Conduit, PriceGong - 4xlog

[Márty84]

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

DDS::
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.bing.com?pc=CMNTDF
mStart Page = hxxp://www.bing.com?pc=CMNTDF
mLocal Page = c:\windows\SysWOW64\blank.htm

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[vitkova_vitek]

ComboFix 13-09-06.01 - Ondra 08.09.2013 15:43:20.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.2201 [GMT 2:00]
Spuštěný z: c:\users\Ondra\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ondra\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-08 do 2013-09-08 )))))))))))))))))))))))))))))))
.
.
2013-09-07 20:12 . 2013-09-07 20:12 -------- d-----w- C:\AdwCleaner
2013-09-06 12:06 . 2013-09-06 12:06 -------- d-----w- C:\rsit
2013-09-06 12:06 . 2013-09-06 12:06 -------- d-----w- c:\program files\trend micro
2013-09-06 11:05 . 2013-09-06 11:05 -------- d-----w- c:\program files\Blender Foundation
2013-09-06 11:00 . 2013-09-06 11:00 -------- d-----w- c:\users\Ondra\AppData\Local\CrashRpt
2013-09-06 10:57 . 2013-09-06 11:00 -------- d-----w- c:\users\Ondra\AppData\Roaming\DraftSight
2013-09-06 10:56 . 2013-09-06 10:56 -------- d-----w- c:\programdata\Dassault Systemes
2013-09-06 10:56 . 2013-09-06 10:56 -------- d-----w- c:\program files\Dassault Systemes
2013-09-06 09:13 . 2013-09-06 09:14 -------- d-s---w- c:\programdata\Shared Space
2013-09-06 09:13 . 2013-09-06 09:13 -------- d-----w- c:\program files\COMODO
2013-09-06 09:13 . 2013-09-06 09:13 -------- d-----w- c:\programdata\Comodo
2013-09-06 09:13 . 2013-09-06 09:13 -------- d-----w- c:\programdata\Comodo Downloader
2013-09-06 08:50 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2013-09-06 08:50 . 2012-08-23 13:41 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-09-06 08:50 . 2012-08-23 13:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-09-06 08:50 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2013-09-06 08:50 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-09-06 08:50 . 2012-08-23 14:07 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2013-09-06 08:30 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-09-06 08:30 . 2013-07-09 06:03 5550528 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-09-06 08:30 . 2013-07-09 05:54 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-09-06 08:30 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-09-06 08:30 . 2013-07-09 05:53 243712 ----a-w- c:\windows\system32\wow64.dll
2013-09-06 08:30 . 2013-07-09 04:53 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-09-06 08:30 . 2013-07-09 02:49 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-09-06 08:30 . 2013-07-09 04:52 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-09-06 08:30 . 2013-07-09 02:49 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-09-06 08:30 . 2013-07-09 02:49 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-09-06 08:30 . 2013-07-09 02:49 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-09-06 07:10 . 2013-07-25 03:28 816640 ----a-w- c:\windows\system32\jscript.dll
2013-09-06 07:10 . 2013-07-25 03:28 2147840 ----a-w- c:\windows\system32\iertutil.dll
2013-09-06 07:10 . 2013-07-25 02:25 104448 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2013-09-06 07:10 . 2013-07-25 02:25 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll
2013-09-06 07:10 . 2013-07-25 03:30 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2013-09-06 07:10 . 2013-07-25 02:25 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
2013-09-06 07:10 . 2013-07-25 03:30 887808 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2013-09-06 07:10 . 2013-07-25 03:54 17830400 ----a-w- c:\windows\system32\mshtml.dll
2013-09-06 07:10 . 2013-07-25 03:35 10926080 ----a-w- c:\windows\system32\ieframe.dll
2013-09-06 07:09 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll
2013-09-06 07:09 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll
2013-09-06 07:09 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll
2013-09-06 07:09 . 2012-10-03 17:42 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-09-06 07:09 . 2012-10-03 16:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2013-09-06 07:09 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll
2013-09-06 07:09 . 2012-10-03 17:44 18944 ----a-w- c:\windows\system32\netevent.dll
2013-09-06 07:09 . 2012-10-03 16:42 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2013-09-06 07:09 . 2012-10-03 16:42 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2013-09-06 07:09 . 2012-10-03 16:07 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-09-06 07:09 . 2012-01-13 07:12 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2013-09-06 07:06 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-09-06 07:06 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-09-06 07:06 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-09-06 07:06 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-09-06 07:06 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-09-06 07:06 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-09-06 07:06 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-09-06 07:06 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-09-06 07:04 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-09-06 07:04 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-09-06 07:04 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2013-09-06 07:04 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-09-06 07:04 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-09-06 07:04 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-09-06 07:04 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-09-06 07:04 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-09-06 07:04 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-09-06 07:03 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-09-06 07:03 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-09-06 07:03 . 2013-04-10 05:45 1545728 ----a-w- c:\windows\system32\DWrite.dll
2013-09-06 07:03 . 2013-04-10 05:02 1077760 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-09-06 07:00 . 2013-07-06 06:03 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-05 21:48 . 2013-09-05 21:50 -------- d-----w- c:\windows\system32\MRT
2013-09-05 21:44 . 2013-09-05 21:44 -------- d-----w- c:\windows\system32\SPReview
2013-09-05 21:43 . 2013-09-05 21:43 -------- d-----w- c:\windows\system32\EventProviders
2013-09-05 21:34 . 2010-11-20 13:26 777728 ----a-w- c:\windows\system32\gpsvc.dll
2013-09-05 21:33 . 2010-11-20 13:32 2217856 ----a-w- c:\windows\system32\bootres.dll
2013-09-05 21:32 . 2010-11-20 13:27 23040 ----a-w- c:\windows\system32\rdprefdrvapi.dll
2013-09-05 21:30 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2013-09-05 21:30 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2013-09-05 21:30 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2013-09-05 21:30 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2013-09-05 21:30 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2013-09-05 21:30 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2013-09-05 21:30 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2013-09-05 21:30 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2013-09-05 21:30 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2013-09-05 21:09 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-09-05 21:09 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-09-05 21:09 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-09-05 21:08 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-09-05 21:08 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-09-05 19:48 . 2013-09-05 19:59 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-09-05 18:18 . 2013-09-05 18:18 -------- d-----w- c:\users\Ondra\AppData\Roaming\Malwarebytes
2013-09-05 18:18 . 2013-09-05 18:18 -------- d-----w- c:\programdata\Malwarebytes
2013-09-05 17:25 . 2013-09-05 17:25 -------- d-----w- c:\program files\CCleaner
2013-09-05 17:22 . 2013-05-23 08:00 3948544 ----a-w- c:\windows\system32\drivers\athrx.sys
2013-08-14 08:32 . 2013-09-05 16:11 -------- d-----w- c:\users\Ondra\AppData\Roaming\Atheros
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-06 05:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-09-06 05:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-08-04 17:19 . 2013-08-04 17:20 468720 ----a-w- c:\windows\system32\drivers\SynTP.sys
2013-08-04 17:19 . 2013-08-04 17:20 229616 ----a-w- c:\windows\system32\SynTPAPI.dll
2013-08-04 17:19 . 2013-08-04 17:20 180464 ----a-w- c:\windows\system32\SynTPCo16.dll
2013-08-04 17:19 . 2013-08-04 17:20 114416 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2013-08-04 17:19 . 2013-08-04 17:20 532208 ----a-w- c:\windows\SysWow64\SynCOM.dll
2013-08-04 17:19 . 2013-08-04 17:20 1048576 ----a-w- c:\windows\system32\syndata.bin
2013-08-04 17:19 . 2013-08-04 17:20 1035504 ----a-w- c:\windows\system32\SynCOM.dll
2013-08-04 09:54 . 2013-08-04 09:54 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-08-04 09:54 . 2013-08-04 09:54 708200 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-08-04 09:54 . 2011-05-10 20:35 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-08-04 09:49 . 2013-08-04 09:49 543744 ----a-w- c:\windows\system32\drivers\stwrt64.sys
2013-08-04 09:49 . 2011-11-07 23:27 1664000 ----a-w- c:\windows\sttray64.exe
2013-08-04 09:48 . 2013-08-04 09:49 499200 ----a-w- c:\windows\system32\stcplx64.dll
2013-08-04 09:48 . 2013-08-04 09:49 2188800 ----a-w- c:\windows\system32\stapo64.dll
2013-08-04 09:48 . 2011-11-07 23:27 6102016 ----a-w- c:\windows\system32\stlang64.dll
2013-08-04 09:48 . 2013-08-04 09:49 672256 ------w- c:\windows\system32\stapi64.dll
2013-08-04 09:48 . 2013-08-04 09:49 255488 ----a-w- c:\windows\system32\st646428.dll
2013-08-04 09:48 . 2011-11-07 23:27 8013312 ----a-w- c:\windows\system32\IDTNHP.dll
2013-08-04 09:48 . 2011-11-07 23:27 8003072 ----a-w- c:\windows\system32\IDTNGUI.exe
2013-08-04 09:48 . 2011-11-07 23:27 253952 ----a-w- c:\windows\system32\IDTNJ.exe
2013-08-04 09:48 . 2011-11-07 23:27 2214912 ----a-w- c:\windows\system32\IDTNX.dll
2013-08-04 09:48 . 2011-11-07 23:27 1821184 ----a-w- c:\windows\system32\IDTNC64.cpl
2013-08-04 09:48 . 2011-11-07 23:27 74336 ----a-w- c:\windows\system32\AESTAR64.dll
2013-08-04 09:48 . 2011-11-07 23:27 442368 ----a-w- c:\windows\system32\AESTEC64.dll
2013-08-04 09:48 . 2011-11-07 23:27 224256 ----a-w- c:\windows\system32\HPToneCtrls64.dll
2013-08-04 09:48 . 2011-11-07 23:27 200288 ----a-w- c:\windows\system32\AESTAC64.dll
2013-08-04 09:48 . 2011-11-07 23:27 90624 ----a-w- c:\windows\system32\AESTCo64.dll
2013-07-09 04:45 . 2013-09-06 08:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-08 20:59 . 2013-06-18 14:16 708632 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-07-01 13:39 . 2013-06-02 06:39 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-07-01 13:39 . 2011-11-18 14:48 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-07-01 13:39 . 2011-11-18 14:48 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-18 14:16 . 2013-06-18 14:16 96800 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-06-18 14:16 . 2013-06-18 14:16 48360 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-06-18 14:16 . 2013-06-18 14:16 23168 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-06-18 14:15 . 2013-06-18 14:15 43216 ----a-w- c:\windows\system32\cmdcsr.dll
2013-06-18 14:15 . 2013-06-18 14:15 437688 ----a-w- c:\windows\system32\guard64.dll
2013-06-18 14:15 . 2013-06-18 14:15 348584 ----a-w- c:\windows\SysWow64\guard32.dll
2013-06-18 14:15 . 2013-06-18 14:15 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2013-06-18 14:15 . 2013-06-18 14:15 344792 ----a-w- c:\windows\system32\cmdvrt64.dll
2013-06-18 14:15 . 2013-06-18 14:15 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2013-06-18 14:15 . 2013-06-18 14:15 278232 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-02-01 656920]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-01-28 299576]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"HP HD Webcam [Fixed]_Monitor"="c:\program files (x86)\HP HD Webcam [Fixed]\monitor.exe" [2010-11-26 11:31 267128]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 336384]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe;c:\program files (x86)\Xobni\XobniService.exe [x]
R3 ALSysIO;ALSysIO;c:\users\Ondra\AppData\Local\Temp\ALSysIO64.sys;c:\users\Ondra\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbfake.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 DraftSight API Service;DraftSight API Service;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 mitsijm2012;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2012;c:\program files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys;c:\windows\SYSNATIVE\Drivers\SPUVCbv_x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-05 15:39 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-07 c:\windows\Tasks\HPCeeScheduleForONDRA-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2013-09-05 c:\windows\Tasks\HPCeeScheduleForOndra.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-27 13880]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-08-19 764032]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-08-19 127616]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-08-04 1664000]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-07-08 1502424]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = %SystemRoot%\system32\blank.htm
mDefault_Page_URL = hxxp://www.bing.com?pc=CMNTDF
mStart Page = hxxp://www.bing.com?pc=CMNTDF
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.93.0.1
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2013-09-08 16:01:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-08 14:01
ComboFix2.txt 2013-09-07 21:53
.
Před spuštěním: Volných bajtů: 507 335 958 528
Po spuštění: Volných bajtů: 507 283 931 136
.
- - End Of File - - A4A2F527AA98848520CE6D7C5DFFEA1F

[Márty84]

Dejte novy log z RSIT

[vitkova_vitek]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Ondra at 2013-09-08 17:57:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 498 GB (85%) free of 588 GB
Total RAM: 4030 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:57:27, on 8.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16502)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files\trend micro\Ondra.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [HP HD Webcam [Fixed]_Monitor] C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10736 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
atieclxx
C:\windows\system32\vcsFPService.exe
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
taskeng.exe {8F2389CE-4C68-4CBD-9D01-9AFA233F5B45}
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
C:\windows\SysWOW64\PnkBstrA.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
WLIDSvcM.exe 3528
"C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"taskhost.exe"
"C:\Users\Ondra\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\HPCeeScheduleForONDRA-HP$.job
C:\windows\tasks\HPCeeScheduleForOndra.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-19 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-01-27 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-01-27 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-01-27 418328]
"BtTray"=C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-08-19 764032]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-19 127616]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-08-04 1664000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-04 3011824]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-07-08 1502424]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-01-29 299576]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"HP HD Webcam [Fixed]_Monitor"=C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [2010-11-26 267128]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-28 336384]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-01-27 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2013-09-08 17:15:26 ----D---- C:\ProgramData\boost_interprocess
2013-09-08 16:53:05 ----SHD---- C:\Config.Msi
2013-09-08 16:29:43 ----D---- C:\Program Files (x86)\VS Revo Group
2013-09-08 16:01:38 ----D---- C:\windows\temp
2013-09-08 16:01:35 ----A---- C:\ComboFix.txt
2013-09-08 15:55:53 ----D---- C:\$RECYCLE.BIN
2013-09-07 23:37:15 ----A---- C:\windows\zip.exe
2013-09-07 23:37:15 ----A---- C:\windows\SWSC.exe
2013-09-07 23:37:15 ----A---- C:\windows\SWREG.exe
2013-09-07 23:37:15 ----A---- C:\windows\sed.exe
2013-09-07 23:37:15 ----A---- C:\windows\PEV.exe
2013-09-07 23:37:15 ----A---- C:\windows\NIRCMD.exe
2013-09-07 23:37:15 ----A---- C:\windows\MBR.exe
2013-09-07 23:37:15 ----A---- C:\windows\grep.exe
2013-09-07 23:36:56 ----D---- C:\Qoobox
2013-09-07 23:36:20 ----D---- C:\windows\erdnt
2013-09-07 22:12:09 ----D---- C:\AdwCleaner
2013-09-06 14:06:01 ----D---- C:\rsit
2013-09-06 14:06:01 ----D---- C:\Program Files\trend micro
2013-09-06 13:05:32 ----D---- C:\Program Files\Blender Foundation
2013-09-06 12:57:06 ----D---- C:\Users\Ondra\AppData\Roaming\DraftSight
2013-09-06 12:56:51 ----D---- C:\ProgramData\Dassault Systemes
2013-09-06 12:56:51 ----D---- C:\Program Files\Dassault Systemes
2013-09-06 11:13:28 ----SD---- C:\ProgramData\Shared Space
2013-09-06 11:13:19 ----D---- C:\Program Files\COMODO
2013-09-06 11:13:15 ----D---- C:\ProgramData\Comodo
2013-09-06 11:13:12 ----D---- C:\ProgramData\Comodo Downloader
2013-09-06 10:50:13 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-09-06 10:50:13 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-09-06 10:50:12 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2013-09-06 10:50:05 ----A---- C:\windows\system32\drivers\rdpvideominiport.sys
2013-09-06 10:50:04 ----A---- C:\windows\system32\drivers\TsUsbFlt.sys
2013-09-06 10:49:58 ----A---- C:\windows\SYSWOW64\wksprtPS.dll
2013-09-06 10:49:58 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2013-09-06 10:49:58 ----A---- C:\windows\SYSWOW64\rdpendp_winip.dll
2013-09-06 10:49:58 ----A---- C:\windows\SYSWOW64\MsRdpWebAccess.dll
2013-09-06 10:49:58 ----A---- C:\windows\SYSWOW64\aaclient.dll
2013-09-06 10:49:58 ----A---- C:\windows\system32\wksprtPS.dll
2013-09-06 10:49:58 ----A---- C:\windows\system32\TsUsbGDCoInstaller.dll
2013-09-06 10:49:58 ----A---- C:\windows\system32\tsgqec.dll
2013-09-06 10:49:58 ----A---- C:\windows\system32\MsRdpWebAccess.dll
2013-09-06 10:49:58 ----A---- C:\windows\system32\aaclient.dll
2013-09-06 10:49:57 ----A---- C:\windows\SYSWOW64\mstsc.exe
2013-09-06 10:49:57 ----A---- C:\windows\system32\wksprt.exe
2013-09-06 10:49:57 ----A---- C:\windows\system32\TSWbPrxy.exe
2013-09-06 10:49:57 ----A---- C:\windows\system32\rdpudd.dll
2013-09-06 10:49:57 ----A---- C:\windows\system32\rdpendp_winip.dll
2013-09-06 10:49:56 ----A---- C:\windows\system32\rdpcorets.dll
2013-09-06 10:49:56 ----A---- C:\windows\system32\mstsc.exe
2013-09-06 10:49:55 ----A---- C:\windows\SYSWOW64\mstscax.dll
2013-09-06 10:49:55 ----A---- C:\windows\system32\mstscax.dll
2013-09-06 10:49:29 ----A---- C:\windows\SYSWOW64\schannel.dll
2013-09-06 10:49:29 ----A---- C:\windows\system32\schannel.dll
2013-09-06 10:49:29 ----A---- C:\windows\system32\lsasrv.dll
2013-09-06 10:49:29 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2013-09-06 10:49:29 ----A---- C:\windows\system32\drivers\cng.sys
2013-09-06 10:49:28 ----A---- C:\windows\SYSWOW64\sspicli.dll
2013-09-06 10:49:28 ----A---- C:\windows\SYSWOW64\secur32.dll
2013-09-06 10:49:27 ----A---- C:\windows\SYSWOW64\qdvd.dll
2013-09-06 10:49:27 ----A---- C:\windows\system32\qdvd.dll
2013-09-06 10:30:30 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2013-09-06 10:30:29 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2013-09-06 10:30:29 ----A---- C:\windows\system32\ntoskrnl.exe
2013-09-06 10:30:29 ----A---- C:\windows\system32\ntdll.dll
2013-09-06 10:30:28 ----A---- C:\windows\SYSWOW64\ntdll.dll
2013-09-06 10:30:28 ----A---- C:\windows\system32\wow64.dll
2013-09-06 10:30:27 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2013-09-06 10:30:25 ----A---- C:\windows\SYSWOW64\wow32.dll
2013-09-06 10:30:25 ----A---- C:\windows\SYSWOW64\setup16.exe
2013-09-06 10:30:24 ----A---- C:\windows\SYSWOW64\user.exe
2013-09-06 10:30:24 ----A---- C:\windows\SYSWOW64\instnm.exe
2013-09-06 09:11:15 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-09-06 09:11:15 ----A---- C:\windows\system32\mshtmled.dll
2013-09-06 09:11:12 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-09-06 09:11:11 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-09-06 09:11:11 ----A---- C:\windows\system32\ieui.dll
2013-09-06 09:11:10 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-09-06 09:11:10 ----A---- C:\windows\system32\ieUnatt.exe
2013-09-06 09:11:09 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-09-06 09:11:09 ----A---- C:\windows\SYSWOW64\url.dll
2013-09-06 09:11:09 ----A---- C:\windows\system32\url.dll
2013-09-06 09:11:08 ----A---- C:\windows\system32\wininet.dll
2013-09-06 09:11:06 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-09-06 09:11:06 ----A---- C:\windows\system32\urlmon.dll
2013-09-06 09:11:04 ----A---- C:\windows\system32\msfeeds.dll
2013-09-06 09:11:04 ----A---- C:\windows\system32\jscript9.dll
2013-09-06 09:11:02 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-09-06 09:11:01 ----A---- C:\windows\system32\jsproxy.dll
2013-09-06 09:11:00 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-09-06 09:11:00 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-09-06 09:11:00 ----A---- C:\windows\system32\vbscript.dll
2013-09-06 09:10:59 ----A---- C:\windows\system32\jscript.dll
2013-09-06 09:10:58 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-09-06 09:10:58 ----A---- C:\windows\system32\iertutil.dll
2013-09-06 09:10:55 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-09-06 09:10:52 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-09-06 09:10:48 ----A---- C:\windows\system32\mshtml.dll
2013-09-06 09:10:42 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-09-06 09:10:42 ----A---- C:\windows\system32\ieframe.dll
2013-09-06 09:09:39 ----A---- C:\windows\SYSWOW64\ncsi.dll
2013-09-06 09:09:39 ----A---- C:\windows\system32\nlasvc.dll
2013-09-06 09:09:39 ----A---- C:\windows\system32\netcorehc.dll
2013-09-06 09:09:39 ----A---- C:\windows\system32\ncsi.dll
2013-09-06 09:09:39 ----A---- C:\windows\system32\iphlpsvc.dll
2013-09-06 09:09:38 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2013-09-06 09:09:38 ----A---- C:\windows\SYSWOW64\netevent.dll
2013-09-06 09:09:38 ----A---- C:\windows\SYSWOW64\netcorehc.dll
2013-09-06 09:09:38 ----A---- C:\windows\system32\nlaapi.dll
2013-09-06 09:09:38 ----A---- C:\windows\system32\netevent.dll
2013-09-06 09:09:38 ----A---- C:\windows\system32\drivers\tcpipreg.sys
2013-09-06 09:06:24 ----A---- C:\windows\system32\WMVDECOD.DLL
2013-09-06 09:06:23 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2013-09-06 09:06:19 ----A---- C:\windows\system32\shell32.dll
2013-09-06 09:06:18 ----A---- C:\windows\system32\authui.dll
2013-09-06 09:06:17 ----A---- C:\windows\SYSWOW64\shell32.dll
2013-09-06 09:06:17 ----A---- C:\windows\system32\shdocvw.dll
2013-09-06 09:06:16 ----A---- C:\windows\SYSWOW64\authui.dll
2013-09-06 09:06:16 ----A---- C:\windows\system32\consent.exe
2013-09-06 09:06:15 ----A---- C:\windows\SYSWOW64\shdocvw.dll
2013-09-06 09:06:15 ----A---- C:\windows\system32\appinfo.dll
2013-09-06 09:05:39 ----A---- C:\windows\SYSWOW64\wintrust.dll
2013-09-06 09:05:39 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2013-09-06 09:05:39 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2013-09-06 09:05:39 ----A---- C:\windows\SYSWOW64\crypt32.dll
2013-09-06 09:05:39 ----A---- C:\windows\system32\wintrust.dll
2013-09-06 09:05:39 ----A---- C:\windows\system32\cryptsvc.dll
2013-09-06 09:05:39 ----A---- C:\windows\system32\cryptnet.dll
2013-09-06 09:05:39 ----A---- C:\windows\system32\crypt32.dll
2013-09-06 09:05:35 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2013-09-06 09:05:24 ----A---- C:\windows\system32\OxpsConverter.exe
2013-09-06 09:05:19 ----A---- C:\windows\system32\drivers\ndis.sys
2013-09-06 09:05:18 ----A---- C:\windows\system32\drivers\RNDISMP.sys
2013-09-06 09:05:15 ----A---- C:\windows\system32\win32spl.dll
2013-09-06 09:05:15 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2013-09-06 09:05:15 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2013-09-06 09:05:14 ----A---- C:\windows\SYSWOW64\win32spl.dll
2013-09-06 09:05:14 ----A---- C:\windows\system32\rpcrt4.dll
2013-09-06 09:05:13 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2013-09-06 09:05:11 ----A---- C:\windows\system32\win32k.sys
2013-09-06 09:05:10 ----A---- C:\windows\SYSWOW64\dhcpcsvc6.dll
2013-09-06 09:05:10 ----A---- C:\windows\SYSWOW64\dhcpcore6.dll
2013-09-06 09:05:10 ----A---- C:\windows\system32\dhcpcsvc6.dll
2013-09-06 09:05:10 ----A---- C:\windows\system32\dhcpcore6.dll
2013-09-06 09:05:04 ----A---- C:\windows\SYSWOW64\tzres.dll
2013-09-06 09:05:04 ----A---- C:\windows\system32\tzres.dll
2013-09-06 09:05:01 ----A---- C:\windows\SYSWOW64\qedit.dll
2013-09-06 09:05:01 ----A---- C:\windows\system32\taskhost.exe
2013-09-06 09:05:01 ----A---- C:\windows\system32\qedit.dll
2013-09-06 09:05:00 ----A---- C:\windows\system32\wwansvc.dll
2013-09-06 09:05:00 ----A---- C:\windows\system32\wwanprotdim.dll
2013-09-06 09:04:22 ----A---- C:\windows\system32\certutil.exe
2013-09-06 09:04:21 ----A---- C:\windows\SYSWOW64\certutil.exe
2013-09-06 09:04:20 ----A---- C:\windows\SYSWOW64\certenc.dll
2013-09-06 09:04:20 ----A---- C:\windows\system32\certenc.dll
2013-09-06 09:03:59 ----A---- C:\windows\SYSWOW64\cryptdlg.dll
2013-09-06 09:03:59 ----A---- C:\windows\system32\cryptdlg.dll
2013-09-06 09:03:53 ----A---- C:\windows\system32\DWrite.dll
2013-09-06 09:03:52 ----A---- C:\windows\SYSWOW64\DWrite.dll
2013-09-06 09:00:16 ----A---- C:\windows\system32\drivers\tcpip.sys
2013-09-05 23:48:56 ----D---- C:\windows\system32\MRT
2013-09-05 23:48:53 ----A---- C:\windows\system32\MRT.exe
2013-09-05 23:44:00 ----D---- C:\windows\system32\SPReview
2013-09-05 23:43:33 ----D---- C:\windows\system32\EventProviders
2013-09-05 23:35:35 ----A---- C:\windows\system32\netfxperf.dll
2013-09-05 23:35:35 ----A---- C:\windows\system32\dfshim.dll
2013-09-05 23:35:30 ----A---- C:\windows\SYSWOW64\dfshim.dll
2013-09-05 23:35:26 ----A---- C:\windows\system32\d3d10warp.dll
2013-09-05 23:35:21 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2013-09-05 23:35:20 ----A---- C:\windows\SYSWOW64\mfc40u.dll
2013-09-05 23:35:20 ----A---- C:\windows\SYSWOW64\mfc40.dll
2013-09-05 23:35:20 ----A---- C:\windows\system32\sysmain.dll
2013-09-05 23:35:18 ----A---- C:\windows\system32\MSVidCtl.dll
2013-09-05 23:35:16 ----A---- C:\windows\system32\wmp.dll
2013-09-05 23:35:15 ----A---- C:\windows\system32\mscoree.dll
2013-09-05 23:35:15 ----A---- C:\windows\system32\mmcndmgr.dll
2013-09-05 23:35:14 ----A---- C:\windows\system32\secproc_isv.dll
2013-09-05 23:35:14 ----A---- C:\windows\system32\RMActivate_isv.exe
2013-09-05 23:35:14 ----A---- C:\windows\system32\mf.dll
2013-09-05 23:35:13 ----A---- C:\windows\SYSWOW64\secproc_isv.dll
2013-09-05 23:35:13 ----A---- C:\windows\system32\xpsservices.dll
2013-09-05 23:35:13 ----A---- C:\windows\system32\secproc.dll
2013-09-05 23:35:13 ----A---- C:\windows\system32\RMActivate.exe
2013-09-05 23:35:12 ----A---- C:\windows\SYSWOW64\secproc.dll
2013-09-05 23:35:12 ----A---- C:\windows\SYSWOW64\RMActivate_isv.exe
2013-09-05 23:35:11 ----A---- C:\windows\SYSWOW64\RMActivate.exe
2013-09-05 23:35:11 ----A---- C:\windows\system32\schedsvc.dll
2013-09-05 23:35:11 ----A---- C:\windows\system32\ole32.dll
2013-09-05 23:35:10 ----A---- C:\windows\SYSWOW64\mscoree.dll
2013-09-05 23:35:10 ----A---- C:\windows\system32\spwizui.dll
2013-09-05 23:35:09 ----A---- C:\windows\system32\taskschd.dll
2013-09-05 23:35:09 ----A---- C:\windows\system32\RacEngn.dll
2013-09-05 23:35:09 ----A---- C:\windows\system32\diagperf.dll
2013-09-05 23:35:08 ----A---- C:\windows\SYSWOW64\mf.dll
2013-09-05 23:35:08 ----A---- C:\windows\system32\wevtsvc.dll
2013-09-05 23:35:08 ----A---- C:\windows\system32\ExplorerFrame.dll
2013-09-05 23:35:07 ----A---- C:\windows\SYSWOW64\CertEnroll.dll
2013-09-05 23:35:07 ----A---- C:\windows\system32\vssapi.dll
2013-09-05 23:35:07 ----A---- C:\windows\system32\NaturalLanguage6.dll
2013-09-05 23:35:07 ----A---- C:\windows\system32\drivers\msiscsi.sys
2013-09-05 23:35:06 ----A---- C:\windows\system32\UIRibbon.dll
2013-09-05 23:35:06 ----A---- C:\windows\system32\mcupdate_GenuineIntel.dll
2013-09-05 23:35:05 ----A---- C:\windows\SYSWOW64\wmp.dll
2013-09-05 23:35:04 ----A---- C:\windows\SYSWOW64\PresentationHostProxy.dll
2013-09-05 23:35:04 ----A---- C:\windows\SYSWOW64\PresentationHost.exe
2013-09-05 23:35:04 ----A---- C:\windows\system32\WsmSvc.dll
2013-09-05 23:35:04 ----A---- C:\windows\system32\WMVCORE.DLL
2013-09-05 23:35:03 ----A---- C:\windows\system32\spreview.exe
2013-09-05 23:35:03 ----A---- C:\windows\system32\spinstall.exe
2013-09-05 23:35:03 ----A---- C:\windows\system32\rdpdd.dll
2013-09-05 23:35:03 ----A---- C:\windows\system32\PresentationHostProxy.dll
2013-09-05 23:35:03 ----A---- C:\windows\system32\PresentationHost.exe
2013-09-05 23:35:03 ----A---- C:\windows\system32\MPSSVC.dll
2013-09-05 23:35:02 ----A---- C:\windows\system32\WinSAT.exe
2013-09-05 23:35:02 ----A---- C:\windows\system32\CertEnroll.dll
2013-09-05 23:35:01 ----A---- C:\windows\system32\d3d9.dll
2013-09-05 23:35:00 ----A---- C:\windows\SYSWOW64\RacEngn.dll
2013-09-05 23:35:00 ----A---- C:\windows\SYSWOW64\AuthFWSnapin.dll
2013-09-05 23:35:00 ----A---- C:\windows\system32\SearchFolder.dll
2013-09-05 23:35:00 ----A---- C:\windows\system32\IKEEXT.DLL
2013-09-05 23:35:00 ----A---- C:\windows\system32\AuthFWSnapin.dll
2013-09-05 23:34:59 ----A---- C:\windows\system32\VSSVC.exe
2013-09-05 23:34:59 ----A---- C:\windows\system32\gpsvc.dll
2013-09-05 23:34:59 ----A---- C:\windows\system32\dwmcore.dll
2013-09-05 23:34:58 ----A---- C:\windows\system32\drivers\http.sys
2013-09-05 23:34:58 ----A---- C:\windows\system32\dbgeng.dll
2013-09-05 23:34:57 ----A---- C:\windows\SYSWOW64\ExplorerFrame.dll
2013-09-05 23:34:56 ----A---- C:\windows\SYSWOW64\ole32.dll
2013-09-05 23:34:56 ----A---- C:\windows\system32\TSWorkspace.dll
2013-09-05 23:34:56 ----A---- C:\windows\system32\qmgr.dll
2013-09-05 23:34:56 ----A---- C:\windows\system32\audiosrv.dll
2013-09-05 23:34:56 ----A---- C:\windows\system32\actxprxy.dll
2013-09-05 23:34:55 ----A---- C:\windows\system32\termsrv.dll
2013-09-05 23:34:54 ----A---- C:\windows\SYSWOW64\vssapi.dll
2013-09-05 23:34:54 ----A---- C:\windows\system32\netlogon.dll
2013-09-05 23:34:54 ----A---- C:\windows\system32\imapi2fs.dll
2013-09-05 23:34:54 ----A---- C:\windows\system32\d3d11.dll
2013-09-05 23:34:53 ----A---- C:\windows\SYSWOW64\SearchFolder.dll
2013-09-05 23:34:53 ----A---- C:\windows\SYSWOW64\d3d9.dll
2013-09-05 23:34:53 ----A---- C:\windows\system32\winhttp.dll
2013-09-05 23:34:53 ----A---- C:\windows\system32\QAGENTRT.DLL
2013-09-05 23:34:53 ----A---- C:\windows\system32\propsys.dll
2013-09-05 23:34:53 ----A---- C:\windows\system32\msv1_0.dll
2013-09-05 23:34:52 ----A---- C:\windows\SYSWOW64\taskschd.dll
2013-09-05 23:34:52 ----A---- C:\windows\system32\wbengine.exe
2013-09-05 23:34:52 ----A---- C:\windows\system32\setupapi.dll
2013-09-05 23:34:52 ----A---- C:\windows\system32\rpcss.dll
2013-09-05 23:34:51 ----A---- C:\windows\system32\werconcpl.dll
2013-09-05 23:34:51 ----A---- C:\windows\system32\taskeng.exe
2013-09-05 23:34:51 ----A---- C:\windows\system32\odbc32.dll
2013-09-05 23:34:50 ----A---- C:\windows\system32\WSDApi.dll
2013-09-05 23:34:50 ----A---- C:\windows\system32\user32.dll
2013-09-05 23:34:50 ----A---- C:\windows\system32\dhcpcore.dll
2013-09-05 23:34:50 ----A---- C:\windows\system32\certmgr.dll
2013-09-05 23:34:49 ----A---- C:\windows\SYSWOW64\wer.dll
2013-09-05 23:34:49 ----A---- C:\windows\SYSWOW64\certcli.dll
2013-09-05 23:34:49 ----A---- C:\windows\system32\scavengeui.dll
2013-09-05 23:34:49 ----A---- C:\windows\system32\drivers\tdx.sys
2013-09-05 23:34:49 ----A---- C:\windows\system32\drivers\netbt.sys
2013-09-05 23:34:48 ----A---- C:\windows\SYSWOW64\dwmcore.dll
2013-09-05 23:34:48 ----A---- C:\windows\system32\tsmf.dll
2013-09-05 23:34:48 ----A---- C:\windows\system32\shlwapi.dll
2013-09-05 23:34:48 ----A---- C:\windows\system32\PortableDeviceApi.dll
2013-09-05 23:34:48 ----A---- C:\windows\system32\msdrm.dll
2013-09-05 23:34:47 ----A---- C:\windows\SYSWOW64\odbc32.dll
2013-09-05 23:34:47 ----A---- C:\windows\system32\netshell.dll
2013-09-05 23:34:47 ----A---- C:\windows\system32\msdtctm.dll
2013-09-05 23:34:47 ----A---- C:\windows\system32\framedynos.dll
2013-09-05 23:34:46 ----A---- C:\windows\SYSWOW64\tcpmonui.dll
2013-09-05 23:34:46 ----A---- C:\windows\system32\ws2_32.dll
2013-09-05 23:34:46 ----A---- C:\windows\system32\winlogon.exe
2013-09-05 23:34:46 ----A---- C:\windows\system32\netcfgx.dll
2013-09-05 23:34:46 ----A---- C:\windows\system32\lsm.exe
2013-09-05 23:34:46 ----A---- C:\windows\system32\dxgi.dll
2013-09-05 23:34:46 ----A---- C:\windows\system32\comdlg32.dll
2013-09-05 23:34:45 ----A---- C:\windows\SYSWOW64\TSWorkspace.dll
2013-09-05 23:34:45 ----A---- C:\windows\SYSWOW64\tsmf.dll
2013-09-05 23:34:45 ----A---- C:\windows\SYSWOW64\dot3api.dll
2013-09-05 23:34:45 ----A---- C:\windows\system32\wpdshext.dll
2013-09-05 23:34:45 ----A---- C:\windows\system32\wmpps.dll
2013-09-05 23:34:45 ----A---- C:\windows\system32\Query.dll
2013-09-05 23:34:45 ----A---- C:\windows\system32\mswsock.dll
2013-09-05 23:34:45 ----A---- C:\windows\system32\azroles.dll
2013-09-05 23:34:45 ----A---- C:\windows\system32\apphelp.dll
2013-09-05 23:34:44 ----A---- C:\windows\SYSWOW64\winhttp.dll
2013-09-05 23:34:44 ----A---- C:\windows\SYSWOW64\setupapi.dll
2013-09-05 23:34:44 ----A---- C:\windows\SYSWOW64\apphelp.dll
2013-09-05 23:34:44 ----A---- C:\windows\system32\Vault.dll
2013-09-05 23:34:44 ----A---- C:\windows\system32\samsrv.dll
2013-09-05 23:34:44 ----A---- C:\windows\system32\QAGENT.DLL
2013-09-05 23:34:44 ----A---- C:\windows\system32\cmd.exe
2013-09-05 23:34:44 ----A---- C:\windows\system32\BFE.DLL
2013-09-05 23:34:43 ----A---- C:\windows\SYSWOW64\netlogon.dll
2013-09-05 23:34:43 ----A---- C:\windows\SYSWOW64\MSVidCtl.dll
2013-09-05 23:34:43 ----A---- C:\windows\SYSWOW64\dbgeng.dll
2013-09-05 23:34:43 ----A---- C:\windows\system32\lpksetup.exe
2013-09-05 23:34:43 ----A---- C:\windows\system32\DShowRdpFilter.dll
2013-09-05 23:34:42 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2013-09-05 23:34:42 ----A---- C:\windows\SYSWOW64\netcfgx.dll
2013-09-05 23:34:42 ----A---- C:\windows\SYSWOW64\d3d11.dll
2013-09-05 23:34:42 ----A---- C:\windows\system32\WebClnt.dll
2013-09-05 23:34:41 ----A---- C:\windows\SYSWOW64\WsmSvc.dll
2013-09-05 23:34:41 ----A---- C:\windows\SYSWOW64\Query.dll
2013-09-05 23:34:41 ----A---- C:\windows\SYSWOW64\advapi32.dll
2013-09-05 23:34:41 ----A---- C:\windows\system32\Wldap32.dll
2013-09-05 23:34:41 ----A---- C:\windows\system32\WindowsCodecs.dll
2013-09-05 23:34:41 ----A---- C:\windows\system32\taskcomp.dll
2013-09-05 23:34:41 ----A---- C:\windows\system32\sxs.dll
2013-09-05 23:34:41 ----A---- C:\windows\system32\mfds.dll
2013-09-05 23:34:41 ----A---- C:\windows\system32\mcbuilder.exe
2013-09-05 23:34:41 ----A---- C:\windows\system32\drivers\vhdmp.sys
2013-09-05 23:34:40 ----A---- C:\windows\SYSWOW64\upnp.dll
2013-09-05 23:34:40 ----A---- C:\windows\SYSWOW64\mmcndmgr.dll
2013-09-05 23:34:40 ----A---- C:\windows\SYSWOW64\DShowRdpFilter.dll
2013-09-05 23:34:40 ----A---- C:\windows\system32\pnidui.dll
2013-09-05 23:34:40 ----A---- C:\windows\system32\ipsmsnap.dll
2013-09-05 23:34:40 ----A---- C:\windows\system32\hgprint.dll
2013-09-05 23:34:39 ----A---- C:\windows\SYSWOW64\netfxperf.dll
2013-09-05 23:34:39 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2013-09-05 23:34:39 ----A---- C:\windows\SYSWOW64\imapi2fs.dll
2013-09-05 23:34:39 ----A---- C:\windows\system32\webservices.dll
2013-09-05 23:34:39 ----A---- C:\windows\system32\SessEnv.dll
2013-09-05 23:34:38 ----A---- C:\windows\SYSWOW64\SessEnv.dll
2013-09-05 23:34:38 ----A---- C:\windows\SYSWOW64\PortableDeviceApi.dll
2013-09-05 23:34:38 ----A---- C:\windows\SYSWOW64\msdrm.dll
2013-09-05 23:34:38 ----A---- C:\windows\system32\winsta.dll
2013-09-05 23:34:38 ----A---- C:\windows\system32\sqlsrv32.dll
2013-09-05 23:34:38 ----A---- C:\windows\system32\fveapi.dll
2013-09-05 23:34:38 ----A---- C:\windows\system32\dot3api.dll
2013-09-05 23:34:37 ----A---- C:\windows\SYSWOW64\shlwapi.dll
2013-09-05 23:34:37 ----A---- C:\windows\SYSWOW64\mcbuilder.exe
2013-09-05 23:34:37 ----A---- C:\windows\system32\prncache.dll
2013-09-05 23:34:37 ----A---- C:\windows\system32\mcmde.dll
2013-09-05 23:34:37 ----A---- C:\windows\system32\gdi32.dll
2013-09-05 23:34:37 ----A---- C:\windows\system32\drivers\volsnap.sys
2013-09-05 23:34:37 ----A---- C:\windows\system32\drivers\msrpc.sys
2013-09-05 23:34:36 ----A---- C:\windows\SYSWOW64\userenv.dll
2013-09-05 23:34:36 ----A---- C:\windows\SYSWOW64\certmgr.dll
2013-09-05 23:34:36 ----A---- C:\windows\system32\WMNetMgr.dll
2013-09-05 23:34:36 ----A---- C:\windows\system32\wlanpref.dll
2013-09-05 23:34:36 ----A---- C:\windows\system32\vpnike.dll
2013-09-05 23:34:36 ----A---- C:\windows\system32\schtasks.exe
2013-09-05 23:34:35 ----A---- C:\windows\SYSWOW64\xpsservices.dll
2013-09-05 23:34:35 ----A---- C:\windows\SYSWOW64\WebClnt.dll
2013-09-05 23:34:35 ----A---- C:\windows\SYSWOW64\comdlg32.dll
2013-09-05 23:34:35 ----A---- C:\windows\system32\userenv.dll
2013-09-05 23:34:35 ----A---- C:\windows\system32\photowiz.dll
2013-09-05 23:34:35 ----A---- C:\windows\system32\evr.dll
2013-09-05 23:34:35 ----A---- C:\windows\system32\drivers\rdbss.sys
2013-09-05 23:34:35 ----A---- C:\windows\system32\drivers\1394ohci.sys
2013-09-05 23:34:34 ----A---- C:\windows\SYSWOW64\cmd.exe
2013-09-05 23:34:34 ----A---- C:\windows\system32\wmpmde.dll
2013-09-05 23:34:34 ----A---- C:\windows\system32\SyncCenter.dll
2013-09-05 23:34:34 ----A---- C:\windows\system32\sppobjs.dll
2013-09-05 23:34:34 ----A---- C:\windows\system32\IPSECSVC.DLL
2013-09-05 23:34:34 ----A---- C:\windows\system32\FXSSVC.exe
2013-09-05 23:34:34 ----A---- C:\windows\system32\framedyn.dll
2013-09-05 23:34:34 ----A---- C:\windows\system32\AudioSes.dll
2013-09-05 23:34:34 ----A---- C:\windows\system32\aepdu.dll
2013-09-05 23:34:33 ----A---- C:\windows\system32\WMPEncEn.dll
2013-09-05 23:34:33 ----A---- C:\windows\system32\wmpeffects.dll
2013-09-05 23:34:33 ----A---- C:\windows\system32\srvsvc.dll
2013-09-05 23:34:33 ----A---- C:\windows\system32\shsvcs.dll
2013-09-05 23:34:33 ----A---- C:\windows\system32\mfreadwrite.dll
2013-09-05 23:34:33 ----A---- C:\windows\system32\aeinv.dll
2013-09-05 23:34:32 ----A---- C:\windows\SYSWOW64\Wldap32.dll
2013-09-05 23:34:32 ----A---- C:\windows\SYSWOW64\propsys.dll
2013-09-05 23:34:32 ----A---- C:\windows\SYSWOW64\mfds.dll
2013-09-05 23:34:32 ----A---- C:\windows\SYSWOW64\framedynos.dll
2013-09-05 23:34:32 ----A---- C:\windows\system32\WinSATAPI.dll
2013-09-05 23:34:32 ----A---- C:\windows\system32\stobject.dll
2013-09-05 23:34:32 ----A---- C:\windows\system32\localsec.dll
2013-09-05 23:34:32 ----A---- C:\windows\system32\imapi2.dll
2013-09-05 23:34:32 ----A---- C:\windows\system32\fde.dll
2013-09-05 23:34:31 ----A---- C:\windows\SYSWOW64\user32.dll
2013-09-05 23:34:31 ----A---- C:\windows\system32\netid.dll
2013-09-05 23:34:31 ----A---- C:\windows\system32\netdiagfx.dll
2013-09-05 23:34:31 ----A---- C:\windows\system32\inetpp.dll
2013-09-05 23:34:31 ----A---- C:\windows\system32\drivers\udfs.sys
2013-09-05 23:34:31 ----A---- C:\windows\system32\drivers\fltMgr.sys
2013-09-05 23:34:31 ----A---- C:\windows\system32\credui.dll
2013-09-05 23:34:31 ----A---- C:\windows\system32\bcryptprimitives.dll
2013-09-05 23:34:30 ----A---- C:\windows\SYSWOW64\azroles.dll
2013-09-05 23:34:30 ----A---- C:\windows\system32\tcpipcfg.dll
2013-09-05 23:34:30 ----A---- C:\windows\system32\spp.dll
2013-09-05 23:34:30 ----A---- C:\windows\system32\QSHVHOST.DLL
2013-09-05 23:34:30 ----A---- C:\windows\system32\davclnt.dll
2013-09-05 23:34:30 ----A---- C:\windows\system32\biocpl.dll
2013-09-05 23:34:29 ----A---- C:\windows\SYSWOW64\themeui.dll
2013-09-05 23:34:29 ----A---- C:\windows\SYSWOW64\credui.dll
2013-09-05 23:34:29 ----A---- C:\windows\system32\scansetting.dll
2013-09-05 23:34:29 ----A---- C:\windows\system32\printui.dll
2013-09-05 23:34:29 ----A---- C:\windows\system32\mspbda.dll
2013-09-05 23:34:29 ----A---- C:\windows\system32\msinfo32.exe
2013-09-05 23:34:28 ----A---- C:\windows\SYSWOW64\taskeng.exe
2013-09-05 23:34:28 ----A---- C:\windows\SYSWOW64\spp.dll
2013-09-05 23:34:28 ----A---- C:\windows\SYSWOW64\mswsock.dll
2013-09-05 23:34:28 ----A---- C:\windows\SYSWOW64\dhcpcore.dll
2013-09-05 23:34:28 ----A---- C:\windows\system32\wusa.exe
2013-09-05 23:34:28 ----A---- C:\windows\system32\pla.dll
2013-09-05 23:34:28 ----A---- C:\windows\system32\msdri.dll
2013-09-05 23:34:28 ----A---- C:\windows\system32\IPHLPAPI.DLL
2013-09-05 23:34:28 ----A---- C:\windows\system32\aitagent.exe
2013-09-05 23:34:27 ----A---- C:\windows\SYSWOW64\basecsp.dll
2013-09-05 23:34:27 ----A---- C:\windows\system32\wiaservc.dll
2013-09-05 23:34:27 ----A---- C:\windows\system32\vds.exe
2013-09-05 23:34:27 ----A---- C:\windows\system32\rpchttp.dll
2013-09-05 23:34:27 ----A---- C:\windows\system32\drivers\pci.sys
2013-09-05 23:34:26 ----A---- C:\windows\SYSWOW64\NaturalLanguage6.dll
2013-09-05 23:34:26 ----A---- C:\windows\SYSWOW64\mfreadwrite.dll
2013-09-05 23:34:26 ----A---- C:\windows\SYSWOW64\dxgi.dll
2013-09-05 23:34:26 ----A---- C:\windows\SYSWOW64\dbghelp.dll
2013-09-05 23:34:26 ----A---- C:\windows\system32\XpsRasterService.dll
2013-09-05 23:34:26 ----A---- C:\windows\system32\wisptis.exe
2013-09-05 23:34:26 ----A---- C:\windows\system32\mscms.dll
2013-09-05 23:34:26 ----A---- C:\windows\system32\FirewallControlPanel.dll
2013-09-05 23:34:26 ----A---- C:\windows\system32\drivers\rasl2tp.sys
2013-09-05 23:34:25 ----A---- C:\windows\SYSWOW64\taskcomp.dll
2013-09-05 23:34:25 ----A---- C:\windows\SYSWOW64\evr.dll
2013-09-05 23:34:25 ----A---- C:\windows\system32\sppwinob.dll
2013-09-05 23:34:25 ----A---- C:\windows\system32\ocsetup.exe
2013-09-05 23:34:25 ----A---- C:\windows\system32\drivers\mrxdav.sys
2013-09-05 23:34:24 ----A---- C:\windows\SYSWOW64\WinSATAPI.dll
2013-09-05 23:34:24 ----A---- C:\windows\SYSWOW64\calc.exe
2013-09-05 23:34:24 ----A---- C:\windows\system32\ocsetapi.dll
2013-09-05 23:34:24 ----A---- C:\windows\system32\DXP.dll
2013-09-05 23:34:24 ----A---- C:\windows\system32\drivers\volmgr.sys
2013-09-05 23:34:23 ----A---- C:\windows\SYSWOW64\sqlsrv32.dll
2013-09-05 23:34:23 ----A---- C:\windows\system32\wpdbusenum.dll
2013-09-05 23:34:23 ----A---- C:\windows\system32\wcncsvc.dll
2013-09-05 23:34:23 ----A---- C:\windows\system32\upnp.dll
2013-09-05 23:34:23 ----A---- C:\windows\system32\Robocopy.exe
2013-09-05 23:34:23 ----A---- C:\windows\system32\mprapi.dll
2013-09-05 23:34:23 ----A---- C:\windows\system32\eapphost.dll
2013-09-05 23:34:23 ----A---- C:\windows\system32\eapp3hst.dll
2013-09-05 23:34:23 ----A---- C:\windows\system32\drivers\msdsm.sys
2013-09-05 23:34:23 ----A---- C:\windows\system32\ci.dll
2013-09-05 23:34:22 ----A---- C:\windows\SYSWOW64\ws2_32.dll
2013-09-05 23:34:22 ----A---- C:\windows\SYSWOW64\UIRibbon.dll
2013-09-05 23:34:22 ----A---- C:\windows\SYSWOW64\sxs.dll
2013-09-05 23:34:22 ----A---- C:\windows\SYSWOW64\stobject.dll
2013-09-05 23:34:22 ----A---- C:\windows\SYSWOW64\netshell.dll
2013-09-05 23:34:22 ----A---- C:\windows\system32\thumbcache.dll
2013-09-05 23:34:22 ----A---- C:\windows\system32\t2embed.dll
2013-09-05 23:34:22 ----A---- C:\windows\system32\hal.dll
2013-09-05 23:34:22 ----A---- C:\windows\system32\drivers\HpSAMD.sys
2013-09-05 23:34:21 ----A---- C:\windows\SYSWOW64\gdi32.dll
2013-09-05 23:34:21 ----A---- C:\windows\system32\scecli.dll
2013-09-05 23:34:21 ----A---- C:\windows\system32\PerfCenterCPL.dll
2013-09-05 23:34:21 ----A---- C:\windows\system32\MSMPEG2ENC.DLL
2013-09-05 23:34:21 ----A---- C:\windows\system32\DxpTaskSync.dll
2013-09-05 23:34:21 ----A---- C:\windows\system32\dwmredir.dll
2013-09-05 23:34:20 ----A---- C:\windows\SYSWOW64\prncache.dll
2013-09-05 23:34:20 ----A---- C:\windows\SYSWOW64\comctl32.dll
2013-09-05 23:34:20 ----A---- C:\windows\system32\themeui.dll
2013-09-05 23:34:20 ----A---- C:\windows\system32\puiobj.dll
2013-09-05 23:34:20 ----A---- C:\windows\system32\onex.dll
2013-09-05 23:34:20 ----A---- C:\windows\system32\msasn1.dll
2013-09-05 23:34:20 ----A---- C:\windows\system32\iasrad.dll
2013-09-05 23:34:20 ----A---- C:\windows\system32\DXPTaskRingtone.dll
2013-09-05 23:34:20 ----A---- C:\windows\system32\drivers\ipfltdrv.sys
2013-09-05 23:34:20 ----A---- C:\windows\system32\drivers\Classpnp.sys
2013-09-05 23:34:19 ----A---- C:\windows\SYSWOW64\WSDApi.dll
2013-09-05 23:34:19 ----A---- C:\windows\SYSWOW64\wmpeffects.dll
2013-09-05 23:34:19 ----A---- C:\windows\SYSWOW64\rpchttp.dll
2013-09-05 23:34:19 ----A---- C:\windows\SYSWOW64\printui.dll
2013-09-05 23:34:19 ----A---- C:\windows\SYSWOW64\net1.exe
2013-09-05 23:34:18 ----A---- C:\windows\SYSWOW64\scansetting.dll
2013-09-05 23:34:18 ----A---- C:\windows\system32\wdc.dll
2013-09-05 23:34:17 ----A---- C:\windows\system32\wlangpui.dll
2013-09-05 23:34:17 ----A---- C:\windows\system32\VAN.dll
2013-09-05 23:34:17 ----A---- C:\windows\system32\StructuredQuery.dll
2013-09-05 23:34:17 ----A---- C:\windows\system32\sdengin2.dll
2013-09-05 23:34:17 ----A---- C:\windows\system32\scesrv.dll
2013-09-05 23:34:17 ----A---- C:\windows\system32\rasmans.dll
2013-09-05 23:34:17 ----A---- C:\windows\system32\msftedit.dll
2013-09-05 23:34:16 ----A---- C:\windows\SYSWOW64\WMVCORE.DLL
2013-09-05 23:34:16 ----A---- C:\windows\SYSWOW64\wlangpui.dll
2013-09-05 23:34:16 ----A---- C:\windows\SYSWOW64\MMDevAPI.dll
2013-09-05 23:34:16 ----A---- C:\windows\SYSWOW64\davclnt.dll
2013-09-05 23:34:16 ----A---- C:\windows\system32\wscapi.dll
2013-09-05 23:34:16 ----A---- C:\windows\system32\wiadefui.dll
2013-09-05 23:34:16 ----A---- C:\windows\system32\SndVol.exe
2013-09-05 23:34:16 ----A---- C:\windows\system32\samcli.dll
2013-09-05 23:34:16 ----A---- C:\windows\system32\netcenter.dll
2013-09-05 23:34:16 ----A---- C:\windows\system32\iasacct.dll
2013-09-05 23:34:16 ----A---- C:\windows\system32\dskquoui.dll
2013-09-05 23:34:16 ----A---- C:\windows\system32\drivers\ndiswan.sys
2013-09-05 23:34:15 ----A---- C:\windows\SYSWOW64\QSHVHOST.DLL
2013-09-05 23:34:15 ----A---- C:\windows\system32\TabSvc.dll
2013-09-05 23:34:15 ----A---- C:\windows\system32\srchadmin.dll
2013-09-05 23:34:15 ----A---- C:\windows\system32\regapi.dll
2013-09-05 23:34:15 ----A---- C:\windows\system32\QUTIL.DLL
2013-09-05 23:34:15 ----A---- C:\windows\system32\drivers\termdd.sys
2013-09-05 23:34:14 ----A---- C:\windows\SYSWOW64\wpdshext.dll
2013-09-05 23:34:14 ----A---- C:\windows\SYSWOW64\webservices.dll
2013-09-05 23:34:14 ----A---- C:\windows\SYSWOW64\t2embed.dll
2013-09-05 23:34:14 ----A---- C:\windows\SYSWOW64\pnidui.dll
2013-09-05 23:34:14 ----A---- C:\windows\SYSWOW64\fde.dll
2013-09-05 23:34:14 ----A---- C:\windows\system32\setupcl.exe
2013-09-05 23:34:14 ----A---- C:\windows\system32\drivers\msahci.sys
2013-09-05 23:34:13 ----A---- C:\windows\SYSWOW64\wuapi.dll
2013-09-05 23:34:13 ----A---- C:\windows\SYSWOW64\wscapi.dll
2013-09-05 23:34:13 ----A---- C:\windows\SYSWOW64\SyncCenter.dll
2013-09-05 23:34:13 ----A---- C:\windows\SYSWOW64\netdiagfx.dll
2013-09-05 23:34:13 ----A---- C:\windows\system32\rastls.dll
2013-09-05 23:34:13 ----A---- C:\windows\system32\drivers\acpi.sys
2013-09-05 23:34:12 ----A---- C:\windows\SYSWOW64\WinSCard.dll
2013-09-05 23:34:12 ----A---- C:\windows\SYSWOW64\pla.dll
2013-09-05 23:34:12 ----A---- C:\windows\SYSWOW64\msasn1.dll
2013-09-05 23:34:12 ----A---- C:\windows\system32\tapisrv.dll
2013-09-05 23:34:12 ----A---- C:\windows\system32\netiohlp.dll
2013-09-05 23:34:12 ----A---- C:\windows\system32\msconfig.exe
2013-09-05 23:34:12 ----A---- C:\windows\system32\mimefilt.dll
2013-09-05 23:34:12 ----A---- C:\windows\system32\ListSvc.dll
2013-09-05 23:34:12 ----A---- C:\windows\system32\hgcpl.dll
2013-09-05 23:34:12 ----A---- C:\windows\system32\drivers\raspptp.sys
2013-09-05 23:34:11 ----A---- C:\windows\system32\lsmproxy.dll
2013-09-05 23:34:11 ----A---- C:\windows\system32\drivers\ks.sys
2013-09-05 23:34:11 ----A---- C:\windows\system32\clusapi.dll
2013-09-05 23:34:11 ----A---- C:\windows\system32\basecsp.dll
2013-09-05 23:34:10 ----A---- C:\windows\SYSWOW64\winsta.dll
2013-09-05 23:34:10 ----A---- C:\windows\SYSWOW64\MSMPEG2ENC.DLL
2013-09-05 23:34:10 ----A---- C:\windows\system32\mtxclu.dll
2013-09-05 23:34:10 ----A---- C:\windows\system32\fdeploy.dll
2013-09-05 23:34:10 ----A---- C:\windows\system32\drivers\sbp2port.sys
2013-09-05 23:34:10 ----A---- C:\windows\system32\AuxiliaryDisplayCpl.dll
2013-09-05 23:34:09 ----A---- C:\windows\SYSWOW64\imapi2.dll
2013-09-05 23:34:09 ----A---- C:\windows\SYSWOW64\DXPTaskRingtone.dll
2013-09-05 23:34:09 ----A---- C:\windows\system32\riched20.dll
2013-09-05 23:34:09 ----A---- C:\windows\system32\dnscmmc.dll
2013-09-05 23:34:08 ----A---- C:\windows\SYSWOW64\WMPEncEn.dll
2013-09-05 23:34:08 ----A---- C:\windows\SYSWOW64\onex.dll
2013-09-05 23:34:08 ----A---- C:\windows\system32\sharemediacpl.dll
2013-09-05 23:34:08 ----A---- C:\windows\system32\RpcRtRemote.dll
2013-09-05 23:34:08 ----A---- C:\windows\system32\powercpl.dll
2013-09-05 23:34:08 ----A---- C:\windows\system32\logoncli.dll
2013-09-05 23:34:07 ----A---- C:\windows\SYSWOW64\winmm.dll
2013-09-05 23:34:07 ----A---- C:\windows\SYSWOW64\shsvcs.dll
2013-09-05 23:34:07 ----A---- C:\windows\SYSWOW64\hbaapi.dll
2013-09-05 23:34:07 ----A---- C:\windows\SYSWOW64\autofmt.exe
2013-09-05 23:34:07 ----A---- C:\windows\system32\themecpl.dll
2013-09-05 23:34:07 ----A---- C:\windows\system32\SensorsCpl.dll
2013-09-05 23:34:07 ----A---- C:\windows\system32\netjoin.dll
2013-09-05 23:34:07 ----A---- C:\windows\system32\nci.dll
2013-09-05 23:34:07 ----A---- C:\windows\system32\Narrator.exe
2013-09-05 23:34:07 ----A---- C:\windows\system32\Faultrep.dll
2013-09-05 23:34:07 ----A---- C:\windows\system32\eudcedit.exe
2013-09-05 23:34:06 ----A---- C:\windows\SYSWOW64\samcli.dll
2013-09-05 23:34:06 ----A---- C:\windows\SYSWOW64\proquota.exe
2013-09-05 23:34:06 ----A---- C:\windows\SYSWOW64\netiohlp.dll
2013-09-05 23:34:06 ----A---- C:\windows\SYSWOW64\IPHLPAPI.DLL
2013-09-05 23:34:06 ----A---- C:\windows\SYSWOW64\autochk.exe
2013-09-05 23:34:06 ----A---- C:\windows\system32\wkssvc.dll
2013-09-05 23:34:06 ----A---- C:\windows\system32\vpnikeapi.dll
2013-09-05 23:34:06 ----A---- C:\windows\system32\sppcomapi.dll
2013-09-05 23:34:06 ----A---- C:\windows\system32\comctl32.dll
2013-09-05 23:34:06 ----A---- C:\windows\system32\cabview.dll
2013-09-05 23:34:05 ----A---- C:\windows\SYSWOW64\thumbcache.dll
2013-09-05 23:34:05 ----A---- C:\windows\SYSWOW64\regapi.dll
2013-09-05 23:34:05 ----A---- C:\windows\SYSWOW64\msutb.dll
2013-09-05 23:34:05 ----A---- C:\windows\SYSWOW64\msinfo32.exe
2013-09-05 23:34:05 ----A---- C:\windows\SYSWOW64\mimefilt.dll
2013-09-05 23:34:05 ----A---- C:\windows\SYSWOW64\ipsmsnap.dll
2013-09-05 23:34:05 ----A---- C:\windows\SYSWOW64\autoconv.exe
2013-09-05 23:34:05 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2013-09-05 23:34:05 ----A---- C:\windows\system32\nshipsec.dll
2013-09-05 23:34:05 ----A---- C:\windows\system32\autochk.exe
2013-09-05 23:34:05 ----A---- C:\windows\system32\autofmt.exe
2013-09-05 23:34:05 ----A---- C:\windows\system32\autoconv.exe
2013-09-05 23:34:04 ----A---- C:\windows\SYSWOW64\wcncsvc.dll
2013-09-05 23:34:04 ----A---- C:\windows\SYSWOW64\tcpipcfg.dll
2013-09-05 23:34:04 ----A---- C:\windows\SYSWOW64\srchadmin.dll
2013-09-05 23:34:04 ----A---- C:\windows\SYSWOW64\schtasks.exe
2013-09-05 23:34:04 ----A---- C:\windows\SYSWOW64\powercpl.dll
2013-09-05 23:34:04 ----A---- C:\windows\SYSWOW64\msihnd.dll
2013-09-05 23:34:04 ----A---- C:\windows\SYSWOW64\framedyn.dll
2013-09-05 23:34:04 ----A---- C:\windows\SYSWOW64\eapphost.dll
2013-09-05 23:34:04 ----A---- C:\windows\system32\wpd_ci.dll
2013-09-05 23:34:04 ----A---- C:\windows\system32\shsetup.dll
2013-09-05 23:34:04 ----A---- C:\windows\system32\sdclt.exe
2013-09-05 23:34:04 ----A---- C:\windows\system32\fms.dll


..... pokračování

[vitkova_vitek]

2013-09-05 23:34:04 ----A---- C:\windows\system32\bcdsrv.dll
2013-09-05 23:34:04 ----A---- C:\windows\system32\audiodg.exe
2013-09-05 23:34:03 ----A---- C:\windows\SYSWOW64\mscorier.dll
2013-09-05 23:34:03 ----A---- C:\windows\SYSWOW64\AuxiliaryDisplayCpl.dll
2013-09-05 23:34:03 ----A---- C:\windows\system32\wwanconn.dll
2013-09-05 23:34:03 ----A---- C:\windows\system32\wlanui.dll
2013-09-05 23:34:03 ----A---- C:\windows\system32\prntvpt.dll
2013-09-05 23:34:03 ----A---- C:\windows\system32\mscorier.dll
2013-09-05 23:34:03 ----A---- C:\windows\system32\drivers\winusb.sys
2013-09-05 23:34:03 ----A---- C:\windows\system32\drivers\wanarp.sys
2013-09-05 23:34:03 ----A---- C:\windows\system32\drivers\volmgrx.sys
2013-09-05 23:34:03 ----A---- C:\windows\system32\drivers\usbvideo.sys
2013-09-05 23:34:03 ----A---- C:\windows\system32\drivers\scsiport.sys
2013-09-05 23:34:03 ----A---- C:\windows\system32\dps.dll
2013-09-05 23:34:02 ----A---- C:\windows\SYSWOW64\QAGENT.DLL
2013-09-05 23:34:02 ----A---- C:\windows\SYSWOW64\netid.dll
2013-09-05 23:34:02 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2013-09-05 23:34:02 ----A---- C:\windows\system32\mprddm.dll
2013-09-05 23:34:02 ----A---- C:\windows\system32\fontext.dll
2013-09-05 23:34:02 ----A---- C:\windows\system32\drivers\hidclass.sys
2013-09-05 23:34:02 ----A---- C:\windows\system32\Display.dll
2013-09-05 23:34:02 ----A---- C:\windows\system32\credssp.dll
2013-09-05 23:34:02 ----A---- C:\windows\system32\batmeter.dll
2013-09-05 23:34:02 ----A---- C:\windows\system32\AxInstSv.dll
2013-09-05 23:34:01 ----A---- C:\windows\SYSWOW64\wdc.dll
2013-09-05 23:34:01 ----A---- C:\windows\SYSWOW64\Vault.dll
2013-09-05 23:34:01 ----A---- C:\windows\SYSWOW64\untfs.dll
2013-09-05 23:34:01 ----A---- C:\windows\SYSWOW64\StructuredQuery.dll
2013-09-05 23:34:01 ----A---- C:\windows\SYSWOW64\scesrv.dll
2013-09-05 23:34:01 ----A---- C:\windows\SYSWOW64\rastls.dll
2013-09-05 23:34:01 ----A---- C:\windows\SYSWOW64\nci.dll
2013-09-05 23:34:01 ----A---- C:\windows\system32\wmpsrcwp.dll
2013-09-05 23:34:01 ----A---- C:\windows\system32\mblctr.exe
2013-09-05 23:34:00 ----A---- C:\windows\SYSWOW64\WMNetMgr.dll
2013-09-05 23:34:00 ----A---- C:\windows\SYSWOW64\wlanpref.dll
2013-09-05 23:34:00 ----A---- C:\windows\SYSWOW64\RpcRtRemote.dll
2013-09-05 23:34:00 ----A---- C:\windows\SYSWOW64\Robocopy.exe
2013-09-05 23:34:00 ----A---- C:\windows\system32\usercpl.dll
2013-09-05 23:34:00 ----A---- C:\windows\system32\rtutils.dll
2013-09-05 23:34:00 ----A---- C:\windows\system32\DiagCpl.dll
2013-09-05 23:33:59 ----A---- C:\windows\system32\wpccpl.dll
2013-09-05 23:33:59 ----A---- C:\windows\system32\sppsvc.exe
2013-09-05 23:33:59 ----A---- C:\windows\system32\provsvc.dll
2013-09-05 23:33:59 ----A---- C:\windows\system32\MCEWMDRMNDBootstrap.dll
2013-09-05 23:33:59 ----A---- C:\windows\system32\bootres.dll
2013-09-05 23:33:58 ----A---- C:\windows\SYSWOW64\taskmgr.exe
2013-09-05 23:33:58 ----A---- C:\windows\SYSWOW64\mtxclu.dll
2013-09-05 23:33:58 ----A---- C:\windows\SYSWOW64\DxpTaskSync.dll
2013-09-05 23:33:58 ----A---- C:\windows\SYSWOW64\Display.dll
2013-09-05 23:33:58 ----A---- C:\windows\system32\SndVolSSO.dll
2013-09-05 23:33:58 ----A---- C:\windows\system32\rasppp.dll
2013-09-05 23:33:58 ----A---- C:\windows\system32\drivers\rdyboost.sys
2013-09-05 23:33:58 ----A---- C:\windows\system32\dot3cfg.dll
2013-09-05 23:33:57 ----A---- C:\windows\system32\dxdiagn.dll
2013-09-05 23:33:56 ----A---- C:\windows\SYSWOW64\XpsRasterService.dll
2013-09-05 23:33:56 ----A---- C:\windows\SYSWOW64\userinit.exe
2013-09-05 23:33:56 ----A---- C:\windows\SYSWOW64\termmgr.dll
2013-09-05 23:33:56 ----A---- C:\windows\SYSWOW64\puiobj.dll
2013-09-05 23:33:56 ----A---- C:\windows\system32\taskmgr.exe
2013-09-05 23:33:56 ----A---- C:\windows\system32\prnfldr.dll
2013-09-05 23:33:56 ----A---- C:\windows\system32\hbaapi.dll
2013-09-05 23:33:55 ----A---- C:\windows\SYSWOW64\eudcedit.exe
2013-09-05 23:33:55 ----A---- C:\windows\system32\WPDShServiceObj.dll
2013-09-05 23:33:55 ----A---- C:\windows\system32\proquota.exe
2013-09-05 23:33:55 ----A---- C:\windows\system32\pdh.dll
2013-09-05 23:33:55 ----A---- C:\windows\system32\drivers\mountmgr.sys
2013-09-05 23:33:55 ----A---- C:\windows\system32\drivers\ataport.sys
2013-09-05 23:33:54 ----A---- C:\windows\SYSWOW64\wiadefui.dll
2013-09-05 23:33:54 ----A---- C:\windows\SYSWOW64\sppcomapi.dll
2013-09-05 23:33:54 ----A---- C:\windows\SYSWOW64\shsetup.dll
2013-09-05 23:33:54 ----A---- C:\windows\SYSWOW64\rasppp.dll
2013-09-05 23:33:54 ----A---- C:\windows\SYSWOW64\logoncli.dll
2013-09-05 23:33:54 ----A---- C:\windows\SYSWOW64\cabview.dll
2013-09-05 23:33:54 ----A---- C:\windows\system32\userinit.exe
2013-09-05 23:33:54 ----A---- C:\windows\system32\untfs.dll
2013-09-05 23:33:54 ----A---- C:\windows\system32\MSAC3ENC.DLL
2013-09-05 23:33:54 ----A---- C:\windows\system32\accessibilitycpl.dll
2013-09-05 23:33:53 ----A---- C:\windows\SYSWOW64\themecpl.dll
2013-09-05 23:33:53 ----A---- C:\windows\SYSWOW64\SensorsCpl.dll
2013-09-05 23:33:53 ----A---- C:\windows\SYSWOW64\FirewallControlPanel.dll
2013-09-05 23:33:52 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2013-09-05 23:33:52 ----A---- C:\windows\SYSWOW64\dnscmmc.dll
2013-09-05 23:33:52 ----A---- C:\windows\system32\zipfldr.dll
2013-09-05 23:33:52 ----A---- C:\windows\system32\slui.exe
2013-09-05 23:33:52 ----A---- C:\windows\system32\defaultlocationcpl.dll
2013-09-05 23:33:51 ----A---- C:\windows\SYSWOW64\hgcpl.dll
2013-09-05 23:33:51 ----A---- C:\windows\system32\msieftp.dll
2013-09-05 23:33:50 ----A---- C:\windows\SYSWOW64\tapisrv.dll
2013-09-05 23:33:50 ----A---- C:\windows\SYSWOW64\scecli.dll
2013-09-05 23:33:50 ----A---- C:\windows\SYSWOW64\mscories.dll
2013-09-05 23:33:50 ----A---- C:\windows\SYSWOW64\mscms.dll
2013-09-05 23:33:50 ----A---- C:\windows\SYSWOW64\mprddm.dll
2013-09-05 23:33:50 ----A---- C:\windows\SYSWOW64\localsec.dll
2013-09-05 23:33:50 ----A---- C:\windows\SYSWOW64\fontext.dll
2013-09-05 23:33:50 ----A---- C:\windows\system32\sud.dll
2013-09-05 23:33:50 ----A---- C:\windows\system32\dot3svc.dll
2013-09-05 23:33:50 ----A---- C:\windows\system32\DeviceCenter.dll
2013-09-05 23:33:49 ----A---- C:\windows\SYSWOW64\SndVolSSO.dll
2013-09-05 23:33:49 ----A---- C:\windows\SYSWOW64\iasacct.dll
2013-09-05 23:33:49 ----A---- C:\windows\system32\taskbarcpl.dll
2013-09-05 23:33:49 ----A---- C:\windows\system32\OnLineIDCpl.dll
2013-09-05 23:33:49 ----A---- C:\windows\system32\networkmap.dll
2013-09-05 23:33:49 ----A---- C:\windows\system32\cryptui.dll
2013-09-05 23:33:49 ----A---- C:\windows\system32\ActionCenter.dll
2013-09-05 23:33:48 ----A---- C:\windows\SYSWOW64\wlanui.dll
2013-09-05 23:33:48 ----A---- C:\windows\SYSWOW64\VAN.dll
2013-09-05 23:33:48 ----A---- C:\windows\SYSWOW64\usercpl.dll
2013-09-05 23:33:48 ----A---- C:\windows\SYSWOW64\SndVol.exe
2013-09-05 23:33:48 ----A---- C:\windows\SYSWOW64\prntvpt.dll
2013-09-05 23:33:48 ----A---- C:\windows\SYSWOW64\PerfCenterCPL.dll
2013-09-05 23:33:48 ----A---- C:\windows\SYSWOW64\netcenter.dll
2013-09-05 23:33:48 ----A---- C:\windows\SYSWOW64\batmeter.dll
2013-09-05 23:33:48 ----A---- C:\windows\system32\twext.dll
2013-09-05 23:33:47 ----A---- C:\windows\SYSWOW64\w32tm.exe
2013-09-05 23:33:47 ----A---- C:\windows\system32\uxlib.dll
2013-09-05 23:33:47 ----A---- C:\windows\system32\recovery.dll
2013-09-05 23:33:47 ----A---- C:\windows\system32\OobeFldr.dll
2013-09-05 23:33:47 ----A---- C:\windows\system32\isoburn.exe
2013-09-05 23:33:47 ----A---- C:\windows\system32\dsuiext.dll
2013-09-05 23:33:47 ----A---- C:\windows\system32\drivers\hwpolicy.sys
2013-09-05 23:33:47 ----A---- C:\windows\system32\cca.dll
2013-09-05 23:33:47 ----A---- C:\windows\system32\bcdedit.exe
2013-09-05 23:33:47 ----A---- C:\windows\system32\azroleui.dll
2013-09-05 23:33:47 ----A---- C:\windows\system32\asycfilt.dll
2013-09-05 23:33:46 ----A---- C:\windows\SYSWOW64\zipfldr.dll
2013-09-05 23:33:46 ----A---- C:\windows\SYSWOW64\spwizeng.dll
2013-09-05 23:33:46 ----A---- C:\windows\SYSWOW64\fdeploy.dll
2013-09-05 23:33:46 ----A---- C:\windows\SYSWOW64\azroleui.dll
2013-09-05 23:33:46 ----A---- C:\windows\SYSWOW64\accessibilitycpl.dll
2013-09-05 23:33:46 ----A---- C:\windows\system32\tzutil.exe
2013-09-05 23:33:46 ----A---- C:\windows\system32\syncui.dll
2013-09-05 23:33:46 ----A---- C:\windows\system32\sisbkup.dll
2013-09-05 23:33:46 ----A---- C:\windows\system32\sdcpl.dll
2013-09-05 23:33:46 ----A---- C:\windows\system32\MediaMetadataHandler.dll
2013-09-05 23:33:46 ----A---- C:\windows\system32\efscore.dll
2013-09-05 23:33:46 ----A---- C:\windows\system32\drivers\sdbus.sys
2013-09-05 23:33:45 ----A---- C:\windows\SYSWOW64\netjoin.dll
2013-09-05 23:33:45 ----A---- C:\windows\SYSWOW64\MSAC3ENC.DLL
2013-09-05 23:33:45 ----A---- C:\windows\SYSWOW64\cryptui.dll
2013-09-05 23:33:45 ----A---- C:\windows\system32\systemcpl.dll
2013-09-05 23:33:45 ----A---- C:\windows\system32\shwebsvc.dll
2013-09-05 23:33:45 ----A---- C:\windows\system32\recdisc.exe
2013-09-05 23:33:45 ----A---- C:\windows\system32\netplwiz.dll
2013-09-05 23:33:45 ----A---- C:\windows\system32\httpapi.dll
2013-09-05 23:33:45 ----A---- C:\windows\system32\drivers\mpio.sys
2013-09-05 23:33:45 ----A---- C:\windows\system32\autoplay.dll
2013-09-05 23:33:44 ----A---- C:\windows\SYSWOW64\networkmap.dll
2013-09-05 23:33:44 ----A---- C:\windows\SYSWOW64\Faultrep.dll
2013-09-05 23:33:44 ----A---- C:\windows\SYSWOW64\adsldp.dll
2013-09-05 23:33:44 ----A---- C:\windows\system32\wlanmsm.dll
2013-09-05 23:33:44 ----A---- C:\windows\system32\sysclass.dll
2013-09-05 23:33:44 ----A---- C:\windows\system32\sdrsvc.dll
2013-09-05 23:33:44 ----A---- C:\windows\system32\ncryptui.dll
2013-09-05 23:33:44 ----A---- C:\windows\system32\certcli.dll
2013-09-05 23:33:44 ----A---- C:\windows\system32\ActionCenterCPL.dll
2013-09-05 23:33:43 ----A---- C:\windows\SYSWOW64\wusa.exe
2013-09-05 23:33:43 ----A---- C:\windows\SYSWOW64\prnfldr.dll
2013-09-05 23:33:43 ----A---- C:\windows\SYSWOW64\OnLineIDCpl.dll
2013-09-05 23:33:43 ----A---- C:\windows\SYSWOW64\MCEWMDRMNDBootstrap.dll
2013-09-05 23:33:43 ----A---- C:\windows\system32\spwizeng.dll
2013-09-05 23:33:43 ----A---- C:\windows\system32\msvidc32.dll
2013-09-05 23:33:43 ----A---- C:\windows\system32\AuxiliaryDisplayServices.dll
2013-09-05 23:33:42 ----A---- C:\windows\SYSWOW64\sud.dll
2013-09-05 23:33:42 ----A---- C:\windows\SYSWOW64\photowiz.dll
2013-09-05 23:33:42 ----A---- C:\windows\SYSWOW64\msieftp.dll
2013-09-05 23:33:42 ----A---- C:\windows\SYSWOW64\MediaMetadataHandler.dll
2013-09-05 23:33:42 ----A---- C:\windows\SYSWOW64\credssp.dll
2013-09-05 23:33:42 ----A---- C:\windows\SYSWOW64\ActionCenter.dll
2013-09-05 23:33:42 ----A---- C:\windows\system32\vdsutil.dll
2013-09-05 23:33:42 ----A---- C:\windows\system32\termmgr.dll
2013-09-05 23:33:42 ----A---- C:\windows\system32\MFPlay.dll
2013-09-05 23:33:41 ----A---- C:\windows\SYSWOW64\iprtrmgr.dll
2013-09-05 23:33:41 ----A---- C:\windows\SYSWOW64\iasrad.dll
2013-09-05 23:33:41 ----A---- C:\windows\SYSWOW64\dot3cfg.dll
2013-09-05 23:33:41 ----A---- C:\windows\SYSWOW64\defaultlocationcpl.dll
2013-09-05 23:33:41 ----A---- C:\windows\system32\SmartcardCredentialProvider.dll
2013-09-05 23:33:41 ----A---- C:\windows\system32\sethc.exe
2013-09-05 23:33:41 ----A---- C:\windows\system32\ReAgent.dll
2013-09-05 23:33:41 ----A---- C:\windows\system32\ntlanman.dll
2013-09-05 23:33:41 ----A---- C:\windows\system32\msscp.dll
2013-09-05 23:33:40 ----A---- C:\windows\SYSWOW64\sisbkup.dll
2013-09-05 23:33:40 ----A---- C:\windows\SYSWOW64\shwebsvc.dll
2013-09-05 23:33:40 ----A---- C:\windows\SYSWOW64\ifsutil.dll
2013-09-05 23:33:40 ----A---- C:\windows\SYSWOW64\ftp.exe
2013-09-05 23:33:40 ----A---- C:\windows\system32\sqlcese30.dll
2013-09-05 23:33:40 ----A---- C:\windows\system32\drivers\ndproxy.sys
2013-09-05 23:33:39 ----A---- C:\windows\SYSWOW64\efscore.dll
2013-09-05 23:33:39 ----A---- C:\windows\SYSWOW64\ActionCenterCPL.dll
2013-09-05 23:33:39 ----A---- C:\windows\system32\UserAccountControlSettings.dll
2013-09-05 23:33:39 ----A---- C:\windows\system32\rdpd3d.dll
2013-09-05 23:33:39 ----A---- C:\windows\system32\iTVData.dll
2013-09-05 23:33:39 ----A---- C:\windows\system32\iprtrmgr.dll
2013-09-05 23:33:38 ----A---- C:\windows\SYSWOW64\syncui.dll
2013-09-05 23:33:38 ----A---- C:\windows\SYSWOW64\autoplay.dll
2013-09-05 23:33:38 ----A---- C:\windows\system32\wmdrmsdk.dll
2013-09-05 23:33:38 ----A---- C:\windows\system32\srvcli.dll
2013-09-05 23:33:38 ----A---- C:\windows\system32\slwga.dll
2013-09-05 23:33:38 ----A---- C:\windows\system32\iyuv_32.dll
2013-09-05 23:33:38 ----A---- C:\windows\system32\drmmgrtn.dll
2013-09-05 23:33:37 ----A---- C:\windows\SYSWOW64\wmpmde.dll
2013-09-05 23:33:37 ----A---- C:\windows\SYSWOW64\rtutils.dll
2013-09-05 23:33:37 ----A---- C:\windows\SYSWOW64\OobeFldr.dll
2013-09-05 23:33:37 ----A---- C:\windows\SYSWOW64\ntlanman.dll
2013-09-05 23:33:37 ----A---- C:\windows\SYSWOW64\dskquoui.dll
2013-09-05 23:33:37 ----A---- C:\windows\SYSWOW64\DeviceCenter.dll
2013-09-05 23:33:37 ----A---- C:\windows\system32\wavemsp.dll
2013-09-05 23:33:37 ----A---- C:\windows\system32\nslookup.exe
2013-09-05 23:33:37 ----A---- C:\windows\system32\msiexec.exe
2013-09-05 23:33:36 ----A---- C:\windows\SYSWOW64\systemcpl.dll
2013-09-05 23:33:36 ----A---- C:\windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-09-05 23:33:36 ----A---- C:\windows\SYSWOW64\sethc.exe
2013-09-05 23:33:36 ----A---- C:\windows\SYSWOW64\riched20.dll
2013-09-05 23:33:36 ----A---- C:\windows\SYSWOW64\ntprint.dll
2013-09-05 23:33:36 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2013-09-05 23:33:36 ----A---- C:\windows\system32\srrstr.dll
2013-09-05 23:33:36 ----A---- C:\windows\system32\ntprint.dll
2013-09-05 23:33:36 ----A---- C:\windows\system32\NAPHLPR.DLL
2013-09-05 23:33:36 ----A---- C:\windows\system32\DevicePairingFolder.dll
2013-09-05 23:33:36 ----A---- C:\windows\system32\bcdboot.exe
2013-09-05 23:33:36 ----A---- C:\windows\system32\acppage.dll
2013-09-05 23:33:35 ----A---- C:\windows\SYSWOW64\NAPHLPR.DLL
2013-09-05 23:33:35 ----A---- C:\windows\SYSWOW64\blackbox.dll
2013-09-05 23:33:35 ----A---- C:\windows\system32\sppnp.dll
2013-09-05 23:33:35 ----A---- C:\windows\system32\certprop.dll
2013-09-05 23:33:34 ----A---- C:\windows\SYSWOW64\wmpsrcwp.dll
2013-09-05 23:33:34 ----A---- C:\windows\SYSWOW64\netplwiz.dll
2013-09-05 23:33:34 ----A---- C:\windows\SYSWOW64\migisol.dll
2013-09-05 23:33:34 ----A---- C:\windows\SYSWOW64\fms.dll
2013-09-05 23:33:34 ----A---- C:\windows\SYSWOW64\activeds.dll
2013-09-05 23:33:34 ----A---- C:\windows\system32\TSpkg.dll
2013-09-05 23:33:34 ----A---- C:\windows\system32\networkexplorer.dll
2013-09-05 23:33:34 ----A---- C:\windows\system32\cabinet.dll
2013-09-05 23:33:33 ----A---- C:\windows\SYSWOW64\nshipsec.dll
2013-09-05 23:33:33 ----A---- C:\windows\SYSWOW64\isoburn.exe
2013-09-05 23:33:33 ----A---- C:\windows\SYSWOW64\httpapi.dll
2013-09-05 23:33:33 ----A---- C:\windows\SYSWOW64\asycfilt.dll
2013-09-05 23:33:33 ----A---- C:\windows\system32\wkscli.dll
2013-09-05 23:33:33 ----A---- C:\windows\system32\remotepg.dll
2013-09-05 23:33:33 ----A---- C:\windows\system32\dfrgui.exe
2013-09-05 23:33:32 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2013-09-05 23:33:32 ----A---- C:\windows\SYSWOW64\wlanmsm.dll
2013-09-05 23:33:32 ----A---- C:\windows\SYSWOW64\wavemsp.dll
2013-09-05 23:33:32 ----A---- C:\windows\SYSWOW64\ReAgent.dll
2013-09-05 23:33:32 ----A---- C:\windows\SYSWOW64\provsvc.dll
2013-09-05 23:33:32 ----A---- C:\windows\SYSWOW64\msftedit.dll
2013-09-05 23:33:32 ----A---- C:\windows\SYSWOW64\dot3ui.dll
2013-09-05 23:33:32 ----A---- C:\windows\system32\wsnmp32.dll
2013-09-05 23:33:32 ----A---- C:\windows\system32\wmpdxm.dll
2013-09-05 23:33:32 ----A---- C:\windows\system32\WinSCard.dll
2013-09-05 23:33:32 ----A---- C:\windows\system32\net1.exe
2013-09-05 23:33:32 ----A---- C:\windows\system32\ftp.exe
2013-09-05 23:33:31 ----A---- C:\windows\SYSWOW64\tzutil.exe
2013-09-05 23:33:31 ----A---- C:\windows\SYSWOW64\ocsetup.exe
2013-09-05 23:33:31 ----A---- C:\windows\SYSWOW64\dsuiext.dll
2013-09-05 23:33:31 ----A---- C:\windows\SYSWOW64\dfrgui.exe
2013-09-05 23:33:31 ----A---- C:\windows\system32\wvc.dll
2013-09-05 23:33:31 ----A---- C:\windows\system32\wsqmcons.exe
2013-09-05 23:33:31 ----A---- C:\windows\system32\wmdrmdev.dll
2013-09-05 23:33:31 ----A---- C:\windows\system32\WerFaultSecure.exe
2013-09-05 23:33:31 ----A---- C:\windows\system32\blackbox.dll
2013-09-05 23:33:30 ----A---- C:\windows\SYSWOW64\wvc.dll
2013-09-05 23:33:30 ----A---- C:\windows\SYSWOW64\wtsapi32.dll
2013-09-05 23:33:30 ----A---- C:\windows\SYSWOW64\wimgapi.dll
2013-09-05 23:33:30 ----A---- C:\windows\SYSWOW64\twext.dll
2013-09-05 23:33:30 ----A---- C:\windows\SYSWOW64\mstask.dll
2013-09-05 23:33:30 ----A---- C:\windows\system32\msyuv.dll
2013-09-05 23:33:30 ----A---- C:\windows\system32\mfps.dll
2013-09-05 23:33:29 ----A---- C:\windows\twain_32.dll
2013-09-05 23:33:29 ----A---- C:\windows\SYSWOW64\setupugc.exe
2013-09-05 23:33:29 ----A---- C:\windows\SYSWOW64\qcap.dll
2013-09-05 23:33:29 ----A---- C:\windows\system32\unimdmat.dll
2013-09-05 23:33:29 ----A---- C:\windows\system32\OpcServices.dll
2013-09-05 23:33:29 ----A---- C:\windows\system32\msrle32.dll
2013-09-05 23:33:29 ----A---- C:\windows\system32\mapistub.dll
2013-09-05 23:33:29 ----A---- C:\windows\system32\mapi32.dll
2013-09-05 23:33:28 ----A---- C:\windows\SYSWOW64\uxlib.dll
2013-09-05 23:33:28 ----A---- C:\windows\SYSWOW64\slwga.dll
2013-09-05 23:33:28 ----A---- C:\windows\SYSWOW64\qasf.dll
2013-09-05 23:33:28 ----A---- C:\windows\system32\tsbyuv.dll
2013-09-05 23:33:28 ----A---- C:\windows\system32\seclogon.dll
2013-09-05 23:33:28 ----A---- C:\windows\system32\iscsium.dll
2013-09-05 23:33:28 ----A---- C:\windows\system32\ifsutil.dll
2013-09-05 23:33:28 ----A---- C:\windows\system32\diskraid.exe
2013-09-05 23:33:27 ----A---- C:\windows\SYSWOW64\msvfw32.dll
2013-09-05 23:33:27 ----A---- C:\windows\SYSWOW64\mciavi32.dll
2013-09-05 23:33:27 ----A---- C:\windows\SYSWOW64\audiodev.dll
2013-09-05 23:33:27 ----A---- C:\windows\system32\drivers\umbus.sys
2013-09-05 23:33:26 ----A---- C:\windows\SYSWOW64\WPDShServiceObj.dll
2013-09-05 23:33:26 ----A---- C:\windows\SYSWOW64\wmdrmsdk.dll
2013-09-05 23:33:26 ----A---- C:\windows\SYSWOW64\nslookup.exe
2013-09-05 23:33:26 ----A---- C:\windows\SYSWOW64\DevicePairingFolder.dll
2013-09-05 23:33:26 ----A---- C:\windows\SYSWOW64\clusapi.dll
2013-09-05 23:33:26 ----A---- C:\windows\system32\wmpshell.dll
2013-09-05 23:33:26 ----A---- C:\windows\system32\WindowsAnytimeUpgradeResults.exe
2013-09-05 23:33:26 ----A---- C:\windows\system32\rdpencom.dll
2013-09-05 23:33:26 ----A---- C:\windows\system32\perfmon.exe
2013-09-05 23:33:26 ----A---- C:\windows\system32\muifontsetup.dll
2013-09-05 23:33:25 ----A---- C:\windows\SYSWOW64\wimserv.exe
2013-09-05 23:33:25 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2013-09-05 23:33:25 ----A---- C:\windows\SYSWOW64\rdpencom.dll
2013-09-05 23:33:25 ----A---- C:\windows\SYSWOW64\perfmon.exe
2013-09-05 23:33:25 ----A---- C:\windows\SYSWOW64\msscp.dll
2013-09-05 23:33:25 ----A---- C:\windows\SYSWOW64\diskraid.exe
2013-09-05 23:33:25 ----A---- C:\windows\SYSWOW64\acppage.dll
2013-09-05 23:33:25 ----A---- C:\windows\system32\umb.dll
2013-09-05 23:33:25 ----A---- C:\windows\system32\tlscsp.dll
2013-09-05 23:33:25 ----A---- C:\windows\system32\qasf.dll
2013-09-05 23:33:25 ----A---- C:\windows\system32\netutils.dll
2013-09-05 23:33:25 ----A---- C:\windows\system32\NAPCRYPT.DLL
2013-09-05 23:33:25 ----A---- C:\windows\system32\FXSAPI.dll
2013-09-05 23:33:25 ----A---- C:\windows\system32\dbghelp.dll
2013-09-05 23:33:25 ----A---- C:\windows\system32\AzSqlExt.dll
2013-09-05 23:33:25 ----A---- C:\windows\system32\ActionQueue.dll
2013-09-05 23:33:24 ----A---- C:\windows\SYSWOW64\remotepg.dll
2013-09-05 23:33:24 ----A---- C:\windows\SYSWOW64\raschap.dll
2013-09-05 23:33:24 ----A---- C:\windows\SYSWOW64\QUTIL.DLL
2013-09-05 23:33:24 ----A---- C:\windows\SYSWOW64\NAPCRYPT.DLL
2013-09-05 23:33:24 ----A---- C:\windows\SYSWOW64\input.dll
2013-09-05 23:33:24 ----A---- C:\windows\SYSWOW64\drmmgrtn.dll
2013-09-05 23:33:24 ----A---- C:\windows\system32\wiavideo.dll
2013-09-05 23:33:24 ----A---- C:\windows\system32\runonce.exe
2013-09-05 23:33:24 ----A---- C:\windows\system32\raschap.dll
2013-09-05 23:33:24 ----A---- C:\windows\bfsvc.exe
2013-09-05 23:33:23 ----A---- C:\windows\SYSWOW64\wmpdxm.dll
2013-09-05 23:33:23 ----A---- C:\windows\SYSWOW64\vpnikeapi.dll
2013-09-05 23:33:23 ----A---- C:\windows\SYSWOW64\UserAccountControlSettings.dll
2013-09-05 23:33:23 ----A---- C:\windows\SYSWOW64\olepro32.dll
2013-09-05 23:33:23 ----A---- C:\windows\SYSWOW64\ocsetapi.dll
2013-09-05 23:33:23 ----A---- C:\windows\SYSWOW64\networkexplorer.dll
2013-09-05 23:33:23 ----A---- C:\windows\system32\wpdwcn.dll
2013-09-05 23:33:23 ----A---- C:\windows\system32\WMVSDECD.DLL
2013-09-05 23:33:23 ----A---- C:\windows\system32\WMADMOD.DLL
2013-09-05 23:33:23 ----A---- C:\windows\system32\vdsbas.dll
2013-09-05 23:33:23 ----A---- C:\windows\system32\syssetup.dll
2013-09-05 23:33:23 ----A---- C:\windows\system32\PrintIsolationProxy.dll
2013-09-05 23:33:23 ----A---- C:\windows\system32\MdSched.exe
2013-09-05 23:33:22 ----A---- C:\windows\SYSWOW64\wpdwcn.dll
2013-09-05 23:33:22 ----A---- C:\windows\SYSWOW64\vdsbas.dll
2013-09-05 23:33:22 ----A---- C:\windows\SYSWOW64\runonce.exe
2013-09-05 23:33:22 ----A---- C:\windows\SYSWOW64\onexui.dll
2013-09-05 23:33:22 ----A---- C:\windows\SYSWOW64\iTVData.dll
2013-09-05 23:33:22 ----A---- C:\windows\SYSWOW64\dxdiagn.dll
2013-09-05 23:33:22 ----A---- C:\windows\system32\mstask.dll
2013-09-05 23:33:22 ----A---- C:\windows\system32\Mcx2Svc.dll
2013-09-05 23:33:21 ----A---- C:\windows\SYSWOW64\msvidc32.dll
2013-09-05 23:33:21 ----A---- C:\windows\SYSWOW64\MFPlay.dll
2013-09-05 23:33:21 ----A---- C:\windows\SYSWOW64\logagent.exe
2013-09-05 23:33:21 ----A---- C:\windows\SYSWOW64\eapp3hst.dll
2013-09-05 23:33:21 ----A---- C:\windows\system32\nltest.exe
2013-09-05 23:33:21 ----A---- C:\windows\system32\drivers\rmcast.sys
2013-09-05 23:33:21 ----A---- C:\windows\system32\bitsadmin.exe
2013-09-05 23:33:20 ----A---- C:\windows\SYSWOW64\wmdrmdev.dll
2013-09-05 23:33:20 ----A---- C:\windows\SYSWOW64\shacct.dll
2013-09-05 23:33:20 ----A---- C:\windows\SYSWOW64\msiexec.exe
2013-09-05 23:33:20 ----A---- C:\windows\system32\vss_ps.dll
2013-09-05 23:33:20 ----A---- C:\windows\system32\tabcal.exe
2013-09-05 23:33:20 ----A---- C:\windows\system32\shacct.dll
2013-09-05 23:33:20 ----A---- C:\windows\system32\QSVRMGMT.DLL
2013-09-05 23:33:20 ----A---- C:\windows\system32\cscapi.dll
2013-09-05 23:33:19 ----A---- C:\windows\SYSWOW64\wudriver.dll
2013-09-05 23:33:19 ----A---- C:\windows\SYSWOW64\wmpshell.dll
2013-09-05 23:33:19 ----A---- C:\windows\SYSWOW64\lsmproxy.dll
2013-09-05 23:33:19 ----A---- C:\windows\SYSWOW64\bitsadmin.exe
2013-09-05 23:33:19 ----A---- C:\windows\system32\WPDSp.dll
2013-09-05 23:33:19 ----A---- C:\windows\system32\wmdrmnet.dll
2013-09-05 23:33:19 ----A---- C:\windows\system32\secproc_ssp_isv.dll
2013-09-05 23:33:19 ----A---- C:\windows\system32\qcap.dll
2013-09-05 23:33:19 ----A---- C:\windows\system32\logman.exe
2013-09-05 23:33:18 ----A---- C:\windows\SYSWOW64\unimdmat.dll
2013-09-05 23:33:18 ----A---- C:\windows\SYSWOW64\sqlcese30.dll
2013-09-05 23:33:18 ----A---- C:\windows\SYSWOW64\rdpd3d.dll
2013-09-05 23:33:18 ----A---- C:\windows\SYSWOW64\mprapi.dll
2013-09-05 23:33:18 ----A---- C:\windows\SYSWOW64\iscsium.dll
2013-09-05 23:33:18 ----A---- C:\windows\system32\WMSPDMOD.DLL
2013-09-05 23:33:18 ----A---- C:\windows\system32\secproc_ssp.dll
2013-09-05 23:33:18 ----A---- C:\windows\system32\qdv.dll
2013-09-05 23:33:18 ----A---- C:\windows\system32\PortableDeviceSyncProvider.dll
2013-09-05 23:33:18 ----A---- C:\windows\system32\msnetobj.dll
2013-09-05 23:33:17 ----A---- C:\windows\SYSWOW64\WPDSp.dll
2013-09-05 23:33:17 ----A---- C:\windows\SYSWOW64\srvcli.dll
2013-09-05 23:33:17 ----A---- C:\windows\SYSWOW64\PortableDeviceSyncProvider.dll
2013-09-05 23:33:17 ----A---- C:\windows\SYSWOW64\pdh.dll
2013-09-05 23:33:17 ----A---- C:\windows\SYSWOW64\OpcServices.dll
2013-09-05 23:33:17 ----A---- C:\windows\SYSWOW64\olethk32.dll
2013-09-05 23:33:17 ----A---- C:\windows\SYSWOW64\ncryptui.dll
2013-09-05 23:33:17 ----A---- C:\windows\SYSWOW64\logman.exe
2013-09-05 23:33:17 ----A---- C:\windows\SYSWOW64\cscapi.dll
2013-09-05 23:33:17 ----A---- C:\windows\system32\spbcd.dll
2013-09-05 23:33:17 ----A---- C:\windows\system32\PortableDeviceStatus.dll
2013-09-05 23:33:17 ----A---- C:\windows\system32\fphc.dll
2013-09-05 23:33:17 ----A---- C:\windows\system32\drivers\ndisuio.sys
2013-09-05 23:33:16 ----A---- C:\windows\SYSWOW64\QSVRMGMT.DLL
2013-09-05 23:33:16 ----A---- C:\windows\SYSWOW64\PortableDeviceStatus.dll
2013-09-05 23:33:16 ----A---- C:\windows\SYSWOW64\mapi32.dll
2013-09-05 23:33:16 ----A---- C:\windows\system32\takeown.exe
2013-09-05 23:33:16 ----A---- C:\windows\system32\PnPUnattend.exe
2013-09-05 23:33:16 ----A---- C:\windows\system32\dot3ui.dll
2013-09-05 23:33:15 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2013-09-05 23:33:15 ----A---- C:\windows\SYSWOW64\WMADMOD.DLL
2013-09-05 23:33:15 ----A---- C:\windows\SYSWOW64\wiavideo.dll
2013-09-05 23:33:15 ----A---- C:\windows\SYSWOW64\utildll.dll
2013-09-05 23:33:15 ----A---- C:\windows\SYSWOW64\mapistub.dll
2013-09-05 23:33:15 ----A---- C:\windows\SYSWOW64\fphc.dll
2013-09-05 23:33:15 ----A---- C:\windows\SYSWOW64\dot3msm.dll
2013-09-05 23:33:15 ----A---- C:\windows\SYSWOW64\avifil32.dll
2013-09-05 23:33:15 ----A---- C:\windows\system32\WMPhoto.dll
2013-09-05 23:33:15 ----A---- C:\windows\system32\amstream.dll
2013-09-05 23:33:14 ----A---- C:\windows\SYSWOW64\WMVSDECD.DLL
2013-09-05 23:33:14 ----A---- C:\windows\SYSWOW64\wmdrmnet.dll
2013-09-05 23:33:14 ----A---- C:\windows\SYSWOW64\takeown.exe
2013-09-05 23:33:14 ----A---- C:\windows\SYSWOW64\iyuv_32.dll
2013-09-05 23:33:14 ----A---- C:\windows\system32\vfwwdm32.dll
2013-09-05 23:33:14 ----A---- C:\windows\system32\shimgvw.dll
2013-09-05 23:33:14 ----A---- C:\windows\system32\HotStartUserAgent.dll
2013-09-05 23:33:14 ----A---- C:\windows\system32\EhStorAPI.dll
2013-09-05 23:33:13 ----A---- C:\windows\SYSWOW64\sppinst.dll
2013-09-05 23:33:13 ----A---- C:\windows\SYSWOW64\qdv.dll
2013-09-05 23:33:13 ----A---- C:\windows\SYSWOW64\QCLIPROV.DLL
2013-09-05 23:33:13 ----A---- C:\windows\SYSWOW64\msyuv.dll
2013-09-05 23:33:13 ----A---- C:\windows\SYSWOW64\msnetobj.dll
2013-09-05 23:33:13 ----A---- C:\windows\SYSWOW64\EhStorAPI.dll
2013-09-05 23:33:13 ----A---- C:\windows\system32\WavDest.dll
2013-09-05 23:33:13 ----A---- C:\windows\system32\QCLIPROV.DLL
2013-09-05 23:33:13 ----A---- C:\windows\system32\nrpsrv.dll
2013-09-05 23:33:13 ----A---- C:\windows\system32\iasrecst.dll
2013-09-05 23:33:13 ----A---- C:\windows\system32\djoin.exe
2013-09-05 23:33:13 ----A---- C:\windows\system32\cmstp.exe
2013-09-05 23:33:13 ----A---- C:\windows\system32\CertPolEng.dll
2013-09-05 23:33:12 ----A---- C:\windows\SYSWOW64\vfwwdm32.dll
2013-09-05 23:33:12 ----A---- C:\windows\SYSWOW64\pdhui.dll
2013-09-05 23:33:12 ----A---- C:\windows\SYSWOW64\MuiUnattend.exe
2013-09-05 23:33:12 ----A---- C:\windows\SYSWOW64\msrle32.dll
2013-09-05 23:33:12 ----A---- C:\windows\SYSWOW64\cmstp.exe
2013-09-05 23:33:12 ----A---- C:\windows\SYSWOW64\cca.dll
2013-09-05 23:33:12 ----A---- C:\windows\system32\MultiDigiMon.exe
2013-09-05 23:33:12 ----A---- C:\windows\system32\KMSVC.DLL
2013-09-05 23:33:12 ----A---- C:\windows\system32\fdProxy.dll
2013-09-05 23:33:12 ----A---- C:\windows\system32\drivers\pacer.sys
2013-09-05 23:33:11 ----A---- C:\windows\SYSWOW64\wsnmp32.dll
2013-09-05 23:33:11 ----A---- C:\windows\SYSWOW64\WMSPDMOD.DLL
2013-09-05 23:33:11 ----A---- C:\windows\SYSWOW64\tsbyuv.dll
2013-09-05 23:33:11 ----A---- C:\windows\SYSWOW64\setupcln.dll
2013-09-05 23:33:11 ----A---- C:\windows\SYSWOW64\msorcl32.dll
2013-09-05 23:33:11 ----A---- C:\windows\SYSWOW64\iasrecst.dll
2013-09-05 23:33:11 ----A---- C:\windows\SYSWOW64\AzSqlExt.dll
2013-09-05 23:33:11 ----A---- C:\windows\system32\sscore.dll
2013-09-05 23:33:11 ----A---- C:\windows\system32\relog.exe
2013-09-05 23:33:11 ----A---- C:\windows\system32\mydocs.dll
2013-09-05 23:33:11 ----A---- C:\windows\system32\iscsicli.exe
2013-09-05 23:33:11 ----A---- C:\windows\system32\diskpart.exe
2013-09-05 23:33:10 ----A---- C:\windows\SYSWOW64\wkscli.dll
2013-09-05 23:33:10 ----A---- C:\windows\SYSWOW64\spbcd.dll
2013-09-05 23:33:10 ----A---- C:\windows\SYSWOW64\relog.exe
2013-09-05 23:33:10 ----A---- C:\windows\SYSWOW64\netiougc.exe
2013-09-05 23:33:10 ----A---- C:\windows\SYSWOW64\iscsicli.exe
2013-09-05 23:33:10 ----A---- C:\windows\system32\mobsync.exe
2013-09-05 23:33:10 ----A---- C:\windows\system32\itircl.dll
2013-09-05 23:33:10 ----A---- C:\windows\system32\BWUnpairElevated.dll
2013-09-05 23:33:09 ----A---- C:\windows\SYSWOW64\secproc_ssp_isv.dll
2013-09-05 23:33:09 ----A---- C:\windows\SYSWOW64\secproc_ssp.dll
2013-09-05 23:33:09 ----A---- C:\windows\SYSWOW64\resutils.dll
2013-09-05 23:33:09 ----A---- C:\windows\SYSWOW64\rastapi.dll
2013-09-05 23:33:09 ----A---- C:\windows\SYSWOW64\netbtugc.exe
2013-09-05 23:33:09 ----A---- C:\windows\SYSWOW64\mydocs.dll
2013-09-05 23:33:09 ----A---- C:\windows\SYSWOW64\itircl.dll
2013-09-05 23:33:09 ----A---- C:\windows\SYSWOW64\diskpart.exe
2013-09-05 23:33:09 ----A---- C:\windows\SYSWOW64\amstream.dll
2013-09-05 23:33:09 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe
2013-09-05 23:33:09 ----A---- C:\windows\system32\RMActivate_ssp.exe
2013-09-05 23:33:09 ----A---- C:\windows\system32\msdmo.dll
2013-09-05 23:33:09 ----A---- C:\windows\system32\dot3msm.dll
2013-09-05 23:33:08 ----A---- C:\windows\SYSWOW64\wmpps.dll
2013-09-05 23:33:08 ----A---- C:\windows\SYSWOW64\syssetup.dll
2013-09-05 23:33:08 ----A---- C:\windows\SYSWOW64\CertPolEng.dll
2013-09-05 23:33:08 ----A---- C:\windows\system32\FXSTIFF.dll
2013-09-05 23:33:07 ----A---- C:\windows\SYSWOW64\wuapp.exe
2013-09-05 23:33:07 ----A---- C:\windows\SYSWOW64\WerFaultSecure.exe
2013-09-05 23:33:07 ----A---- C:\windows\SYSWOW64\tlscsp.dll
2013-09-05 23:33:07 ----A---- C:\windows\SYSWOW64\RMActivate_ssp_isv.exe
2013-09-05 23:33:07 ----A---- C:\windows\SYSWOW64\RMActivate_ssp.exe
2013-09-05 23:33:07 ----A---- C:\windows\SYSWOW64\ReAgentc.exe
2013-09-05 23:33:07 ----A---- C:\windows\SYSWOW64\findstr.exe
2013-09-05 23:33:07 ----A---- C:\windows\SYSWOW64\eappgnui.dll
2013-09-05 23:33:07 ----A---- C:\windows\system32\sppc.dll
2013-09-05 23:33:07 ----A---- C:\windows\system32\mciqtz32.dll
2013-09-05 23:33:07 ----A---- C:\windows\system32\luainstall.dll
2013-09-05 23:33:07 ----A---- C:\windows\system32\choice.exe
2013-09-05 23:33:07 ----A---- C:\windows\system32\findstr.exe
2013-09-05 23:33:07 ----A---- C:\windows\system32\eappgnui.dll
2013-09-05 23:33:07 ----A---- C:\windows\system32\drivers\tunnel.sys
2013-09-05 23:33:06 ----A---- C:\windows\SYSWOW64\netutils.dll
2013-09-05 23:33:06 ----A---- C:\windows\SYSWOW64\mobsync.exe
2013-09-05 23:33:06 ----A---- C:\windows\SYSWOW64\mciqtz32.dll
2013-09-05 23:33:06 ----A---- C:\windows\system32\schedcli.dll
2013-09-05 23:33:06 ----A---- C:\windows\system32\onexui.dll
2013-09-05 23:33:06 ----A---- C:\windows\system32\drivers\dfsc.sys
2013-09-05 23:33:05 ----A---- C:\windows\SYSWOW64\sppc.dll
2013-09-05 23:33:05 ----A---- C:\windows\SYSWOW64\spopk.dll
2013-09-05 23:33:05 ----A---- C:\windows\SYSWOW64\shimgvw.dll
2013-09-05 23:33:05 ----A---- C:\windows\SYSWOW64\muifontsetup.dll
2013-09-05 23:33:05 ----A---- C:\windows\SYSWOW64\iccvid.dll
2013-09-05 23:33:05 ----A---- C:\windows\SYSWOW64\cabinet.dll
2013-09-05 23:33:05 ----A---- C:\windows\system32\wdiasqmmodule.dll
2013-09-05 23:33:05 ----A---- C:\windows\system32\spopk.dll
2013-09-05 23:33:05 ----A---- C:\windows\system32\repair-bde.exe
2013-09-05 23:33:05 ----A---- C:\windows\system32\manage-bde.exe
2013-09-05 23:33:05 ----A---- C:\windows\system32\inetmib1.dll
2013-09-05 23:33:04 ----A---- C:\windows\SYSWOW64\unlodctr.exe
2013-09-05 23:33:04 ----A---- C:\windows\SYSWOW64\msdmo.dll
2013-09-05 23:33:04 ----A---- C:\windows\SYSWOW64\luainstall.dll
2013-09-05 23:33:04 ----A---- C:\windows\system32\RDPENCDD.dll
2013-09-05 23:33:04 ----A---- C:\windows\system32\odbcconf.dll
2013-09-05 23:33:03 ----A---- C:\windows\SYSWOW64\rdprefdrvapi.dll
2013-09-05 23:33:03 ----A---- C:\windows\SYSWOW64\inetmib1.dll
2013-09-05 23:33:03 ----A---- C:\windows\system32\fixmapi.exe
2013-09-05 23:33:02 ----A---- C:\windows\SYSWOW64\UIRibbonRes.dll
2013-09-05 23:33:02 ----A---- C:\windows\SYSWOW64\odbcconf.dll
2013-09-05 23:33:02 ----A---- C:\windows\system32\UIRibbonRes.dll
2013-09-05 23:33:02 ----A---- C:\windows\system32\FXSMON.dll
2013-09-05 23:33:02 ----A---- C:\windows\system32\elsTrans.dll
2013-09-05 23:33:01 ----A---- C:\windows\SYSWOW64\wups.dll
2013-09-05 23:33:01 ----A---- C:\windows\SYSWOW64\perfts.dll
2013-09-05 23:33:01 ----A---- C:\windows\system32\wshbth.dll
2013-09-05 23:33:01 ----A---- C:\windows\system32\TRAPI.dll
2013-09-05 23:33:01 ----A---- C:\windows\system32\drivers\tdi.sys
2013-09-05 23:33:00 ----A---- C:\windows\SYSWOW64\imm32.dll
2013-09-05 23:33:00 ----A---- C:\windows\system32\napdsnap.dll
2013-09-05 23:33:00 ----A---- C:\windows\system32\LogonUI.exe
2013-09-05 23:33:00 ----A---- C:\windows\system32\dsauth.dll
2013-09-05 23:32:59 ----A---- C:\windows\SYSWOW64\TRAPI.dll
2013-09-05 23:32:59 ----A---- C:\windows\SYSWOW64\elsTrans.dll
2013-09-05 23:32:59 ----A---- C:\windows\system32\rdprefdrvapi.dll
2013-09-05 23:32:59 ----A---- C:\windows\system32\FXSUNATD.exe
2013-09-05 23:32:59 ----A---- C:\windows\system32\cscdll.dll
2013-09-05 23:32:58 ----A---- C:\windows\SYSWOW64\wshbth.dll
2013-09-05 23:32:58 ----A---- C:\windows\SYSWOW64\schedcli.dll
2013-09-05 23:32:58 ----A---- C:\windows\SYSWOW64\bitsperf.dll
2013-09-05 23:32:58 ----A---- C:\windows\system32\drivers\usbrpm.sys
2013-09-05 23:32:58 ----A---- C:\windows\system32\bitsperf.dll
2013-09-05 23:32:57 ----A---- C:\windows\SYSWOW64\napdsnap.dll
2013-09-05 23:32:57 ----A---- C:\windows\SYSWOW64\dsauth.dll
2013-09-05 23:32:57 ----A---- C:\windows\SYSWOW64\cscdll.dll
2013-09-05 23:32:57 ----A---- C:\windows\system32\drivers\acpipmi.sys
2013-09-05 23:32:56 ----A---- C:\windows\SYSWOW64\sscore.dll
2013-09-05 23:32:56 ----A---- C:\windows\system32\wsdchngr.dll
2013-09-05 23:32:56 ----A---- C:\windows\system32\shgina.dll
2013-09-05 23:32:55 ----A---- C:\windows\SYSWOW64\wsdchngr.dll
2013-09-05 23:32:55 ----A---- C:\windows\SYSWOW64\shgina.dll
2013-09-05 23:32:55 ----A---- C:\windows\SYSWOW64\riched32.dll
2013-09-05 23:32:54 ----A---- C:\windows\system32\drivers\USBCAMD2.sys
2013-09-05 23:32:54 ----A---- C:\windows\system32\drivers\CompositeBus.sys
2013-09-05 23:32:53 ----A---- C:\windows\system32\wshirda.dll
2013-09-05 23:32:53 ----A---- C:\windows\system32\drivers\hidusb.sys
2013-09-05 23:32:53 ----A---- C:\windows\system32\drivers\appid.sys
2013-09-05 23:32:52 ----A---- C:\windows\SYSWOW64\wshirda.dll
2013-09-05 23:32:52 ----A---- C:\windows\system32\riched32.dll
2013-09-05 23:32:52 ----A---- C:\windows\system32\rdpcfgex.dll
2013-09-05 23:32:52 ----A---- C:\windows\system32\drivers\kbdhid.sys
2013-09-05 23:32:51 ----A---- C:\windows\system32\spwmp.dll
2013-09-05 23:32:51 ----A---- C:\windows\system32\drivers\IPMIDrv.sys
2013-09-05 23:32:51 ----A---- C:\windows\system32\browseui.dll
2013-09-05 23:32:50 ----A---- C:\windows\SYSWOW64\spwmp.dll
2013-09-05 23:32:50 ----A---- C:\windows\SYSWOW64\browseui.dll
2013-09-05 23:32:50 ----A---- C:\windows\system32\C_ISCII.DLL
2013-09-05 23:32:49 ----A---- C:\windows\SYSWOW64\C_ISCII.DLL
2013-09-05 23:32:49 ----A---- C:\windows\system32\dxmasf.dll
2013-09-05 23:32:49 ----A---- C:\windows\system32\drivers\sffp_sd.sys
2013-09-05 23:32:49 ----A---- C:\windows\system32\drivers\scfilter.sys
2013-09-05 23:32:49 ----A---- C:\windows\system32\drivers\HdAudio.sys
2013-09-05 23:32:49 ----A---- C:\windows\system32\drivers\hdaudbus.sys
2013-09-05 23:32:49 ----A---- C:\windows\system32\drivers\cdrom.sys
2013-09-05 23:32:48 ----AH---- C:\windows\system32\api-ms-win-core-ums-l1-1-0.dll
2013-09-05 23:32:48 ----A---- C:\windows\SYSWOW64\shunimpl.dll
2013-09-05 23:32:48 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2013-09-05 23:32:48 ----A---- C:\windows\system32\shunimpl.dll
2013-09-05 23:32:47 ----A---- C:\windows\SYSWOW64\KBDTUQ.DLL
2013-09-05 23:32:47 ----A---- C:\windows\SYSWOW64\KBDTUF.DLL
2013-09-05 23:32:47 ----A---- C:\windows\SYSWOW64\KBDSG.DLL
2013-09-05 23:32:47 ----A---- C:\windows\SYSWOW64\kbdlk41a.dll
2013-09-05 23:32:47 ----A---- C:\windows\SYSWOW64\KBDGR1.DLL
2013-09-05 23:32:47 ----A---- C:\windows\system32\KBDTUQ.DLL
2013-09-05 23:32:47 ----A---- C:\windows\system32\KBDTUF.DLL
2013-09-05 23:32:47 ----A---- C:\windows\system32\KBDSF.DLL
2013-09-05 23:32:47 ----A---- C:\windows\system32\KBDPO.DLL
2013-09-05 23:32:46 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2013-09-05 23:32:46 ----A---- C:\windows\SYSWOW64\KBDGKL.DLL
2013-09-05 23:32:46 ----A---- C:\windows\system32\KBDSG.DLL
2013-09-05 23:32:46 ----A---- C:\windows\system32\KBDNEPR.DLL
2013-09-05 23:32:46 ----A---- C:\windows\system32\kbdlk41a.dll
2013-09-05 23:32:46 ----A---- C:\windows\system32\KBDGR1.DLL
2013-09-05 23:32:46 ----A---- C:\windows\system32\KBDGKL.DLL
2013-09-05 23:32:45 ----A---- C:\windows\SYSWOW64\KBDUS.DLL
2013-09-05 23:32:45 ----A---- C:\windows\SYSWOW64\KBDTURME.DLL
2013-09-05 23:32:45 ----A---- C:\windows\SYSWOW64\KBDTAJIK.DLL
2013-09-05 23:32:45 ----A---- C:\windows\SYSWOW64\KBDMON.DLL
2013-09-05 23:32:45 ----A---- C:\windows\SYSWOW64\KBDGEO.DLL
2013-09-05 23:32:45 ----A---- C:\windows\SYSWOW64\KBDCZ1.DLL
2013-09-05 23:32:45 ----A---- C:\windows\SYSWOW64\KBDBLR.DLL
2013-09-05 23:32:45 ----A---- C:\windows\system32\wmploc.DLL
2013-09-05 23:32:45 ----A---- C:\windows\system32\KBDGEO.DLL
2013-09-05 23:32:45 ----A---- C:\windows\system32\KBDCZ1.DLL
2013-09-05 23:32:44 ----A---- C:\windows\SYSWOW64\KBDUGHR1.DLL
2013-09-05 23:32:44 ----A---- C:\windows\SYSWOW64\KBDMAORI.DLL
2013-09-05 23:32:44 ----A---- C:\windows\SYSWOW64\KBDLT1.DLL
2013-09-05 23:32:44 ----A---- C:\windows\system32\KBDUS.DLL
2013-09-05 23:32:44 ----A---- C:\windows\system32\KBDUGHR1.DLL
2013-09-05 23:32:44 ----A---- C:\windows\system32\KBDTAJIK.DLL
2013-09-05 23:32:44 ----A---- C:\windows\system32\KBDMON.DLL
2013-09-05 23:32:44 ----A---- C:\windows\system32\KBDLT1.DLL
2013-09-05 23:32:43 ----A---- C:\windows\SYSWOW64\nlsbres.dll
2013-09-05 23:32:43 ----A---- C:\windows\SYSWOW64\KBDSF.DLL
2013-09-05 23:32:43 ----A---- C:\windows\SYSWOW64\KBDPO.DLL
2013-09-05 23:32:43 ----A---- C:\windows\SYSWOW64\KBDNEPR.DLL
2013-09-05 23:32:43 ----A---- C:\windows\SYSWOW64\KBDBULG.DLL
2013-09-05 23:32:43 ----A---- C:\windows\SYSWOW64\KBDBASH.DLL
2013-09-05 23:32:43 ----A---- C:\windows\system32\nlsbres.dll
2013-09-05 23:32:43 ----A---- C:\windows\system32\KBDTURME.DLL
2013-09-05 23:32:43 ----A---- C:\windows\system32\KBDMAORI.DLL
2013-09-05 23:32:43 ----A---- C:\windows\system32\KBDBULG.DLL
2013-09-05 23:32:43 ----A---- C:\windows\system32\KBDBLR.DLL
2013-09-05 23:32:43 ----A---- C:\windows\system32\KBDBASH.DLL
2013-09-05 23:32:42 ----A---- C:\windows\SYSWOW64\spwizres.dll
2013-09-05 23:32:42 ----A---- C:\windows\SYSWOW64\pifmgr.dll
2013-09-05 23:32:42 ----A---- C:\windows\system32\spwizres.dll
2013-09-05 23:32:42 ----A---- C:\windows\system32\pifmgr.dll
2013-09-05 23:32:42 ----A---- C:\windows\system32\BlbEvents.dll
2013-09-05 23:32:08 ----A---- C:\windows\SYSWOW64\wdscore.dll
2013-09-05 23:32:08 ----A---- C:\windows\SYSWOW64\sqmapi.dll
2013-09-05 23:32:08 ----A---- C:\windows\SYSWOW64\PkgMgr.exe
2013-09-05 23:32:05 ----A---- C:\windows\SYSWOW64\drvstore.dll
2013-09-05 23:32:05 ----A---- C:\windows\SYSWOW64\dpx.dll
2013-09-05 23:32:04 ----A---- C:\windows\SYSWOW64\wbemcomn.dll
2013-09-05 23:30:56 ----A---- C:\windows\system32\wmicmiplugin.dll
2013-09-05 23:30:56 ----A---- C:\windows\system32\wbemcomn.dll
2013-09-05 23:30:53 ----A---- C:\windows\system32\sqmapi.dll
2013-09-05 23:30:53 ----A---- C:\windows\system32\SmiEngine.dll
2013-09-05 23:30:51 ----A---- C:\windows\system32\PkgMgr.exe
2013-09-05 23:30:39 ----A---- C:\windows\system32\drvstore.dll
2013-09-05 23:30:39 ----A---- C:\windows\system32\dpx.dll
2013-09-05 23:09:14 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2013-09-05 23:09:14 ----A---- C:\windows\system32\smss.exe
2013-09-05 23:09:14 ----A---- C:\windows\system32\csrsrv.dll
2013-09-05 23:08:33 ----A---- C:\windows\system32\drivers\ntfs.sys
2013-09-05 23:08:17 ----A---- C:\windows\system32\drivers\fvevol.sys
2013-09-05 21:48:09 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-09-05 20:18:49 ----D---- C:\Users\Ondra\AppData\Roaming\Malwarebytes
2013-09-05 20:18:40 ----D---- C:\ProgramData\Malwarebytes
2013-09-05 19:25:25 ----D---- C:\Program Files\CCleaner
2013-09-05 19:22:31 ----A---- C:\windows\system32\drivers\athrx.sys
2013-08-14 10:32:19 ----D---- C:\Users\Ondra\AppData\Roaming\Atheros

======List of files/folders modified in the last 1 months======

2013-09-08 17:28:12 ----D---- C:\windows\Microsoft.NET
2013-09-08 17:27:52 ----D---- C:\windows\system32\config
2013-09-08 17:27:47 ----D---- C:\windows\winsxs
2013-09-08 17:19:56 ----D---- C:\Users\Ondra\AppData\Roaming\Autodesk
2013-09-08 17:19:25 ----SHD---- C:\windows\Installer
2013-09-08 17:15:26 ----D---- C:\ProgramData
2013-09-08 17:12:53 ----RSD---- C:\windows\assembly
2013-09-08 17:10:56 ----D---- C:\Program Files\Common Files\Autodesk Shared
2013-09-08 17:09:49 ----D---- C:\windows\SysWOW64
2013-09-08 17:09:22 ----D---- C:\ProgramData\Autodesk
2013-09-08 17:08:55 ----RSD---- C:\windows\Fonts
2013-09-08 17:08:29 ----D---- C:\Program Files\Common Files
2013-09-08 17:06:28 ----A---- C:\windows\SYSWOW64\log.txt
2013-09-08 17:04:32 ----D---- C:\ProgramData\PDFC
2013-09-08 17:00:12 ----D---- C:\Program Files\Autodesk
2013-09-08 17:00:12 ----D---- C:\Program Files (x86)
2013-09-08 17:00:11 ----D---- C:\windows\System32
2013-09-08 16:38:03 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-09-08 16:38:03 ----D---- C:\Program Files (x86)\Activision
2013-09-08 16:32:24 ----D---- C:\Program Files (x86)\Autodesk
2013-09-08 16:01:40 ----D---- C:\windows\system32\drivers
2013-09-08 16:01:38 ----D---- C:\Windows
2013-09-08 15:56:56 ----D---- C:\windows\Prefetch
2013-09-08 15:56:01 ----A---- C:\windows\system.ini
2013-09-08 15:55:49 ----D---- C:\windows\system32\drivers\etc
2013-09-08 15:50:58 ----D---- C:\windows\Tasks
2013-09-08 15:47:46 ----D---- C:\windows\SYSWOW64\drivers
2013-09-08 15:47:46 ----D---- C:\windows\AppPatch
2013-09-08 15:47:44 ----D---- C:\Program Files (x86)\Common Files
2013-09-07 23:48:20 ----D---- C:\windows\Downloaded Program Files
2013-09-06 15:09:02 ----D---- C:\windows\rescache
2013-09-06 14:06:01 ----RD---- C:\Program Files
2013-09-06 12:33:57 ----D---- C:\windows\inf
2013-09-06 11:29:15 ----D---- C:\windows\debug
2013-09-06 11:14:17 ----D---- C:\windows\system32\Tasks
2013-09-06 11:13:51 ----D---- C:\windows\system32\DriverStore
2013-09-06 11:13:51 ----D---- C:\windows\system32\catroot
2013-09-06 11:13:45 ----SHD---- C:\System Volume Information
2013-09-06 10:56:49 ----D---- C:\windows\SYSWOW64\wbem
2013-09-06 10:56:49 ----D---- C:\windows\SYSWOW64\en-US
2013-09-06 10:56:49 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-09-06 10:56:49 ----D---- C:\windows\system32\wbem
2013-09-06 10:56:49 ----D---- C:\windows\system32\en-US
2013-09-06 10:56:49 ----D---- C:\windows\system32\drivers\en-US
2013-09-06 10:56:49 ----D---- C:\windows\system32\cs-CZ
2013-09-06 10:56:49 ----D---- C:\windows\PolicyDefinitions
2013-09-06 10:50:37 ----D---- C:\windows\system32\catroot2
2013-09-06 10:34:44 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2013-09-06 10:34:35 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-09-06 09:32:09 ----D---- C:\windows\SYSWOW64\migration
2013-09-06 09:32:09 ----D---- C:\windows\system32\migration
2013-09-06 09:32:09 ----D---- C:\Program Files\Windows Defender
2013-09-06 09:32:09 ----D---- C:\Program Files (x86)\Windows Defender
2013-09-06 09:32:08 ----D---- C:\Program Files\Windows Journal
2013-09-06 09:32:08 ----D---- C:\Program Files (x86)\Internet Explorer
2013-09-06 09:32:07 ----D---- C:\Program Files\Internet Explorer
2013-09-06 07:05:55 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-09-06 07:05:55 ----D---- C:\Program Files (x86)\Windows Portable Devices
2013-09-06 07:05:55 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2013-09-06 07:05:55 ----D---- C:\Program Files (x86)\Windows Media Player
2013-09-06 07:05:55 ----D---- C:\Program Files (x86)\Windows Mail
2013-09-06 07:05:54 ----D---- C:\Program Files\Windows Sidebar
2013-09-06 07:05:54 ----D---- C:\Program Files\Windows Portable Devices
2013-09-06 07:05:54 ----D---- C:\Program Files\Windows Photo Viewer
2013-09-06 07:05:54 ----D---- C:\Program Files\Windows Media Player
2013-09-06 07:05:54 ----D---- C:\Program Files\Windows Mail
2013-09-06 07:05:54 ----D---- C:\Program Files\DVD Maker
2013-09-06 07:05:54 ----D---- C:\Program Files\Common Files\System
2013-09-06 07:05:52 ----D---- C:\windows\servicing
2013-09-06 07:05:51 ----D---- C:\windows\ehome
2013-09-06 07:05:50 ----D---- C:\windows\SYSWOW64\oobe
2013-09-06 07:05:50 ----D---- C:\windows\SYSWOW64\da-DK
2013-09-06 07:05:49 ----D---- C:\windows\SYSWOW64\sppui
2013-09-06 07:05:49 ----D---- C:\windows\SYSWOW64\Setup
2013-09-06 07:05:49 ----D---- C:\windows\SYSWOW64\migwiz
2013-09-06 07:05:49 ----D---- C:\windows\SYSWOW64\manifeststore
2013-09-06 07:05:49 ----D---- C:\windows\SYSWOW64\es-ES
2013-09-06 07:05:49 ----D---- C:\windows\SYSWOW64\Dism
2013-09-06 07:05:49 ----D---- C:\windows\SYSWOW64\cs
2013-09-06 07:05:49 ----D---- C:\windows\SYSWOW64\AdvancedInstallers
2013-09-06 07:05:41 ----D---- C:\windows\system32\Setup
2013-09-06 07:05:41 ----D---- C:\windows\system32\oobe
2013-09-06 07:05:41 ----D---- C:\windows\system32\da-DK
2013-09-06 07:05:41 ----D---- C:\windows\system32\cs
2013-09-06 07:05:41 ----D---- C:\windows\system32\AdvancedInstallers
2013-09-06 07:05:40 ----D---- C:\windows\system32\sppui
2013-09-06 07:05:40 ----D---- C:\windows\system32\migwiz
2013-09-06 07:05:40 ----D---- C:\windows\system32\manifeststore
2013-09-06 07:05:40 ----D---- C:\windows\system32\es-ES
2013-09-06 07:05:40 ----D---- C:\windows\system32\drivers\cs-CZ
2013-09-06 07:05:40 ----D---- C:\windows\system32\Dism
2013-09-06 07:05:24 ----D---- C:\windows\system32\Boot
2013-09-06 07:02:35 ----A---- C:\windows\SYSWOW64\msclmd.dll
2013-09-06 07:02:35 ----A---- C:\windows\system32\msclmd.dll
2013-09-06 06:55:13 ----D---- C:\Program Files\Microsoft Silverlight
2013-09-06 06:55:12 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-09-05 23:50:56 ----D---- C:\ProgramData\Microsoft Help
2013-09-05 23:50:22 ----D---- C:\Program Files (x86)\Microsoft Office
2013-09-05 19:28:38 ----D---- C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
2013-09-05 19:28:23 ----D---- C:\windows\Panther
2013-09-05 19:28:23 ----D---- C:\windows\Logs
2013-09-05 19:21:54 ----D---- C:\ProgramData\Hewlett-Packard
2013-09-05 19:21:54 ----D---- C:\Program Files\Hewlett-Packard
2013-09-05 19:14:47 ----D---- C:\Program Files (x86)\Hewlett-Packard
2013-09-05 19:14:34 ----D---- C:\windows\SYSWOW64\pt-BR
2013-09-05 19:14:34 ----D---- C:\windows\system32\pt-BR
2013-09-05 19:14:23 ----D---- C:\ProgramData\DigitalPersona
2013-09-05 19:12:44 ----D---- C:\Program Files (x86)\Intel
2013-09-05 18:29:05 ----D---- C:\swsetup
2013-09-05 18:18:53 ----D---- C:\Users\Ondra\AppData\Roaming\hpqLog
2013-09-05 18:16:44 ----AD---- C:\ProgramData\TEMP
2013-09-05 18:11:36 ----D---- C:\ProgramData\Atheros
2013-09-05 18:04:03 ----AD---- C:\SYSTEM.SAV
2013-09-05 17:54:22 ----D---- C:\windows\system32\zh-TW
2013-09-05 17:54:22 ----D---- C:\windows\system32\zh-CN
2013-09-05 17:54:22 ----D---- C:\windows\system32\tr-TR
2013-09-05 17:54:22 ----D---- C:\windows\system32\sv-SE
2013-09-05 17:54:22 ----D---- C:\windows\system32\ru-RU
2013-09-05 17:54:22 ----D---- C:\windows\system32\pt-PT
2013-09-05 17:54:22 ----D---- C:\windows\system32\pl-PL
2013-09-05 17:54:22 ----D---- C:\windows\system32\nl-NL
2013-09-05 17:54:22 ----D---- C:\windows\system32\ko-KR
2013-09-05 17:54:22 ----D---- C:\windows\system32\ja-JP
2013-09-05 17:54:22 ----D---- C:\windows\system32\it-IT
2013-09-05 17:54:22 ----D---- C:\windows\system32\hu-HU
2013-09-05 17:54:22 ----D---- C:\windows\system32\fr-FR
2013-09-05 17:54:22 ----D---- C:\windows\system32\fi-FI
2013-09-05 17:54:22 ----D---- C:\windows\system32\el-GR
2013-09-05 17:54:22 ----D---- C:\windows\system32\de-DE
2013-09-05 17:39:10 ----SD---- C:\ProgramData\Microsoft
2013-09-04 21:15:07 ----D---- C:\windows\system32\NDF
2013-09-01 10:28:57 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2013-07-01 189936]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2013-07-01 1030952]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2013-07-01 378944]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\windows\System32\DRIVERS\cmderd.sys [2013-06-18 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\system32\DRIVERS\cmdguard.sys [2013-07-08 708632]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\windows\System32\DRIVERS\cmdhlp.sys [2013-06-18 48360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-29 279616]
R1 inspect;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2013-06-18 96800]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-03-28 9319424]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-03-28 303616]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2012-08-19 88728]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2013-05-23 3948544]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2012-08-19 344216]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2012-08-19 114840]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2012-08-19 33944]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2012-08-19 178840]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2012-08-19 77464]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2012-08-19 135832]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2012-08-19 567808]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-12-03 25912]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-01-27 12273408]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2011-01-31 174168]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2013-08-04 708200]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2011-02-12 2612728]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\windows\system32\DRIVERS\stwrt64.sys [2013-08-04 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-08-04 468720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 ALSysIO;ALSysIO; \??\C:\Users\Ondra\AppData\Local\Temp\ALSysIO64.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\windows\system32\DRIVERS\ewusbnet.sys [2009-07-23 132608]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-07-23 116992]
S3 hwusbfake;Huawei DataCard USB Fake; C:\windows\system32\DRIVERS\ewusbfake.sys [2009-07-23 113792]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-08-04 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-03-28 203264]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-19 211584]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-07-08 6199520]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-29 281656]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2011-12-29 66872]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-08-04 323072]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2013-06-28 123392]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-10 116648]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-06-18 158936]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-10 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2013-04-05 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Márty84]

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[vitkova_vitek]

Dovolal jsem se majiteli ntb a jelikož mi řekl, že autocad nepoužívá, chtěl jsem ho odinstalovat.
Autodesk invertor 2012 nejde odinstalovat. Není v seznamu v "Programech a funkcích" a nevidí ho ani Revo unistaler.
Jinak různé doplňky pro Autodesk Invertor a zasažené hry jsou odinstalované.
Doufám, že jsem tím nezpůsobil nějaký problém při čištění ntb.

Znovu děkuji za vedení.

[Márty84]

OK, uvidime, jestli pujde videt v logu

[vitkova_vitek]

Skončilo to chybou - Nejde vytvořit soubor cmd.bat

[Márty84]

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

[vitkova_vitek]

Tak posílám.

OTL logfile created on: 8.9.2013 19:21:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ondra\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,94 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 40,77% Memory free
7,87 Gb Paging File | 5,23 Gb Available in Paging File | 66,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 573,92 Gb Total Space | 486,22 Gb Free Space | 84,72% Space Free | Partition Type: NTFS
Drive E: | 16,95 Gb Total Space | 2,56 Gb Free Space | 15,11% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 4,97 Gb Free Space | 99,78% Space Free | Partition Type: FAT32

Computer Name: ONDRA-HP | User Name: Ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.09.08 18:06:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
PRC - [2013.09.02 22:35:59 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.19 21:13:26 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.12.29 22:56:53 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.02.01 10:23:10 | 001,127,448 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011.01.29 00:27:06 | 000,281,656 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2011.01.26 19:00:32 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.01.26 19:00:00 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.01.18 22:42:48 | 000,070,256 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
PRC - [2011.01.18 22:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2011.01.17 21:42:04 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.01.17 21:42:02 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.26 13:31:18 | 000,267,128 | ---- | M] () -- C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
PRC - [2010.11.17 19:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.11.11 09:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
PRC - [2009.09.18 17:48:28 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe


========== Modules (No Company Name) ==========

MOD - [2013.09.06 10:42:41 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e06dbdafb38c38517aef61ac41e2fd9d\System.Runtime.Remoting.ni.dll
MOD - [2013.09.06 09:43:19 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6c1d55eed243331c944206f8608fb850\IAStorUtil.ni.dll
MOD - [2013.09.06 09:43:19 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\571f0babf15ab38dc80829622caa99d3\IAStorCommon.ni.dll
MOD - [2013.09.06 09:40:46 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013.09.06 09:40:41 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013.09.06 09:40:31 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1f6f220f9efe936d1158c79b9d4b451f\WindowsBase.ni.dll
MOD - [2013.09.06 09:40:27 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013.09.06 09:40:24 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013.09.06 09:40:24 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013.09.06 09:40:19 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013.09.02 22:35:56 | 000,410,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppgooglenaclpluginchrome.dll
MOD - [2013.09.02 22:35:54 | 004,053,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
MOD - [2013.09.02 22:35:04 | 000,709,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
MOD - [2013.09.02 22:35:03 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll
MOD - [2013.09.02 22:35:01 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
MOD - [2013.04.03 13:00:27 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011.05.10 22:11:18 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.26 13:31:18 | 000,267,128 | ---- | M] () -- C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013.08.04 11:48:57 | 000,323,072 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2013.08.04 11:48:53 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2013.07.08 22:59:40 | 006,199,520 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2013.06.28 09:28:26 | 000,123,392 | ---- | M] (Dassault Systèmes) [Auto | Stopped] -- C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe -- (DraftSight API Service)
SRV:64bit: - [2013.06.18 16:15:30 | 000,158,936 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.05.13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011.03.28 08:44:46 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.01.27 03:11:48 | 000,131,128 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2011.01.22 05:36:02 | 003,154,224 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV - [2012.08.19 21:55:32 | 000,211,584 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012.08.19 21:13:26 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2011.12.29 22:56:53 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.03.07 22:48:10 | 000,062,184 | ---- | M] (Xobni Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Xobni\XobniService.exe -- (XobniService)
SRV - [2011.02.01 10:23:10 | 001,127,448 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011.01.29 00:27:06 | 000,281,656 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2011.01.26 19:00:00 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.01.22 05:24:50 | 002,708,784 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2011.01.18 22:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2011.01.17 21:42:04 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.01.17 21:42:02 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.11.11 09:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe -- (uArcCapture)
SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.18 17:48:28 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.08.04 19:19:49 | 000,468,720 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013.08.04 11:54:15 | 000,708,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013.08.04 11:49:00 | 000,543,744 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2013.07.01 15:39:44 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.07.01 15:39:44 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.07.01 15:39:44 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.06.18 16:16:08 | 000,023,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2013.05.23 10:00:00 | 003,948,544 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2013.05.09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.05.09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.05.09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.05.09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.05.09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.19 21:36:50 | 000,567,808 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012.08.19 21:36:46 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012.08.19 21:36:46 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012.08.19 21:36:44 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012.08.19 21:36:44 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012.08.19 21:36:44 | 000,088,728 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012.08.19 21:36:44 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012.08.19 21:36:42 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.29 16:10:37 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.05.13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.05.13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.03.28 09:14:48 | 009,319,424 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.03.28 08:09:12 | 000,303,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.12 06:11:18 | 002,612,728 | ---- | M] (Sunplus Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SPUVCBv_x64.sys -- (SPUVCbv)
DRV:64bit: - [2011.01.31 12:04:42 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011.01.27 07:57:12 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.12.10 23:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.12.10 23:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.12.03 02:02:58 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.11 09:46:00 | 000,032,192 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:64bit: - [2010.10.20 03:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 22:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009.07.23 11:57:20 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2009.07.23 11:57:20 | 000,116,992 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.07.23 11:57:20 | 000,113,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-347046577-4045773993-532970502-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-347046577-4045773993-532970502-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-347046577-4045773993-532970502-1001\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKU\S-1-5-21-347046577-4045773993-532970502-1001\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
IE - HKU\S-1-5-21-347046577-4045773993-532970502-1001\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms} ... earch_6826
IE - HKU\S-1-5-21-347046577-4045773993-532970502-1001\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-347046577-4045773993-532970502-1001\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-347046577-4045773993-532970502-1001\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://search.seznam.cz/?q={searchTerms ... earch_6826
IE - HKU\S-1-5-21-347046577-4045773993-532970502-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)


[2011.12.29 16:12:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions
[2011.12.29 16:12:14 | 000,000,000 | ---D | M] (Yandex.Bar) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\yasearch@yandex.ru

========== Chrome ==========

CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/search?setmkt=cs-CZ&q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query={ ... ={language}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Disk Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.09.08 15:55:49 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-347046577-4045773993-532970502-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BtTray] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros)
O4:64bit: - HKLM..\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros Commnucations)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HP HD Webcam [Fixed]_Monitor] C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-347046577-4045773993-532970502-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-347046577-4045773993-532970502-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.93.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6FCDA23-60A4-49B9-A643-CE665357E549}: DhcpNameServer = 10.93.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.11.30 22:54:16 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[vitkova_vitek]

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.09.08 18:06:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
[2013.09.08 17:15:26 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013.09.08 16:53:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.09.08 16:29:44 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2013.09.08 16:29:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2013.09.08 16:01:38 | 000,000,000 | ---D | C] -- C:\windows\temp
[2013.09.08 15:55:53 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013.09.07 23:37:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013.09.07 23:37:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013.09.07 23:37:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013.09.07 23:36:56 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.09.07 23:36:20 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013.09.07 23:33:47 | 005,120,615 | R--- | C] (Swearware) -- C:\Users\Ondra\Desktop\ComboFix.exe
[2013.09.07 22:12:09 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.07 15:01:06 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Ondra\Desktop\mbam-setup-1.75.0.1300.exe
[2013.09.07 12:01:24 | 000,000,000 | ---D | C] -- C:\Users\Ondra\Desktop\RK_Quarantine
[2013.09.06 14:06:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.09.06 14:06:01 | 000,000,000 | ---D | C] -- C:\rsit
[2013.09.06 13:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation
[2013.09.06 13:05:32 | 000,000,000 | ---D | C] -- C:\Program Files\Blender Foundation
[2013.09.06 13:00:55 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Local\CrashRpt
[2013.09.06 13:00:48 | 000,000,000 | ---D | C] -- C:\Users\Ondra\Documents\My Drawings
[2013.09.06 12:57:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dassault Systemes
[2013.09.06 12:57:06 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Roaming\DraftSight
[2013.09.06 12:56:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Dassault Systemes
[2013.09.06 12:56:51 | 000,000,000 | ---D | C] -- C:\Program Files\Dassault Systemes
[2013.09.06 11:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2013.09.06 11:13:28 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space
[2013.09.06 11:13:19 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2013.09.06 11:13:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2013.09.06 11:13:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2013.09.06 10:50:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013.09.06 10:50:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013.09.06 10:50:12 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RdpGroupPolicyExtension.dll
[2013.09.06 10:50:05 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rdpvideominiport.sys
[2013.09.06 10:50:04 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\TsUsbFlt.sys
[2013.09.06 10:49:58 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2013.09.06 10:49:58 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2013.09.06 10:49:58 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpendp_winip.dll
[2013.09.06 10:49:58 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsRdpWebAccess.dll
[2013.09.06 10:49:58 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MsRdpWebAccess.dll
[2013.09.06 10:49:58 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2013.09.06 10:49:58 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbGDCoInstaller.dll
[2013.09.06 10:49:58 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2013.09.06 10:49:58 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprtPS.dll
[2013.09.06 10:49:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wksprtPS.dll
[2013.09.06 10:49:57 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2013.09.06 10:49:57 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprt.exe
[2013.09.06 10:49:57 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll
[2013.09.06 10:49:57 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpendp_winip.dll
[2013.09.06 10:49:57 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWbPrxy.exe
[2013.09.06 10:49:56 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2013.09.06 10:49:56 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2013.09.06 10:49:55 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2013.09.06 10:49:55 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2013.09.06 10:49:29 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2013.09.06 10:49:27 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2013.09.06 10:49:27 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2013.09.06 10:30:30 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2013.09.06 10:30:29 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013.09.06 10:30:29 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2013.09.06 10:30:29 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2013.09.06 10:30:28 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013.09.06 10:30:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013.09.06 10:30:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013.09.06 10:30:25 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013.09.06 10:30:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013.09.06 10:30:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013.09.06 09:11:15 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013.09.06 09:11:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013.09.06 09:11:11 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013.09.06 09:11:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013.09.06 09:11:10 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013.09.06 09:11:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013.09.06 09:11:09 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013.09.06 09:11:09 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013.09.06 09:11:06 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013.09.06 09:11:05 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013.09.06 09:11:04 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013.09.06 09:11:04 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013.09.06 09:11:00 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013.09.06 09:11:00 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013.09.06 09:10:59 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013.09.06 09:09:39 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcorehc.dll
[2013.09.06 09:09:39 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
[2013.09.06 09:09:39 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2013.09.06 09:09:38 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcorehc.dll
[2013.09.06 09:09:38 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netevent.dll
[2013.09.06 09:09:38 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netevent.dll
[2013.09.06 09:06:24 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2013.09.06 09:06:23 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2013.09.06 09:06:18 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2013.09.06 09:06:17 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2013.09.06 09:06:16 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2013.09.06 09:06:16 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2013.09.06 09:05:39 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2013.09.06 09:05:39 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2013.09.06 09:05:39 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
[2013.09.06 09:05:24 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OxpsConverter.exe
[2013.09.06 09:05:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\RNDISMP.sys
[2013.09.06 09:05:15 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2013.09.06 09:05:15 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2013.09.06 09:05:14 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2013.09.06 09:05:14 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2013.09.06 09:05:10 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore6.dll
[2013.09.06 09:05:10 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcore6.dll
[2013.09.06 09:05:10 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcsvc6.dll
[2013.09.06 09:05:01 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2013.09.06 09:05:01 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2013.09.06 09:05:01 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2013.09.06 09:05:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanprotdim.dll
[2013.09.06 09:04:22 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certutil.exe
[2013.09.06 09:04:21 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certutil.exe
[2013.09.06 09:04:20 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certenc.dll
[2013.09.06 09:04:20 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certenc.dll
[2013.09.06 09:03:59 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptdlg.dll
[2013.09.06 09:03:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptdlg.dll
[2013.09.06 09:03:53 | 001,545,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013.09.05 23:48:56 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2013.09.05 23:44:00 | 000,000,000 | ---D | C] -- C:\windows\SysNative\SPReview
[2013.09.05 23:43:33 | 000,000,000 | ---D | C] -- C:\windows\SysNative\EventProviders
[2013.09.05 23:35:35 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2013.09.05 23:35:35 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netfxperf.dll
[2013.09.05 23:35:30 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2013.09.05 23:35:26 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2013.09.05 23:35:20 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40.dll
[2013.09.05 23:35:20 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40u.dll
[2013.09.05 23:35:16 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2013.09.05 23:35:15 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmcndmgr.dll
[2013.09.05 23:35:14 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2013.09.05 23:35:14 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_isv.dll
[2013.09.05 23:35:14 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_isv.exe
[2013.09.05 23:35:13 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xpsservices.dll
[2013.09.05 23:35:13 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc.dll
[2013.09.05 23:35:13 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_isv.dll
[2013.09.05 23:35:13 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate.exe
[2013.09.05 23:35:12 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc.dll
[2013.09.05 23:35:12 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_isv.exe
[2013.09.05 23:35:11 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2013.09.05 23:35:11 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate.exe
[2013.09.05 23:35:10 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizui.dll
[2013.09.05 23:35:09 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RacEngn.dll
[2013.09.05 23:35:09 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diagperf.dll
[2013.09.05 23:35:09 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll
[2013.09.05 23:35:08 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2013.09.05 23:35:08 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ExplorerFrame.dll
[2013.09.05 23:35:07 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vssapi.dll
[2013.09.05 23:35:07 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertEnroll.dll
[2013.09.05 23:35:07 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NaturalLanguage6.dll
[2013.09.05 23:35:06 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbon.dll
[2013.09.05 23:35:06 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcupdate_GenuineIntel.dll
[2013.09.05 23:35:05 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2013.09.05 23:35:04 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVCORE.DLL
[2013.09.05 23:35:04 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHost.exe
[2013.09.05 23:35:04 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHostProxy.dll
[2013.09.05 23:35:03 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spinstall.exe
[2013.09.05 23:35:03 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHost.exe
[2013.09.05 23:35:03 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spreview.exe
[2013.09.05 23:35:03 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpdd.dll
[2013.09.05 23:35:03 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHostProxy.dll
[2013.09.05 23:35:02 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSAT.exe
[2013.09.05 23:35:02 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertEnroll.dll
[2013.09.05 23:35:01 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d9.dll
[2013.09.05 23:35:00 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuthFWSnapin.dll
[2013.09.05 23:35:00 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuthFWSnapin.dll
[2013.09.05 23:35:00 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RacEngn.dll
[2013.09.05 23:35:00 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFolder.dll
[2013.09.05 23:34:59 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll
[2013.09.05 23:34:58 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbgeng.dll
[2013.09.05 23:34:57 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ExplorerFrame.dll
[2013.09.05 23:34:56 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll
[2013.09.05 23:34:56 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWorkspace.dll
[2013.09.05 23:34:54 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2fs.dll
[2013.09.05 23:34:54 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2013.09.05 23:34:54 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netlogon.dll
[2013.09.05 23:34:53 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\propsys.dll
[2013.09.05 23:34:52 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupapi.dll
[2013.09.05 23:34:52 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll
[2013.09.05 23:34:51 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\werconcpl.dll
[2013.09.05 23:34:51 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbc32.dll
[2013.09.05 23:34:51 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe
[2013.09.05 23:34:50 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certmgr.dll
[2013.09.05 23:34:50 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\user32.dll
[2013.09.05 23:34:49 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll
[2013.09.05 23:34:49 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll
[2013.09.05 23:34:49 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scavengeui.dll
[2013.09.05 23:34:48 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll
[2013.09.05 23:34:48 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceApi.dll
[2013.09.05 23:34:48 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdrm.dll
[2013.09.05 23:34:48 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shlwapi.dll
[2013.09.05 23:34:48 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsmf.dll
[2013.09.05 23:34:47 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netshell.dll
[2013.09.05 23:34:47 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdtctm.dll
[2013.09.05 23:34:47 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbc32.dll
[2013.09.05 23:34:47 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedynos.dll
[2013.09.05 23:34:46 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2013.09.05 23:34:46 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comdlg32.dll
[2013.09.05 23:34:46 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcfgx.dll
[2013.09.05 23:34:46 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2013.09.05 23:34:46 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.exe
[2013.09.05 23:34:46 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ws2_32.dll
[2013.09.05 23:34:46 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpmonui.dll
[2013.09.05 23:34:45 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdshext.dll
[2013.09.05 23:34:45 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Query.dll
[2013.09.05 23:34:45 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroles.dll
[2013.09.05 23:34:45 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TSWorkspace.dll
[2013.09.05 23:34:45 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpps.dll
[2013.09.05 23:34:45 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apphelp.dll
[2013.09.05 23:34:45 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsmf.dll
[2013.09.05 23:34:45 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3api.dll
[2013.09.05 23:34:44 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Vault.dll
[2013.09.05 23:34:44 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll
[2013.09.05 23:34:44 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmd.exe
[2013.09.05 23:34:44 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QAGENT.DLL
[2013.09.05 23:34:43 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbgeng.dll
[2013.09.05 23:34:43 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpksetup.exe
[2013.09.05 23:34:43 | 000,281,600 | ---- | C] (Microsoft) -- C:\windows\SysNative\DShowRdpFilter.dll
[2013.09.05 23:34:42 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2013.09.05 23:34:42 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcfgx.dll
[2013.09.05 23:34:41 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2013.09.05 23:34:41 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sxs.dll
[2013.09.05 23:34:41 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll
[2013.09.05 23:34:41 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfds.dll
[2013.09.05 23:34:41 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wldap32.dll
[2013.09.05 23:34:41 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcbuilder.exe
[2013.09.05 23:34:40 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmcndmgr.dll
[2013.09.05 23:34:40 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pnidui.dll
[2013.09.05 23:34:40 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ipsmsnap.dll
[2013.09.05 23:34:40 | 000,252,928 | ---- | C] (Microsoft) -- C:\windows\SysWow64\DShowRdpFilter.dll
[2013.09.05 23:34:40 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgprint.dll
[2013.09.05 23:34:40 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\upnp.dll
[2013.09.05 23:34:39 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webservices.dll
[2013.09.05 23:34:39 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2fs.dll
[2013.09.05 23:34:39 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netfxperf.dll
[2013.09.05 23:34:38 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlsrv32.dll
[2013.09.05 23:34:38 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fveapi.dll
[2013.09.05 23:34:38 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2013.09.05 23:34:38 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3api.dll
[2013.09.05 23:34:37 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcmde.dll
[2013.09.05 23:34:37 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2013.09.05 23:34:37 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mcbuilder.exe
[2013.09.05 23:34:37 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prncache.dll
[2013.09.05 23:34:36 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certmgr.dll
[2013.09.05 23:34:36 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanpref.dll
[2013.09.05 23:34:36 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMNetMgr.dll
[2013.09.05 23:34:36 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe
[2013.09.05 23:34:36 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnike.dll
[2013.09.05 23:34:35 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xpsservices.dll
[2013.09.05 23:34:35 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\evr.dll
[2013.09.05 23:34:35 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\photowiz.dll
[2013.09.05 23:34:35 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\userenv.dll
[2013.09.05 23:34:34 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SyncCenter.dll
[2013.09.05 23:34:34 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppobjs.dll
[2013.09.05 23:34:34 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll
[2013.09.05 23:34:34 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2013.09.05 23:34:34 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmd.exe
[2013.09.05 23:34:34 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2013.09.05 23:34:34 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedyn.dll
[2013.09.05 23:34:33 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPEncEn.dll
[2013.09.05 23:34:33 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpeffects.dll
[2013.09.05 23:34:33 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2013.09.05 23:34:33 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll
[2013.09.05 23:34:32 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localsec.dll
[2013.09.05 23:34:32 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2.dll
[2013.09.05 23:34:32 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSATAPI.dll
[2013.09.05 23:34:32 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfds.dll
[2013.09.05 23:34:32 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\stobject.dll
[2013.09.05 23:34:32 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\framedynos.dll
[2013.09.05 23:34:32 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fde.dll
[2013.09.05 23:34:31 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netdiagfx.dll
[2013.09.05 23:34:31 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcryptprimitives.dll
[2013.09.05 23:34:31 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credui.dll
[2013.09.05 23:34:31 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetpp.dll
[2013.09.05 23:34:31 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netid.dll
[2013.09.05 23:34:30 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\azroles.dll
[2013.09.05 23:34:30 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\biocpl.dll
[2013.09.05 23:34:30 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tcpipcfg.dll
[2013.09.05 23:34:30 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spp.dll
[2013.09.05 23:34:30 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QSHVHOST.DLL
[2013.09.05 23:34:30 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2013.09.05 23:34:29 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\themeui.dll
[2013.09.05 23:34:29 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\printui.dll
[2013.09.05 23:34:29 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mspbda.dll
[2013.09.05 23:34:29 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msinfo32.exe
[2013.09.05 23:34:29 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scansetting.dll
[2013.09.05 23:34:28 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdri.dll
[2013.09.05 23:34:28 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PhotoScreensaver.scr
[2013.09.05 23:34:28 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wusa.exe
[2013.09.05 23:34:28 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IPHLPAPI.DLL
[2013.09.05 23:34:28 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aitagent.exe
[2013.09.05 23:34:27 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpchttp.dll
[2013.09.05 23:34:27 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\basecsp.dll
[2013.09.05 23:34:26 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FirewallControlPanel.dll
[2013.09.05 23:34:26 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbghelp.dll
[2013.09.05 23:34:26 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscms.dll
[2013.09.05 23:34:26 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winspool.drv
[2013.09.05 23:34:26 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wisptis.exe
[2013.09.05 23:34:26 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsRasterService.dll
[2013.09.05 23:34:26 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll
[2013.09.05 23:34:25 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\evr.dll
[2013.09.05 23:34:25 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppwinob.dll
[2013.09.05 23:34:25 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskcomp.dll
[2013.09.05 23:34:25 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ocsetup.exe
[2013.09.05 23:34:24 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\calc.exe
[2013.09.05 23:34:24 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DXP.dll
[2013.09.05 23:34:24 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WinSATAPI.dll
[2013.09.05 23:34:24 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ocsetapi.dll
[2013.09.05 23:34:23 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmsys.cpl
[2013.09.05 23:34:23 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll
[2013.09.05 23:34:23 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqlsrv32.dll
[2013.09.05 23:34:23 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapp3hst.dll
[2013.09.05 23:34:23 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapphost.dll
[2013.09.05 23:34:23 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\upnp.dll
[2013.09.05 23:34:23 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mprapi.dll
[2013.09.05 23:34:23 | 000,128,000 | ---- | C] (Microsoft) -- C:\windows\SysNative\Robocopy.exe
[2013.09.05 23:34:22 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIRibbon.dll
[2013.09.05 23:34:22 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netshell.dll
[2013.09.05 23:34:22 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hal.dll
[2013.09.05 23:34:22 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\t2embed.dll
[2013.09.05 23:34:22 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\thumbcache.dll
[2013.09.05 23:34:22 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\windows\SysNative\drivers\HpSAMD.sys
[2013.09.05 23:34:21 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DxpTaskSync.dll
[2013.09.05 23:34:21 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSMPEG2ENC.DLL
[2013.09.05 23:34:21 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PerfCenterCPL.dll
[2013.09.05 23:34:21 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scecli.dll
[2013.09.05 23:34:21 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmredir.dll
[2013.09.05 23:34:20 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themeui.dll
[2013.09.05 23:34:20 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DXPTaskRingtone.dll
[2013.09.05 23:34:20 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\puiobj.dll
[2013.09.05 23:34:20 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\onex.dll
[2013.09.05 23:34:20 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys
[2013.09.05 23:34:20 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prncache.dll
[2013.09.05 23:34:20 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msasn1.dll
[2013.09.05 23:34:19 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\printui.dll
[2013.09.05 23:34:19 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpeffects.dll
[2013.09.05 23:34:19 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\net1.exe
[2013.09.05 23:34:19 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rpchttp.dll
[2013.09.05 23:34:18 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wdc.dll
[2013.09.05 23:34:18 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scansetting.dll
[2013.09.05 23:34:17 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdengin2.dll
[2013.09.05 23:34:17 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msftedit.dll
[2013.09.05 23:34:17 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VAN.dll
[2013.09.05 23:34:17 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StructuredQuery.dll
[2013.09.05 23:34:17 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlangpui.dll
[2013.09.05 23:34:17 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scesrv.dll
[2013.09.05 23:34:16 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcenter.dll
[2013.09.05 23:34:16 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiadefui.dll
[2013.09.05 23:34:16 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlangpui.dll
[2013.09.05 23:34:16 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVol.exe
[2013.09.05 23:34:16 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dskquoui.dll
[2013.09.05 23:34:16 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samcli.dll
[2013.09.05 23:34:16 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wscapi.dll
[2013.09.05 23:34:15 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srchadmin.dll
[2013.09.05 23:34:15 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QSHVHOST.DLL
[2013.09.05 23:34:15 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QUTIL.DLL
[2013.09.05 23:34:15 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\regapi.dll
[2013.09.05 23:34:14 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pnidui.dll
[2013.09.05 23:34:14 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webservices.dll
[2013.09.05 23:34:14 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fde.dll
[2013.09.05 23:34:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\t2embed.dll
[2013.09.05 23:34:14 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupcl.exe
[2013.09.05 23:34:13 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SyncCenter.dll
[2013.09.05 23:34:13 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appwiz.cpl
[2013.09.05 23:34:13 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TabletPC.cpl
[2013.09.05 23:34:13 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2013.09.05 23:34:13 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rastls.dll
[2013.09.05 23:34:13 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netdiagfx.dll
[2013.09.05 23:34:13 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wscapi.dll
[2013.09.05 23:34:12 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgcpl.dll
[2013.09.05 23:34:12 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msconfig.exe
[2013.09.05 23:34:12 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netiohlp.dll
[2013.09.05 23:34:12 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mimefilt.dll
[2013.09.05 23:34:11 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\clusapi.dll
[2013.09.05 23:34:11 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\basecsp.dll
[2013.09.05 23:34:11 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsmproxy.dll
[2013.09.05 23:34:10 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSMPEG2ENC.DLL
[2013.09.05 23:34:10 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuxiliaryDisplayCpl.dll
[2013.09.05 23:34:10 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mtxclu.dll
[2013.09.05 23:34:10 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdeploy.dll
[2013.09.05 23:34:09 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\riched20.dll
[2013.09.05 23:34:09 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DXPTaskRingtone.dll
[2013.09.05 23:34:09 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2.dll
[2013.09.05 23:34:09 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnscmmc.dll
[2013.09.05 23:34:08 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPEncEn.dll
[2013.09.05 23:34:08 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercpl.dll
[2013.09.05 23:34:08 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sharemediacpl.dll
[2013.09.05 23:34:08 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\onex.dll
[2013.09.05 23:34:08 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\logoncli.dll
[2013.09.05 23:34:08 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RpcRtRemote.dll
[2013.09.05 23:34:07 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SensorsCpl.dll
[2013.09.05 23:34:07 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themecpl.dll
[2013.09.05 23:34:07 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Narrator.exe
[2013.09.05 23:34:07 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autofmt.exe
[2013.09.05 23:34:07 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eudcedit.exe
[2013.09.05 23:34:07 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Faultrep.dll
[2013.09.05 23:34:07 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netjoin.dll
[2013.09.05 23:34:07 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nci.dll
[2013.09.05 23:34:07 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hbaapi.dll
[2013.09.05 23:34:06 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autochk.exe
[2013.09.05 23:34:06 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2013.09.05 23:34:06 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppcomapi.dll
[2013.09.05 23:34:06 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netiohlp.dll
[2013.09.05 23:34:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cabview.dll
[2013.09.05 23:34:06 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnikeapi.dll
[2013.09.05 23:34:06 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\proquota.exe
[2013.09.05 23:34:05 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autoconv.exe
[2013.09.05 23:34:05 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autochk.exe
[2013.09.05 23:34:05 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autofmt.exe
[2013.09.05 23:34:05 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autoconv.exe
[2013.09.05 23:34:05 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshipsec.dll
[2013.09.05 23:34:05 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ipsmsnap.dll
[2013.09.05 23:34:05 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msinfo32.exe
[2013.09.05 23:34:05 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msutb.dll
[2013.09.05 23:34:05 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\regapi.dll
[2013.09.05 23:34:05 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mimefilt.dll
[2013.09.05 23:34:04 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdclt.exe
[2013.09.05 23:34:04 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpd_ci.dll
[2013.09.05 23:34:04 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercpl.dll
[2013.09.05 23:34:04 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msihnd.dll
[2013.09.05 23:34:04 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\srchadmin.dll
[2013.09.05 23:34:04 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapphost.dll
[2013.09.05 23:34:04 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\framedyn.dll
[2013.09.05 23:34:04 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpipcfg.dll
[2013.09.05 23:34:04 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schtasks.exe
[2013.09.05 23:34:04 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdsrv.dll
[2013.09.05 23:34:04 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shsetup.dll
[2013.09.05 23:34:04 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe
[2013.09.05 23:34:04 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\SysNative\fms.dll
[2013.09.05 23:34:03 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmsys.cpl
[2013.09.05 23:34:03 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuxiliaryDisplayCpl.dll
[2013.09.05 23:34:03 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanui.dll
[2013.09.05 23:34:03 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanconn.dll
[2013.09.05 23:34:03 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\scsiport.sys
[2013.09.05 23:34:03 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prntvpt.dll
[2013.09.05 23:34:03 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscorier.dll
[2013.09.05 23:34:03 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscorier.dll
[2013.09.05 23:34:02 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Display.dll
[2013.09.05 23:34:02 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontext.dll
[2013.09.05 23:34:02 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\batmeter.dll
[2013.09.05 23:34:02 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mprddm.dll
[2013.09.05 23:34:02 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QAGENT.DLL
[2013.09.05 23:34:02 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netid.dll
[2013.09.05 23:34:02 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2013.09.05 23:34:01 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wdc.dll
[2013.09.05 23:34:01 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mblctr.exe
[2013.09.05 23:34:01 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Vault.dll
[2013.09.05 23:34:01 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastls.dll
[2013.09.05 23:34:01 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\untfs.dll
[2013.09.05 23:34:01 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scesrv.dll
[2013.09.05 23:34:01 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpsrcwp.dll
[2013.09.05 23:34:01 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nci.dll
[2013.09.05 23:34:00 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanpref.dll
[2013.09.05 23:34:00 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DiagCpl.dll
[2013.09.05 23:34:00 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMNetMgr.dll
[2013.09.05 23:34:00 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usercpl.dll
[2013.09.05 23:34:00 | 000,098,816 | ---- | C] (Microsoft) -- C:\windows\SysWow64\Robocopy.exe
[2013.09.05 23:34:00 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rtutils.dll
[2013.09.05 23:33:59 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bootres.dll
[2013.09.05 23:33:59 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpccpl.dll
[2013.09.05 23:33:59 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MCEWMDRMNDBootstrap.dll
[2013.09.05 23:33:59 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ksproxy.ax
[2013.09.05 23:33:59 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSTPager.ax
[2013.09.05 23:33:58 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DxpTaskSync.dll
[2013.09.05 23:33:58 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Display.dll
[2013.09.05 23:33:58 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mtxclu.dll
[2013.09.05 23:33:58 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskmgr.exe
[2013.09.05 23:33:58 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVolSSO.dll
[2013.09.05 23:33:58 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rasppp.dll
[2013.09.05 23:33:58 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3cfg.dll
[2013.09.05 23:33:57 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxdiagn.dll
[2013.09.05 23:33:56 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prnfldr.dll
[2013.09.05 23:33:56 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\termmgr.dll
[2013.09.05 23:33:56 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\puiobj.dll
[2013.09.05 23:33:56 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskmgr.exe
[2013.09.05 23:33:56 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsRasterService.dll
[2013.09.05 23:33:56 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hbaapi.dll
[2013.09.05 23:33:56 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\userinit.exe
[2013.09.05 23:33:55 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pdh.dll
[2013.09.05 23:33:55 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eudcedit.exe
[2013.09.05 23:33:55 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys
[2013.09.05 23:33:55 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WPDShServiceObj.dll
[2013.09.05 23:33:55 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\proquota.exe
[2013.09.05 23:33:54 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\accessibilitycpl.dll
[2013.09.05 23:33:54 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiadefui.dll
[2013.09.05 23:33:54 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\untfs.dll
[2013.09.05 23:33:54 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSAC3ENC.DLL
[2013.09.05 23:33:54 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppcomapi.dll
[2013.09.05 23:33:54 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rasppp.dll
[2013.09.05 23:33:54 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cabview.dll
[2013.09.05 23:33:54 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logoncli.dll
[2013.09.05 23:33:54 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shsetup.dll
[2013.09.05 23:33:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\userinit.exe
[2013.09.05 23:33:53 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SensorsCpl.dll
[2013.09.05 23:33:53 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\themecpl.dll
[2013.09.05 23:33:53 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FirewallControlPanel.dll
[2013.09.05 23:33:53 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appwiz.cpl
[2013.09.05 23:33:52 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\zipfldr.dll
[2013.09.05 23:33:52 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slui.exe
[2013.09.05 23:33:52 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\defaultlocationcpl.dll
[2013.09.05 23:33:52 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2013.09.05 23:33:52 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscmmc.dll
[2013.09.05 23:33:51 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PhotoScreensaver.scr
[2013.09.05 23:33:51 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msieftp.dll
[2013.09.05 23:33:51 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hgcpl.dll
[2013.09.05 23:33:50 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontext.dll
[2013.09.05 23:33:50 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sud.dll
[2013.09.05 23:33:50 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DeviceCenter.dll
[2013.09.05 23:33:50 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\localsec.dll
[2013.09.05 23:33:50 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mprddm.dll
[2013.09.05 23:33:50 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scecli.dll
[2013.09.05 23:33:50 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscories.dll
[2013.09.05 23:33:49 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\networkmap.dll
[2013.09.05 23:33:49 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptui.dll
[2013.09.05 23:33:49 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionCenter.dll
[2013.09.05 23:33:49 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskbarcpl.dll
[2013.09.05 23:33:49 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OnLineIDCpl.dll
[2013.09.05 23:33:49 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVolSSO.dll
[2013.09.05 23:33:48 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcenter.dll
[2013.09.05 23:33:48 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\batmeter.dll
[2013.09.05 23:33:48 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VAN.dll
[2013.09.05 23:33:48 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PerfCenterCPL.dll
[2013.09.05 23:33:48 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usercpl.dll
[2013.09.05 23:33:48 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanui.dll
[2013.09.05 23:33:48 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\intl.cpl
[2013.09.05 23:33:48 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVol.exe
[2013.09.05 23:33:48 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twext.dll
[2013.09.05 23:33:48 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prntvpt.dll
[2013.09.05 23:33:47 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OobeFldr.dll
[2013.09.05 23:33:47 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dsuiext.dll
[2013.09.05 23:33:47 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroleui.dll
[2013.09.05 23:33:47 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdedit.exe
[2013.09.05 23:33:47 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxlib.dll
[2013.09.05 23:33:47 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\recovery.dll
[2013.09.05 23:33:47 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cca.dll
[2013.09.05 23:33:47 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\isoburn.exe
[2013.09.05 23:33:47 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\w32tm.exe
[2013.09.05 23:33:46 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\accessibilitycpl.dll
[2013.09.05 23:33:46 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdcpl.dll
[2013.09.05 23:33:46 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bthprops.cpl
[2013.09.05 23:33:46 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwizeng.dll
[2013.09.05 23:33:46 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MediaMetadataHandler.dll
[2013.09.05 23:33:46 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\azroleui.dll
[2013.09.05 23:33:46 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\efscore.dll
[2013.09.05 23:33:46 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\syncui.dll
[2013.09.05 23:33:46 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VBICodec.ax
[2013.09.05 23:33:46 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys
[2013.09.05 23:33:46 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fdeploy.dll
[2013.09.05 23:33:46 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tzutil.exe
[2013.09.05 23:33:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sisbkup.dll
[2013.09.05 23:33:45 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptui.dll
[2013.09.05 23:33:45 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\main.cpl
[2013.09.05 23:33:45 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shwebsvc.dll
[2013.09.05 23:33:45 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\systemcpl.dll
[2013.09.05 23:33:45 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\recdisc.exe
[2013.09.05 23:33:45 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSAC3ENC.DLL
[2013.09.05 23:33:45 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netplwiz.dll
[2013.09.05 23:33:45 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netjoin.dll
[2013.09.05 23:33:45 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autoplay.dll
[2013.09.05 23:33:45 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\httpapi.dll
[2013.09.05 23:33:44 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\networkmap.dll
[2013.09.05 23:33:44 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionCenterCPL.dll
[2013.09.05 23:33:44 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certcli.dll
[2013.09.05 23:33:44 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanmsm.dll
[2013.09.05 23:33:44 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Faultrep.dll
[2013.09.05 23:33:44 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysclass.dll
[2013.09.05 23:33:44 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adsldp.dll
[2013.09.05 23:33:44 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncryptui.dll
[2013.09.05 23:33:43 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizeng.dll
[2013.09.05 23:33:43 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prnfldr.dll
[2013.09.05 23:33:43 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wusa.exe
[2013.09.05 23:33:43 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MCEWMDRMNDBootstrap.dll
[2013.09.05 23:33:43 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OnLineIDCpl.dll
[2013.09.05 23:33:43 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuxiliaryDisplayServices.dll
[2013.09.05 23:33:43 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ksxbar.ax
[2013.09.05 23:33:42 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sud.dll
[2013.09.05 23:33:42 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ActionCenter.dll
[2013.09.05 23:33:42 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysmon.ocx
[2013.09.05 23:33:42 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\termmgr.dll
[2013.09.05 23:33:42 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msieftp.dll
[2013.09.05 23:33:42 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\photowiz.dll
[2013.09.05 23:33:42 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MediaMetadataHandler.dll
[2013.09.05 23:33:42 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFPlay.dll
[2013.09.05 23:33:42 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsutil.dll
[2013.09.05 23:33:41 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscp.dll
[2013.09.05 23:33:41 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sysmon.ocx
[2013.09.05 23:33:41 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgent.dll
[2013.09.05 23:33:41 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sethc.exe
[2013.09.05 23:33:41 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iprtrmgr.dll
[2013.09.05 23:33:41 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\defaultlocationcpl.dll
[2013.09.05 23:33:41 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmartcardCredentialProvider.dll
[2013.09.05 23:33:41 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntlanman.dll
[2013.09.05 23:33:41 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3cfg.dll
[2013.09.05 23:33:40 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bthprops.cpl
[2013.09.05 23:33:40 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlcese30.dll
[2013.09.05 23:33:40 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shwebsvc.dll
[2013.09.05 23:33:40 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\intl.cpl
[2013.09.05 23:33:40 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ifsutil.dll
[2013.09.05 23:33:40 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ftp.exe
[2013.09.05 23:33:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sisbkup.dll
[2013.09.05 23:33:39 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ActionCenterCPL.dll
[2013.09.05 23:33:39 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ssText3d.scr
[2013.09.05 23:33:39 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\unimdm.tsp
[2013.09.05 23:33:39 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iTVData.dll
[2013.09.05 23:33:39 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iprtrmgr.dll
[2013.09.05 23:33:39 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\efscore.dll
[2013.09.05 23:33:39 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UserAccountControlSettings.dll
[2013.09.05 23:33:39 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpd3d.dll
[2013.09.05 23:33:38 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmsdk.dll
[2013.09.05 23:33:38 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drmmgrtn.dll
[2013.09.05 23:33:38 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\syncui.dll
[2013.09.05 23:33:38 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autoplay.dll
[2013.09.05 23:33:38 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srvcli.dll
[2013.09.05 23:33:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slwga.dll
[2013.09.05 23:33:37 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OobeFldr.dll
[2013.09.05 23:33:37 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpmde.dll
[2013.09.05 23:33:37 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DeviceCenter.dll
[2013.09.05 23:33:37 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wavemsp.dll
[2013.09.05 23:33:37 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dskquoui.dll
[2013.09.05 23:33:37 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nslookup.exe
[2013.09.05 23:33:37 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSTPager.ax
[2013.09.05 23:33:36 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2013.09.05 23:33:36 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\systemcpl.dll
[2013.09.05 23:33:36 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntprint.dll
[2013.09.05 23:33:36 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntprint.dll
[2013.09.05 23:33:36 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srrstr.dll
[2013.09.05 23:33:36 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sethc.exe
[2013.09.05 23:33:36 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevicePairingFolder.dll
[2013.09.05 23:33:36 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdboot.exe
[2013.09.05 23:33:36 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercfg.cpl
[2013.09.05 23:33:36 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SmartcardCredentialProvider.dll
[2013.09.05 23:33:36 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NAPHLPR.DLL
[2013.09.05 23:33:36 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\acppage.dll
[2013.09.05 23:33:35 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\blackbox.dll
[2013.09.05 23:33:35 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ksproxy.ax
[2013.09.05 23:33:35 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\NAPHLPR.DLL
[2013.09.05 23:33:35 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppnp.dll
[2013.09.05 23:33:34 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\networkexplorer.dll
[2013.09.05 23:33:34 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\activeds.dll
[2013.09.05 23:33:34 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpsrcwp.dll
[2013.09.05 23:33:34 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netplwiz.dll
[2013.09.05 23:33:34 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\migisol.dll
[2013.09.05 23:33:34 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cabinet.dll
[2013.09.05 23:33:34 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\SysWow64\fms.dll
[2013.09.05 23:33:33 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfrgui.exe
[2013.09.05 23:33:33 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshipsec.dll
[2013.09.05 23:33:33 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\remotepg.dll
[2013.09.05 23:33:33 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kstvtune.ax
[2013.09.05 23:33:33 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\isoburn.exe
[2013.09.05 23:33:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wkscli.dll
[2013.09.05 23:33:33 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\httpapi.dll
[2013.09.05 23:33:32 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msftedit.dll
[2013.09.05 23:33:32 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanmsm.dll
[2013.09.05 23:33:32 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpdxm.dll
[2013.09.05 23:33:32 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3ui.dll
[2013.09.05 23:33:32 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgent.dll
[2013.09.05 23:33:32 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wavemsp.dll
[2013.09.05 23:33:32 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSCard.dll
[2013.09.05 23:33:32 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2013.09.05 23:33:32 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\net1.exe
[2013.09.05 23:33:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsnmp32.dll
[2013.09.05 23:33:32 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ftp.exe
[2013.09.05 23:33:31 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\blackbox.dll
[2013.09.05 23:33:31 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dsuiext.dll
[2013.09.05 23:33:31 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmdev.dll
[2013.09.05 23:33:31 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wvc.dll
[2013.09.05 23:33:31 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfrgui.exe
[2013.09.05 23:33:31 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsqmcons.exe
[2013.09.05 23:33:31 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ocsetup.exe
[2013.09.05 23:33:31 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tzutil.exe
[2013.09.05 23:33:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WerFaultSecure.exe
[2013.09.05 23:33:30 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wvc.dll
[2013.09.05 23:33:30 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wimgapi.dll
[2013.09.05 23:33:30 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unimdm.tsp
[2013.09.05 23:33:30 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstask.dll
[2013.09.05 23:33:30 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2013.09.05 23:33:30 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twext.dll
[2013.09.05 23:33:29 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OpcServices.dll
[2013.09.05 23:33:29 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Bubbles.scr
[2013.09.05 23:33:29 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qcap.dll
[2013.09.05 23:33:29 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupugc.exe
[2013.09.05 23:33:29 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mapistub.dll
[2013.09.05 23:33:29 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mapi32.dll
[2013.09.05 23:33:29 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\unimdmat.dll
[2013.09.05 23:33:29 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\windows\twain_32.dll

[vitkova_vitek]

[2013.09.05 23:33:28 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\main.cpl
[2013.09.05 23:33:28 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diskraid.exe
[2013.09.05 23:33:28 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Ribbons.scr
[2013.09.05 23:33:28 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qasf.dll
[2013.09.05 23:33:28 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ifsutil.dll
[2013.09.05 23:33:28 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\uxlib.dll
[2013.09.05 23:33:28 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsium.dll
[2013.09.05 23:33:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\slwga.dll
[2013.09.05 23:33:27 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ssText3d.scr
[2013.09.05 23:33:27 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mystify.scr
[2013.09.05 23:33:27 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvfw32.dll
[2013.09.05 23:33:27 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mciavi32.dll
[2013.09.05 23:33:26 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmsdk.dll
[2013.09.05 23:33:26 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsAnytimeUpgradeResults.exe
[2013.09.05 23:33:26 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\clusapi.dll
[2013.09.05 23:33:26 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpencom.dll
[2013.09.05 23:33:26 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DevicePairingFolder.dll
[2013.09.05 23:33:26 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\perfmon.exe
[2013.09.05 23:33:26 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpshell.dll
[2013.09.05 23:33:26 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nslookup.exe
[2013.09.05 23:33:26 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\muifontsetup.dll
[2013.09.05 23:33:25 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbghelp.dll
[2013.09.05 23:33:25 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSAPI.dll
[2013.09.05 23:33:25 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscp.dll
[2013.09.05 23:33:25 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wimserv.exe
[2013.09.05 23:33:25 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\diskraid.exe
[2013.09.05 23:33:25 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qasf.dll
[2013.09.05 23:33:25 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionQueue.dll
[2013.09.05 23:33:25 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpencom.dll
[2013.09.05 23:33:25 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfmon.exe
[2013.09.05 23:33:25 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tlscsp.dll
[2013.09.05 23:33:25 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\umb.dll
[2013.09.05 23:33:25 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NAPCRYPT.DLL
[2013.09.05 23:33:25 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\acppage.dll
[2013.09.05 23:33:25 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AzSqlExt.dll
[2013.09.05 23:33:25 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netutils.dll
[2013.09.05 23:33:24 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drmmgrtn.dll
[2013.09.05 23:33:24 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\raschap.dll
[2013.09.05 23:33:24 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\raschap.dll
[2013.09.05 23:33:24 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\input.dll
[2013.09.05 23:33:24 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\remotepg.dll
[2013.09.05 23:33:24 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiavideo.dll
[2013.09.05 23:33:24 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QUTIL.DLL
[2013.09.05 23:33:24 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\bfsvc.exe
[2013.09.05 23:33:24 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\runonce.exe
[2013.09.05 23:33:24 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\NAPCRYPT.DLL
[2013.09.05 23:33:23 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMADMOD.DLL
[2013.09.05 23:33:23 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVSDECD.DLL
[2013.09.05 23:33:23 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpdxm.dll
[2013.09.05 23:33:23 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdwcn.dll
[2013.09.05 23:33:23 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsbas.dll
[2013.09.05 23:33:23 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ocsetapi.dll
[2013.09.05 23:33:23 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MdSched.exe
[2013.09.05 23:33:23 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UserAccountControlSettings.dll
[2013.09.05 23:33:23 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PrintIsolationProxy.dll
[2013.09.05 23:33:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vpnikeapi.dll
[2013.09.05 23:33:23 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\syssetup.dll
[2013.09.05 23:33:22 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\onexui.dll
[2013.09.05 23:33:22 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstask.dll
[2013.09.05 23:33:22 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iTVData.dll
[2013.09.05 23:33:22 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxdiagn.dll
[2013.09.05 23:33:22 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wpdwcn.dll
[2013.09.05 23:33:22 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vdsbas.dll
[2013.09.05 23:33:22 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Kswdmcap.ax
[2013.09.05 23:33:22 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\runonce.exe
[2013.09.05 23:33:21 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nltest.exe
[2013.09.05 23:33:21 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapp3hst.dll
[2013.09.05 23:33:21 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bitsadmin.exe
[2013.09.05 23:33:21 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFPlay.dll
[2013.09.05 23:33:21 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rmcast.sys
[2013.09.05 23:33:21 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logagent.exe
[2013.09.05 23:33:20 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmdev.dll
[2013.09.05 23:33:20 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shacct.dll
[2013.09.05 23:33:20 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QSVRMGMT.DLL
[2013.09.05 23:33:20 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shacct.dll
[2013.09.05 23:33:20 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tabcal.exe
[2013.09.05 23:33:20 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vss_ps.dll
[2013.09.05 23:33:20 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscapi.dll
[2013.09.05 23:33:19 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmnet.dll
[2013.09.05 23:33:19 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WPDSp.dll
[2013.09.05 23:33:19 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bitsadmin.exe
[2013.09.05 23:33:19 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qcap.dll
[2013.09.05 23:33:19 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp_isv.dll
[2013.09.05 23:33:19 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpshell.dll
[2013.09.05 23:33:19 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\logman.exe
[2013.09.05 23:33:19 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2013.09.05 23:33:19 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\lsmproxy.dll
[2013.09.05 23:33:18 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMSPDMOD.DLL
[2013.09.05 23:33:18 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Bubbles.scr
[2013.09.05 23:33:18 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msnetobj.dll
[2013.09.05 23:33:18 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqlcese30.dll
[2013.09.05 23:33:18 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdv.dll
[2013.09.05 23:33:18 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceSyncProvider.dll
[2013.09.05 23:33:18 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mprapi.dll
[2013.09.05 23:33:18 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp.dll
[2013.09.05 23:33:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unimdmat.dll
[2013.09.05 23:33:18 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpd3d.dll
[2013.09.05 23:33:18 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iscsium.dll
[2013.09.05 23:33:17 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OpcServices.dll
[2013.09.05 23:33:17 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceStatus.dll
[2013.09.05 23:33:17 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WPDSp.dll
[2013.09.05 23:33:17 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pdh.dll
[2013.09.05 23:33:17 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceSyncProvider.dll
[2013.09.05 23:33:17 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fphc.dll
[2013.09.05 23:33:17 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kstvtune.ax
[2013.09.05 23:33:17 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logman.exe
[2013.09.05 23:33:17 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spbcd.dll
[2013.09.05 23:33:17 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\olethk32.dll
[2013.09.05 23:33:17 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncryptui.dll
[2013.09.05 23:33:16 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceStatus.dll
[2013.09.05 23:33:16 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3ui.dll
[2013.09.05 23:33:16 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mystify.scr
[2013.09.05 23:33:16 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Ribbons.scr
[2013.09.05 23:33:16 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercfg.cpl
[2013.09.05 23:33:16 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\desk.cpl
[2013.09.05 23:33:16 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QSVRMGMT.DLL
[2013.09.05 23:33:16 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\takeown.exe
[2013.09.05 23:33:16 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PnPUnattend.exe
[2013.09.05 23:33:15 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMADMOD.DLL
[2013.09.05 23:33:15 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2013.09.05 23:33:15 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2013.09.05 23:33:15 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3msm.dll
[2013.09.05 23:33:15 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiavideo.dll
[2013.09.05 23:33:15 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Kswdmcap.ax
[2013.09.05 23:33:15 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fphc.dll
[2013.09.05 23:33:15 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\avifil32.dll
[2013.09.05 23:33:15 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\amstream.dll
[2013.09.05 23:33:15 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mapistub.dll
[2013.09.05 23:33:15 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\utildll.dll
[2013.09.05 23:33:14 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IMJP10.IME
[2013.09.05 23:33:14 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVSDECD.DLL
[2013.09.05 23:33:14 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmnet.dll
[2013.09.05 23:33:14 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VBICodec.ax
[2013.09.05 23:33:14 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EhStorAPI.dll
[2013.09.05 23:33:14 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\takeown.exe
[2013.09.05 23:33:14 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shimgvw.dll
[2013.09.05 23:33:14 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\HotStartUserAgent.dll
[2013.09.05 23:33:13 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdv.dll
[2013.09.05 23:33:13 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msnetobj.dll
[2013.09.05 23:33:13 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppinst.dll
[2013.09.05 23:33:13 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmstp.exe
[2013.09.05 23:33:13 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QCLIPROV.DLL
[2013.09.05 23:33:13 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QCLIPROV.DLL
[2013.09.05 23:33:13 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertPolEng.dll
[2013.09.05 23:33:13 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WavDest.dll
[2013.09.05 23:33:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\djoin.exe
[2013.09.05 23:33:13 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nrpsrv.dll
[2013.09.05 23:33:12 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmstp.exe
[2013.09.05 23:33:12 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdProxy.dll
[2013.09.05 23:33:12 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MuiUnattend.exe
[2013.09.05 23:33:12 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cca.dll
[2013.09.05 23:33:12 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vfwwdm32.dll
[2013.09.05 23:33:12 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MultiDigiMon.exe
[2013.09.05 23:33:12 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pdhui.dll
[2013.09.05 23:33:11 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMSPDMOD.DLL
[2013.09.05 23:33:11 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msorcl32.dll
[2013.09.05 23:33:11 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diskpart.exe
[2013.09.05 23:33:11 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsicli.exe
[2013.09.05 23:33:11 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mydocs.dll
[2013.09.05 23:33:11 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupcln.dll
[2013.09.05 23:33:11 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\g711codc.ax
[2013.09.05 23:33:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsnmp32.dll
[2013.09.05 23:33:11 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\relog.exe
[2013.09.05 23:33:11 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AzSqlExt.dll
[2013.09.05 23:33:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sscore.dll
[2013.09.05 23:33:10 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\itircl.dll
[2013.09.05 23:33:10 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iscsicli.exe
[2013.09.05 23:33:10 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\desk.cpl
[2013.09.05 23:33:10 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mobsync.exe
[2013.09.05 23:33:10 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spbcd.dll
[2013.09.05 23:33:10 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wkscli.dll
[2013.09.05 23:33:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbisurf.ax
[2013.09.05 23:33:10 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\relog.exe
[2013.09.05 23:33:10 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netiougc.exe
[2013.09.05 23:33:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BWUnpairElevated.dll
[2013.09.05 23:33:09 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp.exe
[2013.09.05 23:33:09 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp_isv.exe
[2013.09.05 23:33:09 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\itircl.dll
[2013.09.05 23:33:09 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mydocs.dll
[2013.09.05 23:33:09 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\diskpart.exe
[2013.09.05 23:33:09 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3msm.dll
[2013.09.05 23:33:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp_isv.dll
[2013.09.05 23:33:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp.dll
[2013.09.05 23:33:09 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\resutils.dll
[2013.09.05 23:33:09 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\amstream.dll
[2013.09.05 23:33:09 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastapi.dll
[2013.09.05 23:33:09 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdmo.dll
[2013.09.05 23:33:09 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netbtugc.exe
[2013.09.05 23:33:08 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IMJP10.IME
[2013.09.05 23:33:08 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSTIFF.dll
[2013.09.05 23:33:08 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpps.dll
[2013.09.05 23:33:08 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertPolEng.dll
[2013.09.05 23:33:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ksxbar.ax
[2013.09.05 23:33:08 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\syssetup.dll
[2013.09.05 23:33:07 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp.exe
[2013.09.05 23:33:07 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp_isv.exe
[2013.09.05 23:33:07 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppc.dll
[2013.09.05 23:33:07 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eappgnui.dll
[2013.09.05 23:33:07 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eappgnui.dll
[2013.09.05 23:33:07 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\findstr.exe
[2013.09.05 23:33:07 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tlscsp.dll
[2013.09.05 23:33:07 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\findstr.exe
[2013.09.05 23:33:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\luainstall.dll
[2013.09.05 23:33:07 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mciqtz32.dll
[2013.09.05 23:33:07 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\choice.exe
[2013.09.05 23:33:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2013.09.05 23:33:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WerFaultSecure.exe
[2013.09.05 23:33:07 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgentc.exe
[2013.09.05 23:33:06 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\onexui.dll
[2013.09.05 23:33:06 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mobsync.exe
[2013.09.05 23:33:06 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mciqtz32.dll
[2013.09.05 23:33:06 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schedcli.dll
[2013.09.05 23:33:05 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppc.dll
[2013.09.05 23:33:05 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\windows\SysWow64\iccvid.dll
[2013.09.05 23:33:05 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\manage-bde.exe
[2013.09.05 23:33:05 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetmib1.dll
[2013.09.05 23:33:05 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\repair-bde.exe
[2013.09.05 23:33:05 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wdiasqmmodule.dll
[2013.09.05 23:33:05 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shimgvw.dll
[2013.09.05 23:33:05 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spopk.dll
[2013.09.05 23:33:05 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spopk.dll
[2013.09.05 23:33:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\muifontsetup.dll
[2013.09.05 23:33:04 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RDPENCDD.dll
[2013.09.05 23:33:04 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbcconf.dll
[2013.09.05 23:33:04 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\luainstall.dll
[2013.09.05 23:33:04 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unlodctr.exe
[2013.09.05 23:33:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vbisurf.ax
[2013.09.05 23:33:04 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdmo.dll
[2013.09.05 23:33:03 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetmib1.dll
[2013.09.05 23:33:03 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\g711codc.ax
[2013.09.05 23:33:03 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdprefdrvapi.dll
[2013.09.05 23:33:03 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fixmapi.exe
[2013.09.05 23:33:02 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIRibbonRes.dll
[2013.09.05 23:33:02 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbonRes.dll
[2013.09.05 23:33:02 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSMON.dll
[2013.09.05 23:33:02 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcconf.dll
[2013.09.05 23:33:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elsTrans.dll
[2013.09.05 23:33:01 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2013.09.05 23:33:01 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tdi.sys
[2013.09.05 23:33:01 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TRAPI.dll
[2013.09.05 23:33:01 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfts.dll
[2013.09.05 23:33:00 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\napdsnap.dll
[2013.09.05 23:33:00 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dsauth.dll
[2013.09.05 23:33:00 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\LogonUI.exe
[2013.09.05 23:32:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscdll.dll
[2013.09.05 23:32:59 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdprefdrvapi.dll
[2013.09.05 23:32:59 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elsTrans.dll
[2013.09.05 23:32:59 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TRAPI.dll
[2013.09.05 23:32:59 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSUNATD.exe
[2013.09.05 23:32:58 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbrpm.sys
[2013.09.05 23:32:58 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bitsperf.dll
[2013.09.05 23:32:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bitsperf.dll
[2013.09.05 23:32:58 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schedcli.dll
[2013.09.05 23:32:57 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imkr80.ime
[2013.09.05 23:32:57 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\napdsnap.dll
[2013.09.05 23:32:57 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dsauth.dll
[2013.09.05 23:32:56 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shgina.dll
[2013.09.05 23:32:56 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsdchngr.dll
[2013.09.05 23:32:56 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sscore.dll
[2013.09.05 23:32:55 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imkr80.ime
[2013.09.05 23:32:55 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsdchngr.dll
[2013.09.05 23:32:55 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shgina.dll
[2013.09.05 23:32:55 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\riched32.dll
[2013.09.05 23:32:54 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBCAMD2.sys
[2013.09.05 23:32:53 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wshirda.dll
[2013.09.05 23:32:52 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wshirda.dll
[2013.09.05 23:32:52 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\riched32.dll
[2013.09.05 23:32:52 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcfgex.dll
[2013.09.05 23:32:51 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwmp.dll
[2013.09.05 23:32:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\C_ISCII.DLL
[2013.09.05 23:32:50 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwmp.dll
[2013.09.05 23:32:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\C_ISCII.DLL
[2013.09.05 23:32:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdxm.ocx
[2013.09.05 23:32:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxmasf.dll
[2013.09.05 23:32:48 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shunimpl.dll
[2013.09.05 23:32:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdxm.ocx
[2013.09.05 23:32:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxmasf.dll
[2013.09.05 23:32:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-ums-l1-1-0.dll
[2013.09.05 23:32:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTUQ.DLL
[2013.09.05 23:32:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTUF.DLL
[2013.09.05 23:32:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTUQ.DLL
[2013.09.05 23:32:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTUF.DLL
[2013.09.05 23:32:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDSG.DLL
[2013.09.05 23:32:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDSF.DLL
[2013.09.05 23:32:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDPO.DLL
[2013.09.05 23:32:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kbdlk41a.dll
[2013.09.05 23:32:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGR1.DLL
[2013.09.05 23:32:46 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2013.09.05 23:32:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDSG.DLL
[2013.09.05 23:32:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kbdlk41a.dll
[2013.09.05 23:32:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGKL.DLL
[2013.09.05 23:32:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDNEPR.DLL
[2013.09.05 23:32:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGR1.DLL
[2013.09.05 23:32:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGKL.DLL
[2013.09.05 23:32:45 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2013.09.05 23:32:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDCZ1.DLL
[2013.09.05 23:32:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDCZ1.DLL
[2013.09.05 23:32:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDUS.DLL
[2013.09.05 23:32:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTURME.DLL
[2013.09.05 23:32:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTAJIK.DLL
[2013.09.05 23:32:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDMON.DLL
[2013.09.05 23:32:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGEO.DLL
[2013.09.05 23:32:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGEO.DLL
[2013.09.05 23:32:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBLR.DLL
[2013.09.05 23:32:44 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDUS.DLL
[2013.09.05 23:32:44 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDUGHR1.DLL
[2013.09.05 23:32:44 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTAJIK.DLL
[2013.09.05 23:32:44 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDMON.DLL
[2013.09.05 23:32:44 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDLT1.DLL
[2013.09.05 23:32:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDUGHR1.DLL
[2013.09.05 23:32:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDMAORI.DLL
[2013.09.05 23:32:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDLT1.DLL
[2013.09.05 23:32:43 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nlsbres.dll
[2013.09.05 23:32:43 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nlsbres.dll
[2013.09.05 23:32:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTURME.DLL
[2013.09.05 23:32:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDSF.DLL
[2013.09.05 23:32:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDPO.DLL
[2013.09.05 23:32:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDNEPR.DLL
[2013.09.05 23:32:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDMAORI.DLL
[2013.09.05 23:32:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBULG.DLL
[2013.09.05 23:32:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBLR.DLL
[2013.09.05 23:32:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBASH.DLL
[2013.09.05 23:32:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBULG.DLL
[2013.09.05 23:32:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBASH.DLL
[2013.09.05 23:32:42 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pifmgr.dll
[2013.09.05 23:32:42 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pifmgr.dll
[2013.09.05 23:32:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwizres.dll
[2013.09.05 23:32:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizres.dll
[2013.09.05 23:32:08 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PkgMgr.exe
[2013.09.05 23:32:08 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wdscore.dll
[2013.09.05 23:32:08 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqmapi.dll
[2013.09.05 23:32:05 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvstore.dll
[2013.09.05 23:32:05 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpx.dll
[2013.09.05 23:30:56 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wbemcomn.dll
[2013.09.05 23:30:56 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmicmiplugin.dll
[2013.09.05 23:30:53 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmiEngine.dll
[2013.09.05 23:30:53 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqmapi.dll
[2013.09.05 23:30:51 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PkgMgr.exe
[2013.09.05 23:30:39 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drvstore.dll
[2013.09.05 23:30:39 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpx.dll
[2013.09.05 23:09:14 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2013.09.05 23:09:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2013.09.05 23:09:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2013.09.05 22:07:23 | 000,000,000 | ---D | C] -- C:\Users\Ondra\Desktop\log
[2013.09.05 21:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013.09.05 20:18:49 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Roaming\Malwarebytes
[2013.09.05 20:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.09.05 19:25:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.09.05 19:25:25 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.09.05 19:22:31 | 003,948,544 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\windows\SysNative\drivers\athrx.sys
[2013.08.14 10:32:19 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Roaming\Atheros

========== Files - Modified Within 30 Days ==========

[2013.09.08 19:22:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.09.08 18:06:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
[2013.09.08 17:11:31 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.08 17:11:31 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.08 17:02:52 | 000,482,224 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.09.08 17:02:47 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.09.08 17:02:35 | 4226,138,112 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.08 16:29:44 | 000,001,224 | ---- | M] () -- C:\Users\Ondra\Desktop\Revo Uninstaller.lnk
[2013.09.08 15:55:49 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2013.09.07 23:34:18 | 005,120,615 | R--- | M] (Swearware) -- C:\Users\Ondra\Desktop\ComboFix.exe
[2013.09.07 22:11:22 | 001,037,278 | ---- | M] () -- C:\Users\Ondra\Desktop\adwcleaner.exe
[2013.09.07 16:55:04 | 000,000,342 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForONDRA-HP$.job
[2013.09.07 15:01:54 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Ondra\Desktop\mbam-setup-1.75.0.1300.exe
[2013.09.07 12:00:23 | 003,787,264 | ---- | M] () -- C:\Users\Ondra\Desktop\RogueKillerX64.exe
[2013.09.06 14:04:56 | 000,832,273 | ---- | M] () -- C:\Users\Ondra\Desktop\RSITx64.exe
[2013.09.06 13:06:01 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\Blender.lnk
[2013.09.06 12:57:11 | 000,002,761 | ---- | M] () -- C:\Users\Public\Desktop\DraftSight x64.lnk
[2013.09.06 10:34:44 | 001,555,776 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013.09.06 10:34:44 | 000,666,444 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2013.09.06 10:34:44 | 000,652,148 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.09.06 10:34:44 | 000,140,108 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2013.09.06 10:34:44 | 000,121,080 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.09.06 10:34:35 | 001,555,776 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.09.06 07:02:35 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msclmd.dll
[2013.09.06 07:02:35 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msclmd.dll
[2013.09.05 23:02:02 | 000,000,332 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForOndra.job
[2013.09.05 19:11:20 | 000,000,535 | ---- | M] () -- C:\windows\SysWow64\mapisvc.inf
[2013.09.05 17:44:40 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2013.09.08 18:09:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.09.08 16:29:44 | 000,001,224 | ---- | C] () -- C:\Users\Ondra\Desktop\Revo Uninstaller.lnk
[2013.09.07 23:37:15 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013.09.07 23:37:15 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013.09.07 23:37:15 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013.09.07 23:37:15 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013.09.07 23:37:15 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013.09.07 22:11:19 | 001,037,278 | ---- | C] () -- C:\Users\Ondra\Desktop\adwcleaner.exe
[2013.09.07 12:00:17 | 003,787,264 | ---- | C] () -- C:\Users\Ondra\Desktop\RogueKillerX64.exe
[2013.09.06 14:04:53 | 000,832,273 | ---- | C] () -- C:\Users\Ondra\Desktop\RSITx64.exe
[2013.09.06 13:06:01 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\Blender.lnk
[2013.09.06 12:57:11 | 000,002,761 | ---- | C] () -- C:\Users\Public\Desktop\DraftSight x64.lnk
[2013.09.05 23:35:04 | 000,347,904 | ---- | C] () -- C:\windows\SysNative\systemsf.ebd
[2013.09.05 23:33:06 | 000,010,429 | ---- | C] () -- C:\windows\SysNative\ScavengeSpace.xml
[2013.09.05 23:32:42 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\BlbEvents.dll
[2013.09.05 23:32:40 | 000,105,559 | ---- | C] () -- C:\windows\SysWow64\RacRules.xml
[2013.09.05 23:32:40 | 000,105,559 | ---- | C] () -- C:\windows\SysNative\RacRules.xml
[2013.09.05 23:32:08 | 000,001,041 | ---- | C] () -- C:\windows\SysWow64\tcpbidi.xml
[2011.12.29 16:38:02 | 000,103,736 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2011.12.29 16:38:01 | 000,066,872 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2011.12.29 16:37:43 | 000,000,331 | ---- | C] () -- C:\windows\game.ini
[2011.11.08 01:30:03 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdfecaf.sys
[2011.11.08 01:17:36 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011.11.08 01:14:43 | 000,003,914 | ---- | C] () -- C:\windows\SysWow64\atipblup.dat
[2011.11.08 01:13:41 | 000,094,776 | ---- | C] () -- C:\windows\un_dext.exe
[2011.11.08 01:13:41 | 000,014,409 | ---- | C] () -- C:\windows\TWAIN2080.ini
[2011.11.08 01:13:40 | 000,087,928 | ---- | C] () -- C:\windows\SPRemove_x64.exe
[2011.11.08 01:13:40 | 000,003,926 | ---- | C] () -- C:\windows\Dext_12.ini
[2011.11.08 01:13:40 | 000,003,892 | ---- | C] () -- C:\windows\Dext_27.ini
[2011.11.08 01:13:40 | 000,003,884 | ---- | C] () -- C:\windows\Dext_25.ini
[2011.11.08 01:13:40 | 000,003,882 | ---- | C] () -- C:\windows\Dext_21.ini
[2011.11.08 01:13:40 | 000,003,820 | ---- | C] () -- C:\windows\Dext_11.ini
[2011.11.08 01:13:40 | 000,003,802 | ---- | C] () -- C:\windows\Dext_14.ini
[2011.11.08 01:13:40 | 000,003,700 | ---- | C] () -- C:\windows\Dext_16.ini
[2011.11.08 01:13:40 | 000,003,672 | ---- | C] () -- C:\windows\Dext_31.ini
[2011.11.08 01:13:40 | 000,003,648 | ---- | C] () -- C:\windows\Dext_36.ini
[2011.11.08 01:13:40 | 000,003,622 | ---- | C] () -- C:\windows\Dext_20.ini
[2011.11.08 01:13:40 | 000,003,586 | ---- | C] () -- C:\windows\Dext_22.ini
[2011.11.08 01:13:40 | 000,003,550 | ---- | C] () -- C:\windows\Dext_19.ini
[2011.11.08 01:13:40 | 000,003,492 | ---- | C] () -- C:\windows\Dext_24.ini
[2011.11.08 01:13:40 | 000,003,450 | ---- | C] () -- C:\windows\Dext_29.ini
[2011.11.08 01:13:40 | 000,003,342 | ---- | C] () -- C:\windows\Dext_30.ini
[2011.11.08 01:13:40 | 000,003,174 | ---- | C] () -- C:\windows\Dext_13.ini
[2011.11.08 01:13:40 | 000,003,023 | ---- | C] () -- C:\windows\remove.ini
[2011.11.08 01:13:40 | 000,002,750 | ---- | C] () -- C:\windows\Dext_17.ini
[2011.11.08 01:13:40 | 000,002,674 | ---- | C] () -- C:\windows\Dext_18.ini
[2011.11.08 01:13:40 | 000,002,638 | ---- | C] () -- C:\windows\Dext_2052.ini
[2011.11.08 01:13:39 | 000,003,802 | ---- | C] () -- C:\windows\Dext_05.ini
[2011.11.08 01:13:39 | 000,003,704 | ---- | C] () -- C:\windows\Dext_10.ini
[2011.11.08 01:13:39 | 000,003,682 | ---- | C] () -- C:\windows\Dext_08.ini
[2011.11.08 01:13:39 | 000,003,624 | ---- | C] () -- C:\windows\Dext_1046.ini
[2011.11.08 01:13:39 | 000,003,588 | ---- | C] () -- C:\windows\Dext_06.ini
[2011.11.08 01:13:39 | 000,003,550 | ---- | C] () -- C:\windows\Dext_07.ini
[2011.11.08 01:13:39 | 000,003,522 | ---- | C] () -- C:\windows\Dext_02.ini
[2011.11.08 01:13:39 | 000,003,416 | ---- | C] () -- C:\windows\Dext_01.ini
[2011.11.08 01:13:39 | 000,003,220 | ---- | C] () -- C:\windows\Dext_09.ini
[2011.11.08 01:13:39 | 000,002,850 | ---- | C] () -- C:\windows\Dext_04.ini
[2009.08.28 14:16:16 | 000,130,238 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.09.08 17:19:56 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Autodesk
[2013.02.10 15:04:16 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\BitTorrent
[2013.09.05 19:28:38 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
[2013.09.06 13:00:48 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\DraftSight
[2011.12.14 20:26:45 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\IDT
[2012.12.20 17:51:22 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Milestone
[2013.02.24 21:57:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Opera
[2011.11.18 13:42:26 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Synaptics
[2013.05.16 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Vodafone
[2012.07.25 09:21:25 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Yandex

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,542 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2011.11.19 19:44:34 | 000,000,332 | ---- | C] () -- C:\windows\Tasks\HPCeeScheduleForOndra.job
[2011.12.12 15:32:10 | 000,000,342 | ---- | C] () -- C:\windows\Tasks\HPCeeScheduleForONDRA-HP$.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20776_none_39c28c74544f69e8\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.10.01 09:17:00 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=2632B7125E0730E019532CFCFFFFBFC0 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_e28cf2983c0715a1\autochk.exe
[2009.10.01 09:42:15 | 000,777,216 | ---- | M] (Microsoft Corporation) MD5=3AE12EC776AB9830462E8197FB5C88CF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_3eab8e1bf46486d7\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

[vitkova_vitek]

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010.10.29 07:11:26 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.10.29 07:07:43 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.10.29 07:11:26 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.10.29 07:07:43 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.10.29 07:11:26 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.10.29 07:07:43 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.10.29 07:11:26 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.10.29 07:07:43 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.09.01 08:34:28 | 000,263,256 | ---- | M] (Microsoft Corporation) MD5=01B586A0B8C8D860457892F80B85A5CD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16416_none_076a95ef732190e3\hal.dll
[2009.09.01 09:03:17 | 000,263,240 | ---- | M] (Microsoft Corporation) MD5=514D418248FECD24D96E7219162BDFDD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20519_none_07f733988c3c7cb2\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010.10.29 07:13:55 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2010.10.29 07:13:55 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\erdnt\cache64\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\windows\SysNative\drivers\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.10.29 07:11:26 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.10.29 07:11:26 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[10 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.11.18 13:46:00 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Adobe
[2013.08.02 19:14:50 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\ArcSoft
[2013.09.05 18:11:11 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Atheros
[2011.11.18 13:43:44 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\ATI
[2013.09.08 17:19:56 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Autodesk
[2013.02.10 15:04:16 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\BitTorrent
[2013.09.05 19:28:38 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
[2013.09.06 13:00:48 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\DraftSight
[2013.08.04 12:24:52 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\FLEXnet
[2011.11.26 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Hewlett-Packard
[2013.09.05 18:18:53 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\hpqLog
[2011.11.18 13:41:59 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Identities
[2011.12.14 20:26:45 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\IDT
[2011.11.18 13:42:41 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Intel Corporation
[2011.11.18 13:46:02 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Macromedia
[2013.08.04 12:24:53 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Macrovision
[2013.09.05 20:18:49 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Malwarebytes
[2013.06.12 19:39:01 | 000,000,000 | --SD | M] -- C:\Users\Ondra\AppData\Roaming\Microsoft
[2012.12.20 17:51:22 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Milestone
[2011.12.29 16:12:11 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Mozilla
[2013.02.24 21:57:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Opera
[2011.11.18 13:42:26 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Synaptics
[2012.07.22 21:35:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\vlc
[2013.05.16 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Vodafone
[2012.01.08 15:17:34 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\WinRAR
[2012.07.25 09:21:25 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Yandex

< %APPDATA%\*.exe /s >
[2012.01.24 17:33:55 | 000,005,430 | R--- | M] () -- C:\Users\Ondra\AppData\Roaming\Microsoft\Installer\{03840E8D-A75E-4C49-ADFC-09A867C7F943}\_532EEF936FFAE0ABE2522D.exe
[2012.01.24 17:33:55 | 000,005,430 | R--- | M] () -- C:\Users\Ondra\AppData\Roaming\Microsoft\Installer\{03840E8D-A75E-4C49-ADFC-09A867C7F943}\_A290953C7595C4E6A1FDBA.exe
[2011.12.01 01:04:27 | 000,010,134 | R--- | M] () -- C:\Users\Ondra\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.09.07 16:55:04 | 000,000,342 | ---- | M] () -- C:\windows\Tasks\HPCeeScheduleForONDRA-HP$.job
[2013.09.05 23:02:02 | 000,000,332 | ---- | M] () -- C:\windows\Tasks\HPCeeScheduleForOndra.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.09.08 17:06:28 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
[2013.09.06 07:02:35 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\msclmd.dll
[2013.09.06 10:34:44 | 001,555,776 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2001.08.15 02:31:08 | 000,030,054 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Autodesk\Inventor 2012\Textures\surfaces\Cracks.bmp
[2001.08.15 02:31:08 | 000,030,054 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\InventorFusion\CommAppDat\Autodesk\Inventor Fusion 2012\Design Data\surfaces\Cracks.bmp

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2011.02.04 14:15:30 | 000,024,800 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Components\DWGVIEWER2012\Program Files\DWG TrueView 2012\AecLoader.arx
[2011.04.06 20:42:54 | 000,339,196 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\cs-CZ\Vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Help_Autoloader.chm
[2011.04.06 23:47:32 | 004,374,528 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\cs-CZ\Vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\cs\Autoloader.resources.dll
[2011.01.24 18:17:32 | 000,333,030 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\en-US\Vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Help_Autoloader.chm
[2009.06.12 21:03:00 | 000,000,000 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\en-US\Vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Loc\Autoloader.resources.dll
[2011.03.02 13:45:10 | 000,053,408 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Autodesk\Inventor 2012\Bin\Autodesk.iLogic.AddinLoader.dll
[2011.03.02 13:45:30 | 000,047,776 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Autodesk\Inventor 2012\Bin\ClrAddinLoader.dll
[2011.01.17 14:19:24 | 000,037,888 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files\Autodesk Shared\Extensions 2012\Loader\Autodesk.REX.Loader.dll
[2011.01.17 14:19:24 | 000,013,360 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files\Autodesk Shared\Extensions 2012\Loader\Autodesk.REX.Loader.tlb
[2010.06.24 01:08:48 | 000,034,500 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\InventorFusion\CommAppDat\Autodesk\Inventor Fusion 2012\Design Data\Loader2.ani
[2010.06.24 01:08:48 | 000,034,500 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\InventorFusion\ProgFiles\Autodesk\Inventor Fusion 2012\BusyLoader.ani
[2011.02.15 03:34:44 | 004,864,352 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader.exe
[2010.12.02 18:06:28 | 000,009,533 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader.exe.config
[2010.04.19 16:40:24 | 000,005,644 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_ArchiveReport.xsl
[2010.04.19 16:40:24 | 000,011,500 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_ScanReport.xsl
[2010.04.19 16:40:24 | 000,019,316 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Vault\Program Files\Autodesk\Vault 2012\Autoloader\Explorer\Autoloader Templates\Autoloader_UploadReport.xsl
[2010.04.19 16:48:24 | 000,003,702 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Vault\Program Files\Autodesk\Vault 2012\Samples\Autoloader\Inventor 2012\Padlock\Autoloader.ipj
[2011.11.19 21:29:11 | 000,010,144 | ---- | M] () -- \extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\modules\ExternalLibraryLoader.jsm
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.09.29 10:00:38 | 000,013,850 | ---- | M] () -- \Program Files\Blender Foundation\Blender\2.68\python\lib\unittest\loader.py
[2011.12.29 16:11:29 | 000,057,728 | ---- | M] () -- \Users\Ondra\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2011.12.29 16:11:30 | 000,057,728 | ---- | M] () -- \Users\Ondra\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2011.12.29 16:11:30 | 000,057,728 | ---- | M] () -- \Users\Ondra\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2011.12.29 16:11:30 | 000,057,728 | ---- | M] () -- \Users\Ondra\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2011.12.29 16:11:30 | 000,057,728 | ---- | M] () -- \Users\Ondra\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2011.12.29 16:11:30 | 000,061,770 | ---- | M] () -- \Users\Ondra\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2011.12.29 16:11:30 | 000,061,770 | ---- | M] () -- \Users\Ondra\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2011.11.21 23:37:52 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2010.11.20 12:09:38 | 000,004,290 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_73a52105efe44483.manifest
[2010.11.20 14:33:18 | 000,004,338 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.10 22:11:42 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.05.10 22:11:42 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.05.10 22:11:42 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.05.10 22:11:42 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.05.10 22:11:42 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013.09.06 07:03:16 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.09.06 07:03:16 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.09.06 07:03:16 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.09.06 07:03:16 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.09.06 07:03:16 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.05.10 22:09:14 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2008.05.27 16:04:06 | 000,000,020 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\cs-CZ\Inventor\Program Files\Autodesk\Inventor 2012\Bin\cs\Connectivity.Content.PackageSchemas.XmlSerializers.resources.dll
[2008.05.27 16:04:06 | 000,000,020 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\cs-CZ\Inventor\Program Files\Autodesk\Inventor 2012\Bin\cs\Connectivity.Content.XmlSerializers.resources.dll
[2008.05.27 16:04:06 | 000,000,020 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\cs-CZ\Inventor\Program Files\Autodesk\Inventor 2012\Bin\cs\Connectivity.Platform.XmlSerializers.resources.dll
[2008.05.27 16:04:06 | 000,000,020 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\en-US\Inventor\Program Files\Autodesk\Inventor 2012\Bin\Loc\Connectivity.Content.PackageSchemas.XmlSerializers.resources.dll
[2008.05.27 16:04:06 | 000,000,020 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\en-US\Inventor\Program Files\Autodesk\Inventor 2012\Bin\Loc\Connectivity.Content.XmlSerializers.resources.dll
[2008.05.27 16:04:06 | 000,000,020 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\en-US\Inventor\Program Files\Autodesk\Inventor 2012\Bin\Loc\Connectivity.Platform.XmlSerializers.resources.dll
[2011.03.02 13:45:34 | 000,038,560 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Autodesk\Inventor 2012\Bin\Connectivity.Content.PackageSchemas.XmlSerializers.dll
[2011.03.02 13:45:36 | 000,095,904 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Autodesk\Inventor 2012\Bin\Connectivity.Content.XmlSerializers.dll
[2011.03.02 13:45:36 | 000,016,032 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Autodesk\Inventor 2012\Bin\Connectivity.Platform.XmlSerializers.dll
[2008.07.31 23:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R4\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2008.07.31 23:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R4\de-DE\Webdepot\RTSerialNumberHelp.html
[2008.07.31 23:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R4\en-US\Webdepot\RTSerialNumberHelp.html
[2008.07.31 23:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R4\es-ES\Webdepot\RTSerialNumberHelp.html
[2008.07.31 23:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R4\fr-FR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 23:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R4\hu-HU\Webdepot\RTSerialNumberHelp.html
[2008.07.31 23:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R4\it-IT\Webdepot\RTSerialNumberHelp.html
[2008.07.31 23:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R4\ja-JP\Webdepot\RTSerialNumberHelp.html
[2008.07.31 23:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R4\ko-KR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 23:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R4\pl-PL\Webdepot\RTSerialNumberHelp.html
[2008.07.31 23:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R4\pt-BR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 23:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R4\ru-RU\Webdepot\RTSerialNumberHelp.html
[2008.07.31 23:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R4\zh-CN\Webdepot\RTSerialNumberHelp.html
[2008.07.31 23:41:44 | 000,002,502 | ---- | M] () -- \Autodesk\Autodesk_Inventor_2012_Czech_Win_64bit\x64\Inventor\Program Files\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R4\zh-TW\Webdepot\RTSerialNumberHelp.html
[2013.05.13 15:14:36 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013.09.05 23:41:18 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.09.18 17:48:22 | 000,267,776 | ---- | M] () -- \Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMC.BaseServices.XmlSerializers.dll
[2011.01.27 02:35:02 | 000,000,256 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll.hpsign
[2013.05.13 17:04:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013.09.05 23:41:44 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011.05.10 22:11:16 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.06 09:40:47 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.09.06 09:41:28 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.09.06 09:38:02 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.09.06 09:39:45 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013.09.06 09:45:56 | 002,647,552 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\420022aad3481c670eb86a4ca72d5b43\System.Runtime.Serialization.ni.dll
[2013.09.06 09:45:42 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.09.06 09:48:13 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2013.09.06 09:53:34 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b00c987c6d13ba24a30b471ae12a23d5\System.Runtime.Serialization.ni.dll
[2013.09.06 09:54:37 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd2da26160fba6400b0353e558e35da6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.09.06 09:58:44 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2013.09.06 10:32:59 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.06 10:32:58 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.06 10:33:03 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 22:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 22:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 22:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 22:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.11.20 05:55:00 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_hu-hu_1778ab4419ab99ad.manifest
[2010.11.20 05:50:38 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_nl-nl_28520112cd09eae9.manifest
[2010.11.20 05:54:56 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_sv-se_0bbde5ad62777806.manifest
[2010.11.20 06:45:14 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_zh-cn_493a46a2345c6076.manifest
[2010.11.20 06:43:54 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_zh-tw_48d9179c34a52b86.manifest
[2012.10.05 22:09:22 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ar-sa_da66fe5d47789091.manifest
[2012.10.05 22:03:20 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_da-dk_622a3c9da1a8c4d8.manifest
[2012.10.05 20:10:04 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_de-de_626f1d4da174828e.manifest
[2012.10.05 22:02:37 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_el-gr_8f546afdbfc776f0.manifest
[2012.10.05 20:09:41 | 000,000,531 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012.10.05 21:54:09 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_es-es_8f50994bbfc949f4.manifest
[2012.10.05 22:02:40 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_fi-fi_bd1d8c79dd71129a.manifest
[2012.10.05 20:08:58 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_fr-fr_bcc53fc7ddb1f222.manifest
[2012.10.05 22:01:09 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_he-il_17cecb28196cb924.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_hu-hu_177d7e9619a74ce6.manifest
[2012.10.05 22:12:18 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_it-it_44f22512378ff514.manifest
[2012.10.05 21:11:25 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ja-jp_7275361e55708151.manifest
[2012.10.05 21:10:37 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ko-kr_9fd8712c7363f96b.manifest
[2012.10.05 22:02:32 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_nb-no_282c61bccd26f48f.manifest
[2012.10.05 22:12:15 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_nl-nl_2856d464cd059e22.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_pl-pl_832c821908e5590e.manifest
[2012.10.05 21:51:35 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_pt-br_82f38a4d090ef34a.manifest
[2012.10.05 22:12:12 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_pt-pt_82de0509091f034e.manifest
[2012.10.05 22:03:52 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ru-ru_dda9e31b4505f382.manifest
[2012.10.05 22:12:13 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_sv-se_0bc2b8ff62732b3f.manifest
[2012.10.05 22:12:16 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_tr-tr_389cffb580d00e96.manifest
[2012.10.05 21:15:11 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_zh-cn_493f19f4345813af.manifest
[2012.10.05 21:15:20 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_zh-tw_48ddeaee34a0debf.manifest
[2012.10.05 21:54:03 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ar-sa_c395599f61238589.manifest
[2012.10.05 21:54:13 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_da-dk_4b5897dfbb53b9d0.manifest
[2012.10.05 19:58:55 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_de-de_4b9d788fbb1f7786.manifest
[2012.10.05 21:53:49 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_el-gr_7882c63fd9726be8.manifest
[2012.10.05 19:57:17 | 000,000,531 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2012.10.05 21:48:11 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_es-es_787ef48dd9743eec.manifest
[2012.10.05 21:52:37 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_fi-fi_a64be7bbf71c0792.manifest
[2012.10.05 20:00:18 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_fr-fr_a5f39b09f75ce71a.manifest
[2012.10.05 21:54:34 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_he-il_00fd266a3317ae1c.manifest
[2012.10.05 21:59:30 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_hu-hu_00abd9d8335241de.manifest
[2012.10.05 21:59:26 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_it-it_2e208054513aea0c.manifest
[2012.10.05 21:01:19 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ja-jp_5ba391606f1b7649.manifest
[2012.10.05 21:03:36 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ko-kr_8906cc6e8d0eee63.manifest
[2012.10.05 21:54:16 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_nb-no_115abcfee6d1e987.manifest
[2012.10.05 22:00:42 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_nl-nl_11852fa6e6b0931a.manifest
[2012.10.05 22:00:50 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_pl-pl_6c5add5b22904e06.manifest
[2012.10.05 21:48:47 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_pt-br_6c21e58f22b9e842.manifest
[2012.10.05 22:00:41 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_pt-pt_6c0c604b22c9f846.manifest
[2012.10.05 21:54:16 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ru-ru_c6d83e5d5eb0e87a.manifest
[2012.10.05 22:00:43 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_sv-se_f4f114417c1e2037.manifest
[2012.10.05 22:00:35 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_tr-tr_21cb5af79a7b038e.manifest
[2012.10.05 21:03:52 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_zh-cn_326d75364e0308a7.manifest
[2012.10.05 21:03:53 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_zh-tw_320c46304e4bd3b7.manifest
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011.05.10 22:11:09 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011.05.10 22:11:09 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.05.10 22:11:14 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.05.10 22:11:18 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.05.10 22:11:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.05.10 22:11:19 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2012.10.06 12:53:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df\System.Runtime.Serialization.dll
[2012.10.06 12:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7\System.Runtime.Serialization.dll
[2010.11.05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.06 12:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2012.10.06 12:53:00 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278\System.Runtime.Serialization.dll
[2012.10.06 12:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70\System.Runtime.Serialization.dll
[2010.11.05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.06 12:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013.09.06 07:02:49 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013.09.06 07:02:49 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.05.10 22:11:43 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.05.10 22:11:38 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 15:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 15:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2012.10.06 20:44:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df.manifest
[2012.10.06 21:00:33 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7.manifest
[2010.11.20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2012.10.06 20:46:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278.manifest
[2012.10.06 21:01:29 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70.manifest
[2010.11.20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2012.10.06 20:07:20 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009.manifest
[2012.10.06 20:58:54 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011.05.10 22:10:21 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.06 22:42:01 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023.manifest
[2012.10.07 00:05:03 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2012.10.06 20:11:48 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c.manifest
[2012.10.06 21:03:01 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2012.10.06 20:09:38 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e.manifest
[2012.10.06 21:00:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011.05.10 22:11:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2012.10.06 12:54:26 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009\System.Runtime.Serialization.dll
[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011.05.10 22:11:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2011.05.10 22:11:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023\System.RunTime.Serialization.Resources.dll
[2011.05.10 22:11:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011.05.10 22:11:18 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.05.10 22:11:09 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.05.10 22:11:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

[vitkova_vitek]

A ještě extras.txt.

OTL Extras logfile created on: 8.9.2013 19:21:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ondra\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,94 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 40,77% Memory free
7,87 Gb Paging File | 5,23 Gb Available in Paging File | 66,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 573,92 Gb Total Space | 486,22 Gb Free Space | 84,72% Space Free | Partition Type: NTFS
Drive E: | 16,95 Gb Total Space | 2,56 Gb Free Space | 15,11% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 4,97 Gb Free Space | 99,78% Space Free | Partition Type: FAT32

Computer Name: ONDRA-HP | User Name: Ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-347046577-4045773993-532970502-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{044D7C6E-A7D9-4492-803E-D5528CE3812A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{12F1049D-61E5-4D29-992B-AC6E589B82ED}" = lport=137 | protocol=17 | dir=in | app=system |
"{160832A2-CB97-4133-B1CE-A7758595B66D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{23943504-8ADC-4C44-A3CF-10207C72AC23}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2CD0921B-06CF-4BA7-9489-67D16C105B57}" = lport=10243 | protocol=6 | dir=in | app=system |
"{330BE90E-F750-4F85-98A5-6E1204014643}" = lport=139 | protocol=6 | dir=in | app=system |
"{617B7374-9411-4605-AC3C-62BC7E806FDE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{73A54F19-3AF1-49EA-A789-CD07F8832F50}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{82CFD9D8-7F3D-4CCF-A3A1-516B84E12534}" = rport=139 | protocol=6 | dir=out | app=system |
"{8A62ED55-6038-4E01-A2B1-62D6F8C5F93B}" = rport=138 | protocol=17 | dir=out | app=system |
"{99677F1E-EE6E-4C77-A541-492EF48281E3}" = lport=445 | protocol=6 | dir=in | app=system |
"{9CA565BD-5577-480C-ABE6-309DC04B0331}" = lport=138 | protocol=17 | dir=in | app=system |
"{A37E2B54-7AC9-4F50-803C-1D89449F3DC8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A5863A7C-F127-44C0-A483-3F822AE6CCD3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{BB488A51-24EE-48FF-8C26-E65B6EFEFC18}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C28FE9A0-CAE2-4495-9625-9C1DF93F61BE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C4E550F6-9B53-436D-9A18-8B1621148384}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CF46390C-8DD6-49D3-B8B4-53645332B0B0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CF9D2880-1FAF-4F7A-8886-DBA9099F11EA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D46F53CB-8765-4E9D-AE7C-D1C8E4D96CA7}" = rport=445 | protocol=6 | dir=out | app=system |
"{D971E60F-22CB-4578-AF03-70815B05DDA2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E08C643A-F917-49D4-A219-7F403614BB45}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E1DF4AA6-A174-417A-91AF-CB7F19EB81FC}" = rport=137 | protocol=17 | dir=out | app=system |
"{E84DFC4B-6BC6-4C31-8B53-71C504EF3C44}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED3E14D5-9B42-4116-8537-B6C9D959F6E3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F8D5FA86-F304-4E6C-A7C1-E86B773747A0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C5A642-0921-4E0E-A73C-7B3ADA75DB1B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{131B377D-6811-4CEC-B7B5-ABDC5DAEF507}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{247FBC7B-E6CE-43F2-B537-E2D06B983569}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2C70CCA0-9FBD-4223-A55E-668B1B16D483}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{47CCAD02-4A88-4192-8B85-5D5CA2EF591A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4CED9C97-5236-4C32-95B0-8D592A4DC829}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{59062402-59E9-4453-92D3-B7F38AD819F2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5C219E55-729F-4E8E-ACA3-B63E9A419184}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6C26F823-CA5E-408C-9F59-93D354FD983B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7D09F8B9-6EC4-4D82-A6DF-A68E3DEB6E05}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7E6D5353-A240-4012-9F2C-5F5083137856}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{83A0D708-4409-46BA-A1CF-215836A47E32}" = protocol=6 | dir=out | app=system |
"{8784FED8-F9AD-42E8-AD5F-2B38F4601771}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9781A52D-F0CD-411F-A956-7B3A349FBE4D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{996A35AD-BF98-45EE-B36C-F7D7FBF763BF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9E9C0497-9AC4-4CE5-8C22-8A7D6FA2B47C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B7723F40-E287-4486-9B6D-B41E83160E11}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD914C18-EF4B-4DE4-8756-3AAEC4849377}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BEA2D01D-786C-4971-81C9-571D8B36C799}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C36D1854-DE02-4DBD-8622-51A04A6ED18F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C3EFEFC3-CA58-4AAF-BECD-2B4745A7BD58}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C980381B-9E0B-4106-816A-2B5C7F61DCC1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D186A8FC-D219-443D-8ACC-80E39FC696BF}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{D3C99BB9-6435-4DD1-86BF-E40327FB8C14}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D69A645B-B433-462B-B914-BD2722A6A0E8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DED3A008-6EBD-48A8-9ED9-3F070D25045C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DF0FB890-94AE-4596-A4DE-BEE44E30DD36}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DFF17202-C561-4333-990B-827A48E9605F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{EFE78C0F-A8D4-4891-95B5-64FF6E45F2C9}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{F3BE6C92-68F4-400C-8126-9642274D2764}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{7A822F90-FF54-42AF-86C8-ADAA0F407848}C:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe |
"TCP Query User{C2B68A1B-A326-45B8-AC35-E5B62E1AAF32}C:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe |
"UDP Query User{01149D30-A916-4060-BA47-3982F2B3DFA1}C:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe |
"UDP Query User{5456C3FF-BFE4-4695-B475-14C29862DF9C}C:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}" = HP Power Assistant
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{555ECC75-AB3B-6434-8900-2BBA4F91F107}" = ccc-utility64
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{63E42DE7-C468-31B0-E373-173C67C87B88}" = ATI Catalyst Install Manager
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7D1C63D1-6520-49DA-B738-958133526E80}" = HP HotKey Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{83DA38AB-1014-41C2-A3CD-E2B93832A71A}" = HP 3D DriveGuard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A0BABADE-E154-4F08-97A1-2903CD110E88}" = COMODO Firewall
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B7C76170-A86D-4AD2-B2A8-46BB42E4B667}" = DraftSight x64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FB06FBC7-3CE3-50D9-1803-CC28E5ADF780}" = WMV9/VC-1 Video Playback
"{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}" = Validity Fingerprint Sensor Driver
"Blender" = Blender
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02480932-C787-4634-9FF6-483EC2E3FB16}" = MUD - FIM Motocross World Championship
"{02C0A02E-AB30-446C-B4C3-A03310D95F53}" = Windows Live UX Platform Language Pack
"{03840E8D-A75E-4C49-ADFC-09A867C7F943}" = Readon TV Movie Radio Player 7.5.0.0
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08F10409-00BB-8843-4813-37FDDD972CB1}" = CCC Help Chinese Standard
"{08FB6F00-7D8D-5474-B70D-607638405BEB}" = CCC Help Korean
"{0A455897-C606-4958-AD34-6DF0430D184B}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{12379137-5A34-8311-A00C-4571E468F507}" = CCC Help Polish
"{1392513C-F92A-2893-E263-071E943CB4B8}" = Catalyst Control Center InstallProxy
"{1529490E-DC67-A7DA-E7FE-789B929E67F0}" = CCC Help Norwegian
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{2E07A6AE-C2EC-05DB-8344-B562E5D9E341}" = CCC Help Swedish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E918CE9-BDA6-282D-0E19-E11DF8004ABE}" = CCC Help Thai
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4441B01C-0AF2-6EE7-CDB3-AD0DB41E7147}" = CCC Help Hungarian
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{668643A5-48DD-B0E9-62E1-1FDA18D54F66}" = CCC Help Finnish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69EA3784-E961-76A2-6C11-7B83AA50E56A}" = CCC Help Czech
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B318C80-7BE4-4D79-9F53-4290958EA984}" = Windows Live UX Platform Language Pack
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71543470-E3F8-6A06-08C8-783CD286D2BA}" = CCC Help German
"{737DCE46-824C-40BA-8776-81D9D1DB04AB}" = Catalyst Control Center - Branding
"{76BAC71B-00A7-BBFA-5DAE-EEB0DF9F4098}" = CCC Help English
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7CF1347C-61F6-C495-127C-912FD6CB432D}" = CCC Help Japanese
"{80C45B94-2BA0-8E23-95A7-8A9FCD836EFD}" = PX Profile Update
"{840021F2-FFC0-467A-BF85-29B8B7803717}" = HP ESU for Microsoft Windows 7
"{85BE1D9F-FC67-E84E-F73A-BC7125E3B717}" = CCC Help Portuguese
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}" = Vodafone Mobile Connect Lite
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1EFCBD2-B171-E24D-FAD2-4E711A312DEF}" = CCC Help Danish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB9F8790-4ECB-1BFA-1B80-21DCD40664C3}" = CCC Help Greek
"{AE6BF609-EF6A-8764-85EE-6CC65602D88E}" = CCC Help Chinese Traditional
"{B26B64E8-DB83-7904-2DF9-F92A7ABC14D9}" = Catalyst Control Center Localization All
"{B3E31950-C92F-BCD9-963D-A520887A262A}" = CCC Help Turkish
"{B7F60A16-7A7B-41FB-9AE3-DE9E324FBA06}" = HP Software Framework
"{BE211EBE-AC92-515C-D122-A9DD0BC9FFA9}" = Catalyst Control Center
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C6CD49BC-E6A5-F247-0489-F3188F300A8E}" = Catalyst Control Center Profiles Mobile
"{C7C60D93-E5B7-82D7-44A4-E3EE404B56A3}" = CCC Help Dutch
"{CBD548E9-E421-7B51-5732-2F63B37589E2}" = CCC Help French
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1F1E4D2-D2D3-4391-92EF-F63A79A67B36}" = MUD - FIM Motocross World Championship
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7922D23-642E-0649-A3C9-38F9E0FA263E}" = CCC Help Russian
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{DF63FA79-75AE-45D6-715E-81E92F134702}" = CCC Help Italian
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2531547-0789-690E-9F12-3EDBDBC64DA8}" = CCC Help Spanish
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{EE5F1911-EA95-4F1A-AF97-495972F5032D}" = HP System Default Settings
"{F07E6C5F-6AE1-72B3-8659-08E2ABB86DF8}" = Catalyst Control Center Graphics Previews Common
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Opera 12.14.1738" = Opera 12.14
"PDF Complete" = PDF Complete Special Edition
"Revo Uninstaller" = Revo Uninstaller 1.95
"Sunplus SPUVCb" = HP HD Webcam [Fixed]
"VIP Access SDK" = VIP Access SDK x64(1.0.0.50)
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"XobniMain" = Xobni

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5.9.2013 12:08:59 | Computer Name = Ondra-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 5.9.2013 12:08:59 | Computer Name = Ondra-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 5.9.2013 12:08:59 | Computer Name = Ondra-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 5.9.2013 12:09:00 | Computer Name = Ondra-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 5.9.2013 12:11:45 | Computer Name = Ondra-HP | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 5.9.2013 12:30:21 | Computer Name = Ondra-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 5.9.2013 12:30:21 | Computer Name = Ondra-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 5.9.2013 12:30:21 | Computer Name = Ondra-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC

Error - 5.9.2013 12:32:15 | Computer Name = Ondra-HP | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 5.9.2013 12:32:44 | Computer Name = Ondra-HP | Source = Application Error | ID = 1000

Error encountered while reading event logs.

< End of report >