16:17:49 ----A---- C:\windows\system32\aswBoot.exe
2014-06-18 16:17:43 ----A---- C:\windows\avastSS.scr
2014-06-18 16:15:40 ----D---- C:\Program Files\AVAST Software
2014-06-18 16:14:39 ----D---- C:\ProgramData\AVAST Software
2014-06-18 15:58:40 ----A---- C:\windows\SYSWOW64\rdpcore.dll
2014-06-18 15:58:40 ----A---- C:\windows\system32\rdpcore.dll
2014-06-18 15:58:40 ----A---- C:\windows\system32\drivers\tdtcp.sys
2014-06-18 15:57:40 ----D---- C:\Users\Imanka\AppData\Roaming\Macromedia
2014-06-18 15:57:40 ----D---- C:\Users\Imanka\AppData\Roaming\Adobe
2014-06-18 15:53:27 ----A---- C:\windows\system32\wups2.dll
2014-06-18 15:53:27 ----A---- C:\windows\system32\wucltux.dll
2014-06-18 15:53:27 ----A---- C:\windows\system32\wuaueng.dll
2014-06-18 15:53:27 ----A---- C:\windows\system32\wuauclt.exe
2014-06-18 15:53:19 ----A---- C:\windows\system32\wups.dll
2014-06-18 15:53:19 ----A---- C:\windows\system32\wudriver.dll
2014-06-18 15:53:19 ----A---- C:\windows\system32\wuapi.dll
2014-06-18 15:53:10 ----A---- C:\windows\system32\wuwebv.dll
2014-06-18 15:53:10 ----A---- C:\windows\system32\wuapp.exe
2014-06-18 15:51:01 ----D---- C:\Users\Imanka\AppData\Roaming\Intel Corporation
2014-06-18 15:50:56 ----D---- C:\Users\Imanka\AppData\Roaming\ATI
2014-06-18 15:50:10 ----D---- C:\Users\Imanka\AppData\Roaming\Identities
2014-06-18 15:50:02 ----SHD---- C:\$RECYCLE.BIN
2014-06-18 15:49:39 ----SD---- C:\Users\Imanka\AppData\Roaming\Microsoft
2014-06-18 15:49:39 ----D---- C:\Users\Imanka\AppData\Roaming\Media Center Programs
2014-06-18 15:48:04 ----SHD---- C:\Recovery

======List of files/folders modified in the last 1 month======

2014-06-22 11:00:51 ----D---- C:\windows\Temp
2014-06-22 11:00:50 ----RD---- C:\Program Files
2014-06-22 10:59:40 ----A---- C:\windows\SYSWOW64\log.txt
2014-06-22 10:58:41 ----D---- C:\ProgramData\VeriFace
2014-06-21 18:43:14 ----D---- C:\windows\system32\config
2014-06-21 18:33:44 ----D---- C:\windows\System32
2014-06-21 18:33:44 ----D---- C:\windows\inf
2014-06-21 18:33:44 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-06-21 18:32:27 ----SHD---- C:\windows\Installer
2014-06-21 18:31:21 ----D---- C:\windows\SysWOW64
2014-06-21 15:30:30 ----HD---- C:\ProgramData
2014-06-21 15:29:36 ----RSD---- C:\windows\Media
2014-06-21 15:29:36 ----D---- C:\windows\system32\drivers
2014-06-21 13:56:30 ----D---- C:\windows\winsxs
2014-06-21 13:50:05 ----D---- C:\Windows
2014-06-21 13:50:03 ----D---- C:\windows\system32\DriverStore
2014-06-21 12:00:20 ----D---- C:\windows\Microsoft.NET
2014-06-21 11:53:12 ----D---- C:\Program Files (x86)\Common Files
2014-06-21 11:47:32 ----RSD---- C:\windows\assembly
2014-06-20 21:45:21 ----D---- C:\windows\Prefetch
2014-06-20 17:39:03 ----D---- C:\windows\system32\catroot
2014-06-20 17:37:27 ----D---- C:\windows\system32\catroot2
2014-06-20 13:28:02 ----D---- C:\windows\system32\wdi
2014-06-20 13:21:07 ----D---- C:\Program Files\Windows Media Player
2014-06-20 13:21:07 ----D---- C:\Program Files (x86)\Windows Media Player
2014-06-20 13:20:57 ----D---- C:\Program Files\Common Files\System
2014-06-20 13:20:53 ----D---- C:\windows\SYSWOW64\en-US
2014-06-20 13:20:53 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-06-20 13:20:53 ----D---- C:\windows\system32\en-US
2014-06-20 13:20:53 ----D---- C:\windows\system32\cs-CZ
2014-06-20 13:20:50 ----D---- C:\windows\SYSWOW64\sk-SK
2014-06-20 13:20:50 ----D---- C:\Program Files\Internet Explorer
2014-06-20 13:20:50 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-20 13:20:49 ----D---- C:\windows\system32\sk-SK
2014-06-20 13:20:42 ----D---- C:\windows\SYSWOW64\migration
2014-06-20 13:20:37 ----D---- C:\windows\system32\migration
2014-06-20 13:20:37 ----D---- C:\windows\PolicyDefinitions
2014-06-20 13:20:29 ----D---- C:\windows\SYSWOW64\pt-BR
2014-06-20 13:20:29 ----D---- C:\windows\SYSWOW64\it-IT
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\zh-HK
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\tr-TR
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\sv-SE
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\pt-PT
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\pl-PL
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\nl-NL
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\ko-KR
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\hu-HU
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\fr-FR
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\fi-FI
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\es-ES
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\el-GR
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\zh-TW
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\zh-CN
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\ru-RU
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\nb-NO
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\ja-JP
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\de-DE
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\da-DK
2014-06-20 13:20:25 ----D---- C:\windows\system32\zh-HK
2014-06-20 13:20:25 ----D---- C:\windows\system32\pt-PT
2014-06-20 13:20:25 ----D---- C:\windows\system32\pt-BR
2014-06-20 13:20:25 ----D---- C:\windows\system32\pl-PL
2014-06-20 13:20:25 ----D---- C:\windows\system32\ko-KR
2014-06-20 13:20:25 ----D---- C:\windows\system32\it-IT
2014-06-20 13:20:25 ----D---- C:\windows\system32\hu-HU
2014-06-20 13:20:25 ----D---- C:\windows\system32\el-GR
2014-06-20 13:20:24 ----D---- C:\windows\system32\zh-TW
2014-06-20 13:20:24 ----D---- C:\windows\system32\tr-TR
2014-06-20 13:20:24 ----D---- C:\windows\system32\sv-SE
2014-06-20 13:20:24 ----D---- C:\windows\system32\nl-NL
2014-06-20 13:20:24 ----D---- C:\windows\system32\fr-FR
2014-06-20 13:20:24 ----D---- C:\windows\system32\fi-FI
2014-06-20 13:20:24 ----D---- C:\windows\system32\es-ES
2014-06-20 13:20:24 ----D---- C:\windows\system32\de-DE
2014-06-20 13:20:23 ----D---- C:\windows\system32\zh-CN
2014-06-20 13:20:23 ----D---- C:\windows\system32\ru-RU
2014-06-20 13:20:23 ----D---- C:\windows\system32\nb-NO
2014-06-20 13:20:23 ----D---- C:\windows\system32\ja-JP
2014-06-20 13:20:23 ----D---- C:\windows\system32\da-DK
2014-06-20 13:20:19 ----D---- C:\windows\AppPatch
2014-06-20 13:20:18 ----D---- C:\windows\ehome
2014-06-20 13:19:53 ----D---- C:\windows\system32\drivers\en-US
2014-06-20 13:19:53 ----D---- C:\windows\system32\drivers\cs-CZ
2014-06-20 13:19:51 ----RSD---- C:\windows\Fonts
2014-06-20 13:19:50 ----D---- C:\Program Files\Windows Defender
2014-06-20 13:19:50 ----D---- C:\Program Files (x86)\Windows Defender
2014-06-20 13:19:40 ----D---- C:\windows\system32\wbem
2014-06-20 13:18:42 ----D---- C:\Program Files\Windows Journal
2014-06-19 22:07:01 ----SD---- C:\ProgramData\Microsoft
2014-06-19 21:58:28 ----D---- C:\windows\Logs
2014-06-19 20:35:14 ----A---- C:\windows\win.ini
2014-06-19 20:29:07 ----RD---- C:\Program Files (x86)
2014-06-18 20:48:09 ----D---- C:\windows\system32\LogFiles
2014-06-18 17:44:57 ----D---- C:\windows\rescache
2014-06-18 17:44:39 ----D---- C:\windows\debug
2014-06-18 17:43:44 ----D---- C:\windows\Panther
2014-06-18 17:20:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-06-18 17:19:19 ----D---- C:\Program Files\Common Files
2014-06-18 17:17:48 ----D---- C:\windows\twain_32
2014-06-18 17:06:18 ----D---- C:\Program Files (x86)\MSBuild
2014-06-18 17:06:08 ----D---- C:\Program Files (x86)\Microsoft Office
2014-06-18 17:05:52 ----D---- C:\windows\ShellNew
2014-06-18 17:04:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-06-18 16:34:22 ----D---- C:\ProgramData\McAfee
2014-06-18 16:17:56 ----D---- C:\windows\system32\Tasks
2014-06-18 15:59:00 ----D---- C:\windows\SoftwareDistribution
2014-06-18 15:52:41 ----D---- C:\windows\system32\restore
2014-06-18 15:49:48 ----D---- C:\Program Files (x86)\McAfee
2014-06-18 15:49:39 ----RD---- C:\Users
2014-06-18 15:48:04 ----D---- C:\windows\system32\Recovery

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-06-18 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-06-18 208416]
R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2011-09-05 57952]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2011-09-05 39008]
R0 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2011-03-13 639216]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\windows\system32\drivers\mfewfpk.sys [2011-03-13 281928]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-06-18 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-06-18 1039096]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-06-18 423240]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2011-09-05 13408]
R1 mfenlfk;McAfee NDIS Light Filter; C:\windows\system32\DRIVERS\mfenlfk.sys [2011-03-13 75672]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-06-18 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-06-18 79184]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-06-18 85328]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2011-09-05 29792]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-03-25 8284672]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-03-25 296960]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-11-24 2673664]
R3 cfwids;McAfee Inc. cfwids; C:\windows\system32\drivers\cfwids.sys [2011-03-13 65128]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2011-02-14 1581184]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-03-26 12262336]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-10-21 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\windows\system32\drivers\mfeapfk.sys [2011-03-13 156792]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2011-03-13 227856]
R3 mfefirek;McAfee Inc. mfefirek; C:\windows\system32\drivers\mfefirek.sys [2011-03-13 481376]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-04-08 1430576]
R3 vm331avs;Digital Camera 1; C:\windows\System32\Drivers\vm331avs.sys [2011-06-15 250752]
R3 vmuvcflt;Vimicro USB Camera Filter; C:\windows\System32\Drivers\vmuvcflt.sys [2010-08-16 8320]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-03-25 12262336]
S3 mfeavfk01;McAfee Inc.; C:\windows\system32\drivers\mfeavfk01.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\windows\system32\drivers\mferkdet.sys [2011-03-13 98728]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2010-09-30 299520]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-03-25 203776]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-06-18 50344]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
R2 HPSIService;HP SI Service; C:\windows\system32\HPSIsvc.exe [2010-04-07 127800]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McShield;McAfee McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2011-03-13 197960]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-03-13 208272]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\windows\system32\mfevtps.exe [2011-03-13 158832]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-05 136176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-05 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-18 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2011-03-17 501768]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\Partner.exe [2011-09-05 332272]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2014-06-19 1255736]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 McOobeSv;McAfee OOBE Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[Márty84]

Nejprve odinstalujte jeden z Antiviru. Bezi vam tam Avast a McAfee. To nedela dobrotu. Predpokladam, ze McAfee tam byl predinstalovany a Avast jste si tam dala sama, takze odinstalujte vse od McAfee a pak pouzijte jeste jejich cistic http://download.mcafee.com/products/lic ... s/MCPR.exe

Pak dejte novy log z RSIT

[Iman]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Imanka at 2014-06-22 11:38:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 385 GB (89%) free of 432 GB
Total RAM: 4040 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:38:54, on 22.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Imanka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\windows\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10551 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\system32\HPSIsvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
taskeng.exe {F40263D1-9300-42F4-9472-86A140F12D62}
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\USB Camera\VM331_STI.EXE"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
taskeng.exe {1DFAC311-A3FB-4024-AF86-7B61E5691401}
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2740.0.348601835\1971232091" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.813.3.2000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_03/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="2740.2.371864797\352325033" /prefetch:673131151
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_03/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="2740.5.85315609\39533854" /prefetch:673131151
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\sppsvc.exe
"C:\Users\Imanka\Downloads\RSITx64 (1).exe"
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe"

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner64.dll [2011-09-05 750064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-06-18 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-06-18 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner.dll [2011-09-05 433648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-18 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-06-18 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-06-18 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-06-18 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-03-26 418840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-08 2741544]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2011-09-05 114688]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2011-09-05 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2011-09-05 5908928]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-25 336384]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331_STI.EXE [2011-06-15 548864]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-26 222504]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"VeriFaceManager"=C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2011-09-05 329056]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-06-18 3890208]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 959904]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-03-25 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-06-22 11:00:50 ----D---- C:\rsit
2014-06-22 11:00:50 ----D---- C:\Program Files\trend micro
2014-06-21 15:30:30 ----HD---- C:\ProgramData\CanonIJScan
2014-06-21 15:30:03 ----D---- C:\Users\Imanka\AppData\Roaming\Canon
2014-06-21 15:28:44 ----HD---- C:\ProgramData\CanonIJEGV
2014-06-20 21:51:30 ----D---- C:\Users\Imanka\AppData\Roaming\vlc
2014-06-20 17:39:51 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2014-06-20 17:39:51 ----A---- C:\windows\system32\WMPhoto.dll
2014-06-20 17:39:49 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-20 17:39:40 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2014-06-20 17:39:40 ----A---- C:\windows\system32\d3d10warp.dll
2014-06-20 17:39:39 ----A---- C:\windows\SYSWOW64\d2d1.dll
2014-06-20 17:39:39 ----A---- C:\windows\system32\d2d1.dll
2014-06-20 17:39:35 ----A---- C:\windows\system32\drivers\BTHUSB.SYS
2014-06-20 17:39:35 ----A---- C:\windows\system32\drivers\bthport.sys
2014-06-20 17:39:32 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2014-06-20 17:39:32 ----A---- C:\windows\system32\WindowsCodecs.dll
2014-06-20 17:39:29 ----A---- C:\windows\system32\spoolsv.exe
2014-06-20 17:39:28 ----A---- C:\windows\splwow64.exe
2014-06-20 13:19:35 ----D---- C:\windows\SYSWOW64\Wat
2014-06-20 13:19:34 ----D---- C:\windows\system32\Wat
2014-06-20 13:18:47 ----SD---- C:\windows\system32\CompatTel
2014-06-19 22:23:39 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2014-06-19 22:23:38 ----A---- C:\windows\SYSWOW64\wmp.dll
2014-06-19 22:09:51 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2014-06-19 22:07:01 ----D---- C:\windows\Migration
2014-06-19 21:58:28 ----A---- C:\windows\system32\IEUDINIT.EXE
2014-06-19 21:46:05 ----A---- C:\windows\SYSWOW64\elshyph.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\wextract.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\webcheck.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\url.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\occache.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msls31.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshta.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jsIntl.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jscript.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\inseng.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\imgutil.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iexpress.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iepeers.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieapfltr.dat
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\icardie.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\wininet.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\wextract.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\webcheck.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\vbscript.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\urlmon.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\url.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\pngfilt.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\occache.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\msrating.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\msls31.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshtmler.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshtmled.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\MshtmlDac.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshtml.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshta.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\msfeedssync.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\msfeedsbs.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\msfeeds.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\licmgr10.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jsproxy.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jsIntl.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jscript9diag.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jscript9.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jscript.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\inseng.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\imgutil.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iexpress.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieUnatt.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieui.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iesysprep.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iesetup.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iertutil.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iernonce.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iepeers.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieframe.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieetwcollector.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\iedkcs32.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieapfltr.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieapfltr.dat
2014-06-19 21:45:59 ----A---- C:\windows\system32\IEAdvpack.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ie4uinit.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\icardie.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\elshyph.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\dxtrans.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\dxtmsft.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\XpsPrint.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\XpsGdiConverter.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\WindowsCodecsExt.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\UIAnimation.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\dxgi.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\DWrite.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10level9.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10core.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10_1core.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10_1.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\XpsPrint.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\XpsGdiConverter.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\WindowsCodecsExt.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\UIAnimation.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\msmpeg2vdec.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\FntCache.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\dxgi.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\DWrite.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10level9.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10core.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10_1core.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10_1.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10.dll
2014-06-19 21:00:15 ----A---- C:\windows\system32\browserchoice.exe
2014-06-19 20:45:41 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2014-06-19 20:45:41 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2014-06-19 20:45:40 ----A---- C:\windows\system32\WUDFSvc.dll
2014-06-19 20:45:40 ----A---- C:\windows\system32\WUDFPlatform.dll
2014-06-19 20:45:38 ----A---- C:\windows\system32\WUDFx.dll
2014-06-19 20:45:38 ----A---- C:\windows\system32\WUDFHost.exe
2014-06-19 20:45:38 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2014-06-19 20:31:03 ----A---- C:\windows\system32\drivers\fs_rec.sys
2014-06-19 20:31:02 ----A---- C:\windows\SYSWOW64\wmi.dll
2014-06-19 20:31:02 ----A---- C:\windows\system32\wmi.dll
2014-06-19 20:29:07 ----D---- C:\Program Files\Microsoft Silverlight
2014-06-19 20:29:07 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-06-19 14:11:11 ----A---- C:\windows\system32\drivers\RNDISMP.sys
2014-06-19 14:11:11 ----A---- C:\windows\system32\drivers\ndis.sys
2014-06-19 14:10:55 ----A---- C:\windows\SYSWOW64\xmllite.dll
2014-06-19 14:10:55 ----A---- C:\windows\system32\xmllite.dll
2014-06-19 14:10:42 ----A---- C:\windows\system32\msieftp.dll
2014-06-19 14:10:41 ----A---- C:\windows\SYSWOW64\msieftp.dll
2014-06-19 14:10:40 ----A---- C:\windows\system32\odbccu32.dll
2014-06-19 14:10:40 ----A---- C:\windows\system32\odbccr32.dll
2014-06-19 14:10:39 ----A---- C:\windows\SYSWOW64\odbcjt32.dll
2014-06-19 14:10:39 ----A---- C:\windows\system32\odbctrac.dll
2014-06-19 14:10:39 ----A---- C:\windows\system32\odbccp32.dll
2014-06-19 14:10:38 ----A---- C:\windows\SYSWOW64\odbccu32.dll
2014-06-19 14:10:38 ----A---- C:\windows\SYSWOW64\odbccr32.dll
2014-06-19 14:10:38 ----A---- C:\windows\SYSWOW64\odbccp32.dll
2014-06-19 14:10:36 ----A---- C:\windows\SYSWOW64\odbctrac.dll
2014-06-19 14:10:33 ----A---- C:\windows\system32\wwansvc.dll
2014-06-19 14:10:33 ----A---- C:\windows\system32\wwanprotdim.dll
2014-06-19 14:10:28 ----A---- C:\windows\system32\comctl32.dll
2014-06-19 14:10:27 ----A---- C:\windows\SYSWOW64\comctl32.dll
2014-06-19 14:09:53 ----A---- C:\windows\system32\poqexec.exe
2014-06-19 14:09:52 ----A---- C:\windows\SYSWOW64\poqexec.exe
2014-06-19 14:09:48 ----A---- C:\windows\SYSWOW64\dhcpcsvc6.dll
2014-06-19 14:09:48 ----A---- C:\windows\SYSWOW64\dhcpcore6.dll
2014-06-19 14:09:48 ----A---- C:\windows\system32\dhcpcsvc6.dll
2014-06-19 14:09:48 ----A---- C:\windows\system32\dhcpcore6.dll
2014-06-19 14:09:33 ----A---- C:\windows\system32\mstscax.dll
2014-06-19 14:09:32 ----A---- C:\windows\SYSWOW64\mstscax.dll
2014-06-19 14:09:31 ----A---- C:\windows\SYSWOW64\aaclient.dll
2014-06-19 14:09:30 ----A---- C:\windows\system32\tsgqec.dll
2014-06-19 14:09:30 ----A---- C:\windows\system32\aaclient.dll
2014-06-19 14:09:29 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2014-06-19 14:09:11 ----A---- C:\windows\system32\shell32.dll
2014-06-19 14:09:10 ----A---- C:\windows\SYSWOW64\shell32.dll
2014-06-19 14:09:05 ----A---- C:\windows\system32\wintrust.dll
2014-06-19 14:09:04 ----A---- C:\windows\SYSWOW64\wintrust.dll
2014-06-19 14:08:36 ----A---- C:\windows\system32\quartz.dll
2014-06-19 14:08:35 ----A---- C:\windows\SYSWOW64\quartz.dll
2014-06-19 14:08:34 ----A---- C:\windows\SYSWOW64\qdvd.dll
2014-06-19 14:08:34 ----A---- C:\windows\system32\qdvd.dll
2014-06-19 14:08:29 ----A---- C:\windows\SYSWOW64\ntshrui.dll
2014-06-19 14:08:24 ----A---- C:\windows\SYSWOW64\mssrch.dll
2014-06-19 14:08:23 ----A---- C:\windows\SYSWOW64\tquery.dll
2014-06-19 14:08:22 ----A---- C:\windows\SYSWOW64\SearchProtocolHost.exe
2014-06-19 14:08:22 ----A---- C:\windows\SYSWOW64\SearchIndexer.exe
2014-06-19 14:08:22 ----A---- C:\windows\SYSWOW64\mssph.dll
2014-06-19 14:08:21 ----A---- C:\windows\system32\mssvp.dll
2014-06-19 14:08:21 ----A---- C:\windows\system32\mssphtb.dll
2014-06-19 14:08:20 ----A---- C:\windows\SYSWOW64\SearchFilterHost.exe
2014-06-19 14:08:20 ----A---- C:\windows\SYSWOW64\mssvp.dll
2014-06-19 14:08:20 ----A---- C:\windows\system32\msscntrs.dll
2014-06-19 14:08:19 ----A---- C:\windows\SYSWOW64\mssphtb.dll
2014-06-19 14:08:19 ----A---- C:\windows\SYSWOW64\msscntrs.dll
2014-06-19 14:08:09 ----A---- C:\windows\system32\consent.exe
2014-06-19 14:08:09 ----A---- C:\windows\system32\appinfo.dll
2014-06-19 14:07:43 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2014-06-19 14:06:46 ----A---- C:\windows\SYSWOW64\wer.dll
2014-06-19 14:06:41 ----A---- C:\windows\SYSWOW64\crypt32.dll
2014-06-19 14:06:41 ----A---- C:\windows\system32\cryptsvc.dll
2014-06-19 14:06:41 ----A---- C:\windows\system32\cryptnet.dll
2014-06-19 14:06:41 ----A---- C:\windows\system32\crypt32.dll
2014-06-19 14:06:40 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2014-06-19 14:06:40 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2014-06-19 14:06:18 ----A---- C:\windows\system32\imagehlp.dll
2014-06-19 14:06:17 ----A---- C:\windows\SYSWOW64\imagehlp.dll
2014-06-19 14:06:15 ----A---- C:\windows\system32\drivers\tcpip.sys
2014-06-19 14:06:15 ----A---- C:\windows\system32\drivers\netio.sys
2014-06-19 14:06:15 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-19 14:06:07 ----A---- C:\windows\system32\tzres.dll
2014-06-19 14:06:06 ----A---- C:\windows\SYSWOW64\tzres.dll
2014-06-19 14:05:38 ----A---- C:\windows\system32\msxml6.dll
2014-06-19 14:05:37 ----A---- C:\windows\SYSWOW64\msxml6.dll
2014-06-19 14:05:36 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2014-06-19 14:05:36 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-06-19 14:05:36 ----A---- C:\windows\system32\msxml6r.dll
2014-06-19 14:05:35 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-06-19 14:05:35 ----A---- C:\windows\system32\msxml3r.dll
2014-06-19 14:05:03 ----A---- C:\windows\system32\drivers\afd.sys
2014-06-19 14:04:58 ----A---- C:\windows\system32\drivers\portcls.sys
2014-06-19 14:04:58 ----A---- C:\windows\system32\drivers\drmk.sys
2014-06-19 14:04:47 ----A---- C:\windows\system32\win32k.sys
2014-06-19 14:04:45 ----A---- C:\windows\system32\drivers\ataport.sys
2014-06-19 14:04:34 ----A---- C:\windows\system32\authui.dll
2014-06-19 14:04:33 ----A---- C:\windows\SYSWOW64\authui.dll
2014-06-19 14:04:33 ----A---- C:\windows\system32\SmartcardCredentialProvider.dll
2014-06-19 14:04:33 ----A---- C:\windows\system32\credui.dll
2014-06-19 14:04:32 ----A---- C:\windows\SYSWOW64\SmartcardCredentialProvider.dll
2014-06-19 14:04:32 ----A---- C:\windows\SYSWOW64\credui.dll
2014-06-19 14:04:16 ----A---- C:\windows\SYSWOW64\atmfd.dll
2014-06-19 14:04:16 ----A---- C:\windows\system32\atmfd.dll
2014-06-19 14:04:15 ----A---- C:\windows\SYSWOW64\atmlib.dll
2014-06-19 14:04:15 ----A---- C:\windows\system32\lpk.dll
2014-06-19 14:04:15 ----A---- C:\windows\system32\dciman32.dll
2014-06-19 14:04:15 ----A---- C:\windows\system32\atmlib.dll
2014-06-19 14:04:14 ----A---- C:\windows\SYSWOW64\lpk.dll
2014-06-19 14:04:14 ----A---- C:\windows\SYSWOW64\dciman32.dll
2014-06-19 14:04:14 ----A---- C:\windows\system32\fontsub.dll
2014-06-19 14:04:13 ----A---- C:\windows\SYSWOW64\fontsub.dll
2014-06-19 14:04:09 ----A---- C:\windows\system32\RMActivate_isv.exe
2014-06-19 14:04:09 ----A---- C:\windows\system32\RMActivate.exe
2014-06-19 14:04:08 ----A---- C:\windows\SYSWOW64\RMActivate_isv.exe
2014-06-19 14:04:08 ----A---- C:\windows\SYSWOW64\RMActivate.exe
2014-06-19 14:04:07 ----A---- C:\windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-06-19 14:04:07 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe
2014-06-19 14:04:07 ----A---- C:\windows\system32\RMActivate_ssp.exe
2014-06-19 14:04:05 ----A---- C:\windows\SYSWOW64\secproc_isv.dll
2014-06-19 14:04:05 ----A---- C:\windows\SYSWOW64\RMActivate_ssp.exe
2014-06-19 14:04:05 ----A---- C:\windows\system32\secproc_isv.dll
2014-06-19 14:04:04 ----A---- C:\windows\SYSWOW64\secproc.dll
2014-06-19 14:04:04 ----A---- C:\windows\system32\secproc.dll
2014-06-19 14:04:04 ----A---- C:\windows\system32\msdrm.dll
2014-06-19 14:04:03 ----A---- C:\windows\SYSWOW64\msdrm.dll
2014-06-19 14:04:03 ----A---- C:\windows\system32\secproc_ssp_isv.dll
2014-06-19 14:04:03 ----A---- C:\windows\system32\secproc_ssp.dll
2014-06-19 14:04:02 ----A---- C:\windows\SYSWOW64\secproc_ssp_isv.dll
2014-06-19 14:04:02 ----A---- C:\windows\SYSWOW64\secproc_ssp.dll
2014-06-19 14:03:45 ----A---- C:\windows\system32\drivers\usbehci.sys
2014-06-19 14:03:44 ----A---- C:\windows\system32\drivers\usbport.sys
2014-06-19 14:03:44 ----A---- C:\windows\system32\drivers\usbhub.sys
2014-06-19 14:03:44 ----A---- C:\windows\system32\drivers\usbd.sys
2014-06-19 14:03:44 ----A---- C:\windows\system32\drivers\usbccgp.sys
2014-06-19 14:03:42 ----A---- C:\windows\SYSWOW64\d3d11.dll
2014-06-19 14:03:42 ----A---- C:\windows\system32\d3d11.dll
2014-06-19 14:03:05 ----A---- C:\windows\system32\drivers\usbvideo.sys
2014-06-19 14:03:05 ----A---- C:\windows\system32\drivers\usbcir.sys
2014-06-19 14:02:29 ----A---- C:\windows\system32\ntoskrnl.exe
2014-06-19 14:02:28 ----A---- C:\windows\system32\schannel.dll
2014-06-19 14:02:28 ----A---- C:\windows\system32\lsasrv.dll
2014-06-19 14:02:27 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2014-06-19 14:02:27 ----A---- C:\windows\system32\kerberos.dll
2014-06-19 14:02:26 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2014-06-19 14:02:26 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-06-19 14:02:25 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-06-19 14:02:25 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-06-19 14:02:25 ----A---- C:\windows\system32\winlogon.exe
2014-06-19 14:02:25 ----A---- C:\windows\system32\msv1_0.dll
2014-06-19 14:02:25 ----A---- C:\windows\system32\KernelBase.dll
2014-06-19 14:02:24 ----A---- C:\windows\system32\objsel.dll
2014-06-19 14:02:24 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2014-06-19 14:02:24 ----A---- C:\windows\system32\drivers\cng.sys
2014-06-19 14:02:23 ----A---- C:\windows\SYSWOW64\objsel.dll
2014-06-19 14:02:22 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2014-06-19 14:02:22 ----A---- C:\windows\system32\TSpkg.dll
2014-06-19 14:02:21 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2014-06-19 14:02:21 ----A---- C:\windows\system32\wdigest.dll
2014-06-19 14:02:20 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-06-19 14:02:20 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-06-19 14:02:19 ----A---- C:\windows\system32\smss.exe
2014-06-19 14:02:19 ----A---- C:\windows\system32\drivers\ksecdd.sys
2014-06-19 14:02:19 ----A---- C:\windows\system32\dimsroam.dll
2014-06-19 14:02:18 ----A---- C:\windows\SYSWOW64\dimsroam.dll
2014-06-19 14:02:18 ----A---- C:\windows\SYSWOW64\cngprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\SYSWOW64\capiprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\SYSWOW64\adprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\system32\lsass.exe
2014-06-19 14:02:18 ----A---- C:\windows\system32\dpapiprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\system32\cngprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\system32\capiprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\system32\adprovider.dll
2014-06-19 14:02:17 ----A---- C:\windows\SYSWOW64\dpapiprovider.dll
2014-06-19 14:02:17 ----A---- C:\windows\system32\sspicli.dll
2014-06-19 14:02:17 ----A---- C:\windows\system32\csrsrv.dll
2014-06-19 14:02:16 ----A---- C:\windows\SYSWOW64\wincredprovider.dll
2014-06-19 14:02:16 ----A---- C:\windows\system32\wincredprovider.dll
2014-06-19 14:02:15 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-06-19 14:02:15 ----A---- C:\windows\system32\secur32.dll
2014-06-19 14:02:15 ----A---- C:\windows\system32\credssp.dll
2014-06-19 14:02:14 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-06-19 14:02:14 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-06-19 14:02:14 ----A---- C:\windows\system32\sspisrv.dll
2014-06-19 14:02:03 ----A---- C:\windows\system32\apisetschema.dll
2014-06-19 14:02:02 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2014-06-19 14:01:06 ----A---- C:\windows\system32\WMVDECOD.DLL
2014-06-19 14:01:05 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2014-06-19 14:01:04 ----A---- C:\windows\system32\drivers\usb8023.sys
2014-06-19 14:01:01 ----A---- C:\windows\system32\rdrmemptylst.exe
2014-06-19 14:01:01 ----A---- C:\windows\system32\rdpwsx.dll
2014-06-19 14:01:01 ----A---- C:\windows\system32\rdpcorekmts.dll
2014-06-19 14:00:52 ----A---- C:\windows\system32\Wdfres.dll
2014-06-19 14:00:52 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2014-06-19 14:00:52 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2014-06-19 14:00:51 ----A---- C:\windows\system32\rpcrt4.dll
2014-06-19 14:00:50 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2014-06-19 14:00:49 ----A---- C:\windows\system32\profsvc.dll
2014-06-19 14:00:44 ----A---- C:\windows\SYSWOW64\ncsi.dll
2014-06-19 14:00:44 ----A---- C:\windows\system32\ncsi.dll
2014-06-19 14:00:43 ----A---- C:\windows\SYSWOW64\netcorehc.dll
2014-06-19 14:00:43 ----A---- C:\windows\system32\nlasvc.dll
2014-06-19 14:00:43 ----A---- C:\windows\system32\netcorehc.dll
2014-06-19 14:00:43 ----A---- C:\windows\system32\iphlpsvc.dll
2014-06-19 14:00:42 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2014-06-19 14:00:39 ----A---- C:\windows\system32\nlaapi.dll
2014-06-19 14:00:39 ----A---- C:\windows\system32\drivers\tcpipreg.sys
2014-06-19 14:00:37 ----A---- C:\windows\SYSWOW64\netevent.dll
2014-06-19 14:00:37 ----A---- C:\windows\system32\netevent.dll
2014-06-19 14:00:25 ----A---- C:\windows\system32\drivers\usbscan.sys
2014-06-19 14:00:25 ----A---- C:\windows\system32\drivers\hidparse.sys
2014-06-19 14:00:25 ----A---- C:\windows\system32\drivers\hidclass.sys
2014-06-19 14:00:23 ----A---- C:\windows\system32\psisdecd.dll
2014-06-19 14:00:22 ----A---- C:\windows\SYSWOW64\psisdecd.dll
2014-06-19 13:59:10 ----A---- C:\windows\SYSWOW64\WebClnt.dll
2014-06-19 13:59:10 ----A---- C:\windows\system32\WebClnt.dll
2014-06-19 13:59:09 ----A---- C:\windows\SYSWOW64\davclnt.dll
2014-06-19 13:59:09 ----A---- C:\windows\system32\drivers\mrxdav.sys
2014-06-19 13:59:09 ----A---- C:\windows\system32\davclnt.dll
2014-06-19 13:59:07 ----A---- C:\windows\SYSWOW64\dpnet.dll
2014-06-19 13:59:07 ----A---- C:\windows\system32\dpnet.dll
2014-06-19 13:58:54 ----A---- C:\windows\system32\tdh.dll
2014-06-19 13:58:54 ----A---- C:\windows\system32\ntdll.dll
2014-06-19 13:58:54 ----A---- C:\windows\system32\advapi32.dll
2014-06-19 13:58:53 ----A---- C:\windows\SYSWOW64\tdh.dll
2014-06-19 13:58:53 ----A---- C:\windows\SYSWOW64\ntdll.dll
2014-06-19 13:58:52 ----A---- C:\windows\SYSWOW64\advapi32.dll
2014-06-19 13:58:33 ----A---- C:\windows\system32\OxpsConverter.exe
2014-06-19 13:58:27 ----A---- C:\windows\system32\mswsock.dll
2014-06-19 13:58:26 ----A---- C:\windows\SYSWOW64\mswsock.dll
2014-06-19 13:58:21 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2014-06-19 13:58:19 ----A---- C:\windows\system32\drivers\rdpwd.sys
2014-06-19 13:58:04 ----A---- C:\windows\system32\Wpc.dll
2014-06-19 13:58:03 ----A---- C:\windows\SYSWOW64\Wpc.dll
2014-06-19 13:58:03 ----A---- C:\windows\SYSWOW64\gameux.dll
2014-06-19 13:58:03 ----A---- C:\windows\system32\gameux.dll
2014-06-19 13:54:50 ----A---- C:\windows\system32\aepdu.dll
2014-06-19 13:54:50 ----A---- C:\windows\system32\aeinv.dll
2014-06-19 13:54:45 ----A---- C:\windows\system32\drivers\partmgr.sys
2014-06-19 13:54:40 ----A---- C:\windows\system32\msi.dll
2014-06-19 13:54:39 ----A---- C:\windows\SYSWOW64\msi.dll
2014-06-19 13:54:37 ----A---- C:\windows\SYSWOW64\synceng.dll
2014-06-19 13:54:37 ----A---- C:\windows\system32\synceng.dll
2014-06-19 13:54:26 ----A---- C:\windows\system32\drivers\storport.sys
2014-06-19 13:54:26 ----A---- C:\windows\system32\drivers\msiscsi.sys
2014-06-19 13:54:25 ----A---- C:\windows\system32\drivers\Diskdump.sys
2014-06-19 13:54:24 ----A---- C:\windows\SYSWOW64\iologmsg.dll
2014-06-19 13:54:24 ----A---- C:\windows\system32\iologmsg.dll
2014-06-19 13:54:04 ----A---- C:\windows\SYSWOW64\shdocvw.dll
2014-06-19 13:54:04 ----A---- C:\windows\system32\shdocvw.dll
2014-06-19 13:53:51 ----A---- C:\windows\SYSWOW64\win32spl.dll
2014-06-19 13:53:51 ----A---- C:\windows\system32\win32spl.dll
2014-06-19 13:53:49 ----A---- C:\windows\system32\gdi32.dll
2014-06-19 13:53:48 ----A---- C:\windows\SYSWOW64\gdi32.dll
2014-06-19 13:53:47 ----A---- C:\windows\system32\taskhost.exe
2014-06-19 13:53:46 ----A---- C:\windows\SYSWOW64\qedit.dll
2014-06-19 13:53:46 ----A---- C:\windows\system32\qedit.dll
2014-06-19 13:53:42 ----A---- C:\windows\system32\drivers\fvevol.sys
2014-06-19 13:53:40 ----A---- C:\windows\system32\srcore.dll
2014-06-19 13:53:39 ----A---- C:\windows\SYSWOW64\srclient.dll
2014-06-19 13:53:29 ----A---- C:\windows\SYSWOW64\cryptdlg.dll
2014-06-19 13:53:29 ----A---- C:\windows\system32\cryptdlg.dll
2014-06-19 13:53:07 ----A---- C:\windows\system32\umpnpmgr.dll
2014-06-19 13:53:06 ----A---- C:\windows\SYSWOW64\drvinst.exe
2014-06-19 13:53:06 ----A---- C:\windows\SYSWOW64\devrtl.dll
2014-06-19 13:53:06 ----A---- C:\windows\SYSWOW64\devobj.dll
2014-06-19 13:53:06 ----A---- C:\windows\SYSWOW64\cfgmgr32.dll
2014-06-19 13:52:58 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-19 13:52:58 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-19 13:52:57 ----A---- C:\windows\system32\netapi32.dll
2014-06-19 13:52:57 ----A---- C:\windows\system32\browser.dll
2014-06-19 13:52:57 ----A---- C:\windows\system32\browcli.dll
2014-06-19 13:52:56 ----A---- C:\windows\SYSWOW64\netapi32.dll
2014-06-19 13:52:56 ----A---- C:\windows\SYSWOW64\browcli.dll
2014-06-19 13:52:48 ----A---- C:\windows\system32\wow64win.dll
2014-06-19 13:52:48 ----A---- C:\windows\system32\wow64.dll
2014-06-19 13:52:48 ----A---- C:\windows\system32\kernel32.dll
2014-06-19 13:52:47 ----A---- C:\windows\SYSWOW64\kernel32.dll
2014-06-19 13:52:47 ----A---- C:\windows\system32\winsrv.dll
2014-06-19 13:52:47 ----A---- C:\windows\system32\conhost.exe
2014-06-19 13:52:46 ----A---- C:\windows\SYSWOW64\setup16.exe
2014-06-19 13:52:46 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2014-06-19 13:52:46 ----A---- C:\windows\system32\ntvdm64.dll
2014-06-19 13:52:45 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-19 13:52:45 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-19 13:52:45 ----A---- C:\windows\SYSWOW64\instnm.exe
2014-06-19 13:52:45 ----A---- C:\windows\system32\wow64cpu.dll
2014-06-19 13:52:44 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-06-19 13:52:44 ----A---- C:\windows\SYSWOW64\wow32.dll
2014-06-19 13:52:43 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-06-19 13:52:43 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-19 13:52:43 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-06-19 13:52:43 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-19 13:52:43 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-06-19 13:52:39 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-19 13:52:39 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-06-19 13:52:39 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-19 13:52:39 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-06-19 13:52:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-06-19 13:52:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-06-19 13:52:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-19 13:52:36 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-06-19 13:52:34 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-06-19 13:52:34 ----A---- C:\windows\SYSWOW64\user.exe
2014-06-19 13:52:31 ----A---- C:\windows\system32\drivers\bowser.sys
2014-06-19 13:52:23 ----A---- C:\windows\system32\msvcrt.dll
2014-06-19 13:52:22 ----A---- C:\windows\SYSWOW64\msvcrt.dll
2014-06-19 13:52:18 ----A---- C:\windows\system32\drivers\ntfs.sys
2014-06-19 13:52:11 ----A---- C:\windows\SYSWOW64\certutil.exe
2014-06-19 13:52:11 ----A---- C:\windows\system32\certutil.exe
2014-06-19 13:52:09 ----A---- C:\windows\SYSWOW64\certenc.dll
2014-06-19 13:52:09 ----A---- C:\windows\system32\certenc.dll
2014-06-19 13:51:52 ----A---- C:\windows\system32\localspl.dll
2014-06-19 13:51:50 ----A---- C:\windows\SYSWOW64\wscript.exe
2014-06-19 13:51:50 ----A---- C:\windows\SYSWOW64\scrrun.dll
2014-06-19 13:51:50 ----A---- C:\windows\SYSWOW64\cscript.exe
2014-06-19 13:51:50 ----A---- C:\windows\system32\wscript.exe
2014-06-19 13:51:50 ----A---- C:\windows\system32\scrrun.dll
2014-06-19 13:51:50 ----A---- C:\windows\system32\cscript.exe
2014-06-19 13:51:47 ----A---- C:\windows\SYSWOW64\EncDec.dll
2014-06-19 13:51:47 ----A---- C:\windows\system32\EncDec.dll
2014-06-19 13:51:45 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2014-06-19 13:51:45 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2014-06-19 13:51:45 ----A---- C:\windows\system32\cdd.dll
2014-06-19 13:51:44 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2014-06-19 13:51:44 ----A---- C:\windows\SYSWOW64\oleacc.dll
2014-06-19 13:51:44 ----A---- C:\windows\system32\oleaut32.dll
2014-06-19 13:51:44 ----A---- C:\windows\system32\oleacc.dll
2014-06-19 13:51:33 ----A---- C:\windows\SYSWOW64\cdosys.dll
2014-06-19 13:51:32 ----A---- C:\windows\system32\cdosys.dll
2014-06-19 13:51:11 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2014-06-19 13:51:11 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2014-06-19 13:51:11 ----A---- C:\windows\system32\nshwfp.dll
2014-06-19 13:51:11 ----A---- C:\windows\system32\IKEEXT.DLL
2014-06-19 13:51:11 ----A---- C:\windows\system32\FWPUCLNT.DLL
2014-06-19 13:51:08 ----A---- C:\windows\system32\scavengeui.dll
2014-06-19 13:08:42 ----A---- C:\windows\SYSWOW64\packager.dll
2014-06-19 13:08:42 ----A---- C:\windows\system32\packager.dll
2014-06-18 21:01:19 ----SHD---- C:\windows\ftpcache
2014-06-18 21:00:47 ----A---- C:\windows\system32\HPSIsvc.exe
2014-06-18 21:00:39 ----A---- C:\windows\system32\HP1100SM.EXE
2014-06-18 21:00:39 ----A---- C:\windows\system32\HP1100LM.DLL
2014-06-18 20:59:48 ----A---- C:\windows\system32\mvhlewsi.DLL
2014-06-18 20:59:46 ----D---- C:\Program Files\HP
2014-06-18 20:59:38 ----A---- C:\windows\system32\HP1100SMs.dll
2014-06-18 17:43:14 ----SHD---- C:\System Volume Information
2014-06-18 17:43:14 ----ASH---- C:\pagefile.sys
2014-06-18 17:43:07 ----ASH---- C:\hiberfil.sys
2014-06-18 17:20:18 ----D---- C:\Program Files (x86)\ArcSoft
2014-06-18 17:20:18 ----A---- C:\windows\PCDLIB32.DLL
2014-06-18 17:19:19 ----D---- C:\Program Files\Common Files\CANON
2014-06-18 17:17:51 ----HD---- C:\windows\system32\CanonIJ Uninstaller Information
2014-06-18 17:17:17 ----A---- C:\windows\system32\CNQ4807O.DLL
2014-06-18 17:17:17 ----A---- C:\windows\system32\CNQ4807L.DLL
2014-06-18 17:17:17 ----A---- C:\windows\system32\CNQ4807I.DLL
2014-06-18 17:17:17 ----A---- C:\windows\system32\CNQ4807C.DLL
2014-06-18 17:17:16 ----HD---- C:\Program Files\CanonBJ
2014-06-18 17:16:15 ----D---- C:\Program Files (x86)\Canon
2014-06-18 17:13:17 ----D---- C:\Program Files (x86)\VideoLAN
2014-06-18 17:06:27 ----D---- C:\Program Files (x86)\Microsoft Works
2014-06-18 17:05:57 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2014-06-18 17:05:15 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-06-18 17:03:29 ----D---- C:\Program Files\Microsoft Office
2014-06-18 17:03:22 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-06-18 17:02:41 ----D---- C:\ProgramData\Microsoft Help
2014-06-18 17:02:25 ----RHD---- C:\MSOCache
2014-06-18 16:58:40 ----D---- C:\Program Files (x86)\SETOUT
2014-06-18 16:38:32 ----D---- C:\Program Files (x86)\Adobe
2014-06-18 16:37:43 ----D---- C:\ProgramData\Adobe
2014-06-18 16:32:18 ----D---- C:\Program Files (x86)\LinguArabica
2014-06-18 16:18:20 ----D---- C:\Users\Imanka\AppData\Roaming\AVAST Software
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswVmm.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswstm.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswsp.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswsnx.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswHwid.sys
2014-06-18 16:17:49 ----A---- C:\windows\system32\aswBoot.exe
2014-06-18 16:17:43 ----A---- C:\windows\avastSS.scr
2014-06-18 16:15:40 ----D---- C:\Program Files\AVAST Software
2014-06-18 16:14:39 ----D---- C:\ProgramData\AVAST Software
2014-06-18 15:58:40 ----A---- C:\windows\SYSWOW64\rdpcore.dll
2014-06-18 15:58:40 ----A---- C:\windows\system32\rdpcore.dll
2014-06-18 15:58:40 ----A---- C:\windows\system32\drivers\tdtcp.sys
2014-06-18 15:57:40 ----D---- C:\Users\Imanka\AppData\Roaming\Macromedia
2014-06-18 15:57:40 ----D---- C:\Users\Imanka\AppData\Roaming\Adobe
2014-06-18 15:53:27 ----A---- C:\windows\system32\wups2.dll
2014-06-18 15:53:27 ----A---- C:\windows\system32\wucltux.dll
2014-06-18 15:53:27 ----A---- C:\windows\system32\wuaueng.dll
2014-06-18 15:53:27 ----A---- C:\windows\system32\wuauclt.exe
2014-06-18 15:53:19 ----A---- C:\windows\system32\wups.dll
2014-06-18 15:53:19 ----A---- C:\windows\system32\wudriver.dll
2014-06-18 15:53:19 ----A---- C:\windows\system32\wuapi.dll
2014-06-18 15:53:10 ----A---- C:\windows\system32\wuwebv.dll
2014-06-18 15:53:10 ----A---- C:\windows\system32\wuapp.exe
2014-06-18 15:51:01 ----D---- C:\Users\Imanka\AppData\Roaming\Intel Corporation
2014-06-18 15:50:56 ----D---- C:\Users\Imanka\AppData\Roaming\ATI
2014-06-18 15:50:10 ----D---- C:\Users\Imanka\AppData\Roaming\Identities
2014-06-18 15:50:02 ----SHD---- C:\$RECYCLE.BIN
2014-06-18 15:49:39 ----SD---- C:\Users\Imanka\AppData\Roaming\Microsoft
2014-06-18 15:49:39 ----D---- C:\Users\Imanka\AppData\Roaming\Media Center Programs
2014-06-18 15:48:04 ----SHD---- C:\Recovery

======List of files/folders modified in the last 1 month======

2014-06-22 11:38:40 ----A---- C:\windows\SYSWOW64\log.txt
2014-06-22 11:37:19 ----D---- C:\ProgramData\VeriFace
2014-06-22 11:36:05 ----RD---- C:\Program Files (x86)
2014-06-22 11:35:31 ----D---- C:\windows\Temp
2014-06-22 11:35:16 ----D---- C:\windows\Tasks
2014-06-22 11:34:53 ----HD---- C:\ProgramData
2014-06-22 11:34:53 ----D---- C:\Program Files (x86)\Common Files
2014-06-22 11:34:34 ----D---- C:\windows\system32\config
2014-06-22 11:34:25 ----D---- C:\windows\inf
2014-06-22 11:33:47 ----D---- C:\windows\system32\catroot
2014-06-22 11:33:27 ----D---- C:\windows\system32\Tasks
2014-06-22 11:30:27 ----D---- C:\Program Files\Common Files
2014-06-22 11:30:25 ----RD---- C:\Program Files
2014-06-22 11:29:53 ----D---- C:\windows\System32
2014-06-22 11:28:42 ----D---- C:\windows\system32\drivers
2014-06-22 11:28:38 ----D---- C:\windows\system32\DriverStore
2014-06-22 11:25:17 ----D---- C:\windows\winsxs
2014-06-22 11:20:10 ----D---- C:\windows\SYSWOW64\sk-SK
2014-06-22 11:20:10 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-06-22 11:20:10 ----D---- C:\windows\system32\sk-SK
2014-06-22 11:20:10 ----D---- C:\windows\system32\cs-CZ
2014-06-22 11:15:17 ----D---- C:\windows\Microsoft.NET
2014-06-22 11:04:38 ----D---- C:\windows\system32\catroot2
2014-06-22 11:03:34 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-06-22 11:02:38 ----SHD---- C:\windows\Installer
2014-06-21 18:31:21 ----D---- C:\windows\SysWOW64
2014-06-21 15:29:36 ----RSD---- C:\windows\Media
2014-06-21 13:50:05 ----D---- C:\Windows
2014-06-21 11:47:32 ----RSD---- C:\windows\assembly
2014-06-20 21:45:21 ----D---- C:\windows\Prefetch
2014-06-20 13:28:02 ----D---- C:\windows\system32\wdi
2014-06-20 13:21:07 ----D---- C:\Program Files\Windows Media Player
2014-06-20 13:21:07 ----D---- C:\Program Files (x86)\Windows Media Player
2014-06-20 13:20:57 ----D---- C:\Program Files\Common Files\System
2014-06-20 13:20:53 ----D---- C:\windows\SYSWOW64\en-US
2014-06-20 13:20:53 ----D---- C:\windows\system32\en-US
2014-06-20 13:20:50 ----D---- C:\Program Files\Internet Explorer
2014-06-20 13:20:50 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-20 13:20:42 ----D---- C:\windows\SYSWOW64\migration
2014-06-20 13:20:37 ----D---- C:\windows\system32\migration
2014-06-20 13:20:37 ----D---- C:\windows\PolicyDefinitions
2014-06-20 13:20:29 ----D---- C:\windows\SYSWOW64\pt-BR
2014-06-20 13:20:29 ----D---- C:\windows\SYSWOW64\it-IT
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\zh-HK
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\tr-TR
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\sv-SE
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\pt-PT
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\pl-PL
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\nl-NL
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\ko-KR
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\hu-HU
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\fr-FR
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\fi-FI
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\es-ES
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\el-GR
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\zh-TW
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\zh-CN
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\ru-RU
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\nb-NO
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\ja-JP
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\de-DE
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\da-DK
2014-06-20 13:20:25 ----D---- C:\windows\system32\zh-HK
2014-06-20 13:20:25 ----D---- C:\windows\system32\pt-PT
2014-06-20 13:20:25 ----D---- C:\windows\system32\pt-BR
2014-06-20 13:20:25 ----D---- C:\windows\system32\pl-PL
2014-06-20 13:20:25 ----D---- C:\windows\system32\ko-KR
2014-06-20 13:20:25 ----D---- C:\windows\system32\it-IT
2014-06-20 13:20:25 ----D---- C:\windows\system32\hu-HU
2014-06-20 13:20:25 ----D---- C:\windows\system32\el-GR
2014-06-20 13:20:24 ----D---- C:\windows\system32\zh-TW
2014-06-20 13:20:24 ----D---- C:\windows\system32\tr-TR
2014-06-20 13:20:24 ----D---- C:\windows\system32\sv-SE
2014-06-20 13:20:24 ----D---- C:\windows\system32\nl-NL
2014-06-20 13:20:24 ----D---- C:\windows\system32\fr-FR
2014-06-20 13:20:24 ----D---- C:\windows\system32\fi-FI
2014-06-20 13:20:24 ----D---- C:\windows\system32\es-ES
2014-06-20 13:20:24 ----D---- C:\windows\system32\de-DE
2014-06-20 13:20:23 ----D---- C:\windows\system32\zh-CN
2014-06-20 13:20:23 ----D---- C:\windows\system32\ru-RU
2014-06-20 13:20:23 ----D---- C:\windows\system32\nb-NO
2014-06-20 13:20:23 ----D---- C:\windows\system32\ja-JP
2014-06-20 13:20:23 ----D---- C:\windows\system32\da-DK
2014-06-20 13:20:19 ----D---- C:\windows\AppPatch
2014-06-20 13:20:18 ----D---- C:\windows\ehome
2014-06-20 13:19:53 ----D---- C:\windows\system32\drivers\en-US
2014-06-20 13:19:53 ----D---- C:\windows\system32\drivers\cs-CZ
2014-06-20 13:19:51 ----RSD---- C:\windows\Fonts
2014-06-20 13:19:50 ----D---- C:\Program Files\Windows Defender
2014-06-20 13:19:50 ----D---- C:\Program Files (x86)\Windows Defender
2014-06-20 13:19:40 ----D---- C:\windows\system32\wbem
2014-06-20 13:18:42 ----D---- C:\Program Files\Windows Journal
2014-06-19 22:07:01 ----SD---- C:\ProgramData\Microsoft
2014-06-19 21:58:28 ----D---- C:\windows\Logs
2014-06-19 20:35:14 ----A---- C:\windows\win.ini
2014-06-18 20:48:09 ----D---- C:\windows\system32\LogFiles
2014-06-18 17:44:57 ----D---- C:\windows\rescache
2014-06-18 17:44:39 ----D---- C:\windows\debug
2014-06-18 17:43:44 ----D---- C:\windows\Panther
2014-06-18 17:20:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-06-18 17:17:48 ----D---- C:\windows\twain_32
2014-06-18 17:06:18 ----D---- C:\Program Files (x86)\MSBuild
2014-06-18 17:06:08 ----D---- C:\Program Files (x86)\Microsoft Office
2014-06-18 17:05:52 ----D---- C:\windows\ShellNew
2014-06-18 17:04:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-06-18 15:59:00 ----D---- C:\windows\SoftwareDistribution
2014-06-18 15:52:41 ----D---- C:\windows\system32\restore
2014-06-18 15:49:39 ----RD---- C:\Users
2014-06-18 15:48:04 ----D---- C:\windows\system32\Recovery

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-06-18 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-06-18 208416]
R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2011-09-05 57952]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2011-09-05 39008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-06-18 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-06-18 1039096]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-06-18 423240]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2011-09-05 13408]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-06-18 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-06-18 79184]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-06-18 85328]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2011-09-05 29792]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-03-25 8284672]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-03-25 296960]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-11-24 2673664]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2011-02-14 1581184]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-03-26 12262336]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-10-21 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-04-08 1430576]
R3 vm331avs;Digital Camera 1; C:\windows\System32\Drivers\vm331avs.sys [2011-06-15 250752]
R3 vmuvcflt;Vimicro USB Camera Filter; C:\windows\System32\Drivers\vmuvcflt.sys [2010-08-16 8320]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-03-25 12262336]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2010-09-30 299520]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-03-25 203776]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-06-18 50344]
R2 HPSIService;HP SI Service; C:\windows\system32\HPSIsvc.exe [2010-04-07 127800]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-05 136176]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-05 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-18 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\Partner.exe [2011-09-05 332272]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2014-06-19 1255736]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[Márty84]

Tu preinstalaci systemu jste delala vcetne formatu disku, nebo se zachovanim nekterych dat?


Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)


Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[Iman]

.... pouze recovery instalaci v ntb

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2014/06/22 11:49:11

-- Controller Map ----------------------------------------------------------
+ Intel(R) Mobile Express Chipset SATA AHCI Controller [ATA]
- ST9500325AS
- MATSHITA DVD-RAM UJ8B1AS

-- Disk List ---------------------------------------------------------------
(1) ST9500325AS : 500,1 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST9500325AS
----------------------------------------------------------------------------
Model : ST9500325AS
Firmware : 0011LVM1
Serial Number : S2W0SM07
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 7270 hod.
Power On Count : 4639 krát
Temparature : 39 C (102 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 118 _99 _34 00000A40DA33 Počet chyb čtení
03 _99 _98 __0 000000000000 Čas na roztočení ploten
04 _96 _96 _20 000000001220 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _81 _60 _30 000008962F09 Počet chybných hledání
09 _92 _92 __0 615C00001C66 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _96 _20 00000000121F Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _61 _46 _45 000028220027 Teplota toku vzduchu
BF 100 100 __0 00000000003A Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000018 Počet vypnutí disku
C1 _69 _69 __0 00000000F657 Počet cyklů načítání/vymazání
C2 _39 _54 __0 000000000027 Teplota
C3 _55 _50 __0 00000A40DA33 Počet oprav chybného čtení
C4 _92 _92 _30 9B2600001B95 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 5332 5332 5730 534D 3037
020: 0000 4000 0004 3030 3131 4D31 4D31 5354 3935 3030
030: 3332 3541 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0004 0048 0048
080: 01F0 0029 346B 7D09 6123 BC09 BC09 6123 203F 0044
090: 0044 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 4000 4000 0000 5000 C500
110: 3E11 770A 0000 0000 0000 0000 0000 0000 0000 401E
120: 401E 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 001F 001F 0280 0004 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3C00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103B 103B 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0002 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 CCA5

[Iman]

# AdwCleaner v3.212 - Report created 22/06/2014 at 11:52:39
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Imanka - IMANKA-PC
# Running from : C:\Users\Imanka\Downloads\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Partner Service

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Partner

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Imanka\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1840 octets] - [22/06/2014 11:51:42]
AdwCleaner[S0].txt - [1785 octets] - [22/06/2014 11:52:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1845 octets] ##########

[Márty84]

Disk hlasi dost chyb, i to muze byt pricina problemu. Uvidime po docisteni.

Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

[Iman]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.06.22.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17126
Imanka :: IMANKA-PC [administrátor]

Ochrana: Povolena

22.6.2014 12:34:39
mbam-log-2014-06-22 (12-34-39).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 404437
Uplynulý čas: 47 minut, 4 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Márty84]

MBAM zase odinstalujte.


Dejte novy log z RSIT

a k tomu

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[Iman]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Imanka at 2014-06-22 20:59:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 384 GB (89%) free of 432 GB
Total RAM: 4040 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:59:12, on 22.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Imanka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\windows\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10422 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs

C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {911BC2FD-F639-44F1-B48E-C5B73F445E9F}
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\system32\HPSIsvc.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskeng.exe {C49E67CC-0EEA-4D7A-B9C7-6BEC4B56C6D0}
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3484.0.164629945\1908256726" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.813.3.2000 --ignored=" --type=renderer " /prefetch:822062411
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\USB Camera\VM331_STI.EXE"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_03/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="3484.3.1338157443\223992899" /prefetch:673131151
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_03/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="3484.6.552862608\1061537407" /prefetch:673131151
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3256
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_03/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="3484.10.1412955696\760864951" /prefetch:673131151
"C:\Users\Imanka\Downloads\RSITx64.exe"
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-06-18 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-06-18 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-18 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-06-18 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-06-18 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-06-18 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-03-26 418840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-08 2741544]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2011-09-05 114688]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2011-09-05 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2011-09-05 5908928]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-25 336384]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331_STI.EXE [2011-06-15 548864]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-26 222504]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"VeriFaceManager"=C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2011-09-05 329056]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-06-18 3890208]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 959904]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-03-25 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-06-22 12:32:13 ----D---- C:\Users\Imanka\AppData\Roaming\Malwarebytes
2014-06-22 12:32:09 ----D---- C:\ProgramData\Malwarebytes
2014-06-22 11:52:09 ----A---- C:\windows\SYSWOW64\sqlite3.dll
2014-06-22 11:51:22 ----D---- C:\AdwCleaner
2014-06-22 11:00:50 ----D---- C:\rsit
2014-06-22 11:00:50 ----D---- C:\Program Files\trend micro
2014-06-21 15:30:30 ----HD---- C:\ProgramData\CanonIJScan
2014-06-21 15:30:03 ----D---- C:\Users\Imanka\AppData\Roaming\Canon
2014-06-21 15:28:44 ----HD---- C:\ProgramData\CanonIJEGV
2014-06-20 21:51:30 ----D---- C:\Users\Imanka\AppData\Roaming\vlc
2014-06-20 17:39:51 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2014-06-20 17:39:51 ----A---- C:\windows\system32\WMPhoto.dll
2014-06-20 17:39:49 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-20 17:39:40 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2014-06-20 17:39:40 ----A---- C:\windows\system32\d3d10warp.dll
2014-06-20 17:39:39 ----A---- C:\windows\SYSWOW64\d2d1.dll
2014-06-20 17:39:39 ----A---- C:\windows\system32\d2d1.dll
2014-06-20 17:39:35 ----A---- C:\windows\system32\drivers\BTHUSB.SYS
2014-06-20 17:39:35 ----A---- C:\windows\system32\drivers\bthport.sys
2014-06-20 17:39:32 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2014-06-20 17:39:32 ----A---- C:\windows\system32\WindowsCodecs.dll
2014-06-20 17:39:29 ----A---- C:\windows\system32\spoolsv.exe
2014-06-20 17:39:28 ----A---- C:\windows\splwow64.exe
2014-06-20 13:19:35 ----D---- C:\windows\SYSWOW64\Wat
2014-06-20 13:19:34 ----D---- C:\windows\system32\Wat
2014-06-20 13:18:47 ----SD---- C:\windows\system32\CompatTel
2014-06-19 22:23:39 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2014-06-19 22:23:38 ----A---- C:\windows\SYSWOW64\wmp.dll
2014-06-19 22:09:51 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2014-06-19 22:07:01 ----D---- C:\windows\Migration
2014-06-19 21:58:28 ----A---- C:\windows\system32\IEUDINIT.EXE
2014-06-19 21:46:05 ----A---- C:\windows\SYSWOW64\elshyph.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\wextract.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\webcheck.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\url.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\occache.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msls31.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\mshta.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jsIntl.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\jscript.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\inseng.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\imgutil.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iexpress.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iepeers.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\ieapfltr.dat
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\icardie.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-06-19 21:45:59 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\wininet.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\wextract.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\webcheck.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\vbscript.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\urlmon.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\url.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\pngfilt.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\occache.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\msrating.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\msls31.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshtmler.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshtmled.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\MshtmlDac.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshtml.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\mshta.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\msfeedssync.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\msfeedsbs.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\msfeeds.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\licmgr10.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jsproxy.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jsIntl.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jscript9diag.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jscript9.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\jscript.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\inseng.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\imgutil.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iexpress.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieUnatt.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieui.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iesysprep.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iesetup.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iertutil.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iernonce.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\iepeers.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieframe.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieetwcollector.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\iedkcs32.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieapfltr.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ieapfltr.dat
2014-06-19 21:45:59 ----A---- C:\windows\system32\IEAdvpack.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\ie4uinit.exe
2014-06-19 21:45:59 ----A---- C:\windows\system32\icardie.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\elshyph.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\dxtrans.dll
2014-06-19 21:45:59 ----A---- C:\windows\system32\dxtmsft.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-19 21:34:55 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\XpsPrint.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\XpsGdiConverter.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\WindowsCodecsExt.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\UIAnimation.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\dxgi.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\DWrite.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10level9.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10core.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10_1core.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10_1.dll
2014-06-19 21:34:55 ----A---- C:\windows\SYSWOW64\d3d10.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\XpsPrint.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\XpsGdiConverter.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\WindowsCodecsExt.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\UIAnimation.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\msmpeg2vdec.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\FntCache.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\dxgi.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\DWrite.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10level9.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10core.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10_1core.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10_1.dll
2014-06-19 21:34:55 ----A---- C:\windows\system32\d3d10.dll
2014-06-19 21:00:15 ----A---- C:\windows\system32\browserchoice.exe
2014-06-19 20:45:41 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2014-06-19 20:45:41 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2014-06-19 20:45:40 ----A---- C:\windows\system32\WUDFSvc.dll
2014-06-19 20:45:40 ----A---- C:\windows\system32\WUDFPlatform.dll
2014-06-19 20:45:38 ----A---- C:\windows\system32\WUDFx.dll
2014-06-19 20:45:38 ----A---- C:\windows\system32\WUDFHost.exe
2014-06-19 20:45:38 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2014-06-19 20:31:03 ----A---- C:\windows\system32\drivers\fs_rec.sys
2014-06-19 20:31:02 ----A---- C:\windows\SYSWOW64\wmi.dll
2014-06-19 20:31:02 ----A---- C:\windows\system32\wmi.dll
2014-06-19 20:29:07 ----D---- C:\Program Files\Microsoft Silverlight
2014-06-19 20:29:07 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-06-19 14:11:11 ----A---- C:\windows\system32\drivers\RNDISMP.sys
2014-06-19 14:11:11 ----A---- C:\windows\system32\drivers\ndis.sys
2014-06-19 14:10:55 ----A---- C:\windows\SYSWOW64\xmllite.dll
2014-06-19 14:10:55 ----A---- C:\windows\system32\xmllite.dll
2014-06-19 14:10:42 ----A---- C:\windows\system32\msieftp.dll
2014-06-19 14:10:41 ----A---- C:\windows\SYSWOW64\msieftp.dll
2014-06-19 14:10:40 ----A---- C:\windows\system32\odbccu32.dll
2014-06-19 14:10:40 ----A---- C:\windows\system32\odbccr32.dll
2014-06-19 14:10:39 ----A---- C:\windows\SYSWOW64\odbcjt32.dll
2014-06-19 14:10:39 ----A---- C:\windows\system32\odbctrac.dll
2014-06-19 14:10:39 ----A---- C:\windows\system32\odbccp32.dll
2014-06-19 14:10:38 ----A---- C:\windows\SYSWOW64\odbccu32.dll
2014-06-19 14:10:38 ----A---- C:\windows\SYSWOW64\odbccr32.dll
2014-06-19 14:10:38 ----A---- C:\windows\SYSWOW64\odbccp32.dll
2014-06-19 14:10:36 ----A---- C:\windows\SYSWOW64\odbctrac.dll
2014-06-19 14:10:33 ----A---- C:\windows\system32\wwansvc.dll
2014-06-19 14:10:33 ----A---- C:\windows\system32\wwanprotdim.dll
2014-06-19 14:10:28 ----A---- C:\windows\system32\comctl32.dll
2014-06-19 14:10:27 ----A---- C:\windows\SYSWOW64\comctl32.dll
2014-06-19 14:09:53 ----A---- C:\windows\system32\poqexec.exe
2014-06-19 14:09:52 ----A---- C:\windows\SYSWOW64\poqexec.exe
2014-06-19 14:09:48 ----A---- C:\windows\SYSWOW64\dhcpcsvc6.dll
2014-06-19 14:09:48 ----A---- C:\windows\SYSWOW64\dhcpcore6.dll
2014-06-19 14:09:48 ----A---- C:\windows\system32\dhcpcsvc6.dll
2014-06-19 14:09:48 ----A---- C:\windows\system32\dhcpcore6.dll
2014-06-19 14:09:33 ----A---- C:\windows\system32\mstscax.dll
2014-06-19 14:09:32 ----A---- C:\windows\SYSWOW64\mstscax.dll
2014-06-19 14:09:31 ----A---- C:\windows\SYSWOW64\aaclient.dll
2014-06-19 14:09:30 ----A---- C:\windows\system32\tsgqec.dll
2014-06-19 14:09:30 ----A---- C:\windows\system32\aaclient.dll
2014-06-19 14:09:29 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2014-06-19 14:09:11 ----A---- C:\windows\system32\shell32.dll
2014-06-19 14:09:10 ----A---- C:\windows\SYSWOW64\shell32.dll
2014-06-19 14:09:05 ----A---- C:\windows\system32\wintrust.dll
2014-06-19 14:09:04 ----A---- C:\windows\SYSWOW64\wintrust.dll
2014-06-19 14:08:36 ----A---- C:\windows\system32\quartz.dll
2014-06-19 14:08:35 ----A---- C:\windows\SYSWOW64\quartz.dll
2014-06-19 14:08:34 ----A---- C:\windows\SYSWOW64\qdvd.dll
2014-06-19 14:08:34 ----A---- C:\windows\system32\qdvd.dll
2014-06-19 14:08:29 ----A---- C:\windows\SYSWOW64\ntshrui.dll
2014-06-19 14:08:24 ----A---- C:\windows\SYSWOW64\mssrch.dll
2014-06-19 14:08:23 ----A---- C:\windows\SYSWOW64\tquery.dll
2014-06-19 14:08:22 ----A---- C:\windows\SYSWOW64\SearchProtocolHost.exe
2014-06-19 14:08:22 ----A---- C:\windows\SYSWOW64\SearchIndexer.exe
2014-06-19 14:08:22 ----A---- C:\windows\SYSWOW64\mssph.dll
2014-06-19 14:08:21 ----A---- C:\windows\system32\mssvp.dll
2014-06-19 14:08:21 ----A---- C:\windows\system32\mssphtb.dll
2014-06-19 14:08:20 ----A---- C:\windows\SYSWOW64\SearchFilterHost.exe
2014-06-19 14:08:20 ----A---- C:\windows\SYSWOW64\mssvp.dll
2014-06-19 14:08:20 ----A---- C:\windows\system32\msscntrs.dll
2014-06-19 14:08:19 ----A---- C:\windows\SYSWOW64\mssphtb.dll
2014-06-19 14:08:19 ----A---- C:\windows\SYSWOW64\msscntrs.dll
2014-06-19 14:08:09 ----A---- C:\windows\system32\consent.exe
2014-06-19 14:08:09 ----A---- C:\windows\system32\appinfo.dll
2014-06-19 14:07:43 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2014-06-19 14:06:46 ----A---- C:\windows\SYSWOW64\wer.dll
2014-06-19 14:06:41 ----A---- C:\windows\SYSWOW64\crypt32.dll
2014-06-19 14:06:41 ----A---- C:\windows\system32\cryptsvc.dll
2014-06-19 14:06:41 ----A---- C:\windows\system32\cryptnet.dll
2014-06-19 14:06:41 ----A---- C:\windows\system32\crypt32.dll
2014-06-19 14:06:40 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2014-06-19 14:06:40 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2014-06-19 14:06:18 ----A---- C:\windows\system32\imagehlp.dll
2014-06-19 14:06:17 ----A---- C:\windows\SYSWOW64\imagehlp.dll
2014-06-19 14:06:15 ----A---- C:\windows\system32\drivers\tcpip.sys
2014-06-19 14:06:15 ----A---- C:\windows\system32\drivers\netio.sys
2014-06-19 14:06:15 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-19 14:06:07 ----A---- C:\windows\system32\tzres.dll
2014-06-19 14:06:06 ----A---- C:\windows\SYSWOW64\tzres.dll
2014-06-19 14:05:38 ----A---- C:\windows\system32\msxml6.dll
2014-06-19 14:05:37 ----A---- C:\windows\SYSWOW64\msxml6.dll
2014-06-19 14:05:36 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2014-06-19 14:05:36 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-06-19 14:05:36 ----A---- C:\windows\system32\msxml6r.dll
2014-06-19 14:05:35 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-06-19 14:05:35 ----A---- C:\windows\system32\msxml3r.dll
2014-06-19 14:05:03 ----A---- C:\windows\system32\drivers\afd.sys
2014-06-19 14:04:58 ----A---- C:\windows\system32\drivers\portcls.sys
2014-06-19 14:04:58 ----A---- C:\windows\system32\drivers\drmk.sys
2014-06-19 14:04:47 ----A---- C:\windows\system32\win32k.sys
2014-06-19 14:04:45 ----A---- C:\windows\system32\drivers\ataport.sys
2014-06-19 14:04:34 ----A---- C:\windows\system32\authui.dll
2014-06-19 14:04:33 ----A---- C:\windows\SYSWOW64\authui.dll
2014-06-19 14:04:33 ----A---- C:\windows\system32\SmartcardCredentialProvider.dll
2014-06-19 14:04:33 ----A---- C:\windows\system32\credui.dll
2014-06-19 14:04:32 ----A---- C:\windows\SYSWOW64\SmartcardCredentialProvider.dll
2014-06-19 14:04:32 ----A---- C:\windows\SYSWOW64\credui.dll
2014-06-19 14:04:16 ----A---- C:\windows\SYSWOW64\atmfd.dll
2014-06-19 14:04:16 ----A---- C:\windows\system32\atmfd.dll
2014-06-19 14:04:15 ----A---- C:\windows\SYSWOW64\atmlib.dll
2014-06-19 14:04:15 ----A---- C:\windows\system32\lpk.dll
2014-06-19 14:04:15 ----A---- C:\windows\system32\dciman32.dll
2014-06-19 14:04:15 ----A---- C:\windows\system32\atmlib.dll
2014-06-19 14:04:14 ----A---- C:\windows\SYSWOW64\lpk.dll
2014-06-19 14:04:14 ----A---- C:\windows\SYSWOW64\dciman32.dll
2014-06-19 14:04:14 ----A---- C:\windows\system32\fontsub.dll
2014-06-19 14:04:13 ----A---- C:\windows\SYSWOW64\fontsub.dll
2014-06-19 14:04:09 ----A---- C:\windows\system32\RMActivate_isv.exe
2014-06-19 14:04:09 ----A---- C:\windows\system32\RMActivate.exe
2014-06-19 14:04:08 ----A---- C:\windows\SYSWOW64\RMActivate_isv.exe
2014-06-19 14:04:08 ----A---- C:\windows\SYSWOW64\RMActivate.exe
2014-06-19 14:04:07 ----A---- C:\windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-06-19 14:04:07 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe
2014-06-19 14:04:07 ----A---- C:\windows\system32\RMActivate_ssp.exe
2014-06-19 14:04:05 ----A---- C:\windows\SYSWOW64\secproc_isv.dll
2014-06-19 14:04:05 ----A---- C:\windows\SYSWOW64\RMActivate_ssp.exe
2014-06-19 14:04:05 ----A---- C:\windows\system32\secproc_isv.dll
2014-06-19 14:04:04 ----A---- C:\windows\SYSWOW64\secproc.dll
2014-06-19 14:04:04 ----A---- C:\windows\system32\secproc.dll
2014-06-19 14:04:04 ----A---- C:\windows\system32\msdrm.dll
2014-06-19 14:04:03 ----A---- C:\windows\SYSWOW64\msdrm.dll
2014-06-19 14:04:03 ----A---- C:\windows\system32\secproc_ssp_isv.dll
2014-06-19 14:04:03 ----A---- C:\windows\system32\secproc_ssp.dll
2014-06-19 14:04:02 ----A---- C:\windows\SYSWOW64\secproc_ssp_isv.dll
2014-06-19 14:04:02 ----A---- C:\windows\SYSWOW64\secproc_ssp.dll
2014-06-19 14:03:45 ----A---- C:\windows\system32\drivers\usbehci.sys
2014-06-19 14:03:44 ----A---- C:\windows\system32\drivers\usbport.sys
2014-06-19 14:03:44 ----A---- C:\windows\system32\drivers\usbhub.sys
2014-06-19 14:03:44 ----A---- C:\windows\system32\drivers\usbd.sys
2014-06-19 14:03:44 ----A---- C:\windows\system32\drivers\usbccgp.sys
2014-06-19 14:03:42 ----A---- C:\windows\SYSWOW64\d3d11.dll
2014-06-19 14:03:42 ----A---- C:\windows\system32\d3d11.dll
2014-06-19 14:03:05 ----A---- C:\windows\system32\drivers\usbvideo.sys
2014-06-19 14:03:05 ----A---- C:\windows\system32\drivers\usbcir.sys
2014-06-19 14:02:29 ----A---- C:\windows\system32\ntoskrnl.exe
2014-06-19 14:02:28 ----A---- C:\windows\system32\schannel.dll
2014-06-19 14:02:28 ----A---- C:\windows\system32\lsasrv.dll
2014-06-19 14:02:27 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2014-06-19 14:02:27 ----A---- C:\windows\system32\kerberos.dll
2014-06-19 14:02:26 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2014-06-19 14:02:26 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-06-19 14:02:25 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-06-19 14:02:25 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-06-19 14:02:25 ----A---- C:\windows\system32\winlogon.exe
2014-06-19 14:02:25 ----A---- C:\windows\system32\msv1_0.dll
2014-06-19 14:02:25 ----A---- C:\windows\system32\KernelBase.dll
2014-06-19 14:02:24 ----A---- C:\windows\system32\objsel.dll
2014-06-19 14:02:24 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2014-06-19 14:02:24 ----A---- C:\windows\system32\drivers\cng.sys
2014-06-19 14:02:23 ----A---- C:\windows\SYSWOW64\objsel.dll
2014-06-19 14:02:22 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2014-06-19 14:02:22 ----A---- C:\windows\system32\TSpkg.dll
2014-06-19 14:02:21 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2014-06-19 14:02:21 ----A---- C:\windows\system32\wdigest.dll
2014-06-19 14:02:20 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-06-19 14:02:20 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-06-19 14:02:19 ----A---- C:\windows\system32\smss.exe
2014-06-19 14:02:19 ----A---- C:\windows\system32\drivers\ksecdd.sys
2014-06-19 14:02:19 ----A---- C:\windows\system32\dimsroam.dll
2014-06-19 14:02:18 ----A---- C:\windows\SYSWOW64\dimsroam.dll
2014-06-19 14:02:18 ----A---- C:\windows\SYSWOW64\cngprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\SYSWOW64\capiprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\SYSWOW64\adprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\system32\lsass.exe
2014-06-19 14:02:18 ----A---- C:\windows\system32\dpapiprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\system32\cngprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\system32\capiprovider.dll
2014-06-19 14:02:18 ----A---- C:\windows\system32\adprovider.dll
2014-06-19 14:02:17 ----A---- C:\windows\SYSWOW64\dpapiprovider.dll
2014-06-19 14:02:17 ----A---- C:\windows\system32\sspicli.dll
2014-06-19 14:02:17 ----A---- C:\windows\system32\csrsrv.dll
2014-06-19 14:02:16 ----A---- C:\windows\SYSWOW64\wincredprovider.dll
2014-06-19 14:02:16 ----A---- C:\windows\system32\wincredprovider.dll
2014-06-19 14:02:15 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-06-19 14:02:15 ----A---- C:\windows\system32\secur32.dll
2014-06-19 14:02:15 ----A---- C:\windows\system32\credssp.dll
2014-06-19 14:02:14 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-06-19 14:02:14 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-06-19 14:02:14 ----A---- C:\windows\system32\sspisrv.dll
2014-06-19 14:02:03 ----A---- C:\windows\system32\apisetschema.dll
2014-06-19 14:02:02 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2014-06-19 14:01:06 ----A---- C:\windows\system32\WMVDECOD.DLL
2014-06-19 14:01:05 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2014-06-19 14:01:04 ----A---- C:\windows\system32\drivers\usb8023.sys
2014-06-19 14:01:01 ----A---- C:\windows\system32\rdrmemptylst.exe
2014-06-19 14:01:01 ----A---- C:\windows\system32\rdpwsx.dll
2014-06-19 14:01:01 ----A---- C:\windows\system32\rdpcorekmts.dll
2014-06-19 14:00:52 ----A---- C:\windows\system32\Wdfres.dll
2014-06-19 14:00:52 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2014-06-19 14:00:52 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2014-06-19 14:00:51 ----A---- C:\windows\system32\rpcrt4.dll
2014-06-19 14:00:50 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2014-06-19 14:00:49 ----A---- C:\windows\system32\profsvc.dll
2014-06-19 14:00:44 ----A---- C:\windows\SYSWOW64\ncsi.dll
2014-06-19 14:00:44 ----A---- C:\windows\system32\ncsi.dll
2014-06-19 14:00:43 ----A---- C:\windows\SYSWOW64\netcorehc.dll
2014-06-19 14:00:43 ----A---- C:\windows\system32\nlasvc.dll
2014-06-19 14:00:43 ----A---- C:\windows\system32\netcorehc.dll
2014-06-19 14:00:43 ----A---- C:\windows\system32\iphlpsvc.dll
2014-06-19 14:00:42 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2014-06-19 14:00:39 ----A---- C:\windows\system32\nlaapi.dll
2014-06-19 14:00:39 ----A---- C:\windows\system32\drivers\tcpipreg.sys
2014-06-19 14:00:37 ----A---- C:\windows\SYSWOW64\netevent.dll
2014-06-19 14:00:37 ----A---- C:\windows\system32\netevent.dll
2014-06-19 14:00:25 ----A---- C:\windows\system32\drivers\usbscan.sys
2014-06-19 14:00:25 ----A---- C:\windows\system32\drivers\hidparse.sys
2014-06-19 14:00:25 ----A---- C:\windows\system32\drivers\hidclass.sys
2014-06-19 14:00:23 ----A---- C:\windows\system32\psisdecd.dll
2014-06-19 14:00:22 ----A---- C:\windows\SYSWOW64\psisdecd.dll
2014-06-19 13:59:10 ----A---- C:\windows\SYSWOW64\WebClnt.dll
2014-06-19 13:59:10 ----A---- C:\windows\system32\WebClnt.dll
2014-06-19 13:59:09 ----A---- C:\windows\SYSWOW64\davclnt.dll
2014-06-19 13:59:09 ----A---- C:\windows\system32\drivers\mrxdav.sys
2014-06-19 13:59:09 ----A---- C:\windows\system32\davclnt.dll
2014-06-19 13:59:07 ----A---- C:\windows\SYSWOW64\dpnet.dll
2014-06-19 13:59:07 ----A---- C:\windows\system32\dpnet.dll
2014-06-19 13:58:54 ----A---- C:\windows\system32\tdh.dll
2014-06-19 13:58:54 ----A---- C:\windows\system32\ntdll.dll
2014-06-19 13:58:54 ----A---- C:\windows\system32\advapi32.dll
2014-06-19 13:58:53 ----A---- C:\windows\SYSWOW64\tdh.dll
2014-06-19 13:58:53 ----A---- C:\windows\SYSWOW64\ntdll.dll
2014-06-19 13:58:52 ----A---- C:\windows\SYSWOW64\advapi32.dll
2014-06-19 13:58:33 ----A---- C:\windows\system32\OxpsConverter.exe
2014-06-19 13:58:27 ----A---- C:\windows\system32\mswsock.dll
2014-06-19 13:58:26 ----A---- C:\windows\SYSWOW64\mswsock.dll
2014-06-19 13:58:21 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2014-06-19 13:58:19 ----A---- C:\windows\system32\drivers\rdpwd.sys
2014-06-19 13:58:04 ----A---- C:\windows\system32\Wpc.dll
2014-06-19 13:58:03 ----A---- C:\windows\SYSWOW64\Wpc.dll
2014-06-19 13:58:03 ----A---- C:\windows\SYSWOW64\gameux.dll
2014-06-19 13:58:03 ----A---- C:\windows\system32\gameux.dll
2014-06-19 13:54:50 ----A---- C:\windows\system32\aepdu.dll
2014-06-19 13:54:50 ----A---- C:\windows\system32\aeinv.dll
2014-06-19 13:54:45 ----A---- C:\windows\system32\drivers\partmgr.sys
2014-06-19 13:54:40 ----A---- C:\windows\system32\msi.dll
2014-06-19 13:54:39 ----A---- C:\windows\SYSWOW64\msi.dll
2014-06-19 13:54:37 ----A---- C:\windows\SYSWOW64\synceng.dll
2014-06-19 13:54:37 ----A---- C:\windows\system32\synceng.dll
2014-06-19 13:54:26 ----A---- C:\windows\system32\drivers\storport.sys
2014-06-19 13:54:26 ----A---- C:\windows\system32\drivers\msiscsi.sys
2014-06-19 13:54:25 ----A---- C:\windows\system32\drivers\Diskdump.sys
2014-06-19 13:54:24 ----A---- C:\windows\SYSWOW64\iologmsg.dll
2014-06-19 13:54:24 ----A---- C:\windows\system32\iologmsg.dll
2014-06-19 13:54:04 ----A---- C:\windows\SYSWOW64\shdocvw.dll
2014-06-19 13:54:04 ----A---- C:\windows\system32\shdocvw.dll
2014-06-19 13:53:51 ----A---- C:\windows\SYSWOW64\win32spl.dll
2014-06-19 13:53:51 ----A---- C:\windows\system32\win32spl.dll
2014-06-19 13:53:49 ----A---- C:\windows\system32\gdi32.dll
2014-06-19 13:53:48 ----A---- C:\windows\SYSWOW64\gdi32.dll
2014-06-19 13:53:47 ----A---- C:\windows\system32\taskhost.exe
2014-06-19 13:53:46 ----A---- C:\windows\SYSWOW64\qedit.dll
2014-06-19 13:53:46 ----A---- C:\windows\system32\qedit.dll
2014-06-19 13:53:42 ----A---- C:\windows\system32\drivers\fvevol.sys
2014-06-19 13:53:40 ----A---- C:\windows\system32\srcore.dll
2014-06-19 13:53:39 ----A---- C:\windows\SYSWOW64\srclient.dll
2014-06-19 13:53:29 ----A---- C:\windows\SYSWOW64\cryptdlg.dll
2014-06-19 13:53:29 ----A---- C:\windows\system32\cryptdlg.dll
2014-06-19 13:53:07 ----A---- C:\windows\system32\umpnpmgr.dll
2014-06-19 13:53:06 ----A---- C:\windows\SYSWOW64\drvinst.exe
2014-06-19 13:53:06 ----A---- C:\windows\SYSWOW64\devrtl.dll
2014-06-19 13:53:06 ----A---- C:\windows\SYSWOW64\devobj.dll
2014-06-19 13:53:06 ----A---- C:\windows\SYSWOW64\cfgmgr32.dll
2014-06-19 13:52:58 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-19 13:52:58 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-19 13:52:57 ----A---- C:\windows\system32\netapi32.dll
2014-06-19 13:52:57 ----A---- C:\windows\system32\browser.dll
2014-06-19 13:52:57 ----A---- C:\windows\system32\browcli.dll
2014-06-19 13:52:56 ----A---- C:\windows\SYSWOW64\netapi32.dll
2014-06-19 13:52:56 ----A---- C:\windows\SYSWOW64\browcli.dll
2014-06-19 13:52:48 ----A---- C:\windows\system32\wow64win.dll
2014-06-19 13:52:48 ----A---- C:\windows\system32\wow64.dll
2014-06-19 13:52:48 ----A---- C:\windows\system32\kernel32.dll
2014-06-19 13:52:47 ----A---- C:\windows\SYSWOW64\kernel32.dll
2014-06-19 13:52:47 ----A---- C:\windows\system32\winsrv.dll
2014-06-19 13:52:47 ----A---- C:\windows\system32\conhost.exe
2014-06-19 13:52:46 ----A---- C:\windows\SYSWOW64\setup16.exe
2014-06-19 13:52:46 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2014-06-19 13:52:46 ----A---- C:\windows\system32\ntvdm64.dll
2014-06-19 13:52:45 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-19 13:52:45 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-19 13:52:45 ----A---- C:\windows\SYSWOW64\instnm.exe
2014-06-19 13:52:45 ----A---- C:\windows\system32\wow64cpu.dll
2014-06-19 13:52:44 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-19 13:52:44 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-06-19 13:52:44 ----A---- C:\windows\SYSWOW64\wow32.dll
2014-06-19 13:52:43 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-06-19 13:52:43 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-19 13:52:43 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-06-19 13:52:43 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-19 13:52:43 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-06-19 13:52:42 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-19 13:52:41 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-06-19 13:52:40 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-06-19 13:52:39 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-19 13:52:39 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-06-19 13:52:39 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-19 13:52:39 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-19 13:52:38 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-06-19 13:52:37 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-06-19 13:52:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-06-19 13:52:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-06-19 13:52:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-19 13:52:36 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-06-19 13:52:35 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-06-19 13:52:34 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-06-19 13:52:34 ----A---- C:\windows\SYSWOW64\user.exe
2014-06-19 13:52:31 ----A---- C:\windows\system32\drivers\bowser.sys
2014-06-19 13:52:23 ----A---- C:\windows\system32\msvcrt.dll
2014-06-19 13:52:22 ----A---- C:\windows\SYSWOW64\msvcrt.dll
2014-06-19 13:52:18 ----A---- C:\windows\system32\drivers\ntfs.sys
2014-06-19 13:52:11 ----A---- C:\windows\SYSWOW64\certutil.exe
2014-06-19 13:52:11 ----A---- C:\windows\system32\certutil.exe
2014-06-19 13:52:09 ----A---- C:\windows\SYSWOW64\certenc.dll
2014-06-19 13:52:09 ----A---- C:\windows\system32\certenc.dll
2014-06-19 13:51:52 ----A---- C:\windows\system32\localspl.dll
2014-06-19 13:51:50 ----A---- C:\windows\SYSWOW64\wscript.exe
2014-06-19 13:51:50 ----A---- C:\windows\SYSWOW64\scrrun.dll
2014-06-19 13:51:50 ----A---- C:\windows\SYSWOW64\cscript.exe
2014-06-19 13:51:50 ----A---- C:\windows\system32\wscript.exe
2014-06-19 13:51:50 ----A---- C:\windows\system32\scrrun.dll
2014-06-19 13:51:50 ----A---- C:\windows\system32\cscript.exe
2014-06-19 13:51:47 ----A---- C:\windows\SYSWOW64\EncDec.dll
2014-06-19 13:51:47 ----A---- C:\windows\system32\EncDec.dll
2014-06-19 13:51:45 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2014-06-19 13:51:45 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2014-06-19 13:51:45 ----A---- C:\windows\system32\cdd.dll
2014-06-19 13:51:44 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2014-06-19 13:51:44 ----A---- C:\windows\SYSWOW64\oleacc.dll
2014-06-19 13:51:44 ----A---- C:\windows\system32\oleaut32.dll
2014-06-19 13:51:44 ----A---- C:\windows\system32\oleacc.dll
2014-06-19 13:51:33 ----A---- C:\windows\SYSWOW64\cdosys.dll
2014-06-19 13:51:32 ----A---- C:\windows\system32\cdosys.dll
2014-06-19 13:51:11 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2014-06-19 13:51:11 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2014-06-19 13:51:11 ----A---- C:\windows\system32\nshwfp.dll
2014-06-19 13:51:11 ----A---- C:\windows\system32\IKEEXT.DLL
2014-06-19 13:51:11 ----A---- C:\windows\system32\FWPUCLNT.DLL
2014-06-19 13:51:08 ----A---- C:\windows\system32\scavengeui.dll
2014-06-19 13:08:42 ----A---- C:\windows\SYSWOW64\packager.dll
2014-06-19 13:08:42 ----A---- C:\windows\system32\packager.dll
2014-06-18 21:01:19 ----SHD---- C:\windows\ftpcache
2014-06-18 21:00:47 ----A---- C:\windows\system32\HPSIsvc.exe
2014-06-18 21:00:39 ----A---- C:\windows\system32\HP1100SM.EXE
2014-06-18 21:00:39 ----A---- C:\windows\system32\HP1100LM.DLL
2014-06-18 20:59:48 ----A---- C:\windows\system32\mvhlewsi.DLL
2014-06-18 20:59:46 ----D---- C:\Program Files\HP
2014-06-18 20:59:38 ----A---- C:\windows\system32\HP1100SMs.dll
2014-06-18 17:43:14 ----SHD---- C:\System Volume Information
2014-06-18 17:43:14 ----ASH---- C:\pagefile.sys
2014-06-18 17:43:07 ----ASH---- C:\hiberfil.sys
2014-06-18 17:20:18 ----D---- C:\Program Files (x86)\ArcSoft
2014-06-18 17:20:18 ----A---- C:\windows\PCDLIB32.DLL
2014-06-18 17:19:19 ----D---- C:\Program Files\Common Files\CANON
2014-06-18 17:17:51 ----HD---- C:\windows\system32\CanonIJ Uninstaller Information
2014-06-18 17:17:17 ----A---- C:\windows\system32\CNQ4807O.DLL
2014-06-18 17:17:17 ----A---- C:\windows\system32\CNQ4807L.DLL
2014-06-18 17:17:17 ----A---- C:\windows\system32\CNQ4807I.DLL
2014-06-18 17:17:17 ----A---- C:\windows\system32\CNQ4807C.DLL
2014-06-18 17:17:16 ----HD---- C:\Program Files\CanonBJ
2014-06-18 17:16:15 ----D---- C:\Program Files (x86)\Canon
2014-06-18 17:13:17 ----D---- C:\Program Files (x86)\VideoLAN
2014-06-18 17:06:27 ----D---- C:\Program Files (x86)\Microsoft Works
2014-06-18 17:05:57 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2014-06-18 17:05:15 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-06-18 17:03:29 ----D---- C:\Program Files\Microsoft Office
2014-06-18 17:03:22 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-06-18 17:02:41 ----D---- C:\ProgramData\Microsoft Help
2014-06-18 17:02:25 ----RHD---- C:\MSOCache
2014-06-18 16:58:40 ----D---- C:\Program Files (x86)\SETOUT
2014-06-18 16:38:32 ----D---- C:\Program Files (x86)\Adobe
2014-06-18 16:37:43 ----D---- C:\ProgramData\Adobe
2014-06-18 16:32:18 ----D---- C:\Program Files (x86)\LinguArabica
2014-06-18 16:18:20 ----D---- C:\Users\Imanka\AppData\Roaming\AVAST Software
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswVmm.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswstm.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswsp.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswsnx.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2014-06-18 16:17:50 ----A---- C:\windows\system32\drivers\aswHwid.sys
2014-06-18 16:17:49 ----A---- C:\windows\system32\aswBoot.exe
2014-06-18 16:17:43 ----A---- C:\windows\avastSS.scr
2014-06-18 16:15:40 ----D---- C:\Program Files\AVAST Software
2014-06-18 16:14:39 ----D---- C:\ProgramData\AVAST Software
2014-06-18 15:58:40 ----A---- C:\windows\SYSWOW64\rdpcore.dll
2014-06-18 15:58:40 ----A---- C:\windows\system32\rdpcore.dll
2014-06-18 15:58:40 ----A---- C:\windows\system32\drivers\tdtcp.sys
2014-06-18 15:57:40 ----D---- C:\Users\Imanka\AppData\Roaming\Macromedia
2014-06-18 15:57:40 ----D---- C:\Users\Imanka\AppData\Roaming\Adobe
2014-06-18 15:53:27 ----A---- C:\windows\system32\wups2.dll
2014-06-18 15:53:27 ----A---- C:\windows\system32\wucltux.dll
2014-06-18 15:53:27 ----A---- C:\windows\system32\wuaueng.dll
2014-06-18 15:53:27 ----A---- C:\windows\system32\wuauclt.exe
2014-06-18 15:53:19 ----A---- C:\windows\system32\wups.dll
2014-06-18 15:53:19 ----A---- C:\windows\system32\wudriver.dll
2014-06-18 15:53:19 ----A---- C:\windows\system32\wuapi.dll
2014-06-18 15:53:10 ----A---- C:\windows\system32\wuwebv.dll
2014-06-18 15:53:10 ----A---- C:\windows\system32\wuapp.exe
2014-06-18 15:51:01 ----D---- C:\Users\Imanka\AppData\Roaming\Intel Corporation
2014-06-18 15:50:56 ----D---- C:\Users\Imanka\AppData\Roaming\ATI
2014-06-18 15:50:10 ----D---- C:\Users\Imanka\AppData\Roaming\Identities
2014-06-18 15:50:02 ----SHD---- C:\$RECYCLE.BIN
2014-06-18 15:49:39 ----SD---- C:\Users\Imanka\AppData\Roaming\Microsoft
2014-06-18 15:49:39 ----D---- C:\Users\Imanka\AppData\Roaming\Media Center Programs
2014-06-18 15:48:04 ----SHD---- C:\Recovery

======List of files/folders modified in the last 1 month======

2014-06-22 20:59:12 ----D---- C:\windows\system32\catroot2
2014-06-22 20:58:12 ----RD---- C:\Program Files (x86)
2014-06-22 20:58:12 ----D---- C:\windows\system32\drivers
2014-06-22 20:55:40 ----D---- C:\windows\System32
2014-06-22 20:55:40 ----D---- C:\windows\inf
2014-06-22 20:55:40 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-06-22 20:53:24 ----A---- C:\windows\SYSWOW64\log.txt
2014-06-22 20:52:22 ----D---- C:\ProgramData\VeriFace
2014-06-22 20:51:02 ----D---- C:\windows\Temp
2014-06-22 20:49:44 ----D---- C:\windows\system32\catroot
2014-06-22 18:11:43 ----D---- C:\windows\rescache
2014-06-22 18:08:44 ----D---- C:\windows\winsxs
2014-06-22 18:08:14 ----D---- C:\windows\system32\config
2014-06-22 14:05:18 ----D---- C:\Program Files\Windows Sidebar
2014-06-22 14:05:18 ----D---- C:\Program Files\Windows Mail
2014-06-22 14:05:17 ----D---- C:\Program Files\Windows Media Player
2014-06-22 14:05:17 ----D---- C:\Program Files\Windows Journal
2014-06-22 14:05:17 ----D---- C:\Program Files\Common Files\System
2014-06-22 14:05:14 ----D---- C:\windows\servicing
2014-06-22 14:05:14 ----D---- C:\windows\ehome
2014-06-22 14:05:14 ----D---- C:\Program Files\Windows Photo Viewer
2014-06-22 14:05:14 ----D---- C:\Program Files\Windows Defender
2014-06-22 14:05:14 ----D---- C:\Program Files (x86)\Windows Sidebar
2014-06-22 14:05:14 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2014-06-22 14:05:14 ----D---- C:\Program Files (x86)\Windows Media Player
2014-06-22 14:05:14 ----D---- C:\Program Files (x86)\Windows Mail
2014-06-22 14:05:14 ----D---- C:\Program Files (x86)\Windows Defender
2014-06-22 14:05:13 ----D---- C:\windows\SYSWOW64\sk-SK
2014-06-22 14:05:13 ----D---- C:\windows\SYSWOW64\migwiz
2014-06-22 14:05:13 ----D---- C:\windows\SYSWOW64\en
2014-06-22 14:05:11 ----D---- C:\windows\SYSWOW64\en-US
2014-06-22 14:05:11 ----D---- C:\windows\SYSWOW64\drivers\en-US
2014-06-22 14:05:11 ----D---- C:\windows\SYSWOW64\drivers
2014-06-22 14:05:09 ----D---- C:\windows\SYSWOW64\Dism
2014-06-22 14:05:08 ----D---- C:\windows\system32\migwiz
2014-06-22 14:05:08 ----D---- C:\windows\en-US
2014-06-22 14:05:08 ----D---- C:\Windows
2014-06-22 14:05:07 ----D---- C:\windows\system32\sysprep
2014-06-22 14:05:07 ----D---- C:\windows\system32\sk-SK
2014-06-22 14:05:07 ----D---- C:\windows\system32\oobe
2014-06-22 14:05:07 ----D---- C:\windows\system32\en
2014-06-22 14:05:07 ----D---- C:\windows\system32\Boot
2014-06-22 14:05:02 ----D---- C:\windows\system32\en-US
2014-06-22 14:04:58 ----D---- C:\windows\system32\drivers\en-US
2014-06-22 14:04:57 ----D---- C:\windows\system32\WCN
2014-06-22 14:04:57 ----D---- C:\windows\system32\DriverStore
2014-06-22 14:04:57 ----D---- C:\windows\system32\Dism
2014-06-22 14:04:45 ----D---- C:\Program Files\DVD Maker
2014-06-22 14:04:37 ----D---- C:\windows\SYSWOW64\WCN
2014-06-22 14:04:31 ----D---- C:\windows\Speech
2014-06-22 12:32:09 ----HD---- C:\ProgramData
2014-06-22 12:21:26 ----D---- C:\windows\Logs
2014-06-22 12:11:11 ----D---- C:\windows\Prefetch
2014-06-22 11:52:09 ----D---- C:\windows\SysWOW64
2014-06-22 11:35:16 ----D---- C:\windows\Tasks
2014-06-22 11:34:53 ----D---- C:\Program Files (x86)\Common Files
2014-06-22 11:33:27 ----D---- C:\windows\system32\Tasks
2014-06-22 11:30:27 ----D---- C:\Program Files\Common Files
2014-06-22 11:30:25 ----RD---- C:\Program Files
2014-06-22 11:20:10 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-06-22 11:20:10 ----D---- C:\windows\system32\cs-CZ
2014-06-22 11:15:17 ----D---- C:\windows\Microsoft.NET
2014-06-22 11:02:38 ----SHD---- C:\windows\Installer
2014-06-21 15:29:36 ----RSD---- C:\windows\Media
2014-06-21 11:47:32 ----RSD---- C:\windows\assembly
2014-06-20 13:28:02 ----D---- C:\windows\system32\wdi
2014-06-20 13:20:50 ----D---- C:\Program Files\Internet Explorer
2014-06-20 13:20:50 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-20 13:20:42 ----D---- C:\windows\SYSWOW64\migration
2014-06-20 13:20:37 ----D---- C:\windows\system32\migration
2014-06-20 13:20:37 ----D---- C:\windows\PolicyDefinitions
2014-06-20 13:20:29 ----D---- C:\windows\SYSWOW64\pt-BR
2014-06-20 13:20:29 ----D---- C:\windows\SYSWOW64\it-IT
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\zh-HK
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\tr-TR
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\sv-SE
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\pt-PT
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\pl-PL
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\nl-NL
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\ko-KR
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\hu-HU
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\fr-FR
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\fi-FI
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\es-ES
2014-06-20 13:20:28 ----D---- C:\windows\SYSWOW64\el-GR
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\zh-TW
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\zh-CN
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\ru-RU
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\nb-NO
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\ja-JP
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\de-DE
2014-06-20 13:20:27 ----D---- C:\windows\SYSWOW64\da-DK
2014-06-20 13:20:25 ----D---- C:\windows\system32\zh-HK
2014-06-20 13:20:25 ----D---- C:\windows\system32\pt-PT
2014-06-20 13:20:25 ----D---- C:\windows\system32\pt-BR
2014-06-20 13:20:25 ----D---- C:\windows\system32\pl-PL
2014-06-20 13:20:25 ----D---- C:\windows\system32\ko-KR
2014-06-20 13:20:25 ----D---- C:\windows\system32\it-IT
2014-06-20 13:20:25 ----D---- C:\windows\system32\hu-HU
2014-06-20 13:20:25 ----D---- C:\windows\system32\el-GR
2014-06-20 13:20:24 ----D---- C:\windows\system32\zh-TW
2014-06-20 13:20:24 ----D---- C:\windows\system32\tr-TR
2014-06-20 13:20:24 ----D---- C:\windows\system32\sv-SE
2014-06-20 13:20:24 ----D---- C:\windows\system32\nl-NL
2014-06-20 13:20:24 ----D---- C:\windows\system32\fr-FR
2014-06-20 13:20:24 ----D---- C:\windows\system32\fi-FI
2014-06-20 13:20:24 ----D---- C:\windows\system32\es-ES
2014-06-20 13:20:24 ----D---- C:\windows\system32\de-DE
2014-06-20 13:20:23 ----D---- C:\windows\system32\zh-CN
2014-06-20 13:20:23 ----D---- C:\windows\system32\ru-RU
2014-06-20 13:20:23 ----D---- C:\windows\system32\nb-NO
2014-06-20 13:20:23 ----D---- C:\windows\system32\ja-JP
2014-06-20 13:20:23 ----D---- C:\windows\system32\da-DK
2014-06-20 13:20:19 ----D---- C:\windows\AppPatch
2014-06-20 13:19:53 ----D---- C:\windows\system32\drivers\cs-CZ
2014-06-20 13:19:51 ----RSD---- C:\windows\Fonts
2014-06-20 13:19:40 ----D---- C:\windows\system32\wbem
2014-06-19 22:07:01 ----SD---- C:\ProgramData\Microsoft
2014-06-19 20:35:14 ----A---- C:\windows\win.ini
2014-06-18 20:48:09 ----D---- C:\windows\system32\LogFiles
2014-06-18 17:44:39 ----D---- C:\windows\debug
2014-06-18 17:43:44 ----D---- C:\windows\Panther
2014-06-18 17:20:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-06-18 17:17:48 ----D---- C:\windows\twain_32
2014-06-18 17:06:18 ----D---- C:\Program Files (x86)\MSBuild
2014-06-18 17:06:08 ----D---- C:\Program Files (x86)\Microsoft Office
2014-06-18 17:05:52 ----D---- C:\windows\ShellNew
2014-06-18 17:04:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-06-18 15:59:00 ----D---- C:\windows\SoftwareDistribution
2014-06-18 15:52:41 ----D---- C:\windows\system32\restore
2014-06-18 15:49:39 ----RD---- C:\Users
2014-06-18 15:48:04 ----D---- C:\windows\system32\Recovery

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-06-18 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-06-18 208416]
R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2011-09-05 57952]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2011-09-05 39008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-06-18 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-06-18 1039096]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-06-18 423240]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2011-09-05 13408]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-06-18 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-06-18 79184]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-06-18 85328]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2011-09-05 29792]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-03-25 8284672]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-03-25 296960]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-11-24 2673664]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2011-02-14 1581184]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-03-26 12262336]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-10-21 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-04-08 1430576]
R3 vm331avs;Digital Camera 1; C:\windows\System32\Drivers\vm331avs.sys [2011-06-15 250752]
R3 vmuvcflt;Vimicro USB Camera Filter; C:\windows\System32\Drivers\vmuvcflt.sys [2010-08-16 8320]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-03-25 12262336]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2010-09-30 299520]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-03-25 203776]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-06-18 50344]
R2 HPSIService;HP SI Service; C:\windows\system32\HPSIsvc.exe [2010-04-07 127800]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-05 136176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-05 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-18 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2014-06-19 1255736]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[Iman]

OTL logfile created on: 6/22/2014 9:02:01 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Imanka\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.95 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 59.04% Memory free
7.89 Gb Paging File | 5.89 Gb Available in Paging File | 74.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 421.81 Gb Total Space | 374.75 Gb Free Space | 88.84% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 3.81 Gb Free Space | 13.15% Space Free | Partition Type: NTFS

Computer Name: IMANKA-PC | User Name: Imanka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/06/22 21:00:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Imanka\Desktop\OTL.exe
PRC - [2014/06/18 16:18:09 | 003,890,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/06/18 16:17:39 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/06/05 15:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/09/23 20:43:34 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/09/05 14:38:33 | 000,329,056 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
PRC - [2011/06/15 13:46:52 | 000,548,864 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera\VM331_STI.EXE
PRC - [2011/02/18 10:20:54 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/02/18 10:20:50 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/01/29 01:29:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
PRC - [2010/12/21 04:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/12/21 04:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2014/06/20 14:44:04 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ad6e1822cef18d4543465d225d4f6cb6\IAStorCommon.ni.dll
MOD - [2014/06/20 14:44:03 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\562bdd62e51e3eaac4e7c3c30fc6a200\IAStorUtil.ni.dll
MOD - [2014/06/20 13:41:36 | 000,774,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014/06/20 13:41:00 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/06/20 13:40:50 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/06/20 13:40:43 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/06/20 13:40:38 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/06/20 13:40:23 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014/06/20 13:40:18 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/06/20 13:40:11 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/06/18 16:17:41 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/06/05 15:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014/06/05 15:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014/06/05 15:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014/06/05 15:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014/06/05 15:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2013/07/08 14:43:52 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2013/07/08 14:43:52 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2011/09/05 14:38:33 | 000,013,664 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
MOD - [2010/08/20 05:08:20 | 000,659,456 | ---- | M] () -- C:\Windows\SysWOW64\vmprp331.ax


========== Services (SafeList) ==========

SRV:64bit: - [2014/06/19 21:45:59 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/06/18 16:17:39 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/03/25 04:53:28 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/07 15:04:24 | 000,127,800 | ---- | M] (HP) [Auto | Running] -- C:\Windows\SysNative\HPSIsvc.exe -- (HPSIService)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/09/23 20:43:34 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/02/18 10:20:54 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/12/21 04:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/21 04:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/06/18 16:18:04 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/06/18 16:18:04 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/06/18 16:18:03 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/06/18 16:17:44 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/06/18 16:17:44 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/06/18 16:17:44 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/06/18 16:17:44 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/06/18 16:17:44 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/05 14:49:33 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2011/09/05 14:49:30 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2011/09/05 14:46:57 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon)
DRV:64bit: - [2011/09/05 14:46:57 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv)
DRV:64bit: - [2011/09/05 05:47:43 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/09/05 05:47:43 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/15 05:51:18 | 000,250,752 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm331avs.sys -- (vm331avs)
DRV:64bit: - [2011/04/08 03:59:58 | 001,430,576 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/26 00:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011/03/25 12:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/25 07:34:40 | 008,284,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/03/25 04:17:36 | 000,296,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/02/18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/02/14 06:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/01/29 01:29:58 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/11/24 13:33:26 | 002,673,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/21 08:57:30 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/10/20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/14 19:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/30 10:45:22 | 000,299,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/08/16 11:28:50 | 000,008,320 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmuvcflt.sys -- (vmuvcflt)
DRV:64bit: - [2009/07/21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-817057604-86561621-573860850-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENN
IE - HKU\S-1-5-21-817057604-86561621-573860850-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKU\S-1-5-21-817057604-86561621-573860850-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKU\S-1-5-21-817057604-86561621-573860850-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-817057604-86561621-573860850-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-817057604-86561621-573860850-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/ig/redirectdomain ... &bmod=LENN
CHR - plugin: Error reading preferences file
CHR - Extension: SiteAdvisor = C:\Users\Imanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_1\
CHR - Extension: avast! Online Security = C:\Users\Imanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: Peněženka Google = C:\Users\Imanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE (Vimicro)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-817057604-86561621-573860850-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32FB5567-8921-41AE-A317-64C0127D3C29}: DhcpNameServer = 192.168.1.1 8.8.8.8
O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest - No CLSID value found
O18 - Protocol\Handler\sacore - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.clmp3enc - C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/06/22 21:00:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Imanka\Desktop\OTL.exe
[2014/06/22 12:32:13 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Roaming\Malwarebytes
[2014/06/22 12:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/22 12:31:53 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Local\Programs
[2014/06/22 11:52:09 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\windows\SysWow64\sqlite3.dll
[2014/06/22 11:51:22 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/22 11:48:43 | 000,000,000 | ---D | C] -- C:\Users\Imanka\Desktop\Smart
[2014/06/22 11:48:12 | 000,000,000 | ---D | C] -- C:\Users\Imanka\Desktop\CdiResource
[2014/06/22 11:00:50 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/06/22 11:00:50 | 000,000,000 | ---D | C] -- C:\rsit
[2014/06/21 15:32:55 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Local\Adobe
[2014/06/21 15:30:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan
[2014/06/21 15:30:03 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Roaming\Canon
[2014/06/21 15:28:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEGV
[2014/06/21 11:53:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/06/20 21:51:30 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Roaming\vlc
[2014/06/20 17:39:51 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2014/06/20 17:39:51 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2014/06/20 17:39:49 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/06/20 17:39:40 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2014/06/20 17:39:39 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2014/06/20 17:39:32 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2014/06/20 17:39:28 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2014/06/20 13:19:35 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat
[2014/06/20 13:19:34 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat
[2014/06/20 13:18:47 | 000,000,000 | --SD | C] -- C:\windows\SysNative\CompatTel
[2014/06/19 22:23:39 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2014/06/19 22:23:38 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2014/06/19 22:07:01 | 000,000,000 | ---D | C] -- C:\windows\Migration
[2014/06/19 21:58:28 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEUDINIT.EXE
[2014/06/19 21:46:05 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2014/06/19 21:45:59 | 005,782,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/06/19 21:45:59 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/06/19 21:45:59 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/06/19 21:45:59 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/06/19 21:45:59 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/06/19 21:45:59 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll
[2014/06/19 21:45:59 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/06/19 21:45:59 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2014/06/19 21:45:59 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/06/19 21:45:59 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/06/19 21:45:59 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll
[2014/06/19 21:45:59 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/06/19 21:45:59 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2014/06/19 21:45:59 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2014/06/19 21:45:59 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2014/06/19 21:45:59 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/06/19 21:45:59 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/06/19 21:45:59 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/06/19 21:45:59 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/06/19 21:45:59 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/06/19 21:45:59 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/06/19 21:45:59 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2014/06/19 21:45:59 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2014/06/19 21:45:59 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/06/19 21:45:59 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2014/06/19 21:45:59 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2014/06/19 21:45:59 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2014/06/19 21:45:59 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2014/06/19 21:45:59 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/06/19 21:45:59 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2014/06/19 21:45:59 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/06/19 21:45:59 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2014/06/19 21:45:59 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2014/06/19 21:45:59 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2014/06/19 21:45:59 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2014/06/19 21:45:59 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/06/19 21:45:59 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2014/06/19 21:45:59 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2014/06/19 21:45:59 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2014/06/19 21:45:59 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2014/06/19 21:45:59 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/06/19 21:45:59 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/06/19 21:45:59 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2014/06/19 21:45:59 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2014/06/19 21:45:59 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2014/06/19 21:45:59 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2014/06/19 21:45:59 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2014/06/19 21:45:59 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2014/06/19 21:45:59 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/06/19 21:45:59 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014/06/19 21:45:59 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2014/06/19 21:45:59 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2014/06/19 21:45:59 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2014/06/19 21:45:59 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2014/06/19 21:45:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2014/06/19 21:45:59 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/06/19 21:45:59 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2014/06/19 21:45:59 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/06/19 21:45:59 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2014/06/19 21:45:59 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2014/06/19 21:45:59 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014/06/19 21:45:59 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/06/19 21:45:59 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2014/06/19 21:45:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/06/19 21:45:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2014/06/19 21:45:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2014/06/19 21:45:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/06/19 21:45:59 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2014/06/19 21:45:59 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/06/19 21:45:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/06/19 21:45:59 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/06/19 21:45:59 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/06/19 21:45:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2014/06/19 21:45:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2014/06/19 21:45:59 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2014/06/19 21:45:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2014/06/19 21:45:59 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2014/06/19 21:45:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/06/19 21:34:55 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll
[2014/06/19 21:34:55 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll
[2014/06/19 21:34:55 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2014/06/19 21:34:55 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2014/06/19 21:34:55 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10.dll
[2014/06/19 21:34:55 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2014/06/19 21:34:55 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2014/06/19 21:34:55 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2014/06/19 21:34:55 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2014/06/19 21:34:55 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2014/06/19 21:34:55 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2014/06/19 21:34:55 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10core.dll
[2014/06/19 21:34:55 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecsExt.dll
[2014/06/19 21:34:55 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIAnimation.dll
[2014/06/19 21:34:55 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2014/06/19 21:34:55 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll
[2014/06/19 21:34:55 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/06/19 21:34:55 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/06/19 21:34:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/06/19 21:34:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/06/19 21:34:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/06/19 21:34:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/06/19 21:34:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/06/19 21:34:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/06/19 21:34:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/06/19 21:34:55 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/06/19 21:00:15 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browserchoice.exe
[2014/06/19 20:45:40 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFPlatform.dll
[2014/06/19 20:45:38 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFx.dll
[2014/06/19 20:45:38 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFHost.exe
[2014/06/19 20:45:38 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFCoinstaller.dll
[2014/06/19 20:31:03 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fs_rec.sys
[2014/06/19 20:30:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/06/19 20:29:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/06/19 20:29:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/06/19 20:02:51 | 000,000,000 | ---D | C] -- C:\Users\Imanka\Desktop\Sýrie
[2014/06/19 14:11:11 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\RNDISMP.sys
[2014/06/19 14:10:55 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xmllite.dll
[2014/06/19 14:10:42 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msieftp.dll
[2014/06/19 14:10:41 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msieftp.dll
[2014/06/19 14:10:40 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccu32.dll
[2014/06/19 14:10:40 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccr32.dll
[2014/06/19 14:10:39 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcjt32.dll
[2014/06/19 14:10:39 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbctrac.dll
[2014/06/19 14:10:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccp32.dll
[2014/06/19 14:10:38 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccp32.dll
[2014/06/19 14:10:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccu32.dll
[2014/06/19 14:10:38 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccr32.dll
[2014/06/19 14:10:36 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbctrac.dll
[2014/06/19 14:10:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanprotdim.dll
[2014/06/19 14:10:28 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2014/06/19 14:09:53 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2014/06/19 14:09:52 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2014/06/19 14:09:48 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore6.dll
[2014/06/19 14:09:48 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcore6.dll
[2014/06/19 14:09:48 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcsvc6.dll
[2014/06/19 14:09:33 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2014/06/19 14:09:32 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2014/06/19 14:09:31 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2014/06/19 14:09:30 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2014/06/19 14:09:30 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2014/06/19 14:09:29 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2014/06/19 14:09:05 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2014/06/19 14:08:36 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2014/06/19 14:08:35 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2014/06/19 14:08:34 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2014/06/19 14:08:34 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2014/06/19 14:08:24 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll
[2014/06/19 14:08:23 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll
[2014/06/19 14:08:22 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssph.dll
[2014/06/19 14:08:21 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll
[2014/06/19 14:08:21 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll
[2014/06/19 14:08:20 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll
[2014/06/19 14:08:20 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscntrs.dll
[2014/06/19 14:08:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscntrs.dll
[2014/06/19 14:08:09 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2014/06/19 14:06:46 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll
[2014/06/19 14:06:41 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2014/06/19 14:06:41 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
[2014/06/19 14:06:18 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2014/06/19 14:06:15 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2014/06/19 14:06:15 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2014/06/19 14:05:41 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl
[2014/06/19 14:05:40 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl
[2014/06/19 14:05:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll
[2014/06/19 14:05:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll
[2014/06/19 14:05:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2014/06/19 14:05:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2014/06/19 14:04:58 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\portcls.sys
[2014/06/19 14:04:58 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\drmk.sys
[2014/06/19 14:04:45 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys
[2014/06/19 14:04:34 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2014/06/19 14:04:33 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2014/06/19 14:04:33 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credui.dll
[2014/06/19 14:04:33 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmartcardCredentialProvider.dll
[2014/06/19 14:04:32 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SmartcardCredentialProvider.dll
[2014/06/19 14:04:16 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2014/06/19 14:04:16 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2014/06/19 14:04:15 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2014/06/19 14:04:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2014/06/19 14:04:15 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2014/06/19 14:04:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2014/06/19 14:04:14 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2014/06/19 14:04:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2014/06/19 14:04:09 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_isv.exe
[2014/06/19 14:04:09 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate.exe
[2014/06/19 14:04:08 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_isv.exe
[2014/06/19 14:04:08 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate.exe
[2014/06/19 14:04:07 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp.exe
[2014/06/19 14:04:07 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp_isv.exe
[2014/06/19 14:04:07 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp_isv.exe
[2014/06/19 14:04:05 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp.exe
[2014/06/19 14:04:05 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_isv.dll
[2014/06/19 14:04:05 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_isv.dll
[2014/06/19 14:04:04 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdrm.dll
[2014/06/19 14:04:04 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc.dll
[2014/06/19 14:04:04 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc.dll
[2014/06/19 14:04:03 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp_isv.dll
[2014/06/19 14:04:03 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp.dll
[2014/06/19 14:04:02 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp_isv.dll
[2014/06/19 14:04:02 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp.dll
[2014/06/19 14:03:44 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2014/06/19 14:03:44 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[2014/06/19 14:03:42 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2014/06/19 14:03:42 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2014/06/19 14:02:29 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2014/06/19 14:02:28 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2014/06/19 14:02:27 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2014/06/19 14:02:26 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2014/06/19 14:02:25 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2014/06/19 14:02:25 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2014/06/19 14:02:24 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\objsel.dll
[2014/06/19 14:02:23 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\objsel.dll
[2014/06/19 14:02:19 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2014/06/19 14:02:19 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dimsroam.dll
[2014/06/19 14:02:18 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cngprovider.dll
[2014/06/19 14:02:18 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adprovider.dll
[2014/06/19 14:02:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\capiprovider.dll
[2014/06/19 14:02:18 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpapiprovider.dll
[2014/06/19 14:02:18 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cngprovider.dll
[2014/06/19 14:02:18 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adprovider.dll
[2014/06/19 14:02:18 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\capiprovider.dll
[2014/06/19 14:02:18 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dimsroam.dll
[2014/06/19 14:02:17 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2014/06/19 14:02:17 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpapiprovider.dll
[2014/06/19 14:02:17 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2014/06/19 14:02:16 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wincredprovider.dll
[2014/06/19 14:02:16 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wincredprovider.dll
[2014/06/19 14:02:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2014/06/19 14:02:14 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2014/06/19 14:02:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll
[2014/06/19 14:02:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2014/06/19 14:01:06 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2014/06/19 14:01:05 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2014/06/19 14:01:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys
[2014/06/19 14:01:01 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2014/06/19 14:01:01 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2014/06/19 14:01:01 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe
[2014/06/19 14:00:52 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdfLdr.sys
[2014/06/19 14:00:52 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wdfres.dll
[2014/06/19 14:00:51 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2014/06/19 14:00:44 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
[2014/06/19 14:00:44 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2014/06/19 14:00:43 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcorehc.dll
[2014/06/19 14:00:43 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcorehc.dll
[2014/06/19 14:00:37 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netevent.dll
[2014/06/19 14:00:37 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netevent.dll
[2014/06/19 14:00:25 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2014/06/19 14:00:25 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidparse.sys
[2014/06/19 14:00:23 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisdecd.dll
[2014/06/19 14:00:23 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisrndr.ax
[2014/06/19 14:00:22 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisdecd.dll
[2014/06/19 14:00:21 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisrndr.ax
[2014/06/19 13:59:09 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2014/06/19 13:59:07 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnet.dll
[2014/06/19 13:59:07 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnet.dll
[2014/06/19 13:58:54 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2014/06/19 13:58:54 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll
[2014/06/19 13:58:54 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdh.dll
[2014/06/19 13:58:53 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdh.dll
[2014/06/19 13:58:33 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OxpsConverter.exe
[2014/06/19 13:58:09 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs
[2014/06/19 13:58:09 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs
[2014/06/19 13:58:09 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs
[2014/06/19 13:58:08 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs
[2014/06/19 13:58:08 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs
[2014/06/19 13:58:08 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs
[2014/06/19 13:58:08 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs
[2014/06/19 13:58:07 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs
[2014/06/19 13:58:07 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs
[2014/06/19 13:58:06 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs
[2014/06/19 13:58:06 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs
[2014/06/19 13:58:06 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs
[2014/06/19 13:58:05 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs
[2014/06/19 13:58:05 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs
[2014/06/19 13:58:05 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs
[2014/06/19 13:58:05 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs
[2014/06/19 13:58:05 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs
[2014/06/19 13:58:04 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll
[2014/06/19 13:58:04 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs
[2014/06/19 13:58:04 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs
[2014/06/19 13:58:04 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs
[2014/06/19 13:58:03 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
[2014/06/19 13:58:03 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2014/06/19 13:58:03 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll
[2014/06/19 13:57:48 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs
[2014/06/19 13:57:48 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs
[2014/06/19 13:57:48 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs
[2014/06/19 13:57:48 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs
[2014/06/19 13:57:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs
[2014/06/19 13:57:47 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs
[2014/06/19 13:57:47 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs
[2014/06/19 13:57:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs
[2014/06/19 13:54:50 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/06/19 13:54:50 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/06/19 13:54:40 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2014/06/19 13:54:37 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\synceng.dll
[2014/06/19 13:54:37 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\synceng.dll
[2014/06/19 13:54:26 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2014/06/19 13:54:25 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2014/06/19 13:54:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iologmsg.dll
[2014/06/19 13:54:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iologmsg.dll
[2014/06/19 13:54:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2014/06/19 13:53:51 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2014/06/19 13:53:51 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2014/06/19 13:53:49 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2014/06/19 13:53:47 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2014/06/19 13:53:46 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2014/06/19 13:53:46 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2014/06/19 13:53:40 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2014/06/19 13:53:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptdlg.dll
[2014/06/19 13:53:29 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptdlg.dll
[2014/06/19 13:53:06 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvinst.exe
[2014/06/19 13:53:06 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devrtl.dll
[2014/06/19 13:52:58 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/06/19 13:52:58 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/06/19 13:52:57 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2014/06/19 13:52:57 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2014/06/19 13:52:56 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2014/06/19 13:52:48 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2014/06/19 13:52:48 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2014/06/19 13:52:48 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2014/06/19 13:52:47 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2014/06/19 13:52:47 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2014/06/19 13:52:46 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2014/06/19 13:52:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2014/06/19 13:52:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2014/06/19 13:52:45 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2014/06/19 13:52:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2014/06/19 13:52:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/06/19 13:52:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/06/19 13:52:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2014/06/19 13:52:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2014/06/19 13:52:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2014/06/19 13:52:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/06/19 13:52:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/06/19 13:52:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2014/06/19 13:52:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2014/06/19 13:52:43 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2014/06/19 13:52:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2014/06/19 13:52:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2014/06/19 13:52:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2014/06/19 13:52:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2014/06/19 13:52:42 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2014/06/19 13:52:42 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2014/06/19 13:52:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2014/06/19 13:52:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2014/06/19 13:52:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/06/19 13:52:41 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/06/19 13:52:41 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/06/19 13:52:41 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/06/19 13:52:41 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/06/19 13:52:41 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/06/19 13:52:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2014/06/19 13:52:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2014/06/19 13:52:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2014/06/19 13:52:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2014/06/19 13:52:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2014/06/19 13:52:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2014/06/19 13:52:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2014/06/19 13:52:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2014/06/19 13:52:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2014/06/19 13:52:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2014/06/19 13:52:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2014/06/19 13:52:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2014/06/19 13:52:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2014/06/19 13:52:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2014/06/19 13:52:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2014/06/19 13:52:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/06/19 13:52:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2014/06/19 13:52:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2014/06/19 13:52:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/06/19 13:52:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2014/06/19 13:52:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2014/06/19 13:52:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2014/06/19 13:52:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2014/06/19 13:52:36 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2014/06/19 13:52:36 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2014/06/19 13:52:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2014/06/19 13:52:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2014/06/19 13:52:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2014/06/19 13:52:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2014/06/19 13:52:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2014/06/19 13:52:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2014/06/19 13:52:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2014/06/19 13:52:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2014/06/19 13:52:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2014/06/19 13:52:23 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcrt.dll
[2014/06/19 13:52:11 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certutil.exe
[2014/06/19 13:52:11 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certutil.exe
[2014/06/19 13:52:09 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certenc.dll
[2014/06/19 13:52:09 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certenc.dll
[2014/06/19 13:51:52 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2014/06/19 13:51:51 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wshom.ocx
[2014/06/19 13:51:51 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wshom.ocx
[2014/06/19 13:51:50 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scrrun.dll
[2014/06/19 13:51:50 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scrrun.dll
[2014/06/19 13:51:50 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscript.exe
[2014/06/19 13:51:50 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cscript.exe
[2014/06/19 13:51:47 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2014/06/19 13:51:47 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2014/06/19 13:51:45 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2014/06/19 13:51:45 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2014/06/19 13:51:44 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2014/06/19 13:51:44 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleacc.dll
[2014/06/19 13:51:33 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cdosys.dll
[2014/06/19 13:51:32 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdosys.dll
[2014/06/19 13:51:11 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshwfp.dll
[2014/06/19 13:51:11 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2014/06/19 13:51:11 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FWPUCLNT.DLL
[2014/06/19 13:51:11 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2014/06/19 13:51:08 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scavengeui.dll
[2014/06/19 13:08:42 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2014/06/19 13:08:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2014/06/18 21:01:19 | 000,000,000 | -HSD | C] -- C:\windows\ftpcache
[2014/06/18 21:00:47 | 000,127,800 | ---- | C] (HP) -- C:\windows\SysNative\HPSIsvc.exe
[2014/06/18 21:00:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/06/18 20:59:46 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/06/18 17:43:14 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/06/18 17:22:23 | 000,000,000 | R--D | C] -- C:\Users\Imanka\Desktop\Filmy
[2014/06/18 17:20:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 5.5
[2014/06/18 17:20:18 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\windows\PCDLIB32.DLL
[2014/06/18 17:20:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
[2014/06/18 17:19:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2014/06/18 17:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2014/06/18 17:18:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 200 Manual
[2014/06/18 17:17:51 | 000,000,000 | -H-D | C] -- C:\windows\SysNative\CanonIJ Uninstaller Information
[2014/06/18 17:17:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 200
[2014/06/18 17:17:17 | 001,354,240 | ---- | C] (CANON INC.) -- C:\windows\SysNative\CNQ4807C.DLL
[2014/06/18 17:17:17 | 000,694,272 | ---- | C] (CANON INC.) -- C:\windows\SysNative\CNQ4807L.DLL
[2014/06/18 17:17:17 | 000,229,888 | ---- | C] (Canon Inc.) -- C:\windows\SysNative\CNQ4807O.DLL
[2014/06/18 17:17:17 | 000,092,672 | ---- | C] (CANON INC.) -- C:\windows\SysNative\CNQ4807I.DLL
[2014/06/18 17:17:16 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2014/06/18 17:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2014/06/18 17:13:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/06/18 17:13:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/06/18 17:07:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014/06/18 17:06:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2014/06/18 17:05:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2014/06/18 17:05:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014/06/18 17:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/06/18 17:03:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2014/06/18 17:02:47 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Local\Microsoft Help
[2014/06/18 17:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/06/18 17:02:25 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/06/18 16:58:44 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SET OUT
[2014/06/18 16:58:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SETOUT
[2014/06/18 16:38:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014/06/18 16:38:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014/06/18 16:37:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/06/18 16:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LinguArabica
[2014/06/18 16:18:20 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Roaming\AVAST Software
[2014/06/18 16:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/06/18 16:17:50 | 001,039,096 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswsnx.sys.1403101083320
[2014/06/18 16:17:50 | 001,039,096 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswsnx.sys
[2014/06/18 16:17:50 | 000,423,240 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswsp.sys.1403101083320
[2014/06/18 16:17:50 | 000,423,240 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswsp.sys
[2014/06/18 16:17:50 | 000,093,568 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2014/06/18 16:17:50 | 000,085,328 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswstm.sys
[2014/06/18 16:17:50 | 000,079,184 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2014/06/18 16:17:49 | 000,334,648 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2014/06/18 16:17:43 | 000,043,152 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2014/06/18 16:15:40 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/06/18 16:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/06/18 15:58:40 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2014/06/18 15:58:40 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2014/06/18 15:57:40 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Roaming\Macromedia
[2014/06/18 15:57:40 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Roaming\Adobe
[2014/06/18 15:55:00 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Local\Google
[2014/06/18 15:53:27 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2014/06/18 15:53:27 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2014/06/18 15:53:27 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2014/06/18 15:53:19 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2014/06/18 15:53:19 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2014/06/18 15:53:19 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2014/06/18 15:53:10 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2014/06/18 15:53:10 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2014/06/18 15:51:01 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Roaming\Intel Corporation
[2014/06/18 15:50:56 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Roaming\ATI
[2014/06/18 15:50:56 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Local\ATI
[2014/06/18 15:50:18 | 000,000,000 | R--D | C] -- C:\Users\Imanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/06/18 15:50:18 | 000,000,000 | R--D | C] -- C:\Users\Imanka\Searches
[2014/06/18 15:50:18 | 000,000,000 | R--D | C] -- C:\Users\Imanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/06/18 15:50:10 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Roaming\Identities
[2014/06/18 15:50:04 | 000,000,000 | R--D | C] -- C:\Users\Imanka\Contacts
[2014/06/18 15:50:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[Iman]

[2014/06/18 15:49:59 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Local\VirtualStore
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\AppData\Local\Temporary Internet Files
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\Soubory cookie
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\SendTo
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\Šablony
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\Poslední
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\Okolní tiskárny
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\Okolní síť
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\Documents\Obrázky
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\Nabídka Start
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\Local Settings
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\Documents\Hudba
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\AppData\Local\History
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\Documents\Filmy
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\Dokumenty
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\Data aplikací
[2014/06/18 15:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Imanka\AppData\Local\Data aplikací
[2014/06/18 15:49:39 | 000,000,000 | --SD | C] -- C:\Users\Imanka\AppData\Roaming\Microsoft
[2014/06/18 15:49:39 | 000,000,000 | R--D | C] -- C:\Users\Imanka\Videos
[2014/06/18 15:49:39 | 000,000,000 | R--D | C] -- C:\Users\Imanka\Saved Games
[2014/06/18 15:49:39 | 000,000,000 | R--D | C] -- C:\Users\Imanka\Pictures
[2014/06/18 15:49:39 | 000,000,000 | R--D | C] -- C:\Users\Imanka\Music
[2014/06/18 15:49:39 | 000,000,000 | R--D | C] -- C:\Users\Imanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/06/18 15:49:39 | 000,000,000 | R--D | C] -- C:\Users\Imanka\Links
[2014/06/18 15:49:39 | 000,000,000 | R--D | C] -- C:\Users\Imanka\Favorites
[2014/06/18 15:49:39 | 000,000,000 | R--D | C] -- C:\Users\Imanka\Downloads
[2014/06/18 15:49:39 | 000,000,000 | R--D | C] -- C:\Users\Imanka\Documents
[2014/06/18 15:49:39 | 000,000,000 | R--D | C] -- C:\Users\Imanka\Desktop
[2014/06/18 15:49:39 | 000,000,000 | R--D | C] -- C:\Users\Imanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/06/18 15:49:39 | 000,000,000 | -H-D | C] -- C:\Users\Imanka\AppData
[2014/06/18 15:49:39 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Local\Temp
[2014/06/18 15:49:39 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Local\Microsoft
[2014/06/18 15:49:39 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Roaming\Media Center Programs
[2014/06/18 15:49:39 | 000,000,000 | ---D | C] -- C:\Users\Imanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
[2014/06/18 15:48:04 | 000,000,000 | -HSD | C] -- C:\Recovery

========== Files - Modified Within 30 Days ==========

[2014/06/22 21:04:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/06/22 21:00:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Imanka\Desktop\OTL.exe
[2014/06/22 20:59:07 | 000,021,280 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/22 20:59:07 | 000,021,280 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/22 20:56:53 | 000,000,966 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/22 20:55:40 | 001,582,262 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/06/22 20:55:40 | 000,668,376 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2014/06/22 20:55:40 | 000,653,724 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/06/22 20:55:40 | 000,141,004 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2014/06/22 20:55:40 | 000,121,596 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/06/22 20:52:11 | 000,487,895 | ---- | M] () -- C:\windows\SysNative\fastboot.set
[2014/06/22 20:50:58 | 000,000,962 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/22 20:50:33 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/06/22 20:50:26 | 3177,074,688 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/22 11:50:53 | 000,000,232 | ---- | M] () -- C:\Users\Imanka\Desktop\DiskInfo.ini
[2014/06/22 11:48:17 | 001,149,912 | ---- | M] (Crystal Dew World) -- C:\Users\Imanka\Desktop\DiskInfo.exe
[2014/06/21 15:31:56 | 000,203,976 | ---- | M] () -- C:\Users\Imanka\Desktop\Potvrzení Úřad práce.pdf
[2014/06/21 11:55:45 | 001,558,096 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2014/06/20 13:25:05 | 000,432,320 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/06/19 21:46:05 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2014/06/19 21:45:59 | 005,782,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/06/19 21:45:59 | 002,040,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/06/19 21:45:59 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/06/19 21:45:59 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/06/19 21:45:59 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/06/19 21:45:59 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll
[2014/06/19 21:45:59 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/06/19 21:45:59 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2014/06/19 21:45:59 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/06/19 21:45:59 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/06/19 21:45:59 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll
[2014/06/19 21:45:59 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/06/19 21:45:59 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2014/06/19 21:45:59 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2014/06/19 21:45:59 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2014/06/19 21:45:59 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/06/19 21:45:59 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/06/19 21:45:59 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/06/19 21:45:59 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/06/19 21:45:59 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/06/19 21:45:59 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/06/19 21:45:59 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2014/06/19 21:45:59 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2014/06/19 21:45:59 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/06/19 21:45:59 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2014/06/19 21:45:59 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2014/06/19 21:45:59 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2014/06/19 21:45:59 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2014/06/19 21:45:59 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/06/19 21:45:59 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2014/06/19 21:45:59 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/06/19 21:45:59 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2014/06/19 21:45:59 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2014/06/19 21:45:59 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2014/06/19 21:45:59 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2014/06/19 21:45:59 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/06/19 21:45:59 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2014/06/19 21:45:59 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2014/06/19 21:45:59 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2014/06/19 21:45:59 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2014/06/19 21:45:59 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/06/19 21:45:59 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/06/19 21:45:59 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2014/06/19 21:45:59 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2014/06/19 21:45:59 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2014/06/19 21:45:59 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2014/06/19 21:45:59 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2014/06/19 21:45:59 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2014/06/19 21:45:59 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/06/19 21:45:59 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014/06/19 21:45:59 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2014/06/19 21:45:59 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2014/06/19 21:45:59 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2014/06/19 21:45:59 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2014/06/19 21:45:59 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2014/06/19 21:45:59 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/06/19 21:45:59 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2014/06/19 21:45:59 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/06/19 21:45:59 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2014/06/19 21:45:59 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2014/06/19 21:45:59 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014/06/19 21:45:59 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/06/19 21:45:59 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2014/06/19 21:45:59 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/06/19 21:45:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2014/06/19 21:45:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2014/06/19 21:45:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/06/19 21:45:59 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2014/06/19 21:45:59 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/06/19 21:45:59 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/06/19 21:45:59 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/06/19 21:45:59 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/06/19 21:45:59 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2014/06/19 21:45:59 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2014/06/19 21:45:59 | 000,016,284 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2014/06/19 21:45:59 | 000,016,284 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2014/06/19 21:45:59 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2014/06/19 21:45:59 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2014/06/19 21:45:59 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2014/06/19 21:45:59 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/06/19 21:34:55 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll
[2014/06/19 21:34:55 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll
[2014/06/19 21:34:55 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2014/06/19 21:34:55 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2014/06/19 21:34:55 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10.dll
[2014/06/19 21:34:55 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2014/06/19 21:34:55 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2014/06/19 21:34:55 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2014/06/19 21:34:55 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2014/06/19 21:34:55 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2014/06/19 21:34:55 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2014/06/19 21:34:55 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10core.dll
[2014/06/19 21:34:55 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecsExt.dll
[2014/06/19 21:34:55 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\UIAnimation.dll
[2014/06/19 21:34:55 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2014/06/19 21:34:55 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll
[2014/06/19 21:34:55 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/06/19 21:34:55 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/06/19 21:34:55 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/06/19 21:34:55 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/06/19 21:34:55 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/06/19 21:34:55 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/06/19 21:34:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/06/19 21:34:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/06/19 21:34:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/06/19 21:34:55 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/06/19 21:34:55 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/06/18 17:44:50 | 000,289,413 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2014/06/18 17:44:50 | 000,289,413 | ---- | M] () -- C:\windows\SysNative\license.rtf
[2014/06/18 17:19:12 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2014/06/18 17:19:01 | 000,002,091 | ---- | M] () -- C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
[2014/06/18 17:18:19 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\CanoScan LiDE 200 Příručka online.lnk
[2014/06/18 17:13:46 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/06/18 16:58:44 | 000,003,053 | ---- | M] () -- C:\Users\Imanka\Desktop\Arabsko-český slovník.lnk
[2014/06/18 16:38:42 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/06/18 16:35:49 | 000,420,352 | ---- | M] () -- C:\Users\Imanka\Desktop\autooff.exe
[2014/06/18 16:32:19 | 000,003,053 | ---- | M] () -- C:\Users\Imanka\Desktop\eiktub.lnk
[2014/06/18 16:18:13 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/06/18 16:18:04 | 001,039,096 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswsnx.sys
[2014/06/18 16:18:04 | 000,423,240 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswsp.sys
[2014/06/18 16:18:03 | 000,085,328 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswstm.sys
[2014/06/18 16:17:44 | 001,039,096 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswsnx.sys.1403101083320
[2014/06/18 16:17:44 | 000,423,240 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswsp.sys.1403101083320
[2014/06/18 16:17:44 | 000,334,648 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2014/06/18 16:17:44 | 000,208,416 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2014/06/18 16:17:44 | 000,093,568 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2014/06/18 16:17:44 | 000,079,184 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2014/06/18 16:17:44 | 000,065,776 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2014/06/18 16:17:44 | 000,029,208 | ---- | M] () -- C:\windows\SysNative\drivers\aswHwid.sys
[2014/06/18 16:17:43 | 000,043,152 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2014/06/08 11:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/06/08 11:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/05/30 11:11:24 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe

========== Files Created - No Company Name ==========

[2014/06/22 21:04:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/06/22 11:48:39 | 000,000,232 | ---- | C] () -- C:\Users\Imanka\Desktop\DiskInfo.ini
[2014/06/21 15:31:56 | 000,203,976 | ---- | C] () -- C:\Users\Imanka\Desktop\Potvrzení Úřad práce.pdf
[2014/06/19 22:09:51 | 001,558,096 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2014/06/19 21:45:59 | 000,016,284 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2014/06/19 21:45:59 | 000,016,284 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2014/06/19 20:45:38 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/06/19 14:00:52 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/06/18 21:00:39 | 001,695,232 | ---- | C] () -- C:\windows\SysNative\HP1100SM.EXE
[2014/06/18 21:00:39 | 000,289,280 | ---- | C] () -- C:\windows\SysNative\HP1100LM.DLL
[2014/06/18 20:59:48 | 000,350,720 | ---- | C] () -- C:\windows\SysNative\mvhlewsi.DLL
[2014/06/18 20:59:38 | 000,050,688 | ---- | C] () -- C:\windows\SysNative\HP1100SMs.dll
[2014/06/18 17:43:07 | 3177,074,688 | -HS- | C] () -- C:\hiberfil.sys
[2014/06/18 17:19:12 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2014/06/18 17:19:01 | 000,002,091 | ---- | C] () -- C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
[2014/06/18 17:18:19 | 000,002,342 | ---- | C] () -- C:\Users\Public\Desktop\CanoScan LiDE 200 Příručka online.lnk
[2014/06/18 17:13:46 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/06/18 16:58:44 | 000,003,053 | ---- | C] () -- C:\Users\Imanka\Desktop\Arabsko-český slovník.lnk
[2014/06/18 16:38:42 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/06/18 16:38:42 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/06/18 16:32:19 | 000,003,053 | ---- | C] () -- C:\Users\Imanka\Desktop\eiktub.lnk
[2014/06/18 16:32:19 | 000,003,013 | ---- | C] () -- C:\Users\Imanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eiktub.lnk
[2014/06/18 16:18:13 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/06/18 16:17:50 | 000,208,416 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2014/06/18 16:17:50 | 000,065,776 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2014/06/18 16:17:50 | 000,029,208 | ---- | C] () -- C:\windows\SysNative\drivers\aswHwid.sys
[2014/06/18 15:50:21 | 000,001,389 | ---- | C] () -- C:\Users\Imanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/06/18 15:49:39 | 000,002,086 | ---- | C] () -- C:\Users\Imanka\Desktop\OneKey Recovery.lnk
[2014/06/18 15:49:39 | 000,001,114 | ---- | C] () -- C:\Users\Imanka\Desktop\Cyberlink Power2Go.lnk
[2014/06/18 15:49:39 | 000,000,189 | ---- | C] () -- C:\Users\Imanka\Desktop\Lenovo Telephony Start Now.url

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/06/18 16:18:20 | 000,000,000 | ---D | M] -- C:\Users\Imanka\AppData\Roaming\AVAST Software
[2014/06/21 15:30:31 | 000,000,000 | ---D | M] -- C:\Users\Imanka\AppData\Roaming\Canon

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,012,254 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2011/09/05 14:31:23 | 000,000,962 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/09/05 14:31:24 | 000,000,966 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010/11/21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013/05/10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013/07/09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013/10/05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SoftwareDistribution\Download\cee5b8a1732f52c558753983be90a1b0\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\windows\SysNative\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SoftwareDistribution\Download\cee5b8a1732f52c558753983be90a1b0\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013/05/10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2010/11/21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013/05/10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013/05/13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013/10/05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/09/05 05:45:19 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/09/05 05:45:19 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/09/05 05:45:19 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/09/05 05:45:19 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/09/05 05:45:19 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/09/05 05:45:19 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2011/02/18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\windows\SysNative\drivers\iaStor.sys
[2011/02/18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_52b32c0ad3e84c62\iaStor.sys

[Iman]

< MD5 for: IASTORV.SYS >
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/09/05 05:47:43 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/09/05 05:47:43 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011/09/05 05:47:43 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/09/05 05:47:43 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\drivers\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\windows\SysNative\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2012/06/04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\windows\SysNative\drivers\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011/09/05 05:47:43 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\drivers\nvraid.sys
[2011/09/05 05:47:43 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/09/05 05:47:43 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/09/05 05:47:43 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011/09/05 05:47:43 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/09/05 05:47:43 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011/09/05 05:47:43 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/09/05 05:47:43 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013/08/29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013/08/02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013/03/19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SoftwareDistribution\Download\63e7d454eeb6cdac5bd05042201891bd\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2013/08/02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\windows\SysNative\smss.exe
[2013/08/02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\windows\SysNative\drivers\tcpip.sys
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014/04/05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010/11/21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2011/09/05 05:43:22 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/09/05 05:43:22 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/09/05 05:45:31 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011/09/05 05:45:31 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\windows\SysNative\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\windows\SysNative\ws2_32.dll
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\windows\System32\catroot\*.tmp files -> C:\windows\System32\catroot\*.tmp -> ]
[30 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/06/21 15:32:55 | 000,000,000 | ---D | M] -- C:\Users\Imanka\AppData\Roaming\Adobe
[2014/06/18 15:50:56 | 000,000,000 | ---D | M] -- C:\Users\Imanka\AppData\Roaming\ATI
[2014/06/18 16:18:20 | 000,000,000 | ---D | M] -- C:\Users\Imanka\AppData\Roaming\AVAST Software
[2014/06/21 15:30:31 | 000,000,000 | ---D | M] -- C:\Users\Imanka\AppData\Roaming\Canon
[2014/06/18 15:50:10 | 000,000,000 | ---D | M] -- C:\Users\Imanka\AppData\Roaming\Identities
[2014/06/18 15:51:01 | 000,000,000 | ---D | M] -- C:\Users\Imanka\AppData\Roaming\Intel Corporation
[2014/06/18 15:57:40 | 000,000,000 | ---D | M] -- C:\Users\Imanka\AppData\Roaming\Macromedia
[2014/06/22 12:32:13 | 000,000,000 | ---D | M] -- C:\Users\Imanka\AppData\Roaming\Malwarebytes
[2011/02/22 13:42:06 | 000,000,000 | ---D | M] -- C:\Users\Imanka\AppData\Roaming\Media Center Programs
[2014/06/21 15:32:55 | 000,000,000 | --SD | M] -- C:\Users\Imanka\AppData\Roaming\Microsoft
[2014/06/20 21:51:31 | 000,000,000 | ---D | M] -- C:\Users\Imanka\AppData\Roaming\vlc

< %APPDATA%\*.exe /s >
[2014/06/18 16:58:44 | 000,017,026 | R--- | M] () -- C:\Users\Imanka\AppData\Roaming\Microsoft\Installer\{5A36D06E-A85B-46A1-B0FC-CA62D832EE69}\_0F12A88D3EE70BA8305006.exe
[2014/06/18 16:58:44 | 000,017,026 | R--- | M] () -- C:\Users\Imanka\AppData\Roaming\Microsoft\Installer\{5A36D06E-A85B-46A1-B0FC-CA62D832EE69}\_6FEFF9B68218417F98F549.exe
[2014/06/18 16:58:44 | 000,017,026 | R--- | M] () -- C:\Users\Imanka\AppData\Roaming\Microsoft\Installer\{5A36D06E-A85B-46A1-B0FC-CA62D832EE69}\_7F8B6D79B3803C50DA54F6.exe
[2014/06/18 16:58:44 | 000,067,646 | R--- | M] () -- C:\Users\Imanka\AppData\Roaming\Microsoft\Installer\{5A36D06E-A85B-46A1-B0FC-CA62D832EE69}\_C67DBBDB0BE3956947A99F.exe
[2014/06/18 16:32:18 | 000,002,238 | R--- | M] () -- C:\Users\Imanka\AppData\Roaming\Microsoft\Installer\{951275DF-9CBD-492D-B064-7B9C840D8C37}\_3CBBF6D1831ED3F3FA8A42.exe
[2014/06/18 16:32:18 | 000,002,238 | R--- | M] () -- C:\Users\Imanka\AppData\Roaming\Microsoft\Installer\{951275DF-9CBD-492D-B064-7B9C840D8C37}\_FA34F91FDA7B28F93BAA39.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/06/19 21:45:59 | 000,368,128 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\dxtmsft.dll
[2014/06/19 21:45:59 | 000,242,688 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\dxtrans.dll
[2014/06/19 21:46:05 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\elshyph.dll
[2014/06/19 21:45:59 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\html.iec
[2014/06/19 21:45:59 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\icardie.dll
[2014/06/19 21:45:59 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\IEAdvpack.dll
[2014/06/19 21:45:59 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ieapfltr.dat
[2014/06/19 21:45:59 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ieapfltr.dll
[2014/06/19 21:45:59 | 000,240,856 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\iedkcs32.dll
[2014/06/19 21:45:59 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ieetwproxystub.dll
[2014/06/19 21:45:59 | 011,725,312 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ieframe.dll
[2014/06/19 21:45:59 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\iepeers.dll
[2014/06/19 21:45:59 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\iernonce.dll
[2014/06/19 21:45:59 | 002,179,072 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\iertutil.dll
[2014/06/19 21:45:59 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\iesetup.dll
[2014/06/19 21:45:59 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\iesysprep.dll
[2014/06/19 21:45:59 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ieui.dll
[2014/06/19 21:45:59 | 000,016,284 | ---- | M] () -- C:\windows\system32\ieuinit.inf
[2014/06/19 21:45:59 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\ieUnatt.exe
[2014/06/19 21:45:59 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\iexpress.exe
[2014/06/19 21:45:59 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\imgutil.dll
[2014/06/19 21:45:59 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\inetcpl.cpl
[2014/06/19 21:45:59 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\inseng.dll
[2014/06/19 21:45:59 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\JavaScriptCollectionAgent.dll
[2014/06/19 21:45:59 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\jscript.dll
[2014/06/19 21:45:59 | 004,244,992 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\jscript9.dll
[2014/06/19 21:45:59 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\jscript9diag.dll
[2014/06/19 21:45:59 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\jsIntl.dll
[2014/06/19 21:45:59 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\jsproxy.dll
[2014/06/19 21:45:59 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\licmgr10.dll
[2014/06/22 20:53:24 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
[2014/06/19 21:45:59 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\msfeeds.dll
[2014/06/19 21:45:59 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\msfeedsbs.dll
[2014/06/19 21:45:59 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\msfeedssync.exe
[2014/06/19 21:45:59 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\mshta.exe
[2014/06/19 21:45:59 | 017,271,296 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\mshtml.dll
[2014/06/19 21:45:59 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\mshtml.tlb
[2014/06/19 21:45:59 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\MshtmlDac.dll
[2014/06/19 21:45:59 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\mshtmled.dll
[2014/06/19 21:45:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\mshtmler.dll
[2014/06/19 21:45:59 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\mshtmlmedia.dll
[2014/06/19 21:45:59 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\msls31.dll
[2014/06/19 21:45:59 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\msrating.dll
[2014/06/19 21:45:59 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\occache.dll
[2014/06/21 11:55:45 | 001,558,096 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI
[2014/06/19 21:45:59 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\pngfilt.dll
[2014/06/19 21:45:59 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\RegisterIEPKEYs.exe
[2014/06/19 21:45:59 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\SetIEInstalledDate.exe
[2014/06/19 21:45:59 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\tdc.ocx
[2014/06/19 21:45:59 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\url.dll
[2014/06/19 21:45:59 | 001,143,296 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\urlmon.dll
[2014/06/19 21:45:59 | 000,455,168 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\vbscript.dll
[2014/06/19 21:45:59 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\webcheck.dll
[2014/06/19 21:45:59 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\wextract.exe
[2014/06/19 21:45:59 | 001,790,976 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\wininet.dll

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/06/22 21:04:15 | 000,000,512 | ---- | M] () MD5=8A2AF3735F4CF56BE7AE1191E5440421 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2006/10/26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011/01/29 01:30:38 | 000,056,416 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\Koan\pyloader.dll
[2011/01/29 01:29:20 | 000,015,969 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\Uploader\PyUploader.kc
[2011/01/29 01:29:20 | 000,179,296 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\Uploader\_PyUploader.pyd
[2011/01/29 01:29:20 | 002,475,304 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2014/06/18 16:17:38 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014/06/18 16:17:38 | 000,085,888 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2014/06/18 17:06:22 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2014/06/18 16:18:10 | 000,013,934 | ---- | M] () -- \Windows\Prefetch\ASWWRCIELOADER32.EXE-BB2E4DE4.pf
[2014/06/18 16:18:11 | 000,011,198 | ---- | M] () -- \Windows\Prefetch\ASWWRCIELOADER64.EXE-123116A5.pf
[2013/08/02 04:12:19 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\63e7d454eeb6cdac5bd05042201891bd\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\63e7d454eeb6cdac5bd05042201891bd\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\b5eb64a2a2d59058733468e222ed35e9\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\b5eb64a2a2d59058733468e222ed35e9\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 04:12:19 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/06/19 21:37:22 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/06/19 21:38:52 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/06/19 21:37:22 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/06/19 21:38:52 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/09/05 05:31:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011/09/05 05:31:43 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011/09/05 05:31:43 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011/09/05 05:31:43 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011/09/05 05:31:43 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011/09/05 05:43:36 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/09/05 05:43:36 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/09/05 05:43:36 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/09/05 05:43:36 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/09/05 05:43:36 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011/09/05 05:28:38 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010/11/21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/09/05 05:43:33 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/09/05 05:43:33 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/06/19 21:37:22 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/06/19 21:38:52 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/06/19 21:37:22 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/06/19 21:38:52 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2014/02/13 22:57:42 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014/06/19 20:29:37 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011/09/05 05:31:23 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010/04/14 20:20:46 | 000,415,592 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.dll
[2010/04/14 20:20:46 | 000,141,168 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.Json.dll
[2010/04/14 20:20:46 | 000,321,376 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Xml.Serialization.dll
[2014/02/13 23:30:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014/06/19 20:30:10 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011/09/05 05:31:23 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011/09/05 05:31:15 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/06/20 13:41:01 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/06/20 13:42:19 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014/06/20 13:34:54 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/06/20 13:39:10 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b73fbf8a2db2192752ad2b13744a393b\System.Runtime.Serialization.ni.dll
[2014/06/22 11:12:12 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/06/22 11:12:12 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/06/22 11:12:11 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014/06/22 11:12:11 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014/06/22 11:13:23 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014/06/22 11:13:23 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014/06/21 12:07:05 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/06/21 12:07:05 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/06/21 12:07:04 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll
[2014/06/21 12:07:04 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll.aux
[2014/06/22 11:14:54 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014/06/22 11:14:54 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013/09/11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/09/11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/09/11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/09/11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/09/11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011/09/05 05:31:16 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011/09/05 05:31:13 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2012/10/05 22:09:22 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ar-sa_da66fe5d47789091.manifest
[2012/10/05 22:03:20 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_da-dk_622a3c9da1a8c4d8.manifest
[2012/10/05 20:10:04 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_de-de_626f1d4da174828e.manifest
[2012/10/05 22:02:37 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_el-gr_8f546afdbfc776f0.manifest
[2012/10/05 21:54:09 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_es-es_8f50994bbfc949f4.manifest
[2012/10/05 22:02:40 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_fi-fi_bd1d8c79dd71129a.manifest
[2012/10/05 20:08:58 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_fr-fr_bcc53fc7ddb1f222.manifest
[2012/10/05 22:01:09 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_he-il_17cecb28196cb924.manifest
[2012/10/05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_hu-hu_177d7e9619a74ce6.manifest
[2012/10/05 22:12:18 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_it-it_44f22512378ff514.manifest
[2012/10/05 21:11:25 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ja-jp_7275361e55708151.manifest
[2012/10/05 21:10:37 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ko-kr_9fd8712c7363f96b.manifest
[2012/10/05 22:02:32 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_nb-no_282c61bccd26f48f.manifest
[2012/10/05 22:12:15 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_nl-nl_2856d464cd059e22.manifest
[2012/10/05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_pl-pl_832c821908e5590e.manifest
[2012/10/05 21:51:35 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_pt-br_82f38a4d090ef34a.manifest
[2012/10/05 22:12:12 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_pt-pt_82de0509091f034e.manifest
[2012/10/05 22:03:52 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ru-ru_dda9e31b4505f382.manifest
[2012/10/05 22:12:13 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_sv-se_0bc2b8ff62732b3f.manifest
[2012/10/05 22:12:16 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_tr-tr_389cffb580d00e96.manifest
[2012/10/05 21:15:11 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_zh-cn_493f19f4345813af.manifest
[2012/10/05 21:15:20 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_zh-tw_48ddeaee34a0debf.manifest
[2012/10/05 21:54:03 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ar-sa_c395599f61238589.manifest
[2012/10/05 21:54:13 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_da-dk_4b5897dfbb53b9d0.manifest
[2012/10/05 19:58:55 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_de-de_4b9d788fbb1f7786.manifest
[2012/10/05 21:53:49 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_el-gr_7882c63fd9726be8.manifest
[2012/10/05 21:48:11 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_es-es_787ef48dd9743eec.manifest
[2012/10/05 21:52:37 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_fi-fi_a64be7bbf71c0792.manifest
[2012/10/05 20:00:18 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_fr-fr_a5f39b09f75ce71a.manifest
[2012/10/05 21:54:34 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_he-il_00fd266a3317ae1c.manifest
[2012/10/05 21:59:30 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_hu-hu_00abd9d8335241de.manifest
[2012/10/05 21:59:26 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_it-it_2e208054513aea0c.manifest
[2012/10/05 21:01:19 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ja-jp_5ba391606f1b7649.manifest
[2012/10/05 21:03:36 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ko-kr_8906cc6e8d0eee63.manifest
[2012/10/05 21:54:16 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_nb-no_115abcfee6d1e987.manifest
[2012/10/05 22:00:42 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_nl-nl_11852fa6e6b0931a.manifest
[2012/10/05 22:00:50 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_pl-pl_6c5add5b22904e06.manifest
[2012/10/05 21:48:47 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_pt-br_6c21e58f22b9e842.manifest
[2012/10/05 22:00:41 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_pt-pt_6c0c604b22c9f846.manifest
[2012/10/05 21:54:16 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ru-ru_c6d83e5d5eb0e87a.manifest
[2012/10/05 22:00:43 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_sv-se_f4f114417c1e2037.manifest
[2012/10/05 22:00:35 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_tr-tr_21cb5af79a7b038e.manifest
[2012/10/05 21:03:52 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_zh-cn_326d75364e0308a7.manifest
[2012/10/05 21:03:53 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_zh-tw_320c46304e4bd3b7.manifest
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011/09/05 05:31:06 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011/09/05 05:31:06 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011/09/05 05:31:13 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011/09/05 05:31:16 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009/07/14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011/09/05 05:31:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011/09/05 05:31:18 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011/09/05 05:43:36 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/09/05 05:43:36 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011/09/05 05:31:44 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009/07/14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011/09/05 05:31:43 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009/07/14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/09/05 05:43:34 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/09/05 05:43:34 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010/11/21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010/11/21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011/09/05 05:30:02 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012/10/05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012/10/05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010/11/21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010/11/21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011/09/05 05:31:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011/09/05 05:31:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010/11/13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010/11/13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011/09/05 05:31:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011/09/05 05:31:06 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011/09/05 05:31:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010/11/21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >