Vyskakující okno u stavové lišty Win7 - Roulette Bot Plus

Zpráva

dandyli · #1 Příspěvek od **dandyli** » 12 led 2014 02:11

Ahoj

Moc prosím o radu jak zabránit nemožnému vyskakování okna po odinstalaci jednoho nesmyslného programu Roulette Bot Plus.
Okno vyskakuje přibližně 3x do týdne vždy v noci a dost mě to štve.
Vyzkoušel jsem CCleaner, Advanced System Care, Spybot, Comodo, Combofix a nic.

Přidávám obrázek stažený z google aby jste viděli jak to vypadá.

Předem moc děkuji za rady.

#2 Příspěvek od **Márty84** » 12 led 2014 09:32

Zdravim

Kdyz jste si to tak hezky projel vsim moznym a hlavne ComboFixem, jak ted mam najit problem?

Kdybyste si precetl pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601 , docetl byste se mimo jine toto

2. Před položením dotazu použijte tlačítko Hledat. Možná již někdo problém podobným Vašemu řešil. Pokud ale ve vyřešeném tématu budou aplikovány různé utility\aplikace, nespouštějte je. Utility se používají až na pokyn rádce, jelikož mohou mazat stopy po havěti a v rukou ne-oborníka může mít jejich použití nedozírné následky.

3. Zvláště utilitu ComboFix nespouštějte i když Vám ji poradil kamarád\nějaký rádoby odborný web. Naše fórum je jediné z CZ-SK antivirových fór, která mají právo luštit logy z ComboFixu a mámě též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.

CF smaze veskere stopy pripadne nakazy. A ja ted muzu tak akorat varit z vody, jak se rika

Zkusime se na to podivat, ale pokud se to bude opakovat, bude pomoc odmitnuta.
A taky upozornuji, ze se to mozna protahne a vysledek vubec neni jisty.

Zkopirujte mi tu jeho log, je zde C:\ComboFix.txt

Odinstalujte Spybota, program je zastaraly

Odinstalujte Advanced System Care a vse od IObit. Dokaze to nadelat vic skody nez uzitku

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786

dandyli · #3 Příspěvek od **dandyli** » 12 led 2014 11:41

Děkuji za upozornění a omlouvám se.

Hledat jsem na fóru použil ale nenašlo mi žádný příspěvek ze stejným problémem a Combofix jsem použil podle návodu.

Log Combofix:

ComboFix 13-12-20.01 - XDANCUMP 21.12.2013 3:03.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.8055.5918 [GMT 1:00]
Spuštěný z: c:\users\XDANCUMP\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {458BB331-2324-0753-3D5F-1472EB102AC0}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\SETE25B.tmp
c:\windows\SysWow64\SETE338.tmp
c:\windows\SysWow64\systeminfo.dll
c:\windows\SysWow64\tmp5EA3.tmp
c:\windows\SysWow64\tmpC883.tmp
c:\windows\SysWow64\tmpC884.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-21 do 2013-12-21 )))))))))))))))))))))))))))))))
.
.
2013-12-21 01:24 . 2013-12-21 01:24 -------- d-----w- c:\program files\Tracker Software
2013-12-19 20:42 . 2013-09-20 09:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2013-12-19 20:42 . 2013-12-21 02:01 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-12-19 20:42 . 2013-12-19 20:46 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-12-16 19:16 . 2013-12-16 19:16 -------- d-----w- C:\Hry
2013-12-15 21:36 . 2013-12-15 21:36 -------- d-----w- c:\users\Default\AppData\Local\Google
2013-12-14 23:11 . 2013-12-14 23:11 -------- d-----w- c:\program files\CCleaner
2013-12-13 18:41 . 2013-12-13 18:41 -------- d-----w- c:\program files (x86)\Common Files\Ahead
2013-12-13 18:41 . 2013-12-13 18:41 -------- d-----w- c:\program files (x86)\Nero
2013-12-11 02:10 . 2013-12-11 02:10 -------- d-----w- c:\users\XDANCUMP\AppData\Roaming\MPC-HC
2013-12-11 01:39 . 2013-12-11 01:39 -------- d-----w- d:\users\XDANCUMP\AppData\Roaming\IObit
2013-12-10 22:10 . 2013-12-10 22:10 -------- d-----w- C:\Download
2013-12-08 03:33 . 2013-12-08 03:33 -------- d-----w- c:\users\XDANCUMP\AppData\Roaming\Malwarebytes
2013-12-08 03:33 . 2013-12-19 20:41 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-12-08 03:33 . 2013-12-08 03:33 -------- d-----w- c:\programdata\Malwarebytes
2013-12-08 03:14 . 2013-12-10 00:26 -------- d-----w- C:\AdwCleaner
2013-12-05 21:43 . 2013-12-16 19:33 -------- d-----w- c:\programdata\Codemasters
2013-12-05 21:34 . 2009-07-13 18:04 839680 ----a-w- c:\windows\SysWow64\mkl_vml_p4.dll
2013-12-05 21:34 . 2009-07-13 18:04 532480 ----a-w- c:\windows\SysWow64\mkl_vml_p3.dll
2013-12-05 21:34 . 2009-07-13 18:04 512000 ----a-w- c:\windows\SysWow64\mkl_vml_def.dll
2013-12-05 21:34 . 2009-07-13 18:04 3485696 ----a-w- c:\windows\SysWow64\mkl_p4.dll
2013-12-05 21:34 . 2009-07-13 18:04 2793472 ----a-w- c:\windows\SysWow64\mkl_p3.dll
2013-12-05 21:34 . 2009-10-16 10:19 872448 ----a-w- c:\windows\SysWow64\rapture3d_oal.dll
2013-12-05 21:34 . 2009-07-13 18:04 2441216 ----a-w- c:\windows\SysWow64\mkl_def.dll
2013-12-05 21:34 . 2009-07-13 18:04 2174976 ----a-w- c:\windows\SysWow64\mkl_lapack32.dll
2013-12-05 21:34 . 2009-07-13 18:04 2125824 ----a-w- c:\windows\SysWow64\mkl_lapack64.dll
2013-12-05 21:34 . 2013-12-05 21:34 -------- d-----w- c:\program files (x86)\BRS
2013-12-05 21:34 . 2013-12-05 21:34 -------- d-----w- c:\windows\SysWow64\xlive
2013-12-05 21:34 . 2013-12-05 21:34 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2013-12-05 21:33 . 2013-12-05 21:33 -------- d-----w- c:\program files (x86)\OpenAL
2013-12-05 21:12 . 2013-12-05 21:12 -------- d-----w- c:\program files (x86)\Codemasters
2013-12-05 20:57 . 2013-12-05 20:57 -------- d-----w- c:\users\XDANCUMP\AppData\Local\Logitech
2013-12-05 20:52 . 2013-12-05 20:52 -------- d-----w- c:\program files\Common Files\Logitech
2013-12-05 20:52 . 2013-12-05 20:52 -------- d-----w- c:\program files\Logitech
2013-12-05 18:44 . 2013-12-05 18:44 -------- d-----w- c:\users\XDANCUMP\AppData\Roaming\Milestone
2013-12-05 18:43 . 2013-12-05 18:43 -------- d-----w- c:\programdata\Steam
2013-12-04 19:44 . 2013-12-04 19:44 -------- d-----w- c:\program files (x86)\Imagenomic
2013-12-04 19:09 . 2013-12-04 19:09 -------- d-----w- c:\users\XDANCUMP\AppData\Local\NikLicenseFiles
2013-12-04 19:09 . 2013-12-04 19:09 -------- d-----w- c:\users\XDANCUMP\AppData\Local\Software
2013-12-04 01:17 . 2013-12-04 01:17 -------- d-----w- c:\program files\Google
2013-12-04 01:17 . 2013-12-04 01:17 -------- d-----w- c:\program files (x86)\GUM4DD3.tmp
2013-12-04 01:16 . 2013-12-04 01:17 -------- d-----w- c:\programdata\Package Cache
2013-12-04 01:13 . 2013-12-04 01:13 -------- d-----w- c:\users\XDANCUMP\AppData\Roaming\AKVIS LLC
2013-12-04 00:49 . 2013-12-04 00:50 -------- d-----w- c:\program files\Common Files\Topaz Labs
2013-12-04 00:49 . 2013-12-04 00:50 -------- d-----w- c:\program files (x86)\Topaz Labs
2013-12-04 00:49 . 2013-12-04 00:50 -------- d-----w- c:\program files (x86)\Common Files\Topaz Labs
2013-12-03 23:59 . 2013-12-03 23:59 -------- d-----w- c:\users\XDANCUMP\AppData\Local\Juniper Networks
2013-12-03 23:59 . 2013-12-15 01:36 -------- d-----w- c:\users\XDANCUMP\AppData\Roaming\Juniper Networks
2013-12-03 12:19 . 2013-12-03 12:19 -------- d-----w- c:\users\XDANCUMP\AppData\Roaming\PDAppFlex
2013-12-03 12:18 . 2013-12-03 15:16 -------- d-----w- c:\program files\Adobe
2013-12-03 01:27 . 2013-12-03 01:27 -------- d-----w- c:\programdata\ATI
2013-12-03 01:26 . 2013-12-03 01:26 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-12-03 01:25 . 2010-04-27 03:56 6659072 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2013-12-03 01:25 . 2010-04-26 21:45 3164160 ----a-w- c:\windows\SysWow64\atidxx32.dll
2013-12-03 01:25 . 2010-04-26 21:23 4806144 ----a-w- c:\windows\system32\atiumd64.dll
2013-12-03 01:25 . 2010-04-26 20:34 2701312 ----a-w- c:\windows\system32\atiumd6a.dll
2013-12-03 01:25 . 2010-04-26 20:18 53248 ----a-w- c:\windows\system32\amdpcom64.dll
2013-12-03 01:25 . 2010-04-26 20:18 52224 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2013-12-03 01:16 . 2013-12-03 01:16 -------- d-----w- c:\users\XDANCUMP\AppData\Local\ElevatedDiagnostics
2013-12-03 01:03 . 2013-12-03 01:03 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2013-12-03 00:19 . 2013-12-03 01:27 -------- d-----w- c:\program files\ATI Technologies
2013-12-03 00:12 . 2013-12-04 00:16 277 ----a-w- C:\prefs.js
2013-12-03 00:12 . 2013-12-03 00:48 -------- d-----w- C:\AMD
2013-12-02 08:59 . 2013-12-02 08:59 9888360 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll
2013-12-02 08:59 . 2013-12-02 08:59 422504 ----a-w- c:\windows\system32\RtsUStor.dll
2013-12-02 08:59 . 2013-12-02 08:59 250984 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2013-12-02 08:58 . 2013-12-02 08:58 32496 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2013-12-01 22:29 . 2013-12-04 01:17 -------- d-----w- c:\programdata\Nik Software
2013-12-01 19:33 . 2013-12-01 19:33 -------- d-----w- c:\users\XDANCUMP\AppData\Roaming\Imagenomic
2013-11-24 00:54 . 2013-11-24 01:06 -------- d-----w- c:\users\XDANCUMP\AppData\Roaming\RBotPlus
2013-11-21 20:43 . 2013-11-21 20:43 31344 ----a-w- c:\windows\system32\drivers\cnnctfy2.sys
2013-11-21 20:42 . 2013-11-21 20:43 -------- d-----w- c:\programdata\Connectify
2013-11-21 19:16 . 2013-11-21 19:16 -------- d-----w- c:\windows\SysWow64\Wat
2013-11-21 19:16 . 2013-11-21 19:16 -------- d-----w- c:\windows\system32\Wat
2013-11-21 13:11 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2013-11-21 13:11 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2013-11-21 12:41 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-11-21 12:35 . 2013-11-21 12:35 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-11-21 12:09 . 2012-12-16 16:52 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-11-21 12:09 . 2012-12-16 14:25 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-11-21 12:09 . 2012-12-16 14:40 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-11-21 12:09 . 2009-10-19 14:46 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-11-21 12:09 . 2009-10-19 14:10 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-11-21 12:09 . 2012-12-16 14:25 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-11-21 11:55 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-11-21 11:55 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-21 11:55 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-11-21 11:55 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll
2013-11-21 11:55 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-17 18:20 . 2013-11-17 18:20 164736 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
2013-10-09 19:20 . 2012-04-23 02:02 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 19:20 . 2012-04-23 02:02 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-08 05:50 . 2013-10-19 22:38 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-26 22:35 . 2013-05-15 20:43 61440 ----a-r- c:\users\XDANCUMP\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-08-17 07:51 220608 ----a-w- c:\users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-08-17 07:51 220608 ----a-w- c:\users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-08-17 07:51 220608 ----a-w- c:\users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2013-06-07 774680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PaperPort PTD"="c:\program files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [2007-11-13 29984]
"IndexSearch"="c:\program files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [2007-11-13 46368]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-11-05 2237328]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-26 102400]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2009-8-6 439648]
Bluetooth Monitor.lnk - c:\program files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe [2013-12-3 91464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0"
"UpdatesDisableNotify"="0"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys;c:\windows\SYSNATIVE\drivers\anvsnddrv.sys [x]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI64.sys;c:\windows\SYSNATIVE\drivers\CHDMI64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 FaxLffv2;Companion Suite Pro LL2 Modem Driver;c:\windows\system32\Drivers\FaxLffv2.sys;c:\windows\SYSNATIVE\Drivers\FaxLffv2.sys [x]
R3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbfake.sys [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 PassThru Service;Internet Pass-Through Service; [x]
R3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R3 XMLDIUSB;XML USB Device Interface;c:\windows\system32\Drivers\XMLDIUSB.sys;c:\windows\SYSNATIVE\Drivers\XMLDIUSB.sys [x]
R4 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]
R4 IObitUnlocker;IObitUnlocker;c:\program files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys;c:\program files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [x]
R4 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [x]
R4 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R4 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys;c:\windows\SYSNATIVE\DRIVERS\cnnctfy2.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 FUSServices;Session Launcher Service;c:\windows\SysWOW64\FUSServices.exe;c:\windows\SysWOW64\FUSServices.exe [x]
S2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe;c:\windows\SysWOW64\nlssrv32.exe [x]
S2 PfFilter;PfFilter;c:\program files (x86)\IObit\Protected Folder\pffilter.sys;c:\program files (x86)\IObit\Protected Folder\pffilter.sys [x]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys;c:\windows\SYSNATIVE\DRIVERS\FwLnk.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 04:35 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 19:20]
.
2013-12-21 c:\windows\Tasks\Driver Booster Update.job
- c:\program files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-12-02 10:01]
.
2013-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03 17:59]
.
2013-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03 17:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2013-11-18 01:14 2486592 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-10-16 17:02 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-10-16 17:02 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-10-16 17:02 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-08-17 07:51 244672 ----a-w- c:\users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-08-17 07:51 244672 ----a-w- c:\users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-08-17 07:51 244672 ----a-w- c:\users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-22 521272]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 9577680]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-09-25 472984]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: vodafone.cz\prm
TCP: DhcpNameServer = 10.0.0.138
DPF: {1244589A-7AD1-49BE-8EE3-D445E95DF4D6} - hxxps://prm.vodafone.cz/prmportal/21238/applets/SiebelAx_Smartscript.cab
DPF: {2AA033AA-412B-4248-9DAF-59868A7BDD7F} - hxxps://prm.vodafone.cz/prmportal/21229/applets/SiebelAx_Configurator.cab
DPF: {3F736969-E75E-48F8-99F2-7CB5105ABD15} - hxxps://prm.vodafone.cz/prmportal/21238/applets/SiebelAx_HI_Client.cab
DPF: {6467F3A2-1450-418D-B0C9-26A61CC0605F} - hxxps://prm.vodafone.cz/prmportal/21238/applets/SiebelAx_Configurator.cab
DPF: {F86F1C95-3190-4EA3-A574-38AE43F1ED35} - hxxps://prm.vodafone.cz/prmportal/21229/applets/SiebelAx_HI_Client.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
.
**************************************************************************
.
Celkový čas: 2013-12-21 09:42:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-21 08:42
.
Před spuštěním: Volných bajtů: 93 504 991 232
Po spuštění: Volných bajtů: 93 373 485 056
.
- - End Of File - - 67759B06F0F8C6167379B7B045781E8F
A36C5E4F47E84449FF07ED3517B43A31

dandyli · #4 Příspěvek od **dandyli** » 12 led 2014 11:42

Log RSIT:

info.txt logfile of random's system information tool 1.09 2014-01-12 11:32:32

======Uninstall list======

-->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files (x86)\Sony Ericsson\Update Engine\uninst.exe
-->C:\Program Files\CONEXANT\cAudioFilterAgent\SETUP64.EXE -U -IcAudioFilterAgent -SM=cAudioFilterAgent64.exe,16
-->C:\Program Files\Conexant\SAII\SETUP64.EXE -U -ISAII -SM=SmartAudio.EXE,1801
-->C:\Program Files\TOSHIBA\TVAP\setup.exe
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
µTorrent-->"C:\Users\XDANCUMP\Desktop\Programy\uTorrent.exe" /UNINSTALL
64 Bit HP CIO Components Installer-->MsiExec.exe /I{BC741628-0AFC-405C-8946-DD46D1005A0A}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Creative Cloud-->"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CC-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}"
Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Advanced SystemCare 7-->"C:\Program Files (x86)\IObit\Advanced SystemCare 7\unins000.exe"
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0005 -removeonly
ATI Catalyst Install Manager-->msiexec /q/x{61D4B846-49F8-2639-A4EB-977875265F37} REBOOT=ReallySuppress
Bluetooth Monitor 4-->C:\Program Files (x86)\InstallShield Installation Information\{61539202-097E-487E-9237-B291AB56D54C}\setup.exe -runfromtemp -l0x0009 -removeonly
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
Broadcom 802.11 Network Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver"
Canon Easy-PhotoPrint EX-->C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll
Canon IJ Network Scanner Selector EX-->"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSU.exe" /UninstallRemove C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\uninst.ini
Canon IJ Network Tool-->C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNUU.exe
Canon Inkjet Printer/Scanner/Fax Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R
Canon MG5300 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series\DelDrv64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series /L0x0005
Canon MP Navigator EX 4.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 4.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 4.0\uninst.ini
Canon MP Navigator EX 5.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 5.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 5.0\uninst.ini
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
Canon Solution Menu EX-->"C:\Program Files (x86)\Canon\Solution Menu EX\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Solution Menu EX\uninst.ini
CanoScan LiDE 110 Scanner Driver-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414\DelDrv64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414 /L0x0005
Castle Link-->MsiExec.exe /X{C7774A58-8B24-4E19-A92D-E887A8FD67A1}
Catalyst Control Center - Branding-->MsiExec.exe /I{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
Companion Suite Pro LL2 Drivers-->MsiExec.exe /X{4ACE3E86-78B6-43A1-B104-E3F3006FC576}
Companion Suite Pro LL2-->MsiExec.exe /x {ABDB5A8F-A163-4FD7-A8AE-E2695ACFEA90} /qb
Conexant Audio Driver For AMD HDMI Codec-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA_HDMI\UIU64h.exe -U -Iamdhdmiw.INF
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -IBERCC2wa.INF
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
DiRT2-->"C:\Program Files (x86)\InstallShield Installation Information\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}\setup.exe" -runfromtemp -l0x0009 -removeonly
Driver Booster-->"C:\Program Files (x86)\IObit\Driver Booster\unins000.exe"
Ema Config-->"C:\Program Files (x86)\EMA\unins000.exe"
Flashtool-->C:\Flashtool\uninstall.exe
Game Booster 3-->"C:\Program Files (x86)\IObit\Game Booster 3\unins000.exe"
Google Drive-->MsiExec.exe /X{56D4499E-AC3E-4B8D-91C9-C700C148C44B}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.72\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B6E073B9-F238-379A-AA45-D323CD308DAE} /parameterfolder Client
Imagenomic Portraiture 2.3 Plug-in (build 2308)-->C:\Program Files (x86)\Imagenomic\Portraiture 2 Plug-in\uninst.exe
inSSIDer 3-->MsiExec.exe /X{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
IObit Malware Fighter-->"C:\Program Files (x86)\IObit\IObit Malware Fighter\unins001.exe"
IObit Uninstaller-->"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe" uninstall_start
IObit Unlocker-->"C:\Program Files (x86)\IObit\IObit Unlocker\unins000.exe"
Java 7 Update 45-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217040FF}
K-Lite Mega Codec Pack 10.1.5-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Logitech Gaming Software 5.10-->MsiExec.exe /X{1444D2EE-C7AD-44A8-844F-2634B49353D1}
ManageMyMobile-->"C:\Program Files (x86)\IObit\ManageMyMobile\unins000.exe"
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106-->"C:\ProgramData\Package Cache\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106-->"C:\ProgramData\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106-->MsiExec.exe /X{3C28BFD4-90C7-3138-87EF-418DC16E9598}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106-->MsiExec.exe /X{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106-->MsiExec.exe /X{6C772996-BFF3-3C8C-860B-B3D48FF05D65}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106-->MsiExec.exe /X{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Migration System Updater RBP-->C:\Users\XDANCUMP\AppData\Local\MigsUpdater\uninst.exe
Movie maker pro Windows 7 cz version for Windows-->"C:\Program Files (x86)\Movie maker pro Windows 7 cz\unins000.exe"
MSVCRT Redists-->MsiExec.exe /I{AB085680-FE98-11E1-A232-F04DA23A5C58}
MSVCRT Redists-->MsiExec.exe /I{D4761C4F-5ED9-11E1-9202-F04DA23A5C58}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 7 Ultra Edition-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Network Print Monitor for Windows 2000/XP/2003/Vista-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\Network Print Monitor\Uninst.isu"
Nik Collection-->C:\Program Files\Google\Nik Collection\Uninstall Nik Collection.exe
NVIDIA PhysX-->MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
PDF Settings CC-->MsiExec.exe /I{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PDF24 Creator 5.2.0-->"C:\Program Files (x86)\PDF24\unins000.exe"
PDF-Viewer-->"C:\Program Files\Tracker Software\PDF Viewer\unins000.exe"
PlayReady PC Runtime amd64-->MsiExec.exe /X{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
Protected Folder-->"C:\Program Files (x86)\IObit\Protected Folder\unins000.exe"
Race Driver - GRID 2 1.0.82.5097-->"C:\Hry\Race Driver - GRID 2\unins000.exe"
Rapture3D 2.3.22 Game-->"C:\Program Files (x86)\BRS\unins000.exe"
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly
Registrace uživatele zařízení Canon MG5300 series-->C:\Program Files (x86)\Canon\IJEREG\MG5300 series\UNINST.EXE
Sada Compatibility Pack pro systém Office 2007-->MsiExec.exe /X{90120000-0020-0405-0000-0000000FF1CE}
Samsung AllShare-->"C:\Program Files (x86)\InstallShield Installation Information\{DF47ACA3-7C78-4C08-8007-AC682563C9F1}\setup.exe" -runfromtemp -l0x0405 -removeonly
Samsung AllShare-->MsiExec.exe /I{DF47ACA3-7C78-4C08-8007-AC682563C9F1}
Samsung Kies-->"C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -runfromtemp -l0x0409 -removeonly
Samsung Kies-->MsiExec.exe /I{758C8301-2696-4855-AF45-534B1200980A}
Samsung Printer Live Update-->C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller\uninstall.exe
Samsung SCX-3400 Series-->"C:\Program Files (x86)\Samsung\Samsung SCX-3400 Series\Setup\Setup.exe" /R
SAMSUNG USB Driver for Mobile Phones-->C:\Program Files (x86)\Samsung\USB Drivers\Uninstall.exe
ScanSoft PaperPort 11-->MsiExec.exe /I{D7659F54-7502-4312-AA24-F103C92C26F5}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {08BB8EA1-3BA7-3AD5-8A07-22A5EC1F704E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9D8496AE-4030-3E92-B44E-4F81051E6C85} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {43B6E5D3-56A9-36C1-BD8B-9E1D6920FF11} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {43B6E5D3-56A9-36C1-BD8B-9E1D6920FF11} /parameterfolder Extended
Smart Defrag 2-->"C:\Program Files (x86)\IObit\Smart Defrag 2\unins000.exe"
Sony Ericsson Update Engine-->C:\Program Files (x86)\Sony Ericsson\Update Engine\uninst.exe
Sony Mobile Update Service-->C:\Program Files (x86)\Sony Mobile\Update Service\uninst.exe
Sony PC Companion 2.10.174-->"C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -runfromtemp -l0x0409 -removeonly
Surfing Protection-->"C:\Program Files (x86)\IObit\Surfing Protection\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Topaz Adjust 5-->C:\Program Files (x86)\Topaz Labs\Topaz Adjust 5\uninst.exe
Topaz B&W Effects-->C:\Program Files (x86)\Topaz Labs\Topaz BW 2\uninst.exe
Topaz Clean 3-->C:\Program Files (x86)\Topaz Labs\Topaz Clean 3\uninst.exe
Topaz DeJpeg 4-->C:\Program Files (x86)\Topaz Labs\Topaz DeJpeg 4\uninst.exe
Topaz DeNoise 5-->C:\Program Files (x86)\Topaz Labs\Topaz DeNoise 5\uninst.exe
Topaz Detail 3-->C:\Program Files (x86)\Topaz Labs\Topaz Detail 3\uninst.exe
Topaz Fusion Express 2-->C:\Program Files (x86)\Topaz Labs\Topaz Fusion Express 2\uninst.exe
Topaz InFocus-->C:\Program Files (x86)\Topaz Labs\Topaz InFocus\uninst.exe
Topaz Lens Effects-->C:\Program Files (x86)\Topaz Labs\Topaz Lens Effects\uninst.exe
Topaz ReMask 3-->C:\Program Files (x86)\Topaz Labs\Topaz ReMask 3\uninst.exe
Topaz Simplify 4-->C:\Program Files (x86)\Topaz Labs\Topaz Simplify 4\uninst.exe
Toshiba Assist-->C:\Program Files (x86)\InstallShield Installation Information\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}\setup.exe -runfromtemp -l0x0005 -removeonly
TOSHIBA Bulletin Board-->"C:\Program Files (x86)\InstallShield Installation Information\{C14518AF-1A0F-4D39-8011-69BAA01CD380}\setup.exe" -runfromtemp -l0x0405 -removeonly
TOSHIBA Bulletin Board-->MsiExec.exe /X{C14518AF-1A0F-4D39-8011-69BAA01CD380}
TOSHIBA ConfigFree-->MsiExec.exe /X{E0FAA369-B0E3-48B8-9447-4873103B0012}
TOSHIBA Face Recognition-->"C:\Program Files (x86)\InstallShield Installation Information\{F67FA545-D8E5-4209-86B1-AEE045D1003F}\setup.exe" -runfromtemp -l0x0405 -removeonly
TOSHIBA Face Recognition-->MsiExec.exe /X{F67FA545-D8E5-4209-86B1-AEE045D1003F}
TOSHIBA Hardware Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}\setup.exe" -l0x5
TOSHIBA Media Controller Plug-in-->MsiExec.exe /X{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}
TOSHIBA Media Controller-->C:\Program Files (x86)\InstallShield Installation Information\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}\setup.exe -runfromtemp -l0x0005 -removeonly
TOSHIBA Online Product Information-->C:\Program Files (x86)\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x0005 -removeonly
TOSHIBA ReelTime-->"C:\Program Files (x86)\InstallShield Installation Information\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\setup.exe" -runfromtemp -l0x0405 -removeonly
TOSHIBA ReelTime-->MsiExec.exe /X{24811C12-F4A9-4D0F-8494-A7B8FE46123C}
TOSHIBA Supervisor Password-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{073B89C3-BA88-41B5-965F-B35A88EAE838}\setup.exe" -l0x5
TOSHIBA TEMPRO-->MsiExec.exe /X{3A9B3B6D-3C08-4283-AF50-FD82C49DD71E}
TOSHIBA Value Added Package-->C:\Program Files\TOSHIBA\TVAP\Setup.exe
TOSHIBA Web Camera Application-->C:\Program Files (x86)\InstallShield Installation Information\{5E6F6CF3-BACC-4144-868C-E14622C658F3}\setup.exe -runfromtemp -l0x0005 -removeonly
TrueCrypt-->"C:\Program Files\TrueCrypt\TrueCrypt Setup.exe" /u
Tunngle beta-->"C:\Program Files (x86)\Tunngle\unins000.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
Vegas Pro 12.0 (64-bit)-->MsiExec.exe /X{A7500970-FE98-11E1-B560-F04DA23A5C58}
Výstraha HDD/SSD TOSHIBA-->C:\Program Files (x86)\InstallShield Installation Information\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\setup.exe -runfromtemp -l0x0405
Výstraha HDD/SSD TOSHIBA-->C:\Program Files (x86)\InstallShield Installation Information\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\setup.exe -runfromtemp -l0x0405
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )-->C:\PROGRA~1\DIFX\B60D1297D6D5E54C\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\gpwfbp.inf_amd64_neutral_dc6d708d189777c6\gpwfbp.inf
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )-->C:\PROGRA~1\DIFX\B60D1297D6D5E54C\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\gpwfbp2.inf_amd64_neutral_f8b5093722857a8f\gpwfbp2.inf
Windows Movie Maker-->C:\Program Files\Movie Maker\uninst.exe
WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
Xilisoft HD Video Converter 6-->C:\Program Files (x86)\Xilisoft\HD Video Converter 6\Uninstall.exe
Zoner Photo Studio 15-->"C:\Program Files\Zoner\Photo Studio 15\unins000.exe"

======System event log======

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497178
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497177
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497176
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497175
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497174
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: XDANCUMP-PC
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 45798
Source Name: Microsoft-Windows-Winlogon
Time Written: 20121227212951.000000-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 4101
Message: Byla ověřena platnost licence systému Windows.
Record Number: 45797
Source Name: Microsoft-Windows-Winlogon
Time Written: 20121227212951.000000-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 902
Message: Služba Ochrana softwaru byla spuštěna.
6.1.7600.16385
Record Number: 45796
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20121227212950.000000-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 1003
Message: Služba Ochrana softwaru dokončila kontrolu stavu licencování.
ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
Stav licencování=
1: 022a1afb-b893-4190-92c3-8f69a49839fb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
2: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 0 0 msft:rm/algorithm/bios/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )]
3: a0cde89c-3304-4157-b61c-c8ad785d1fad, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
4: ac96e1a8-6cc4-4310-a4ff-332ce77fb5b8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
5: cfb3e52c-d707-4861-af51-11b27ee6169c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
6: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
7: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

Record Number: 45795
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20121227212950.000000-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 1066
Message: Inicializační stav pro objekty služby
C:\Windows\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/pkey/2005, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/licenserenewal/1.0, 0x00000000, 0x00000000

Record Number: 45794
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20121227212950.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: XDANCUMP-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 3

Nové přihlášení:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x27a7b29
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x0
Název procesu: -

Informace o síti:
Název pracovní stanice: MARTINKA-PC
Adresa zdrojové sítě 192.168.1.5
Zdrojový port: 49202

Podrobné informace o ověření:
Proces přihlášení: NtLmSsp
Balíček ověření: NTLM
Přenosové služby: -
Název balíčku (pouze NTLM): NTLM V1
Délka klíče: 128

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 30974
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143855.750118-000
Event Type: Úspěšný audit
User:

Computer Name: XDANCUMP-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 3

Nové přihlášení:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x27a78be
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x0
Název procesu: -

Informace o síti:
Název pracovní stanice: MARTINKA-PC
Adresa zdrojové sítě 192.168.1.5
Zdrojový port: 49201

Podrobné informace o ověření:
Proces přihlášení: NtLmSsp
Balíček ověření: NTLM
Přenosové služby: -
Název balíčku (pouze NTLM): NTLM V1
Délka klíče: 128

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 30973
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143855.594118-000
Event Type: Úspěšný audit
User:

Computer Name: XDANCUMP-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 30972
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143712.212736-000
Event Type: Úspěšný audit
User:

Computer Name: XDANCUMP-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: XDANCUMP-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2e0
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 30971
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143712.212736-000
Event Type: Úspěšný audit
User:

Computer Name: XDANCUMP-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 30970
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143712.025536-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\Program Files (x86)\GoPro\Tools;C:\Program Files (x86)\CineForm\Tools;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=2505

-----------------EOF-----------------

dandyli · #5 Příspěvek od **dandyli** » 12 led 2014 11:42

Log RSIT:

info.txt logfile of random's system information tool 1.09 2014-01-12 11:32:32

======Uninstall list======

-->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files (x86)\Sony Ericsson\Update Engine\uninst.exe
-->C:\Program Files\CONEXANT\cAudioFilterAgent\SETUP64.EXE -U -IcAudioFilterAgent -SM=cAudioFilterAgent64.exe,16
-->C:\Program Files\Conexant\SAII\SETUP64.EXE -U -ISAII -SM=SmartAudio.EXE,1801
-->C:\Program Files\TOSHIBA\TVAP\setup.exe
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
µTorrent-->"C:\Users\XDANCUMP\Desktop\Programy\uTorrent.exe" /UNINSTALL
64 Bit HP CIO Components Installer-->MsiExec.exe /I{BC741628-0AFC-405C-8946-DD46D1005A0A}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Creative Cloud-->"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CC-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}"
Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Advanced SystemCare 7-->"C:\Program Files (x86)\IObit\Advanced SystemCare 7\unins000.exe"
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0005 -removeonly
ATI Catalyst Install Manager-->msiexec /q/x{61D4B846-49F8-2639-A4EB-977875265F37} REBOOT=ReallySuppress
Bluetooth Monitor 4-->C:\Program Files (x86)\InstallShield Installation Information\{61539202-097E-487E-9237-B291AB56D54C}\setup.exe -runfromtemp -l0x0009 -removeonly
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
Broadcom 802.11 Network Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver"
Canon Easy-PhotoPrint EX-->C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll
Canon IJ Network Scanner Selector EX-->"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSU.exe" /UninstallRemove C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\uninst.ini
Canon IJ Network Tool-->C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNUU.exe
Canon Inkjet Printer/Scanner/Fax Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R
Canon MG5300 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series\DelDrv64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series /L0x0005
Canon MP Navigator EX 4.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 4.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 4.0\uninst.ini
Canon MP Navigator EX 5.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 5.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 5.0\uninst.ini
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
Canon Solution Menu EX-->"C:\Program Files (x86)\Canon\Solution Menu EX\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Solution Menu EX\uninst.ini
CanoScan LiDE 110 Scanner Driver-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414\DelDrv64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414 /L0x0005
Castle Link-->MsiExec.exe /X{C7774A58-8B24-4E19-A92D-E887A8FD67A1}
Catalyst Control Center - Branding-->MsiExec.exe /I{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
Companion Suite Pro LL2 Drivers-->MsiExec.exe /X{4ACE3E86-78B6-43A1-B104-E3F3006FC576}
Companion Suite Pro LL2-->MsiExec.exe /x {ABDB5A8F-A163-4FD7-A8AE-E2695ACFEA90} /qb
Conexant Audio Driver For AMD HDMI Codec-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA_HDMI\UIU64h.exe -U -Iamdhdmiw.INF
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -IBERCC2wa.INF
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
DiRT2-->"C:\Program Files (x86)\InstallShield Installation Information\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}\setup.exe" -runfromtemp -l0x0009 -removeonly
Driver Booster-->"C:\Program Files (x86)\IObit\Driver Booster\unins000.exe"
Ema Config-->"C:\Program Files (x86)\EMA\unins000.exe"
Flashtool-->C:\Flashtool\uninstall.exe
Game Booster 3-->"C:\Program Files (x86)\IObit\Game Booster 3\unins000.exe"
Google Drive-->MsiExec.exe /X{56D4499E-AC3E-4B8D-91C9-C700C148C44B}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.72\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B6E073B9-F238-379A-AA45-D323CD308DAE} /parameterfolder Client
Imagenomic Portraiture 2.3 Plug-in (build 2308)-->C:\Program Files (x86)\Imagenomic\Portraiture 2 Plug-in\uninst.exe
inSSIDer 3-->MsiExec.exe /X{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
IObit Malware Fighter-->"C:\Program Files (x86)\IObit\IObit Malware Fighter\unins001.exe"
IObit Uninstaller-->"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe" uninstall_start
IObit Unlocker-->"C:\Program Files (x86)\IObit\IObit Unlocker\unins000.exe"
Java 7 Update 45-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217040FF}
K-Lite Mega Codec Pack 10.1.5-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Logitech Gaming Software 5.10-->MsiExec.exe /X{1444D2EE-C7AD-44A8-844F-2634B49353D1}
ManageMyMobile-->"C:\Program Files (x86)\IObit\ManageMyMobile\unins000.exe"
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106-->"C:\ProgramData\Package Cache\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106-->"C:\ProgramData\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106-->MsiExec.exe /X{3C28BFD4-90C7-3138-87EF-418DC16E9598}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106-->MsiExec.exe /X{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106-->MsiExec.exe /X{6C772996-BFF3-3C8C-860B-B3D48FF05D65}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106-->MsiExec.exe /X{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Migration System Updater RBP-->C:\Users\XDANCUMP\AppData\Local\MigsUpdater\uninst.exe
Movie maker pro Windows 7 cz version for Windows-->"C:\Program Files (x86)\Movie maker pro Windows 7 cz\unins000.exe"
MSVCRT Redists-->MsiExec.exe /I{AB085680-FE98-11E1-A232-F04DA23A5C58}
MSVCRT Redists-->MsiExec.exe /I{D4761C4F-5ED9-11E1-9202-F04DA23A5C58}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 7 Ultra Edition-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Network Print Monitor for Windows 2000/XP/2003/Vista-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\Network Print Monitor\Uninst.isu"
Nik Collection-->C:\Program Files\Google\Nik Collection\Uninstall Nik Collection.exe
NVIDIA PhysX-->MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
PDF Settings CC-->MsiExec.exe /I{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PDF24 Creator 5.2.0-->"C:\Program Files (x86)\PDF24\unins000.exe"
PDF-Viewer-->"C:\Program Files\Tracker Software\PDF Viewer\unins000.exe"
PlayReady PC Runtime amd64-->MsiExec.exe /X{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
Protected Folder-->"C:\Program Files (x86)\IObit\Protected Folder\unins000.exe"
Race Driver - GRID 2 1.0.82.5097-->"C:\Hry\Race Driver - GRID 2\unins000.exe"
Rapture3D 2.3.22 Game-->"C:\Program Files (x86)\BRS\unins000.exe"
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly
Registrace uživatele zařízení Canon MG5300 series-->C:\Program Files (x86)\Canon\IJEREG\MG5300 series\UNINST.EXE
Sada Compatibility Pack pro systém Office 2007-->MsiExec.exe /X{90120000-0020-0405-0000-0000000FF1CE}
Samsung AllShare-->"C:\Program Files (x86)\InstallShield Installation Information\{DF47ACA3-7C78-4C08-8007-AC682563C9F1}\setup.exe" -runfromtemp -l0x0405 -removeonly
Samsung AllShare-->MsiExec.exe /I{DF47ACA3-7C78-4C08-8007-AC682563C9F1}
Samsung Kies-->"C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -runfromtemp -l0x0409 -removeonly
Samsung Kies-->MsiExec.exe /I{758C8301-2696-4855-AF45-534B1200980A}
Samsung Printer Live Update-->C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller\uninstall.exe
Samsung SCX-3400 Series-->"C:\Program Files (x86)\Samsung\Samsung SCX-3400 Series\Setup\Setup.exe" /R
SAMSUNG USB Driver for Mobile Phones-->C:\Program Files (x86)\Samsung\USB Drivers\Uninstall.exe
ScanSoft PaperPort 11-->MsiExec.exe /I{D7659F54-7502-4312-AA24-F103C92C26F5}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {08BB8EA1-3BA7-3AD5-8A07-22A5EC1F704E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9D8496AE-4030-3E92-B44E-4F81051E6C85} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {43B6E5D3-56A9-36C1-BD8B-9E1D6920FF11} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {43B6E5D3-56A9-36C1-BD8B-9E1D6920FF11} /parameterfolder Extended
Smart Defrag 2-->"C:\Program Files (x86)\IObit\Smart Defrag 2\unins000.exe"
Sony Ericsson Update Engine-->C:\Program Files (x86)\Sony Ericsson\Update Engine\uninst.exe
Sony Mobile Update Service-->C:\Program Files (x86)\Sony Mobile\Update Service\uninst.exe
Sony PC Companion 2.10.174-->"C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -runfromtemp -l0x0409 -removeonly
Surfing Protection-->"C:\Program Files (x86)\IObit\Surfing Protection\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Topaz Adjust 5-->C:\Program Files (x86)\Topaz Labs\Topaz Adjust 5\uninst.exe
Topaz B&W Effects-->C:\Program Files (x86)\Topaz Labs\Topaz BW 2\uninst.exe
Topaz Clean 3-->C:\Program Files (x86)\Topaz Labs\Topaz Clean 3\uninst.exe
Topaz DeJpeg 4-->C:\Program Files (x86)\Topaz Labs\Topaz DeJpeg 4\uninst.exe
Topaz DeNoise 5-->C:\Program Files (x86)\Topaz Labs\Topaz DeNoise 5\uninst.exe
Topaz Detail 3-->C:\Program Files (x86)\Topaz Labs\Topaz Detail 3\uninst.exe
Topaz Fusion Express 2-->C:\Program Files (x86)\Topaz Labs\Topaz Fusion Express 2\uninst.exe
Topaz InFocus-->C:\Program Files (x86)\Topaz Labs\Topaz InFocus\uninst.exe
Topaz Lens Effects-->C:\Program Files (x86)\Topaz Labs\Topaz Lens Effects\uninst.exe
Topaz ReMask 3-->C:\Program Files (x86)\Topaz Labs\Topaz ReMask 3\uninst.exe
Topaz Simplify 4-->C:\Program Files (x86)\Topaz Labs\Topaz Simplify 4\uninst.exe
Toshiba Assist-->C:\Program Files (x86)\InstallShield Installation Information\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}\setup.exe -runfromtemp -l0x0005 -removeonly
TOSHIBA Bulletin Board-->"C:\Program Files (x86)\InstallShield Installation Information\{C14518AF-1A0F-4D39-8011-69BAA01CD380}\setup.exe" -runfromtemp -l0x0405 -removeonly
TOSHIBA Bulletin Board-->MsiExec.exe /X{C14518AF-1A0F-4D39-8011-69BAA01CD380}
TOSHIBA ConfigFree-->MsiExec.exe /X{E0FAA369-B0E3-48B8-9447-4873103B0012}
TOSHIBA Face Recognition-->"C:\Program Files (x86)\InstallShield Installation Information\{F67FA545-D8E5-4209-86B1-AEE045D1003F}\setup.exe" -runfromtemp -l0x0405 -removeonly
TOSHIBA Face Recognition-->MsiExec.exe /X{F67FA545-D8E5-4209-86B1-AEE045D1003F}
TOSHIBA Hardware Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}\setup.exe" -l0x5
TOSHIBA Media Controller Plug-in-->MsiExec.exe /X{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}
TOSHIBA Media Controller-->C:\Program Files (x86)\InstallShield Installation Information\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}\setup.exe -runfromtemp -l0x0005 -removeonly
TOSHIBA Online Product Information-->C:\Program Files (x86)\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x0005 -removeonly
TOSHIBA ReelTime-->"C:\Program Files (x86)\InstallShield Installation Information\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\setup.exe" -runfromtemp -l0x0405 -removeonly
TOSHIBA ReelTime-->MsiExec.exe /X{24811C12-F4A9-4D0F-8494-A7B8FE46123C}
TOSHIBA Supervisor Password-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{073B89C3-BA88-41B5-965F-B35A88EAE838}\setup.exe" -l0x5
TOSHIBA TEMPRO-->MsiExec.exe /X{3A9B3B6D-3C08-4283-AF50-FD82C49DD71E}
TOSHIBA Value Added Package-->C:\Program Files\TOSHIBA\TVAP\Setup.exe
TOSHIBA Web Camera Application-->C:\Program Files (x86)\InstallShield Installation Information\{5E6F6CF3-BACC-4144-868C-E14622C658F3}\setup.exe -runfromtemp -l0x0005 -removeonly
TrueCrypt-->"C:\Program Files\TrueCrypt\TrueCrypt Setup.exe" /u
Tunngle beta-->"C:\Program Files (x86)\Tunngle\unins000.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
Vegas Pro 12.0 (64-bit)-->MsiExec.exe /X{A7500970-FE98-11E1-B560-F04DA23A5C58}
Výstraha HDD/SSD TOSHIBA-->C:\Program Files (x86)\InstallShield Installation Information\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\setup.exe -runfromtemp -l0x0405
Výstraha HDD/SSD TOSHIBA-->C:\Program Files (x86)\InstallShield Installation Information\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\setup.exe -runfromtemp -l0x0405
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )-->C:\PROGRA~1\DIFX\B60D1297D6D5E54C\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\gpwfbp.inf_amd64_neutral_dc6d708d189777c6\gpwfbp.inf
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )-->C:\PROGRA~1\DIFX\B60D1297D6D5E54C\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\gpwfbp2.inf_amd64_neutral_f8b5093722857a8f\gpwfbp2.inf
Windows Movie Maker-->C:\Program Files\Movie Maker\uninst.exe
WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
Xilisoft HD Video Converter 6-->C:\Program Files (x86)\Xilisoft\HD Video Converter 6\Uninstall.exe
Zoner Photo Studio 15-->"C:\Program Files\Zoner\Photo Studio 15\unins000.exe"

======System event log======

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497178
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497177
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497176
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497175
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497174
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: XDANCUMP-PC
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 45798
Source Name: Microsoft-Windows-Winlogon
Time Written: 20121227212951.000000-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 4101
Message: Byla ověřena platnost licence systému Windows.
Record Number: 45797
Source Name: Microsoft-Windows-Winlogon
Time Written: 20121227212951.000000-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 902
Message: Služba Ochrana softwaru byla spuštěna.
6.1.7600.16385
Record Number: 45796
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20121227212950.000000-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 1003
Message: Služba Ochrana softwaru dokončila kontrolu stavu licencování.
ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
Stav licencování=
1: 022a1afb-b893-4190-92c3-8f69a49839fb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
2: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 0 0 msft:rm/algorithm/bios/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )]
3: a0cde89c-3304-4157-b61c-c8ad785d1fad, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
4: ac96e1a8-6cc4-4310-a4ff-332ce77fb5b8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
5: cfb3e52c-d707-4861-af51-11b27ee6169c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
6: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
7: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

Record Number: 45795
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20121227212950.000000-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 1066
Message: Inicializační stav pro objekty služby
C:\Windows\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/pkey/2005, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/licenserenewal/1.0, 0x00000000, 0x00000000

Record Number: 45794
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20121227212950.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: XDANCUMP-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 3

Nové přihlášení:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x27a7b29
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x0
Název procesu: -

Informace o síti:
Název pracovní stanice: MARTINKA-PC
Adresa zdrojové sítě 192.168.1.5
Zdrojový port: 49202

Podrobné informace o ověření:
Proces přihlášení: NtLmSsp
Balíček ověření: NTLM
Přenosové služby: -
Název balíčku (pouze NTLM): NTLM V1
Délka klíče: 128

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 30974
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143855.750118-000
Event Type: Úspěšný audit
User:

Computer Name: XDANCUMP-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 3

Nové přihlášení:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x27a78be
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x0
Název procesu: -

Informace o síti:
Název pracovní stanice: MARTINKA-PC
Adresa zdrojové sítě 192.168.1.5
Zdrojový port: 49201

Podrobné informace o ověření:
Proces přihlášení: NtLmSsp
Balíček ověření: NTLM
Přenosové služby: -
Název balíčku (pouze NTLM): NTLM V1
Délka klíče: 128

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 30973
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143855.594118-000
Event Type: Úspěšný audit
User:

Computer Name: XDANCUMP-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 30972
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143712.212736-000
Event Type: Úspěšný audit
User:

Computer Name: XDANCUMP-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: XDANCUMP-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2e0
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 30971
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143712.212736-000
Event Type: Úspěšný audit
User:

Computer Name: XDANCUMP-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 30970
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143712.025536-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\Program Files (x86)\GoPro\Tools;C:\Program Files (x86)\CineForm\Tools;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=2505

-----------------EOF-----------------

dandyli · #6 Příspěvek od **dandyli** » 12 led 2014 11:44

Log RSIT druhý vyskočil souběžně s prvním:

info.txt logfile of random's system information tool 1.09 2014-01-12 11:32:32

======Uninstall list======

-->C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Program Files (x86)\Sony Ericsson\Update Engine\uninst.exe
-->C:\Program Files\CONEXANT\cAudioFilterAgent\SETUP64.EXE -U -IcAudioFilterAgent -SM=cAudioFilterAgent64.exe,16
-->C:\Program Files\Conexant\SAII\SETUP64.EXE -U -ISAII -SM=SmartAudio.EXE,1801
-->C:\Program Files\TOSHIBA\TVAP\setup.exe
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
µTorrent-->"C:\Users\XDANCUMP\Desktop\Programy\uTorrent.exe" /UNINSTALL
64 Bit HP CIO Components Installer-->MsiExec.exe /I{BC741628-0AFC-405C-8946-DD46D1005A0A}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Creative Cloud-->"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CC-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}"
Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Advanced SystemCare 7-->"C:\Program Files (x86)\IObit\Advanced SystemCare 7\unins000.exe"
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0005 -removeonly
ATI Catalyst Install Manager-->msiexec /q/x{61D4B846-49F8-2639-A4EB-977875265F37} REBOOT=ReallySuppress
Bluetooth Monitor 4-->C:\Program Files (x86)\InstallShield Installation Information\{61539202-097E-487E-9237-B291AB56D54C}\setup.exe -runfromtemp -l0x0009 -removeonly
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
Broadcom 802.11 Network Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver"
Canon Easy-PhotoPrint EX-->C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll
Canon IJ Network Scanner Selector EX-->"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSU.exe" /UninstallRemove C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\uninst.ini
Canon IJ Network Tool-->C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNUU.exe
Canon Inkjet Printer/Scanner/Fax Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R
Canon MG5300 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series\DelDrv64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series /L0x0005
Canon MP Navigator EX 4.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 4.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 4.0\uninst.ini
Canon MP Navigator EX 5.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 5.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 5.0\uninst.ini
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
Canon Solution Menu EX-->"C:\Program Files (x86)\Canon\Solution Menu EX\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Solution Menu EX\uninst.ini
CanoScan LiDE 110 Scanner Driver-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414\DelDrv64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414 /L0x0005
Castle Link-->MsiExec.exe /X{C7774A58-8B24-4E19-A92D-E887A8FD67A1}
Catalyst Control Center - Branding-->MsiExec.exe /I{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
Companion Suite Pro LL2 Drivers-->MsiExec.exe /X{4ACE3E86-78B6-43A1-B104-E3F3006FC576}
Companion Suite Pro LL2-->MsiExec.exe /x {ABDB5A8F-A163-4FD7-A8AE-E2695ACFEA90} /qb
Conexant Audio Driver For AMD HDMI Codec-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA_HDMI\UIU64h.exe -U -Iamdhdmiw.INF
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -IBERCC2wa.INF
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
DiRT2-->"C:\Program Files (x86)\InstallShield Installation Information\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}\setup.exe" -runfromtemp -l0x0009 -removeonly
Driver Booster-->"C:\Program Files (x86)\IObit\Driver Booster\unins000.exe"
Ema Config-->"C:\Program Files (x86)\EMA\unins000.exe"
Flashtool-->C:\Flashtool\uninstall.exe
Game Booster 3-->"C:\Program Files (x86)\IObit\Game Booster 3\unins000.exe"
Google Drive-->MsiExec.exe /X{56D4499E-AC3E-4B8D-91C9-C700C148C44B}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.72\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B6E073B9-F238-379A-AA45-D323CD308DAE} /parameterfolder Client
Imagenomic Portraiture 2.3 Plug-in (build 2308)-->C:\Program Files (x86)\Imagenomic\Portraiture 2 Plug-in\uninst.exe
inSSIDer 3-->MsiExec.exe /X{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
IObit Malware Fighter-->"C:\Program Files (x86)\IObit\IObit Malware Fighter\unins001.exe"
IObit Uninstaller-->"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe" uninstall_start
IObit Unlocker-->"C:\Program Files (x86)\IObit\IObit Unlocker\unins000.exe"
Java 7 Update 45-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217040FF}
K-Lite Mega Codec Pack 10.1.5-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Logitech Gaming Software 5.10-->MsiExec.exe /X{1444D2EE-C7AD-44A8-844F-2634B49353D1}
ManageMyMobile-->"C:\Program Files (x86)\IObit\ManageMyMobile\unins000.exe"
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106-->"C:\ProgramData\Package Cache\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106-->"C:\ProgramData\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106-->MsiExec.exe /X{3C28BFD4-90C7-3138-87EF-418DC16E9598}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106-->MsiExec.exe /X{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106-->MsiExec.exe /X{6C772996-BFF3-3C8C-860B-B3D48FF05D65}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106-->MsiExec.exe /X{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Migration System Updater RBP-->C:\Users\XDANCUMP\AppData\Local\MigsUpdater\uninst.exe
Movie maker pro Windows 7 cz version for Windows-->"C:\Program Files (x86)\Movie maker pro Windows 7 cz\unins000.exe"
MSVCRT Redists-->MsiExec.exe /I{AB085680-FE98-11E1-A232-F04DA23A5C58}
MSVCRT Redists-->MsiExec.exe /I{D4761C4F-5ED9-11E1-9202-F04DA23A5C58}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 7 Ultra Edition-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Network Print Monitor for Windows 2000/XP/2003/Vista-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\Network Print Monitor\Uninst.isu"
Nik Collection-->C:\Program Files\Google\Nik Collection\Uninstall Nik Collection.exe
NVIDIA PhysX-->MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
PDF Settings CC-->MsiExec.exe /I{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PDF24 Creator 5.2.0-->"C:\Program Files (x86)\PDF24\unins000.exe"
PDF-Viewer-->"C:\Program Files\Tracker Software\PDF Viewer\unins000.exe"
PlayReady PC Runtime amd64-->MsiExec.exe /X{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
Protected Folder-->"C:\Program Files (x86)\IObit\Protected Folder\unins000.exe"
Race Driver - GRID 2 1.0.82.5097-->"C:\Hry\Race Driver - GRID 2\unins000.exe"
Rapture3D 2.3.22 Game-->"C:\Program Files (x86)\BRS\unins000.exe"
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly
Registrace uživatele zařízení Canon MG5300 series-->C:\Program Files (x86)\Canon\IJEREG\MG5300 series\UNINST.EXE
Sada Compatibility Pack pro systém Office 2007-->MsiExec.exe /X{90120000-0020-0405-0000-0000000FF1CE}
Samsung AllShare-->"C:\Program Files (x86)\InstallShield Installation Information\{DF47ACA3-7C78-4C08-8007-AC682563C9F1}\setup.exe" -runfromtemp -l0x0405 -removeonly
Samsung AllShare-->MsiExec.exe /I{DF47ACA3-7C78-4C08-8007-AC682563C9F1}
Samsung Kies-->"C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -runfromtemp -l0x0409 -removeonly
Samsung Kies-->MsiExec.exe /I{758C8301-2696-4855-AF45-534B1200980A}
Samsung Printer Live Update-->C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller\uninstall.exe
Samsung SCX-3400 Series-->"C:\Program Files (x86)\Samsung\Samsung SCX-3400 Series\Setup\Setup.exe" /R
SAMSUNG USB Driver for Mobile Phones-->C:\Program Files (x86)\Samsung\USB Drivers\Uninstall.exe
ScanSoft PaperPort 11-->MsiExec.exe /I{D7659F54-7502-4312-AA24-F103C92C26F5}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {08BB8EA1-3BA7-3AD5-8A07-22A5EC1F704E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9D8496AE-4030-3E92-B44E-4F81051E6C85} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {43B6E5D3-56A9-36C1-BD8B-9E1D6920FF11} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {43B6E5D3-56A9-36C1-BD8B-9E1D6920FF11} /parameterfolder Extended
Smart Defrag 2-->"C:\Program Files (x86)\IObit\Smart Defrag 2\unins000.exe"
Sony Ericsson Update Engine-->C:\Program Files (x86)\Sony Ericsson\Update Engine\uninst.exe
Sony Mobile Update Service-->C:\Program Files (x86)\Sony Mobile\Update Service\uninst.exe
Sony PC Companion 2.10.174-->"C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -runfromtemp -l0x0409 -removeonly
Surfing Protection-->"C:\Program Files (x86)\IObit\Surfing Protection\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Topaz Adjust 5-->C:\Program Files (x86)\Topaz Labs\Topaz Adjust 5\uninst.exe
Topaz B&W Effects-->C:\Program Files (x86)\Topaz Labs\Topaz BW 2\uninst.exe
Topaz Clean 3-->C:\Program Files (x86)\Topaz Labs\Topaz Clean 3\uninst.exe
Topaz DeJpeg 4-->C:\Program Files (x86)\Topaz Labs\Topaz DeJpeg 4\uninst.exe
Topaz DeNoise 5-->C:\Program Files (x86)\Topaz Labs\Topaz DeNoise 5\uninst.exe
Topaz Detail 3-->C:\Program Files (x86)\Topaz Labs\Topaz Detail 3\uninst.exe
Topaz Fusion Express 2-->C:\Program Files (x86)\Topaz Labs\Topaz Fusion Express 2\uninst.exe
Topaz InFocus-->C:\Program Files (x86)\Topaz Labs\Topaz InFocus\uninst.exe
Topaz Lens Effects-->C:\Program Files (x86)\Topaz Labs\Topaz Lens Effects\uninst.exe
Topaz ReMask 3-->C:\Program Files (x86)\Topaz Labs\Topaz ReMask 3\uninst.exe
Topaz Simplify 4-->C:\Program Files (x86)\Topaz Labs\Topaz Simplify 4\uninst.exe
Toshiba Assist-->C:\Program Files (x86)\InstallShield Installation Information\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}\setup.exe -runfromtemp -l0x0005 -removeonly
TOSHIBA Bulletin Board-->"C:\Program Files (x86)\InstallShield Installation Information\{C14518AF-1A0F-4D39-8011-69BAA01CD380}\setup.exe" -runfromtemp -l0x0405 -removeonly
TOSHIBA Bulletin Board-->MsiExec.exe /X{C14518AF-1A0F-4D39-8011-69BAA01CD380}
TOSHIBA ConfigFree-->MsiExec.exe /X{E0FAA369-B0E3-48B8-9447-4873103B0012}
TOSHIBA Face Recognition-->"C:\Program Files (x86)\InstallShield Installation Information\{F67FA545-D8E5-4209-86B1-AEE045D1003F}\setup.exe" -runfromtemp -l0x0405 -removeonly
TOSHIBA Face Recognition-->MsiExec.exe /X{F67FA545-D8E5-4209-86B1-AEE045D1003F}
TOSHIBA Hardware Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}\setup.exe" -l0x5
TOSHIBA Media Controller Plug-in-->MsiExec.exe /X{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}
TOSHIBA Media Controller-->C:\Program Files (x86)\InstallShield Installation Information\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}\setup.exe -runfromtemp -l0x0005 -removeonly
TOSHIBA Online Product Information-->C:\Program Files (x86)\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x0005 -removeonly
TOSHIBA ReelTime-->"C:\Program Files (x86)\InstallShield Installation Information\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\setup.exe" -runfromtemp -l0x0405 -removeonly
TOSHIBA ReelTime-->MsiExec.exe /X{24811C12-F4A9-4D0F-8494-A7B8FE46123C}
TOSHIBA Supervisor Password-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{073B89C3-BA88-41B5-965F-B35A88EAE838}\setup.exe" -l0x5
TOSHIBA TEMPRO-->MsiExec.exe /X{3A9B3B6D-3C08-4283-AF50-FD82C49DD71E}
TOSHIBA Value Added Package-->C:\Program Files\TOSHIBA\TVAP\Setup.exe
TOSHIBA Web Camera Application-->C:\Program Files (x86)\InstallShield Installation Information\{5E6F6CF3-BACC-4144-868C-E14622C658F3}\setup.exe -runfromtemp -l0x0005 -removeonly
TrueCrypt-->"C:\Program Files\TrueCrypt\TrueCrypt Setup.exe" /u
Tunngle beta-->"C:\Program Files (x86)\Tunngle\unins000.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
Vegas Pro 12.0 (64-bit)-->MsiExec.exe /X{A7500970-FE98-11E1-B560-F04DA23A5C58}
Výstraha HDD/SSD TOSHIBA-->C:\Program Files (x86)\InstallShield Installation Information\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\setup.exe -runfromtemp -l0x0405
Výstraha HDD/SSD TOSHIBA-->C:\Program Files (x86)\InstallShield Installation Information\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\setup.exe -runfromtemp -l0x0405
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )-->C:\PROGRA~1\DIFX\B60D1297D6D5E54C\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\gpwfbp.inf_amd64_neutral_dc6d708d189777c6\gpwfbp.inf
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )-->C:\PROGRA~1\DIFX\B60D1297D6D5E54C\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\gpwfbp2.inf_amd64_neutral_f8b5093722857a8f\gpwfbp2.inf
Windows Movie Maker-->C:\Program Files\Movie Maker\uninst.exe
WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
Xilisoft HD Video Converter 6-->C:\Program Files (x86)\Xilisoft\HD Video Converter 6\Uninstall.exe
Zoner Photo Studio 15-->"C:\Program Files\Zoner\Photo Studio 15\unins000.exe"

======System event log======

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497178
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497177
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497176
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497175
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 62464
Message: UVD Information
Record Number: 497174
Source Name: amdkmdag
Time Written: 20130902190826.563121-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: XDANCUMP-PC
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 45798
Source Name: Microsoft-Windows-Winlogon
Time Written: 20121227212951.000000-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 4101
Message: Byla ověřena platnost licence systému Windows.
Record Number: 45797
Source Name: Microsoft-Windows-Winlogon
Time Written: 20121227212951.000000-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 902
Message: Služba Ochrana softwaru byla spuštěna.
6.1.7600.16385
Record Number: 45796
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20121227212950.000000-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 1003
Message: Služba Ochrana softwaru dokončila kontrolu stavu licencování.
ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
Stav licencování=
1: 022a1afb-b893-4190-92c3-8f69a49839fb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
2: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 0 0 msft:rm/algorithm/bios/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )]
3: a0cde89c-3304-4157-b61c-c8ad785d1fad, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
4: ac96e1a8-6cc4-4310-a4ff-332ce77fb5b8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
5: cfb3e52c-d707-4861-af51-11b27ee6169c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
6: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
7: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

Record Number: 45795
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20121227212950.000000-000
Event Type: Informace
User:

Computer Name: XDANCUMP-PC
Event Code: 1066
Message: Inicializační stav pro objekty služby
C:\Windows\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/pkey/2005, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/licenserenewal/1.0, 0x00000000, 0x00000000

Record Number: 45794
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20121227212950.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: XDANCUMP-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 3

Nové přihlášení:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x27a7b29
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x0
Název procesu: -

Informace o síti:
Název pracovní stanice: MARTINKA-PC
Adresa zdrojové sítě 192.168.1.5
Zdrojový port: 49202

Podrobné informace o ověření:
Proces přihlášení: NtLmSsp
Balíček ověření: NTLM
Přenosové služby: -
Název balíčku (pouze NTLM): NTLM V1
Délka klíče: 128

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 30974
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143855.750118-000
Event Type: Úspěšný audit
User:

Computer Name: XDANCUMP-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 3

Nové přihlášení:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x27a78be
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x0
Název procesu: -

Informace o síti:
Název pracovní stanice: MARTINKA-PC
Adresa zdrojové sítě 192.168.1.5
Zdrojový port: 49201

Podrobné informace o ověření:
Proces přihlášení: NtLmSsp
Balíček ověření: NTLM
Přenosové služby: -
Název balíčku (pouze NTLM): NTLM V1
Délka klíče: 128

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 30973
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143855.594118-000
Event Type: Úspěšný audit
User:

Computer Name: XDANCUMP-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 30972
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143712.212736-000
Event Type: Úspěšný audit
User:

Computer Name: XDANCUMP-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: XDANCUMP-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2e0
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 30971
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143712.212736-000
Event Type: Úspěšný audit
User:

Computer Name: XDANCUMP-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 30970
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130307143712.025536-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\Program Files (x86)\GoPro\Tools;C:\Program Files (x86)\CineForm\Tools;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=2505

-----------------EOF-----------------

#7 Příspěvek od **Márty84** » 12 led 2014 11:49

No, dal jste tu 3x stejny log a navic ten, ktery nepotrebuju

dandyli · #8 Příspěvek od **dandyli** » 12 led 2014 12:17

aha a kde prosím tě najdu ten log?

dandyli · #9 Příspěvek od **dandyli** » 12 led 2014 12:25

Tento log by podle topicu měl být správný

Logfile of random's system information tool 1.09 (written by random/random)
Run by XDANCUMP at 2014-01-12 11:32:23
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 117 GB (50%) free of 234 GB
Total RAM: 8055 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:32:26, on 12.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe
C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\XDANCUMP.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Bluetooth Monitor.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\Windows\SysWOW64\guard32.dll
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Session Launcher Service (FUSServices) - Unknown owner - C:\Windows\SysWOW64\FUSServices.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - (no file)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10544 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 21610528
\??\C:\Windows\system32\conhost.exe "-1828113422-1196841228-307285812-1583608731968674873-80543703320718247531847388907
C:\Windows\System32\spoolsv.exe
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\SysWOW64\FUSServices.exe
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\nlssrv32.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7e184acd-193e-4622-a742-0b26e83d30e5 -SystemEventPortName:HostProcess-a9c2c701-4fae-4c63-aad2-6f9ba96e2cdb -IoCancelEventPortName:HostProcess-d515a0d6-56a4-4d23-8008-5920e870bb90 -NonStateChangingEventPortName:HostProcess-f16f6787-f441-4863-a166-4c9d9a2418e6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:eb604370-1d4d-4c87-9b4e-017631b22ab4 -DeviceGroupId:WpdFsGroup
"LFOGRPOW.exe"
"taskhost.exe"
taskeng.exe {40917ED0-57F4-49B9-8744-18385E175D7E}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe"
"C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
BtMon64.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe" /RunCurUs
"C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2536.0.415672626\1908685513" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23 --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.723.2.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_44/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2536.1.84784011\1248888892" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_44/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --instant-process --disable-html-notifications --enable-software-compositing --channel="2536.2.1068599432\1462594617" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_44/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2536.3.2014160149\1341934698" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_44/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2536.4.237964087\2121612344" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_44/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2536.6.469141315\1560273319" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_44/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2536.7.1444683701\838311874" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_44/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2536.8.326504809\1862262841" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_44/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2536.9.949372145\1142519951" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_44/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2536.10.1600408402\1010160901" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_44/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2536.11.2103285482\1402187649" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2536.12.1546969557\1455057278" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_44/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2536.13.1832130584\1745359431" /prefetch:673131151
"C:\Users\XDANCUMP\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Driver Booster Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2013-11-18 2486592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-07-09 38304]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-22 521272]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-05-10 915320]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25 472984]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-06-07 774680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [2012-03-01 285072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2779024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScannerSelectorEX]
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-09-04 1564528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-09-04 311152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFFSum_Pro_LL2]
c:\program files (x86)\companion suite pro ll2\mffsum.exe [2010-01-08 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFPrintServer_Pro_LL2]
c:\program files (x86)\companion suite pro ll2\mfprintserver.exe [2010-01-08 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
C:\Program Files (x86)\PDF24\pdf24.exe [2012-12-12 163000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]
c:\program files (x86)\scansoft\paperport\ereg\ereg.exe [2007-02-01 255528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection]
c:\users\xdancump\appdata\roaming\search protection\searchprotection.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
c:\program files (x86)\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe [2006-10-25 210472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-10-26 1050072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-04-23 595816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPwrMain]
C:\Program Files\toshiba\power saver\tpwrmain.exe [2010-09-28 566184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TWebCamera]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
c:\program files\zoner\photo studio 15\program32\zpstray.exe [2013-06-07 774680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^XDANCUMP^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-12-18 30714312]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PaperPort PTD"=C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [2007-11-13 29984]
"IndexSearch"=C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [2007-11-13 46368]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2013-11-05 2237328]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-26 102400]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
Bluetooth Monitor.lnk - C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\29927148.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\29927148.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.CFHD"=CFHD.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-01-12 11:32:23 ----D---- C:\rsit
2014-01-12 11:32:23 ----D---- C:\Program Files\trend micro
2014-01-12 03:05:02 ----A---- C:\Windows\wininit.ini
2014-01-12 01:47:28 ----A---- C:\TDSSKiller.3.0.0.19_12.01.2014_01.47.28_log.txt
2014-01-12 01:44:18 ----A---- C:\TDSSKiller.2.8.16.0_12.01.2014_01.44.18_log.txt
2014-01-12 01:36:39 ----A---- C:\TDSSKiller.2.8.16.0_12.01.2014_01.36.39_log.txt
2014-01-11 12:17:41 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-01-11 12:17:41 ----A---- C:\Windows\system32\DWrite.dll
2014-01-07 18:55:12 ----HD---- C:\ProgramData\CanonIJEPPEX
2014-01-05 23:54:24 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2013-12-30 19:22:21 ----A---- C:\Windows\system32\spoolsv.exe
2013-12-30 19:22:21 ----A---- C:\Windows\splwow64.exe
2013-12-28 21:19:58 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-28 21:19:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-28 21:19:57 ----A---- C:\Windows\system32\ieui.dll
2013-12-28 21:19:56 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-28 21:19:56 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-28 21:19:56 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-28 21:19:56 ----A---- C:\Windows\system32\iesetup.dll
2013-12-28 21:19:56 ----A---- C:\Windows\system32\iernonce.dll
2013-12-28 21:19:56 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-28 21:19:56 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-28 21:19:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-28 21:19:55 ----A---- C:\Windows\system32\mshtml.dll
2013-12-28 21:19:55 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-28 21:19:55 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-28 21:19:54 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-28 21:19:54 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-28 21:19:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-28 21:19:53 ----A---- C:\Windows\system32\iertutil.dll
2013-12-28 21:19:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-28 21:19:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-28 21:19:52 ----A---- C:\Windows\system32\wininet.dll
2013-12-28 21:19:52 ----A---- C:\Windows\system32\urlmon.dll
2013-12-28 21:19:51 ----A---- C:\Windows\system32\ieframe.dll
2013-12-28 21:19:49 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-28 21:19:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-28 21:19:48 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-28 21:19:48 ----A---- C:\Windows\system32\jscript9.dll
2013-12-25 04:05:53 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-25 04:05:53 ----A---- C:\Windows\system32\msieftp.dll
2013-12-25 04:05:34 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-25 04:05:34 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-25 04:05:34 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-25 04:05:34 ----A---- C:\Windows\system32\wmp.dll
2013-12-25 04:05:06 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-25 04:05:06 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-25 04:04:45 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-12-25 04:04:45 ----A---- C:\Windows\system32\authui.dll
2013-12-25 04:04:44 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-12-25 04:04:44 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-12-25 04:04:44 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-25 04:04:44 ----A---- C:\Windows\system32\credui.dll
2013-12-25 04:03:57 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-12-25 04:03:57 ----A---- C:\Windows\system32\cryptdlg.dll
2013-12-25 04:03:16 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-12-25 04:03:16 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-12-25 04:03:16 ----A---- C:\Windows\system32\WebClnt.dll
2013-12-25 04:03:16 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-12-25 04:03:16 ----A---- C:\Windows\system32\davclnt.dll
2013-12-25 04:03:00 ----A---- C:\Windows\system32\scavengeui.dll
2013-12-25 04:02:31 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2013-12-25 04:02:31 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-12-25 04:02:31 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2013-12-25 04:02:31 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-12-25 04:02:31 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-12-25 04:02:31 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-12-25 04:02:31 ----A---- C:\Windows\system32\wksprt.exe
2013-12-25 04:02:31 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-12-25 04:02:31 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-12-25 04:02:31 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-12-25 04:02:31 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-12-25 04:02:31 ----A---- C:\Windows\system32\tsgqec.dll
2013-12-25 04:02:31 ----A---- C:\Windows\system32\rdpudd.dll
2013-12-25 04:02:31 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-12-25 04:02:31 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-12-25 04:02:31 ----A---- C:\Windows\system32\rdpcorets.dll
2013-12-25 04:02:31 ----A---- C:\Windows\system32\mstscax.dll
2013-12-25 04:02:31 ----A---- C:\Windows\system32\mstsc.exe
2013-12-25 04:02:31 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-12-25 04:02:31 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-12-25 04:02:31 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-12-25 04:02:31 ----A---- C:\Windows\system32\aaclient.dll
2013-12-25 04:02:30 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2013-12-25 04:02:30 ----A---- C:\Windows\system32\wksprtPS.dll
2013-12-25 03:59:57 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-12-25 03:59:46 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-12-25 03:59:46 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-12-25 03:59:36 ----A---- C:\Windows\system32\wwansvc.dll
2013-12-25 03:59:36 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-12-25 03:58:19 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-12-25 03:58:19 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-12-25 03:58:19 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-12-25 03:58:19 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-12-25 03:57:23 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-12-25 03:57:23 ----A---- C:\Windows\system32\nlasvc.dll
2013-12-25 03:57:23 ----A---- C:\Windows\system32\nlaapi.dll
2013-12-25 03:57:23 ----A---- C:\Windows\system32\netevent.dll
2013-12-25 03:57:23 ----A---- C:\Windows\system32\ncsi.dll
2013-12-25 03:57:23 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-12-25 03:57:23 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-12-25 03:57:22 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-12-25 03:57:22 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-12-25 03:57:22 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-12-25 03:57:22 ----A---- C:\Windows\system32\netcorehc.dll
2013-12-25 03:56:37 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-12-25 03:56:11 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-12-25 03:56:11 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-12-25 03:55:55 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-12-25 03:55:55 ----A---- C:\Windows\system32\qdvd.dll
2013-12-23 00:30:37 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-12-23 00:25:04 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-23 00:25:04 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-23 00:24:57 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-23 00:24:57 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-23 00:24:57 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-23 00:24:57 ----A---- C:\Windows\system32\elshyph.dll
2013-12-23 00:24:56 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-23 00:24:55 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-23 00:24:55 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-23 00:24:54 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-23 00:24:54 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-23 00:24:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-23 00:24:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-23 00:24:54 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-12-23 00:24:54 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-23 00:24:54 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-23 00:24:53 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-23 00:24:53 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-23 00:24:53 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-23 00:24:53 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-23 00:24:53 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-23 00:24:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-23 00:24:52 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-23 00:24:52 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-23 00:24:52 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-23 00:24:52 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-23 00:24:51 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-23 00:24:51 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-23 00:24:51 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-23 00:24:51 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-23 00:24:51 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-23 00:24:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-23 00:24:51 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-23 00:24:50 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-23 00:24:50 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-23 00:24:50 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-23 00:24:50 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-23 00:24:50 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-23 00:24:49 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-23 00:24:49 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-23 00:24:46 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-23 00:24:46 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-23 00:24:46 ----A---- C:\Windows\system32\msrating.dll
2013-12-23 00:24:46 ----A---- C:\Windows\system32\msls31.dll
2013-12-23 00:24:46 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-23 00:24:46 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-23 00:24:46 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-23 00:24:46 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-23 00:24:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-23 00:24:46 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-23 00:24:46 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\wextract.exe
2013-12-23 00:24:45 ----A---- C:\Windows\system32\webcheck.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\vbscript.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\url.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\occache.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\mshta.exe
2013-12-23 00:24:45 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\jscript.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\inseng.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\imgutil.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\iexpress.exe
2013-12-23 00:24:45 ----A---- C:\Windows\system32\iepeers.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\ieapfltr.dat
2013-12-23 00:24:45 ----A---- C:\Windows\system32\icardie.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-23 00:24:45 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-23 00:23:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-12-23 00:23:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-12-23 00:23:09 ----A---- C:\Windows\system32\wow64.dll
2013-12-23 00:23:09 ----A---- C:\Windows\system32\tdh.dll
2013-12-23 00:23:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-12-23 00:23:09 ----A---- C:\Windows\system32\ntdll.dll
2013-12-23 00:23:09 ----A---- C:\Windows\system32\advapi32.dll
2013-12-23 00:23:08 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-12-23 00:23:08 ----A---- C:\Windows\SYSWOW64\user.exe
2013-12-23 00:23:08 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-12-23 00:23:08 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-12-23 00:23:08 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-12-23 00:23:07 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-12-23 00:23:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-12-23 00:23:07 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-12-23 00:22:32 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-12-23 00:22:32 ----A---- C:\Windows\system32\mswsock.dll
2013-12-23 00:22:32 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-12-23 00:19:58 ----D---- C:\Program Files (x86)\MSXML 4.0
2013-12-21 22:33:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-21 22:33:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-21 22:33:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-21 22:33:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-21 22:33:01 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-21 22:33:01 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-21 22:33:01 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-21 22:33:01 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-21 22:33:01 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-21 22:33:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-21 22:33:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-21 22:33:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-21 22:33:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-21 22:33:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-21 22:33:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-21 22:33:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-21 22:33:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-21 22:33:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-21 22:33:00 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-12-21 22:33:00 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-12-21 22:33:00 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-12-21 22:33:00 ----A---- C:\Windows\system32\XpsPrint.dll
2013-12-21 22:33:00 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-12-21 22:33:00 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-12-21 22:33:00 ----A---- C:\Windows\system32\d3d10warp.dll
2013-12-21 22:33:00 ----A---- C:\Windows\system32\d2d1.dll
2013-12-21 22:32:59 ----A---- C:\Windows\system32\dxgi.dll
2013-12-21 22:32:57 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-12-21 22:32:57 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-12-21 22:32:57 ----A---- C:\Windows\system32\FntCache.dll
2013-12-21 22:32:55 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-12-21 22:32:55 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-12-21 22:32:55 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-12-21 22:32:55 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-12-21 22:32:55 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-12-21 22:32:55 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-12-21 22:32:55 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-12-21 22:32:55 ----A---- C:\Windows\system32\d3d10level9.dll
2013-12-21 22:32:55 ----A---- C:\Windows\system32\d3d10core.dll
2013-12-21 22:32:55 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-12-21 22:32:55 ----A---- C:\Windows\system32\d3d10_1.dll
2013-12-21 22:32:55 ----A---- C:\Windows\system32\d3d10.dll
2013-12-21 22:32:54 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-12-21 22:32:54 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-12-21 22:32:54 ----A---- C:\Windows\system32\UIAnimation.dll
2013-12-21 22:30:24 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-12-21 22:30:24 ----A---- C:\Windows\system32\d3d11.dll
2013-12-21 22:03:09 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-21 22:03:09 ----A---- C:\Windows\system32\tzres.dll
2013-12-21 22:02:56 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-12-21 22:02:56 ----A---- C:\Windows\system32\certutil.exe
2013-12-21 22:02:53 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-12-21 22:02:53 ----A---- C:\Windows\system32\certenc.dll
2013-12-21 22:01:51 ----A---- C:\Windows\system32\KernelBase.dll
2013-12-21 22:01:50 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-12-21 22:01:50 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-12-21 22:01:50 ----A---- C:\Windows\system32\smss.exe
2013-12-21 22:01:50 ----A---- C:\Windows\system32\kernel32.dll
2013-12-21 22:01:49 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-12-21 22:01:49 ----A---- C:\Windows\system32\winsrv.dll
2013-12-21 22:01:49 ----A---- C:\Windows\system32\csrsrv.dll
2013-12-21 22:01:49 ----A---- C:\Windows\system32\conhost.exe
2013-12-21 22:01:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-12-21 22:01:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-12-21 22:01:48 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-12-21 22:01:48 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-12-21 22:01:48 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-12-21 22:01:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-12-21 22:01:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-12-21 22:01:47 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-12-21 22:01:47 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-12-21 22:01:47 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-12-21 22:01:47 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-12-21 22:01:47 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-12-21 22:01:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-12-21 22:01:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-12-21 22:01:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-12-21 22:01:46 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-12-21 22:01:46 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-12-21 22:01:46 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-12-21 22:01:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-12-21 22:01:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-12-21 22:01:45 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-12-21 22:01:45 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-12-21 22:01:45 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-12-21 22:01:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-12-21 22:01:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-12-21 22:01:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-12-21 22:01:44 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-12-21 22:01:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-12-21 22:01:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-12-21 22:01:43 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-12-21 22:01:43 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-12-21 22:01:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-12-21 22:01:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-12-21 22:01:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-12-21 22:01:42 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-12-21 22:01:42 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-12-21 22:01:42 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-12-21 22:01:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-12-21 22:01:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-12-21 22:01:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-12-21 22:01:41 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-12-21 22:01:41 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-12-21 22:01:41 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-12-21 22:01:41 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-12-21 22:01:41 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-12-21 22:01:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-12-21 22:01:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-12-21 22:01:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-12-21 22:01:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-12-21 22:01:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-12-21 22:01:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-12-21 22:01:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-12-21 22:01:38 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-12-21 22:01:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-12-21 22:01:37 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-12-21 22:01:36 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-12-21 22:01:36 ----A---- C:\Windows\system32\apisetschema.dll
2013-12-21 22:01:18 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-12-21 22:01:18 ----A---- C:\Windows\system32\cryptsvc.dll
2013-12-21 22:01:18 ----A---- C:\Windows\system32\cryptnet.dll
2013-12-21 22:01:18 ----A---- C:\Windows\system32\crypt32.dll
2013-12-21 22:01:17 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-12-21 22:01:17 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-12-21 22:00:54 ----A---- C:\Windows\system32\consent.exe
2013-12-21 22:00:54 ----A---- C:\Windows\system32\appinfo.dll
2013-12-21 22:00:42 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-12-21 22:00:42 ----A---- C:\Windows\system32\schannel.dll
2013-12-21 22:00:42 ----A---- C:\Windows\system32\lsasrv.dll
2013-12-21 22:00:42 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-12-21 22:00:42 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-12-21 22:00:42 ----A---- C:\Windows\system32\drivers\cng.sys
2013-12-21 22:00:41 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-12-21 22:00:41 ----A---- C:\Windows\system32\sspicli.dll
2013-12-21 22:00:40 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-12-21 22:00:40 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-12-21 22:00:40 ----A---- C:\Windows\system32\sspisrv.dll
2013-12-21 22:00:40 ----A---- C:\Windows\system32\secur32.dll
2013-12-21 22:00:40 ----A---- C:\Windows\system32\ncrypt.dll
2013-12-21 22:00:40 ----A---- C:\Windows\system32\lsass.exe
2013-12-21 22:00:36 ----A---- C:\Windows\system32\wintrust.dll
2013-12-21 22:00:35 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-12-21 22:00:22 ----A---- C:\Windows\system32\shell32.dll
2013-12-21 22:00:21 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-12-21 22:00:20 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-12-21 22:00:20 ----A---- C:\Windows\system32\shdocvw.dll
2013-12-21 22:00:16 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-21 22:00:16 ----A---- C:\Windows\system32\wscript.exe
2013-12-21 22:00:16 ----A---- C:\Windows\system32\scrrun.dll
2013-12-21 22:00:16 ----A---- C:\Windows\system32\cscript.exe
2013-12-21 22:00:15 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-21 22:00:15 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-21 22:00:01 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-12-21 22:00:01 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-12-21 22:00:01 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-12-21 22:00:00 ----A---- C:\Windows\system32\win32k.sys
2013-12-21 21:59:57 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-21 21:59:57 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-21 21:59:51 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-12-21 21:59:51 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-12-21 21:59:50 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-12-21 21:59:49 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-12-21 21:59:48 ----A---- C:\Windows\system32\rpcrt4.dll
2013-12-21 21:59:47 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-12-21 21:59:46 ----A---- C:\Windows\system32\win32spl.dll
2013-12-21 21:59:45 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-12-21 21:59:43 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-12-21 21:59:37 ----A---- C:\Windows\system32\comctl32.dll
2013-12-21 21:59:36 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-12-21 21:59:35 ----A---- C:\Windows\system32\drivers\afd.sys
2013-12-21 21:59:34 ----A---- C:\Windows\system32\qedit.dll
2013-12-21 21:59:33 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-12-21 21:59:29 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-12-21 21:59:29 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-12-21 21:59:29 ----A---- C:\Windows\system32\cdd.dll
2013-12-21 21:59:28 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-12-21 21:59:28 ----A---- C:\Windows\system32\lpk.dll
2013-12-21 21:59:28 ----A---- C:\Windows\system32\dciman32.dll
2013-12-21 21:59:28 ----A---- C:\Windows\system32\atmfd.dll
2013-12-21 21:59:27 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-12-21 21:59:27 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-12-21 21:59:27 ----A---- C:\Windows\system32\fontsub.dll
2013-12-21 21:59:26 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-12-21 21:59:26 ----A---- C:\Windows\system32\atmlib.dll
2013-12-21 21:59:25 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-12-21 21:59:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-12-21 21:59:18 ----A---- C:\Windows\system32\gdi32.dll
2013-12-21 21:59:15 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-21 21:59:15 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-21 21:59:09 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-21 21:59:09 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-21 21:59:08 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-12-21 21:59:05 ----A---- C:\Windows\system32\taskhost.exe
2013-12-21 21:44:50 ----A---- C:\Windows\system32\nshwfp.dll
2013-12-21 21:44:50 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-12-21 21:44:50 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-12-21 21:44:49 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-12-21 21:44:49 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-12-21 17:58:58 ----A---- C:\Windows\system32\Wdfres.dll
2013-12-21 17:58:58 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-12-21 17:55:16 ----A---- C:\Windows\system32\CNMLMAT.DLL
2013-12-21 17:45:38 ----D---- C:\Windows\system32\SPReview
2013-12-21 17:45:03 ----D---- C:\Windows\system32\EventProviders
2013-12-21 17:42:41 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-12-21 17:42:41 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-12-21 17:42:34 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-12-21 17:42:34 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-12-21 17:42:22 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-12-21 17:42:21 ----A---- C:\Windows\system32\WUDFx.dll
2013-12-21 17:42:21 ----A---- C:\Windows\system32\WUDFHost.exe
2013-12-21 17:37:18 ----D---- C:\Windows\system32\MRT
2013-12-21 17:37:16 ----A---- C:\Windows\system32\MRT.exe
2013-12-21 17:19:48 ----A---- C:\Windows\system32\netfxperf.dll
2013-12-21 17:19:48 ----A---- C:\Windows\system32\dfshim.dll
2013-12-21 17:19:41 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2013-12-21 17:19:29 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2013-12-21 17:19:29 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2013-12-21 17:19:29 ----A---- C:\Windows\system32\sysmain.dll
2013-12-21 17:19:28 ----A---- C:\Windows\system32\tssrvlic.dll
2013-12-21 17:19:28 ----A---- C:\Windows\system32\RDVGHelper.exe
2013-12-21 17:19:27 ----A---- C:\Windows\SYSWOW64\pmcsnap.dll
2013-12-21 17:19:26 ----A---- C:\Windows\system32\MSVidCtl.dll
2013-12-21 17:19:25 ----A---- C:\Windows\system32\tquery.dll
2013-12-21 17:19:23 ----A---- C:\Windows\system32\mssrch.dll
2013-12-21 17:19:22 ----A---- C:\Windows\system32\mscoree.dll
2013-12-21 17:19:22 ----A---- C:\Windows\system32\mmcndmgr.dll
2013-12-21 17:19:21 ----A---- C:\Windows\system32\secproc_isv.dll
2013-12-21 17:19:21 ----A---- C:\Windows\system32\mf.dll
2013-12-21 17:19:20 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2013-12-21 17:19:20 ----A---- C:\Windows\system32\xpsservices.dll
2013-12-21 17:19:20 ----A---- C:\Windows\system32\secproc.dll
2013-12-21 17:19:20 ----A---- C:\Windows\system32\RMActivate_isv.exe
2013-12-21 17:19:20 ----A---- C:\Windows\system32\RMActivate.exe
2013-12-21 17:19:18 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2013-12-21 17:19:17 ----A---- C:\Windows\SYSWOW64\secproc.dll
2013-12-21 17:19:16 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2013-12-21 17:19:15 ----A---- C:\Windows\SYSWOW64\PushPrinterConnections.exe
2013-12-21 17:19:15 ----A---- C:\Windows\SYSWOW64\ppcsnap.dll
2013-12-21 17:19:15 ----A---- C:\Windows\system32\schedsvc.dll
2013-12-21 17:19:15 ----A---- C:\Windows\system32\ole32.dll
2013-12-21 17:19:12 ----A---- C:\Windows\system32\spwizui.dll
2013-12-21 17:19:11 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2013-12-21 17:19:11 ----A---- C:\Windows\system32\taskschd.dll
2013-12-21 17:19:11 ----A---- C:\Windows\system32\RacEngn.dll
2013-12-21 17:19:10 ----A---- C:\Windows\SYSWOW64\mf.dll
2013-12-21 17:19:10 ----A---- C:\Windows\system32\wevtsvc.dll
2013-12-21 17:19:10 ----A---- C:\Windows\system32\ExplorerFrame.dll
2013-12-21 17:19:10 ----A---- C:\Windows\system32\diagperf.dll
2013-12-21 17:19:09 ----A---- C:\Windows\system32\vssapi.dll
2013-12-21 17:19:08 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2013-12-21 17:19:08 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2013-12-21 17:19:08 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2013-12-21 17:19:07 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2013-12-21 17:19:07 ----A---- C:\Windows\system32\UIRibbon.dll
2013-12-21 17:19:07 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2013-12-21 17:19:06 ----A---- C:\Windows\explorer.exe
2013-12-21 17:19:05 ----A---- C:\Windows\system32\WsmSvc.dll
2013-12-21 17:19:04 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2013-12-21 17:19:04 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2013-12-21 17:19:04 ----A---- C:\Windows\system32\WMVCORE.DLL
2013-12-21 17:19:04 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2013-12-21 17:19:04 ----A---- C:\Windows\system32\PresentationHost.exe
2013-12-21 17:19:03 ----A---- C:\Windows\system32\rdpdd.dll
2013-12-21 17:19:02 ----A---- C:\Windows\system32\WinSAT.exe
2013-12-21 17:19:02 ----A---- C:\Windows\system32\spreview.exe
2013-12-21 17:19:02 ----A---- C:\Windows\system32\spinstall.exe
2013-12-21 17:19:02 ----A---- C:\Windows\system32\MPSSVC.dll
2013-12-21 17:19:02 ----A---- C:\Windows\system32\CertEnroll.dll
2013-12-21 17:19:01 ----A---- C:\Windows\SYSWOW64\tquery.dll
2013-12-21 17:19:00 ----A---- C:\Windows\system32\d3d9.dll
2013-12-21 17:18:59 ----A---- C:\Windows\SYSWOW64\RacEngn.dll
2013-12-21 17:18:59 ----A---- C:\Windows\system32\SearchFolder.dll
2013-12-21 17:18:58 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2013-12-21 17:18:57 ----A---- C:\Windows\SYSWOW64\AuthFWSnapin.dll
2013-12-21 17:18:57 ----A---- C:\Windows\system32\VSSVC.exe
2013-12-21 17:18:57 ----A---- C:\Windows\system32\gpsvc.dll
2013-12-21 17:18:57 ----A---- C:\Windows\system32\dwmcore.dll
2013-12-21 17:18:57 ----A---- C:\Windows\system32\dbgeng.dll
2013-12-21 17:18:56 ----A---- C:\Windows\system32\drivers\http.sys
2013-12-21 17:18:54 ----A---- C:\Windows\SYSWOW64\rdvgumd32.dll
2013-12-21 17:18:52 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2013-12-21 17:18:51 ----A---- C:\Windows\SYSWOW64\ole32.dll
2013-12-21 17:18:51 ----A---- C:\Windows\system32\TSWorkspace.dll
2013-12-21 17:18:51 ----A---- C:\Windows\system32\qmgr.dll
2013-12-21 17:18:51 ----A---- C:\Windows\system32\audiosrv.dll
2013-12-21 17:18:51 ----A---- C:\Windows\system32\actxprxy.dll
2013-12-21 17:18:50 ----A---- C:\Windows\system32\termsrv.dll
2013-12-21 17:18:50 ----A---- C:\Windows\system32\gpprefcl.dll
2013-12-21 17:18:49 ----A---- C:\Windows\system32\netlogon.dll
2013-12-21 17:18:49 ----A---- C:\Windows\system32\imapi2fs.dll
2013-12-21 17:18:48 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2013-12-21 17:18:48 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2013-12-21 17:18:48 ----A---- C:\Windows\system32\winhttp.dll
2013-12-21 17:18:47 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2013-12-21 17:18:47 ----A---- C:\Windows\SYSWOW64\explorer.exe
2013-12-21 17:18:47 ----A---- C:\Windows\SYSWOW64\d3d9.dll
2013-12-21 17:18:47 ----A---- C:\Windows\system32\wbengine.exe
2013-12-21 17:18:47 ----A---- C:\Windows\system32\setupapi.dll
2013-12-21 17:18:47 ----A---- C:\Windows\system32\rpcss.dll
2013-12-21 17:18:47 ----A---- C:\Windows\system32\QAGENTRT.DLL
2013-12-21 17:18:47 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2013-12-21 17:18:47 ----A---- C:\Windows\system32\propsys.dll
2013-12-21 17:18:47 ----A---- C:\Windows\system32\msv1_0.dll
2013-12-21 17:18:46 ----A---- C:\Windows\system32\werconcpl.dll
2013-12-21 17:18:46 ----A---- C:\Windows\system32\taskeng.exe
2013-12-21 17:18:46 ----A---- C:\Windows\system32\odbc32.dll
2013-12-21 17:18:45 ----A---- C:\Windows\system32\user32.dll
2013-12-21 17:18:44 ----A---- C:\Windows\system32\WSDApi.dll
2013-12-21 17:18:44 ----A---- C:\Windows\system32\umrdp.dll
2013-12-21 17:18:44 ----A---- C:\Windows\system32\LSCSHostPolicy.dll
2013-12-21 17:18:44 ----A---- C:\Windows\system32\drivers\tdx.sys
2013-12-21 17:18:44 ----A---- C:\Windows\system32\dhcpcore.dll
2013-12-21 17:18:44 ----A---- C:\Windows\system32\certmgr.dll
2013-12-21 17:18:42 ----A---- C:\Windows\SYSWOW64\wer.dll
2013-12-21 17:18:42 ----A---- C:\Windows\system32\drivers\netbt.sys
2013-12-21 17:18:41 ----A---- C:\Windows\SYSWOW64\certcli.dll
2013-12-21 17:18:41 ----A---- C:\Windows\system32\tsmf.dll
2013-12-21 17:18:41 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2013-12-21 17:18:40 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2013-12-21 17:18:40 ----A---- C:\Windows\system32\shlwapi.dll
2013-12-21 17:18:40 ----A---- C:\Windows\system32\netshell.dll
2013-12-21 17:18:40 ----A---- C:\Windows\system32\msdtctm.dll
2013-12-21 17:18:40 ----A---- C:\Windows\system32\msdrm.dll
2013-12-21 17:18:40 ----A---- C:\Windows\system32\framedynos.dll
2013-12-21 17:18:39 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2013-12-21 17:18:39 ----A---- C:\Windows\system32\rdpshell.exe
2013-12-21 17:18:38 ----A---- C:\Windows\SYSWOW64\tcpmonui.dll
2013-12-21 17:18:38 ----A---- C:\Windows\system32\wmicmiplugin.dll
2013-12-21 17:18:37 ----A---- C:\Windows\system32\ws2_32.dll
2013-12-21 17:18:37 ----A---- C:\Windows\system32\winlogon.exe
2013-12-21 17:18:37 ----A---- C:\Windows\system32\netcfgx.dll
2013-12-21 17:18:37 ----A---- C:\Windows\system32\appmgr.dll
2013-12-21 17:18:36 ----A---- C:\Windows\system32\wmpps.dll
2013-12-21 17:18:36 ----A---- C:\Windows\system32\lsm.exe
2013-12-21 17:18:36 ----A---- C:\Windows\system32\drivers\csc.sys
2013-12-21 17:18:36 ----A---- C:\Windows\system32\comdlg32.dll
2013-12-21 17:18:36 ----A---- C:\Windows\system32\apphelp.dll
2013-12-21 17:18:35 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2013-12-21 17:18:35 ----A---- C:\Windows\SYSWOW64\tsmf.dll
2013-12-21 17:18:35 ----A---- C:\Windows\SYSWOW64\dot3api.dll
2013-12-21 17:18:35 ----A---- C:\Windows\system32\Query.dll
2013-12-21 17:18:35 ----A---- C:\Windows\system32\drvstore.dll
2013-12-21 17:18:34 ----A---- C:\Windows\system32\wpdshext.dll
2013-12-21 17:18:34 ----A---- C:\Windows\system32\azroles.dll
2013-12-21 17:18:33 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2013-12-21 17:18:33 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2013-12-21 17:18:33 ----A---- C:\Windows\SYSWOW64\printmanagement.msc
2013-12-21 17:18:33 ----A---- C:\Windows\system32\QAGENT.DLL
2013-12-21 17:18:33 ----A---- C:\Windows\system32\BFE.DLL
2013-12-21 17:18:32 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2013-12-21 17:18:32 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2013-12-21 17:18:32 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2013-12-21 17:18:32 ----A---- C:\Windows\system32\Vault.dll
2013-12-21 17:18:32 ----A---- C:\Windows\system32\samsrv.dll
2013-12-21 17:18:32 ----A---- C:\Windows\system32\lpksetup.exe
2013-12-21 17:18:32 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2013-12-21 17:18:32 ----A---- C:\Windows\system32\cmd.exe
2013-12-21 17:18:31 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2013-12-21 17:18:31 ----A---- C:\Windows\system32\mssvp.dll
2013-12-21 17:18:31 ----A---- C:\Windows\system32\cscsvc.dll
2013-12-21 17:18:30 ----A---- C:\Windows\system32\rdpclip.exe
2013-12-21 17:18:29 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2013-12-21 17:18:28 ----A---- C:\Windows\system32\sxs.dll
2013-12-21 17:18:28 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2013-12-21 17:18:27 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2013-12-21 17:18:27 ----A---- C:\Windows\SYSWOW64\Query.dll
2013-12-21 17:18:27 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2013-12-21 17:18:27 ----A---- C:\Windows\system32\Wldap32.dll
2013-12-21 17:18:27 ----A---- C:\Windows\system32\taskcomp.dll
2013-12-21 17:18:27 ----A---- C:\Windows\system32\mfds.dll
2013-12-21 17:18:27 ----A---- C:\Windows\system32\mcbuilder.exe
2013-12-21 17:18:27 ----A---- C:\Windows\system32\cscobj.dll
2013-12-21 17:18:26 ----A---- C:\Windows\SYSWOW64\upnp.dll
2013-12-21 17:18:26 ----A---- C:\Windows\system32\pnidui.dll
2013-12-21 17:18:26 ----A---- C:\Windows\system32\ipsmsnap.dll
2013-12-21 17:18:25 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2013-12-21 17:18:25 ----A---- C:\Windows\SYSWOW64\DShowRdpFilter.dll
2013-12-21 17:18:25 ----A---- C:\Windows\system32\webservices.dll
2013-12-21 17:18:25 ----A---- C:\Windows\system32\rdpendp.dll
2013-12-21 17:18:25 ----A---- C:\Windows\system32\hgprint.dll
2013-12-21 17:18:24 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2013-12-21 17:18:24 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2013-12-21 17:18:24 ----A---- C:\Windows\system32\SessEnv.dll
2013-12-21 17:18:23 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2013-12-21 17:18:23 ----A---- C:\Windows\SYSWOW64\imapi2fs.dll
2013-12-21 17:18:22 ----A---- C:\Windows\system32\winsta.dll
2013-12-21 17:18:21 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2013-12-21 17:18:21 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2013-12-21 17:18:21 ----A---- C:\Windows\system32\sqlsrv32.dll
2013-12-21 17:18:21 ----A---- C:\Windows\system32\fveapi.dll
2013-12-21 17:18:21 ----A---- C:\Windows\system32\dot3api.dll
2013-12-21 17:18:20 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2013-12-21 17:18:20 ----A---- C:\Windows\system32\drivers\volsnap.sys
2013-12-21 17:18:20 ----A---- C:\Windows\system32\drivers\msrpc.sys
2013-12-21 17:18:19 ----A---- C:\Windows\SYSWOW64\mcbuilder.exe
2013-12-21 17:18:19 ----A---- C:\Windows\system32\prncache.dll
2013-12-21 17:18:19 ----A---- C:\Windows\system32\mcmde.dll
2013-12-21 17:18:18 ----A---- C:\Windows\SYSWOW64\userenv.dll
2013-12-21 17:18:18 ----A---- C:\Windows\SYSWOW64\certmgr.dll
2013-12-21 17:18:18 ----A---- C:\Windows\system32\WMNetMgr.dll
2013-12-21 17:18:18 ----A---- C:\Windows\system32\wlanpref.dll
2013-12-21 17:18:18 ----A---- C:\Windows\system32\schtasks.exe
2013-12-21 17:18:17 ----A---- C:\Windows\system32\vpnike.dll
2013-12-21 17:18:17 ----A---- C:\Windows\system32\userenv.dll
2013-12-21 17:18:17 ----A---- C:\Windows\system32\drivers\rdbss.sys
2013-12-21 17:18:16 ----A---- C:\Windows\SYSWOW64\xpsservices.dll
2013-12-21 17:18:16 ----A---- C:\Windows\SYSWOW64\drvstore.dll
2013-12-21 17:18:15 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2013-12-21 17:18:15 ----A---- C:\Windows\system32\tspubwmi.dll
2013-12-21 17:18:15 ----A---- C:\Windows\system32\photowiz.dll
2013-12-21 17:18:15 ----A---- C:\Windows\system32\evr.dll
2013-12-21 17:18:15 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2013-12-21 17:18:14 ----A---- C:\Windows\system32\wmpmde.dll
2013-12-21 17:18:14 ----A---- C:\Windows\system32\IPSECSVC.DLL
2013-12-21 17:18:14 ----A---- C:\Windows\system32\FXSSVC.exe
2013-12-21 17:18:14 ----A---- C:\Windows\system32\framedyn.dll
2013-12-21 17:18:14 ----A---- C:\Windows\system32\AudioSes.dll
2013-12-21 17:18:14 ----A---- C:\Windows\system32\aepdu.dll
2013-12-21 17:18:13 ----A---- C:\Windows\SYSWOW64\cmd.exe
2013-12-21 17:18:13 ----A---- C:\Windows\system32\WMPEncEn.dll
2013-12-21 17:18:13 ----A---- C:\Windows\system32\wmpeffects.dll
2013-12-21 17:18:13 ----A---- C:\Windows\system32\tscfgwmi.dll
2013-12-21 17:18:13 ----A---- C:\Windows\system32\SyncCenter.dll
2013-12-21 17:18:13 ----A---- C:\Windows\system32\srvsvc.dll
2013-12-21 17:18:13 ----A---- C:\Windows\system32\sppobjs.dll
2013-12-21 17:18:13 ----A---- C:\Windows\system32\shsvcs.dll
2013-12-21 17:18:13 ----A---- C:\Windows\system32\rdpinit.exe
2013-12-21 17:18:13 ----A---- C:\Windows\system32\mfreadwrite.dll
2013-12-21 17:18:12 ----A---- C:\Windows\system32\vmicsvc.exe
2013-12-21 17:18:12 ----A---- C:\Windows\system32\fde.dll
2013-12-21 17:18:12 ----A---- C:\Windows\system32\aeinv.dll
2013-12-21 17:18:11 ----A---- C:\Windows\SYSWOW64\propsys.dll
2013-12-21 17:18:11 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2013-12-21 17:18:11 ----A---- C:\Windows\system32\WinSATAPI.dll
2013-12-21 17:18:10 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2013-12-21 17:18:10 ----A---- C:\Windows\SYSWOW64\mfds.dll
2013-12-21 17:18:10 ----A---- C:\Windows\system32\stobject.dll
2013-12-21 17:18:10 ----A---- C:\Windows\system32\netdiagfx.dll
2013-12-21 17:18:10 ----A---- C:\Windows\system32\localsec.dll
2013-12-21 17:18:10 ----A---- C:\Windows\system32\imapi2.dll
2013-12-21 17:18:10 ----A---- C:\Windows\system32\bcryptprimitives.dll
2013-12-21 17:18:09 ----A---- C:\Windows\SYSWOW64\user32.dll
2013-12-21 17:18:09 ----A---- C:\Windows\SYSWOW64\rdpendp.dll
2013-12-21 17:18:09 ----A---- C:\Windows\system32\netid.dll
2013-12-21 17:18:09 ----A---- C:\Windows\system32\inetpp.dll
2013-12-21 17:18:09 ----A---- C:\Windows\system32\drivers\vmbus.sys
2013-12-21 17:18:09 ----A---- C:\Windows\system32\drivers\udfs.sys
2013-12-21 17:18:09 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2013-12-21 17:18:08 ----A---- C:\Windows\system32\tcpipcfg.dll
2013-12-21 17:18:08 ----A---- C:\Windows\system32\spp.dll
2013-12-21 17:18:08 ----A---- C:\Windows\system32\QSHVHOST.DLL
2013-12-21 17:18:07 ----A---- C:\Windows\SYSWOW64\azroles.dll
2013-12-21 17:18:07 ----A---- C:\Windows\SYSWOW64\appmgr.dll
2013-12-21 17:18:07 ----A---- C:\Windows\system32\cscui.dll
2013-12-21 17:18:07 ----A---- C:\Windows\system32\biocpl.dll
2013-12-21 17:18:06 ----A---- C:\Windows\system32\scansetting.dll
2013-12-21 17:18:06 ----A---- C:\Windows\system32\printui.dll
2013-12-21 17:18:06 ----A---- C:\Windows\system32\mspbda.dll
2013-12-21 17:18:06 ----A---- C:\Windows\system32\msinfo32.exe
2013-12-21 17:18:05 ----A---- C:\Windows\SYSWOW64\themeui.dll
2013-12-21 17:18:05 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2013-12-21 17:18:05 ----A---- C:\Windows\system32\pla.dll
2013-12-21 17:18:05 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2013-12-21 17:18:04 ----A---- C:\Windows\SYSWOW64\spp.dll
2013-12-21 17:18:04 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2013-12-21 17:18:03 ----A---- C:\Windows\system32\wusa.exe
2013-12-21 17:18:03 ----A---- C:\Windows\system32\msdri.dll
2013-12-21 17:18:03 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2013-12-21 17:18:03 ----A---- C:\Windows\system32\aitagent.exe
2013-12-21 17:18:02 ----A---- C:\Windows\system32\wiaservc.dll
2013-12-21 17:18:02 ----A---- C:\Windows\system32\vds.exe
2013-12-21 17:18:02 ----A---- C:\Windows\system32\drivers\pci.sys
2013-12-21 17:18:02 ----A---- C:\Windows\system32\AdmTmpl.dll
2013-12-21 17:18:01 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2013-12-21 17:18:01 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2013-12-21 17:18:01 ----A---- C:\Windows\system32\rpchttp.dll
2013-12-21 17:18:01 ----A---- C:\Windows\system32\mscms.dll
2013-12-21 17:18:00 ----A---- C:\Windows\SYSWOW64\NaturalLanguage6.dll
2013-12-21 17:18:00 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2013-12-21 17:18:00 ----A---- C:\Windows\system32\PkgMgr.exe
2013-12-21 17:18:00 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2013-12-21 17:18:00 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2013-12-21 17:17:59 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2013-12-21 17:17:59 ----A---- C:\Windows\SYSWOW64\evr.dll
2013-12-21 17:17:59 ----A---- C:\Windows\system32\XpsRasterService.dll
2013-12-21 17:17:59 ----A---- C:\Windows\system32\wisptis.exe
2013-12-21 17:17:59 ----A---- C:\Windows\system32\ocsetup.exe
2013-12-21 17:17:58 ----A---- C:\Windows\system32\sppwinob.dll
2013-12-21 17:17:57 ----A---- C:\Windows\SYSWOW64\WinSATAPI.dll
2013-12-21 17:17:57 ----A---- C:\Windows\SYSWOW64\calc.exe
2013-12-21 17:17:57 ----A---- C:\Windows\system32\ocsetapi.dll
2013-12-21 17:17:57 ----A---- C:\Windows\system32\DXP.dll
2013-12-21 17:17:57 ----A---- C:\Windows\system32\drivers\volmgr.sys
2013-12-21 17:17:56 ----A---- C:\Windows\SYSWOW64\sqlsrv32.dll
2013-12-21 17:17:56 ----A---- C:\Windows\system32\wpdbusenum.dll
2013-12-21 17:17:56 ----A---- C:\Windows\system32\eapp3hst.dll
2013-12-21 17:17:56 ----A---- C:\Windows\system32\drivers\msdsm.sys
2013-12-21 17:17:56 ----A---- C:\Windows\system32\ci.dll

dandyli · #10 Příspěvek od **dandyli** » 12 led 2014 12:25

2013-12-21 17:17:55 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2013-12-21 17:17:55 ----A---- C:\Windows\system32\wcncsvc.dll
2013-12-21 17:17:55 ----A---- C:\Windows\system32\upnp.dll
2013-12-21 17:17:55 ----A---- C:\Windows\system32\Robocopy.exe
2013-12-21 17:17:55 ----A---- C:\Windows\system32\mprapi.dll
2013-12-21 17:17:55 ----A---- C:\Windows\system32\eapphost.dll
2013-12-21 17:17:54 ----A---- C:\Windows\SYSWOW64\sxs.dll
2013-12-21 17:17:54 ----A---- C:\Windows\system32\thumbcache.dll
2013-12-21 17:17:54 ----A---- C:\Windows\system32\t2embed.dll
2013-12-21 17:17:54 ----A---- C:\Windows\system32\drivers\HpSAMD.sys
2013-12-21 17:17:53 ----A---- C:\Windows\SYSWOW64\netshell.dll
2013-12-21 17:17:53 ----A---- C:\Windows\system32\hal.dll
2013-12-21 17:17:52 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2013-12-21 17:17:52 ----A---- C:\Windows\SYSWOW64\stobject.dll
2013-12-21 17:17:52 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2013-12-21 17:17:52 ----A---- C:\Windows\system32\DxpTaskSync.dll
2013-12-21 17:17:51 ----A---- C:\Windows\system32\scecli.dll
2013-12-21 17:17:51 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2013-12-21 17:17:51 ----A---- C:\Windows\system32\dwmredir.dll
2013-12-21 17:17:49 ----A---- C:\Windows\SYSWOW64\prncache.dll
2013-12-21 17:17:49 ----A---- C:\Windows\system32\themeui.dll
2013-12-21 17:17:49 ----A---- C:\Windows\system32\scrptadm.dll
2013-12-21 17:17:49 ----A---- C:\Windows\system32\puiobj.dll
2013-12-21 17:17:49 ----A---- C:\Windows\system32\onex.dll
2013-12-21 17:17:49 ----A---- C:\Windows\system32\msasn1.dll
2013-12-21 17:17:49 ----A---- C:\Windows\system32\iasrad.dll
2013-12-21 17:17:49 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2013-12-21 17:17:49 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys
2013-12-21 17:17:49 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2013-12-21 17:17:48 ----A---- C:\Windows\SYSWOW64\printui.dll
2013-12-21 17:17:46 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2013-12-21 17:17:46 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2013-12-21 17:17:46 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2013-12-21 17:17:46 ----A---- C:\Windows\SYSWOW64\net1.exe
2013-12-21 17:17:45 ----A---- C:\Windows\system32\wdc.dll
2013-12-21 17:17:44 ----A---- C:\Windows\SYSWOW64\scansetting.dll
2013-12-21 17:17:43 ----A---- C:\Windows\system32\wlangpui.dll
2013-12-21 17:17:43 ----A---- C:\Windows\system32\scesrv.dll
2013-12-21 17:17:43 ----A---- C:\Windows\system32\rasmans.dll
2013-12-21 17:17:42 ----A---- C:\Windows\system32\wiadefui.dll
2013-12-21 17:17:42 ----A---- C:\Windows\system32\VAN.dll
2013-12-21 17:17:42 ----A---- C:\Windows\system32\StructuredQuery.dll
2013-12-21 17:17:42 ----A---- C:\Windows\system32\sdengin2.dll
2013-12-21 17:17:42 ----A---- C:\Windows\system32\netcenter.dll
2013-12-21 17:17:42 ----A---- C:\Windows\system32\msftedit.dll
2013-12-21 17:17:42 ----A---- C:\Windows\system32\dskquoui.dll
2013-12-21 17:17:41 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2013-12-21 17:17:41 ----A---- C:\Windows\SYSWOW64\wlangpui.dll
2013-12-21 17:17:41 ----A---- C:\Windows\SYSWOW64\MMDevAPI.dll
2013-12-21 17:17:41 ----A---- C:\Windows\system32\wscapi.dll
2013-12-21 17:17:41 ----A---- C:\Windows\system32\SndVol.exe
2013-12-21 17:17:41 ----A---- C:\Windows\system32\samcli.dll
2013-12-21 17:17:41 ----A---- C:\Windows\system32\regapi.dll
2013-12-21 17:17:41 ----A---- C:\Windows\system32\iasacct.dll
2013-12-21 17:17:41 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2013-12-21 17:17:40 ----A---- C:\Windows\system32\drivers\termdd.sys
2013-12-21 17:17:39 ----A---- C:\Windows\SYSWOW64\QSHVHOST.DLL
2013-12-21 17:17:39 ----A---- C:\Windows\SYSWOW64\pnidui.dll
2013-12-21 17:17:39 ----A---- C:\Windows\system32\TabSvc.dll
2013-12-21 17:17:39 ----A---- C:\Windows\system32\srchadmin.dll
2013-12-21 17:17:39 ----A---- C:\Windows\system32\QUTIL.DLL
2013-12-21 17:17:38 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2013-12-21 17:17:38 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2013-12-21 17:17:38 ----A---- C:\Windows\SYSWOW64\scrptadm.dll
2013-12-21 17:17:37 ----A---- C:\Windows\SYSWOW64\webservices.dll
2013-12-21 17:17:37 ----A---- C:\Windows\SYSWOW64\fde.dll
2013-12-21 17:17:37 ----A---- C:\Windows\system32\setupcl.exe
2013-12-21 17:17:37 ----A---- C:\Windows\system32\drivers\msahci.sys
2013-12-21 17:17:36 ----A---- C:\Windows\SYSWOW64\SyncCenter.dll
2013-12-21 17:17:36 ----A---- C:\Windows\SYSWOW64\netdiagfx.dll
2013-12-21 17:17:36 ----A---- C:\Windows\system32\rastls.dll
2013-12-21 17:17:35 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2013-12-21 17:17:35 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2013-12-21 17:17:35 ----A---- C:\Windows\system32\drivers\acpi.sys
2013-12-21 17:17:34 ----A---- C:\Windows\system32\tapisrv.dll
2013-12-21 17:17:34 ----A---- C:\Windows\system32\netiohlp.dll
2013-12-21 17:17:33 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2013-12-21 17:17:33 ----A---- C:\Windows\SYSWOW64\pla.dll
2013-12-21 17:17:33 ----A---- C:\Windows\SYSWOW64\cscobj.dll
2013-12-21 17:17:33 ----A---- C:\Windows\system32\msconfig.exe
2013-12-21 17:17:33 ----A---- C:\Windows\system32\mimefilt.dll
2013-12-21 17:17:33 ----A---- C:\Windows\system32\ListSvc.dll
2013-12-21 17:17:33 ----A---- C:\Windows\system32\hgcpl.dll
2013-12-21 17:17:33 ----A---- C:\Windows\system32\drivers\raspptp.sys
2013-12-21 17:17:32 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2013-12-21 17:17:32 ----A---- C:\Windows\system32\lsmproxy.dll
2013-12-21 17:17:32 ----A---- C:\Windows\system32\fdeploy.dll
2013-12-21 17:17:32 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2013-12-21 17:17:32 ----A---- C:\Windows\system32\drivers\ks.sys
2013-12-21 17:17:32 ----A---- C:\Windows\system32\clusapi.dll
2013-12-21 17:17:32 ----A---- C:\Windows\system32\basecsp.dll
2013-12-21 17:17:31 ----A---- C:\Windows\SYSWOW64\winsta.dll
2013-12-21 17:17:31 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2013-12-21 17:17:30 ----A---- C:\Windows\system32\mtxclu.dll
2013-12-21 17:17:30 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2013-12-21 17:17:29 ----A---- C:\Windows\SYSWOW64\imapi2.dll
2013-12-21 17:17:29 ----A---- C:\Windows\system32\riched20.dll
2013-12-21 17:17:28 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2013-12-21 17:17:27 ----A---- C:\Windows\system32\dnscmmc.dll
2013-12-21 17:17:26 ----A---- C:\Windows\system32\RpcRtRemote.dll
2013-12-21 17:17:25 ----A---- C:\Windows\SYSWOW64\WMPEncEn.dll
2013-12-21 17:17:25 ----A---- C:\Windows\SYSWOW64\onex.dll
2013-12-21 17:17:25 ----A---- C:\Windows\system32\sharemediacpl.dll
2013-12-21 17:17:25 ----A---- C:\Windows\system32\powercpl.dll
2013-12-21 17:17:25 ----A---- C:\Windows\system32\logoncli.dll
2013-12-21 17:17:24 ----A---- C:\Windows\SYSWOW64\winmm.dll
2013-12-21 17:17:24 ----A---- C:\Windows\SYSWOW64\shsvcs.dll
2013-12-21 17:17:24 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2013-12-21 17:17:24 ----A---- C:\Windows\system32\themecpl.dll
2013-12-21 17:17:24 ----A---- C:\Windows\system32\nci.dll
2013-12-21 17:17:23 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2013-12-21 17:17:23 ----A---- C:\Windows\SYSWOW64\autofmt.exe
2013-12-21 17:17:23 ----A---- C:\Windows\system32\SensorsCpl.dll
2013-12-21 17:17:23 ----A---- C:\Windows\system32\netjoin.dll
2013-12-21 17:17:23 ----A---- C:\Windows\system32\Faultrep.dll
2013-12-21 17:17:23 ----A---- C:\Windows\system32\eudcedit.exe
2013-12-21 17:17:22 ----A---- C:\Windows\SYSWOW64\netiohlp.dll
2013-12-21 17:17:22 ----A---- C:\Windows\system32\Narrator.exe
2013-12-21 17:17:21 ----A---- C:\Windows\SYSWOW64\samcli.dll
2013-12-21 17:17:21 ----A---- C:\Windows\SYSWOW64\autochk.exe
2013-12-21 17:17:21 ----A---- C:\Windows\system32\wkssvc.dll
2013-12-21 17:17:21 ----A---- C:\Windows\system32\vpnikeapi.dll
2013-12-21 17:17:20 ----A---- C:\Windows\SYSWOW64\proquota.exe
2013-12-21 17:17:20 ----A---- C:\Windows\SYSWOW64\msutb.dll
2013-12-21 17:17:20 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2013-12-21 17:17:20 ----A---- C:\Windows\system32\sppcomapi.dll
2013-12-21 17:17:20 ----A---- C:\Windows\system32\cabview.dll
2013-12-21 17:17:20 ----A---- C:\Windows\system32\autochk.exe
2013-12-21 17:17:19 ----A---- C:\Windows\SYSWOW64\autoconv.exe
2013-12-21 17:17:19 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2013-12-21 17:17:19 ----A---- C:\Windows\system32\autofmt.exe
2013-12-21 17:17:18 ----A---- C:\Windows\SYSWOW64\thumbcache.dll
2013-12-21 17:17:18 ----A---- C:\Windows\SYSWOW64\regapi.dll
2013-12-21 17:17:18 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2013-12-21 17:17:17 ----A---- C:\Windows\SYSWOW64\mimefilt.dll
2013-12-21 17:17:17 ----A---- C:\Windows\SYSWOW64\ipsmsnap.dll
2013-12-21 17:17:17 ----A---- C:\Windows\system32\autoconv.exe
2013-12-21 17:17:16 ----A---- C:\Windows\SYSWOW64\srchadmin.dll
2013-12-21 17:17:16 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2013-12-21 17:17:16 ----A---- C:\Windows\system32\shsetup.dll
2013-12-21 17:17:16 ----A---- C:\Windows\system32\nshipsec.dll
2013-12-21 17:17:16 ----A---- C:\Windows\system32\fms.dll
2013-12-21 17:17:16 ----A---- C:\Windows\system32\audiodg.exe
2013-12-21 17:17:15 ----A---- C:\Windows\SYSWOW64\tcpipcfg.dll
2013-12-21 17:17:15 ----A---- C:\Windows\SYSWOW64\powercpl.dll
2013-12-21 17:17:15 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2013-12-21 17:17:15 ----A---- C:\Windows\system32\wpd_ci.dll
2013-12-21 17:17:15 ----A---- C:\Windows\system32\bcdsrv.dll
2013-12-21 17:17:14 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2013-12-21 17:17:14 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2013-12-21 17:17:14 ----A---- C:\Windows\system32\sdclt.exe
2013-12-21 17:17:13 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2013-12-21 17:17:13 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2013-12-21 17:17:13 ----A---- C:\Windows\system32\wwanconn.dll
2013-12-21 17:17:13 ----A---- C:\Windows\system32\wlanui.dll
2013-12-21 17:17:13 ----A---- C:\Windows\system32\prntvpt.dll
2013-12-21 17:17:13 ----A---- C:\Windows\system32\mscorier.dll
2013-12-21 17:17:13 ----A---- C:\Windows\system32\drivers\winusb.sys
2013-12-21 17:17:13 ----A---- C:\Windows\system32\drivers\wanarp.sys
2013-12-21 17:17:13 ----A---- C:\Windows\system32\drivers\scsiport.sys
2013-12-21 17:17:12 ----A---- C:\Windows\SYSWOW64\AuxiliaryDisplayCpl.dll
2013-12-21 17:17:12 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2013-12-21 17:17:12 ----A---- C:\Windows\system32\dps.dll
2013-12-21 17:17:11 ----A---- C:\Windows\SYSWOW64\QAGENT.DLL
2013-12-21 17:17:11 ----A---- C:\Windows\system32\SmiEngine.dll
2013-12-21 17:17:11 ----A---- C:\Windows\system32\rdpsign.exe
2013-12-21 17:17:11 ----A---- C:\Windows\system32\fontext.dll
2013-12-21 17:17:10 ----A---- C:\Windows\SYSWOW64\netid.dll
2013-12-21 17:17:10 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2013-12-21 17:17:10 ----A---- C:\Windows\system32\mprddm.dll
2013-12-21 17:17:10 ----A---- C:\Windows\system32\Display.dll
2013-12-21 17:17:10 ----A---- C:\Windows\system32\credssp.dll
2013-12-21 17:17:10 ----A---- C:\Windows\system32\batmeter.dll
2013-12-21 17:17:10 ----A---- C:\Windows\system32\AxInstSv.dll
2013-12-21 17:17:09 ----A---- C:\Windows\SYSWOW64\wdc.dll
2013-12-21 17:17:09 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2013-12-21 17:17:09 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2013-12-21 17:17:09 ----A---- C:\Windows\system32\wmpsrcwp.dll
2013-12-21 17:17:09 ----A---- C:\Windows\system32\mblctr.exe
2013-12-21 17:17:07 ----A---- C:\Windows\SYSWOW64\Vault.dll
2013-12-21 17:17:07 ----A---- C:\Windows\SYSWOW64\untfs.dll
2013-12-21 17:17:07 ----A---- C:\Windows\SYSWOW64\rastls.dll
2013-12-21 17:17:07 ----A---- C:\Windows\SYSWOW64\nci.dll
2013-12-21 17:17:06 ----A---- C:\Windows\SYSWOW64\wlanpref.dll
2013-12-21 17:17:06 ----A---- C:\Windows\SYSWOW64\RpcRtRemote.dll
2013-12-21 17:17:06 ----A---- C:\Windows\system32\DiagCpl.dll
2013-12-21 17:17:05 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2013-12-21 17:17:05 ----A---- C:\Windows\system32\usercpl.dll
2013-12-21 17:17:05 ----A---- C:\Windows\system32\rtutils.dll
2013-12-21 17:17:04 ----A---- C:\Windows\SYSWOW64\Robocopy.exe
2013-12-21 17:17:04 ----A---- C:\Windows\system32\provsvc.dll
2013-12-21 17:17:04 ----A---- C:\Windows\system32\bootres.dll
2013-12-21 17:17:03 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2013-12-21 17:17:02 ----A---- C:\Windows\SYSWOW64\DxpTaskSync.dll
2013-12-21 17:17:02 ----A---- C:\Windows\system32\wpccpl.dll
2013-12-21 17:17:02 ----A---- C:\Windows\system32\sppsvc.exe
2013-12-21 17:17:02 ----A---- C:\Windows\system32\rasppp.dll
2013-12-21 17:17:01 ----A---- C:\Windows\SYSWOW64\taskmgr.exe
2013-12-21 17:17:01 ----A---- C:\Windows\system32\SndVolSSO.dll
2013-12-21 17:17:01 ----A---- C:\Windows\system32\drivers\winhv.sys
2013-12-21 17:17:00 ----A---- C:\Windows\SYSWOW64\Display.dll
2013-12-21 17:17:00 ----A---- C:\Windows\system32\dot3cfg.dll
2013-12-21 17:16:59 ----A---- C:\Windows\SYSWOW64\mtxclu.dll
2013-12-21 17:16:59 ----A---- C:\Windows\system32\dxdiagn.dll
2013-12-21 17:16:59 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2013-12-21 17:16:57 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2013-12-21 17:16:57 ----A---- C:\Windows\SYSWOW64\userinit.exe
2013-12-21 17:16:57 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2013-12-21 17:16:57 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2013-12-21 17:16:57 ----A---- C:\Windows\system32\hbaapi.dll
2013-12-21 17:16:56 ----A---- C:\Windows\SYSWOW64\termmgr.dll
2013-12-21 17:16:56 ----A---- C:\Windows\system32\taskmgr.exe
2013-12-21 17:16:56 ----A---- C:\Windows\system32\prnfldr.dll
2013-12-21 17:16:55 ----A---- C:\Windows\SYSWOW64\eudcedit.exe
2013-12-21 17:16:55 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2013-12-21 17:16:55 ----A---- C:\Windows\system32\proquota.exe
2013-12-21 17:16:55 ----A---- C:\Windows\system32\pdh.dll
2013-12-21 17:16:55 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2013-12-21 17:16:53 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2013-12-21 17:16:53 ----A---- C:\Windows\system32\untfs.dll
2013-12-21 17:16:53 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2013-12-21 17:16:52 ----A---- C:\Windows\SYSWOW64\wiadefui.dll
2013-12-21 17:16:52 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2013-12-21 17:16:52 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2013-12-21 17:16:51 ----A---- C:\Windows\SYSWOW64\sppcomapi.dll
2013-12-21 17:16:51 ----A---- C:\Windows\SYSWOW64\FirewallControlPanel.dll
2013-12-21 17:16:51 ----A---- C:\Windows\SYSWOW64\cabview.dll
2013-12-21 17:16:51 ----A---- C:\Windows\system32\userinit.exe
2013-12-21 17:16:51 ----A---- C:\Windows\system32\accessibilitycpl.dll
2013-12-21 17:16:49 ----A---- C:\Windows\SYSWOW64\SensorsCpl.dll
2013-12-21 17:16:48 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2013-12-21 17:16:48 ----A---- C:\Windows\system32\slui.exe
2013-12-21 17:16:47 ----A---- C:\Windows\SYSWOW64\dnscmmc.dll
2013-12-21 17:16:47 ----A---- C:\Windows\system32\zipfldr.dll
2013-12-21 17:16:47 ----A---- C:\Windows\system32\drivers\storvsc.sys
2013-12-21 17:16:47 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2013-12-21 17:16:46 ----A---- C:\Windows\SYSWOW64\PhotoScreensaver.scr
2013-12-21 17:16:45 ----A---- C:\Windows\SYSWOW64\hgcpl.dll
2013-12-21 17:16:44 ----A---- C:\Windows\SYSWOW64\scecli.dll
2013-12-21 17:16:44 ----A---- C:\Windows\system32\sud.dll
2013-12-21 17:16:43 ----A---- C:\Windows\SYSWOW64\tapisrv.dll
2013-12-21 17:16:43 ----A---- C:\Windows\SYSWOW64\mscories.dll
2013-12-21 17:16:43 ----A---- C:\Windows\SYSWOW64\fontext.dll
2013-12-21 17:16:42 ----A---- C:\Windows\SYSWOW64\mscms.dll
2013-12-21 17:16:42 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2013-12-21 17:16:42 ----A---- C:\Windows\SYSWOW64\localsec.dll
2013-12-21 17:16:42 ----A---- C:\Windows\system32\dot3svc.dll
2013-12-21 17:16:42 ----A---- C:\Windows\system32\DeviceCenter.dll
2013-12-21 17:16:41 ----A---- C:\Windows\SYSWOW64\iasacct.dll
2013-12-21 17:16:41 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2013-12-21 17:16:41 ----A---- C:\Windows\system32\networkmap.dll
2013-12-21 17:16:41 ----A---- C:\Windows\system32\cryptui.dll
2013-12-21 17:16:40 ----A---- C:\Windows\SYSWOW64\SndVolSSO.dll
2013-12-21 17:16:40 ----A---- C:\Windows\system32\twext.dll
2013-12-21 17:16:40 ----A---- C:\Windows\system32\taskbarcpl.dll
2013-12-21 17:16:40 ----A---- C:\Windows\system32\ActionCenter.dll
2013-12-21 17:16:39 ----A---- C:\Windows\SYSWOW64\wlanui.dll
2013-12-21 17:16:39 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2013-12-21 17:16:39 ----A---- C:\Windows\SYSWOW64\PerfCenterCPL.dll
2013-12-21 17:16:38 ----A---- C:\Windows\SYSWOW64\VAN.dll
2013-12-21 17:16:38 ----A---- C:\Windows\SYSWOW64\prntvpt.dll
2013-12-21 17:16:38 ----A---- C:\Windows\SYSWOW64\batmeter.dll
2013-12-21 17:16:37 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2013-12-21 17:16:37 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2013-12-21 17:16:37 ----A---- C:\Windows\system32\uxlib.dll
2013-12-21 17:16:37 ----A---- C:\Windows\system32\OobeFldr.dll
2013-12-21 17:16:37 ----A---- C:\Windows\system32\bcdedit.exe
2013-12-21 17:16:36 ----A---- C:\Windows\SYSWOW64\w32tm.exe
2013-12-21 17:16:36 ----A---- C:\Windows\system32\recovery.dll
2013-12-21 17:16:36 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2013-12-21 17:16:36 ----A---- C:\Windows\system32\azroleui.dll
2013-12-21 17:16:35 ----A---- C:\Windows\SYSWOW64\spwizeng.dll
2013-12-21 17:16:35 ----A---- C:\Windows\system32\sisbkup.dll
2013-12-21 17:16:35 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2013-12-21 17:16:35 ----A---- C:\Windows\system32\isoburn.exe
2013-12-21 17:16:35 ----A---- C:\Windows\system32\dsuiext.dll
2013-12-21 17:16:35 ----A---- C:\Windows\system32\cca.dll
2013-12-21 17:16:35 ----A---- C:\Windows\system32\asycfilt.dll
2013-12-21 17:16:34 ----A---- C:\Windows\SYSWOW64\azroleui.dll
2013-12-21 17:16:34 ----A---- C:\Windows\SYSWOW64\accessibilitycpl.dll
2013-12-21 17:16:34 ----A---- C:\Windows\system32\tzutil.exe
2013-12-21 17:16:34 ----A---- C:\Windows\system32\efscore.dll
2013-12-21 17:16:33 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2013-12-21 17:16:33 ----A---- C:\Windows\SYSWOW64\MSAC3ENC.DLL
2013-12-21 17:16:33 ----A---- C:\Windows\SYSWOW64\fdeploy.dll
2013-12-21 17:16:33 ----A---- C:\Windows\system32\systemcpl.dll
2013-12-21 17:16:33 ----A---- C:\Windows\system32\syncui.dll
2013-12-21 17:16:33 ----A---- C:\Windows\system32\sdcpl.dll
2013-12-21 17:16:33 ----A---- C:\Windows\system32\recdisc.exe
2013-12-21 17:16:33 ----A---- C:\Windows\system32\netplwiz.dll
2013-12-21 17:16:33 ----A---- C:\Windows\system32\httpapi.dll
2013-12-21 17:16:32 ----A---- C:\Windows\SYSWOW64\netjoin.dll
2013-12-21 17:16:32 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2013-12-21 17:16:32 ----A---- C:\Windows\system32\shwebsvc.dll
2013-12-21 17:16:32 ----A---- C:\Windows\system32\fvecpl.dll
2013-12-21 17:16:32 ----A---- C:\Windows\system32\drivers\mpio.sys
2013-12-21 17:16:32 ----A---- C:\Windows\system32\autoplay.dll
2013-12-21 17:16:31 ----A---- C:\Windows\SYSWOW64\adsldp.dll
2013-12-21 17:16:31 ----A---- C:\Windows\system32\sysclass.dll
2013-12-21 17:16:31 ----A---- C:\Windows\system32\ncryptui.dll
2013-12-21 17:16:31 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2013-12-21 17:16:31 ----A---- C:\Windows\system32\certcli.dll
2013-12-21 17:16:30 ----A---- C:\Windows\SYSWOW64\wusa.exe
2013-12-21 17:16:30 ----A---- C:\Windows\SYSWOW64\networkmap.dll
2013-12-21 17:16:30 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2013-12-21 17:16:30 ----A---- C:\Windows\system32\wlanmsm.dll
2013-12-21 17:16:30 ----A---- C:\Windows\system32\sdrsvc.dll
2013-12-21 17:16:30 ----A---- C:\Windows\system32\msvidc32.dll
2013-12-21 17:16:30 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2013-12-21 17:16:29 ----A---- C:\Windows\SYSWOW64\MCEWMDRMNDBootstrap.dll
2013-12-21 17:16:29 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2013-12-21 17:16:28 ----A---- C:\Windows\SYSWOW64\prnfldr.dll
2013-12-21 17:16:28 ----A---- C:\Windows\system32\spwizeng.dll
2013-12-21 17:16:27 ----A---- C:\Windows\SYSWOW64\OnLineIDCpl.dll
2013-12-21 17:16:27 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2013-12-21 17:16:27 ----A---- C:\Windows\system32\MFPlay.dll
2013-12-21 17:16:26 ----A---- C:\Windows\SYSWOW64\sud.dll
2013-12-21 17:16:26 ----A---- C:\Windows\system32\vdsutil.dll
2013-12-21 17:16:25 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2013-12-21 17:16:25 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2013-12-21 17:16:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2013-12-21 17:16:25 ----A---- C:\Windows\system32\termmgr.dll
2013-12-21 17:16:24 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2013-12-21 17:16:24 ----A---- C:\Windows\SYSWOW64\iasrad.dll
2013-12-21 17:16:24 ----A---- C:\Windows\system32\sethc.exe
2013-12-21 17:16:24 ----A---- C:\Windows\system32\msscp.dll
2013-12-21 17:16:23 ----A---- C:\Windows\SYSWOW64\defaultlocationcpl.dll
2013-12-21 17:16:23 ----A---- C:\Windows\system32\ReAgent.dll
2013-12-21 17:16:23 ----A---- C:\Windows\system32\ntlanman.dll
2013-12-21 17:16:22 ----A---- C:\Windows\SYSWOW64\ftp.exe
2013-12-21 17:16:22 ----A---- C:\Windows\SYSWOW64\dot3cfg.dll
2013-12-21 17:16:21 ----A---- C:\Windows\SYSWOW64\sisbkup.dll
2013-12-21 17:16:21 ----A---- C:\Windows\system32\sqlcese30.dll
2013-12-21 17:16:20 ----A---- C:\Windows\SYSWOW64\shwebsvc.dll
2013-12-21 17:16:20 ----A---- C:\Windows\SYSWOW64\ifsutil.dll
2013-12-21 17:16:20 ----A---- C:\Windows\system32\rdpd3d.dll
2013-12-21 17:16:20 ----A---- C:\Windows\system32\iprtrmgr.dll
2013-12-21 17:16:20 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2013-12-21 17:16:19 ----A---- C:\Windows\SYSWOW64\efscore.dll
2013-12-21 17:16:19 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2013-12-21 17:16:18 ----A---- C:\Windows\SYSWOW64\ActionCenterCPL.dll
2013-12-21 17:16:18 ----A---- C:\Windows\system32\ssText3d.scr
2013-12-21 17:16:18 ----A---- C:\Windows\system32\iTVData.dll
2013-12-21 17:16:18 ----A---- C:\Windows\system32\drivers\vmstorfl.sys
2013-12-21 17:16:17 ----A---- C:\Windows\SYSWOW64\syncui.dll
2013-12-21 17:16:17 ----A---- C:\Windows\SYSWOW64\autoplay.dll
2013-12-21 17:16:17 ----A---- C:\Windows\system32\wmdrmsdk.dll
2013-12-21 17:16:17 ----A---- C:\Windows\system32\srvcli.dll
2013-12-21 17:16:17 ----A---- C:\Windows\system32\slwga.dll
2013-12-21 17:16:17 ----A---- C:\Windows\system32\iyuv_32.dll
2013-12-21 17:16:17 ----A---- C:\Windows\system32\drmmgrtn.dll
2013-12-21 17:16:16 ----A---- C:\Windows\SYSWOW64\DeviceCenter.dll
2013-12-21 17:16:15 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2013-12-21 17:16:15 ----A---- C:\Windows\SYSWOW64\ntlanman.dll
2013-12-21 17:16:15 ----A---- C:\Windows\SYSWOW64\dskquoui.dll
2013-12-21 17:16:14 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2013-12-21 17:16:14 ----A---- C:\Windows\system32\msiexec.exe
2013-12-21 17:16:13 ----A---- C:\Windows\SYSWOW64\OobeFldr.dll
2013-12-21 17:16:13 ----A---- C:\Windows\system32\wavemsp.dll
2013-12-21 17:16:13 ----A---- C:\Windows\system32\ntprint.dll
2013-12-21 17:16:13 ----A---- C:\Windows\system32\nslookup.exe
2013-12-21 17:16:13 ----A---- C:\Windows\system32\NAPHLPR.DLL
2013-12-21 17:16:13 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2013-12-21 17:16:12 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2013-12-21 17:16:12 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2013-12-21 17:16:12 ----A---- C:\Windows\system32\acppage.dll
2013-12-21 17:16:11 ----A---- C:\Windows\SYSWOW64\sethc.exe
2013-12-21 17:16:11 ----A---- C:\Windows\SYSWOW64\riched20.dll
2013-12-21 17:16:11 ----A---- C:\Windows\system32\srrstr.dll
2013-12-21 17:16:11 ----A---- C:\Windows\system32\bcdboot.exe
2013-12-21 17:16:09 ----A---- C:\Windows\SYSWOW64\NAPHLPR.DLL
2013-12-21 17:16:09 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2013-12-21 17:16:09 ----A---- C:\Windows\system32\sppnp.dll
2013-12-21 17:16:08 ----A---- C:\Windows\SYSWOW64\netplwiz.dll
2013-12-21 17:16:08 ----A---- C:\Windows\SYSWOW64\fms.dll
2013-12-21 17:16:08 ----A---- C:\Windows\SYSWOW64\activeds.dll
2013-12-21 17:16:08 ----A---- C:\Windows\system32\TSpkg.dll
2013-12-21 17:16:08 ----A---- C:\Windows\system32\certprop.dll
2013-12-21 17:16:07 ----A---- C:\Windows\SYSWOW64\wmpsrcwp.dll
2013-12-21 17:16:07 ----A---- C:\Windows\SYSWOW64\migisol.dll
2013-12-21 17:16:06 ----A---- C:\Windows\SYSWOW64\dpx.dll
2013-12-21 17:16:06 ----A---- C:\Windows\system32\networkexplorer.dll
2013-12-21 17:16:06 ----A---- C:\Windows\system32\cabinet.dll
2013-12-21 17:16:05 ----A---- C:\Windows\SYSWOW64\httpapi.dll
2013-12-21 17:16:05 ----A---- C:\Windows\system32\wkscli.dll
2013-12-21 17:16:05 ----A---- C:\Windows\system32\remotepg.dll
2013-12-21 17:16:04 ----A---- C:\Windows\SYSWOW64\nshipsec.dll
2013-12-21 17:16:04 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2013-12-21 17:16:04 ----A---- C:\Windows\system32\PresentationSettings.exe
2013-12-21 17:16:04 ----A---- C:\Windows\system32\dfrgui.exe
2013-12-21 17:16:03 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2013-12-21 17:16:03 ----A---- C:\Windows\SYSWOW64\isoburn.exe
2013-12-21 17:16:02 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2013-12-21 17:16:02 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2013-12-21 17:16:02 ----A---- C:\Windows\SYSWOW64\wavemsp.dll
2013-12-21 17:16:02 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2013-12-21 17:16:02 ----A---- C:\Windows\system32\wmpdxm.dll
2013-12-21 17:16:02 ----A---- C:\Windows\system32\WinSCard.dll
2013-12-21 17:16:02 ----A---- C:\Windows\system32\ftp.exe
2013-12-21 17:16:01 ----A---- C:\Windows\SYSWOW64\provsvc.dll
2013-12-21 17:16:01 ----A---- C:\Windows\SYSWOW64\dot3ui.dll
2013-12-21 17:16:01 ----A---- C:\Windows\system32\wsnmp32.dll
2013-12-21 17:16:01 ----A---- C:\Windows\system32\net1.exe
2013-12-21 17:16:00 ----A---- C:\Windows\SYSWOW64\dsuiext.dll
2013-12-21 17:16:00 ----A---- C:\Windows\SYSWOW64\dfrgui.exe
2013-12-21 17:16:00 ----A---- C:\Windows\system32\wvc.dll
2013-12-21 17:15:59 ----A---- C:\Windows\SYSWOW64\tzutil.exe
2013-12-21 17:15:59 ----A---- C:\Windows\SYSWOW64\ocsetup.exe
2013-12-21 17:15:59 ----A---- C:\Windows\system32\wsqmcons.exe
2013-12-21 17:15:59 ----A---- C:\Windows\system32\wmdrmdev.dll
2013-12-21 17:15:59 ----A---- C:\Windows\system32\WerFaultSecure.exe
2013-12-21 17:15:59 ----A---- C:\Windows\system32\blackbox.dll
2013-12-21 17:15:58 ----A---- C:\Windows\SYSWOW64\wvc.dll
2013-12-21 17:15:58 ----A---- C:\Windows\SYSWOW64\wtsapi32.dll
2013-12-21 17:15:58 ----A---- C:\Windows\SYSWOW64\wimgapi.dll
2013-12-21 17:15:58 ----A---- C:\Windows\system32\mfps.dll
2013-12-21 17:15:57 ----A---- C:\Windows\SYSWOW64\PkgMgr.exe
2013-12-21 17:15:57 ----A---- C:\Windows\SYSWOW64\mstask.dll
2013-12-21 17:15:57 ----A---- C:\Windows\SYSWOW64\AdmTmpl.dll
2013-12-21 17:15:57 ----A---- C:\Windows\system32\msyuv.dll
2013-12-21 17:15:56 ----A---- C:\Windows\SYSWOW64\twext.dll
2013-12-21 17:15:55 ----A---- C:\Windows\system32\OpcServices.dll
2013-12-21 17:15:55 ----A---- C:\Windows\system32\mapistub.dll
2013-12-21 17:15:55 ----A---- C:\Windows\system32\mapi32.dll
2013-12-21 17:15:55 ----A---- C:\Windows\system32\Bubbles.scr
2013-12-21 17:15:54 ----A---- C:\Windows\twain_32.dll
2013-12-21 17:15:54 ----A---- C:\Windows\SYSWOW64\setupugc.exe
2013-12-21 17:15:54 ----A---- C:\Windows\SYSWOW64\qcap.dll
2013-12-21 17:15:54 ----A---- C:\Windows\system32\unimdmat.dll
2013-12-21 17:15:54 ----A---- C:\Windows\system32\msrle32.dll
2013-12-21 17:15:53 ----A---- C:\Windows\SYSWOW64\qasf.dll
2013-12-21 17:15:53 ----A---- C:\Windows\system32\iscsium.dll
2013-12-21 17:15:52 ----A---- C:\Windows\SYSWOW64\uxlib.dll
2013-12-21 17:15:52 ----A---- C:\Windows\system32\tsbyuv.dll
2013-12-21 17:15:52 ----A---- C:\Windows\system32\seclogon.dll
2013-12-21 17:15:52 ----A---- C:\Windows\system32\ifsutil.dll
2013-12-21 17:15:52 ----A---- C:\Windows\system32\diskraid.exe
2013-12-21 17:15:51 ----A---- C:\Windows\SYSWOW64\ssText3d.scr
2013-12-21 17:15:51 ----A---- C:\Windows\SYSWOW64\slwga.dll
2013-12-21 17:15:51 ----A---- C:\Windows\system32\Ribbons.scr
2013-12-21 17:15:51 ----A---- C:\Windows\system32\Mystify.scr
2013-12-21 17:15:49 ----A---- C:\Windows\SYSWOW64\msvfw32.dll
2013-12-21 17:15:49 ----A---- C:\Windows\system32\drivers\umbus.sys
2013-12-21 17:15:48 ----A---- C:\Windows\SYSWOW64\nslookup.exe
2013-12-21 17:15:48 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2013-12-21 17:15:48 ----A---- C:\Windows\SYSWOW64\audiodev.dll
2013-12-21 17:15:48 ----A---- C:\Windows\system32\muifontsetup.dll
2013-12-21 17:15:47 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2013-12-21 17:15:47 ----A---- C:\Windows\SYSWOW64\DevicePairingFolder.dll
2013-12-21 17:15:47 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2013-12-21 17:15:47 ----A---- C:\Windows\system32\wmpshell.dll
2013-12-21 17:15:47 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2013-12-21 17:15:47 ----A---- C:\Windows\system32\rdpencom.dll
2013-12-21 17:15:47 ----A---- C:\Windows\system32\perfmon.exe
2013-12-21 17:15:46 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2013-12-21 17:15:45 ----A---- C:\Windows\SYSWOW64\msscp.dll
2013-12-21 17:15:45 ----A---- C:\Windows\system32\AzSqlExt.dll
2013-12-21 17:15:44 ----A---- C:\Windows\SYSWOW64\wimserv.exe
2013-12-21 17:15:44 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2013-12-21 17:15:44 ----A---- C:\Windows\SYSWOW64\diskraid.exe
2013-12-21 17:15:44 ----A---- C:\Windows\SYSWOW64\acppage.dll
2013-12-21 17:15:44 ----A---- C:\Windows\system32\umb.dll
2013-12-21 17:15:44 ----A---- C:\Windows\system32\tlscsp.dll
2013-12-21 17:15:44 ----A---- C:\Windows\system32\qasf.dll
2013-12-21 17:15:44 ----A---- C:\Windows\system32\netutils.dll
2013-12-21 17:15:44 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2013-12-21 17:15:43 ----A---- C:\Windows\SYSWOW64\rdpencom.dll
2013-12-21 17:15:43 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2013-12-21 17:15:43 ----A---- C:\Windows\system32\FXSAPI.dll
2013-12-21 17:15:43 ----A---- C:\Windows\system32\dbghelp.dll
2013-12-21 17:15:43 ----A---- C:\Windows\system32\ActionQueue.dll
2013-12-21 17:15:42 ----A---- C:\Windows\SYSWOW64\remotepg.dll
2013-12-21 17:15:42 ----A---- C:\Windows\SYSWOW64\raschap.dll
2013-12-21 17:15:42 ----A---- C:\Windows\system32\runonce.exe
2013-12-21 17:15:42 ----A---- C:\Windows\system32\raschap.dll
2013-12-21 17:15:42 ----A---- C:\Windows\bfsvc.exe
2013-12-21 17:15:41 ----A---- C:\Windows\SYSWOW64\QUTIL.DLL
2013-12-21 17:15:41 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2013-12-21 17:15:41 ----A---- C:\Windows\system32\wiavideo.dll
2013-12-21 17:15:40 ----A---- C:\Windows\SYSWOW64\NAPCRYPT.DLL
2013-12-21 17:15:40 ----A---- C:\Windows\SYSWOW64\input.dll
2013-12-21 17:15:40 ----A---- C:\Windows\system32\wpdwcn.dll
2013-12-21 17:15:40 ----A---- C:\Windows\system32\WMADMOD.DLL
2013-12-21 17:15:40 ----A---- C:\Windows\system32\syssetup.dll
2013-12-21 17:15:39 ----A---- C:\Windows\SYSWOW64\UserAccountControlSettings.dll
2013-12-21 17:15:39 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2013-12-21 17:15:39 ----A---- C:\Windows\SYSWOW64\ocsetapi.dll
2013-12-21 17:15:39 ----A---- C:\Windows\SYSWOW64\networkexplorer.dll
2013-12-21 17:15:39 ----A---- C:\Windows\system32\MdSched.exe
2013-12-21 17:15:38 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2013-12-21 17:15:38 ----A---- C:\Windows\SYSWOW64\vpnikeapi.dll
2013-12-21 17:15:38 ----A---- C:\Windows\system32\WMVSDECD.DLL
2013-12-21 17:15:38 ----A---- C:\Windows\system32\vdsbas.dll
2013-12-21 17:15:38 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2013-12-21 17:15:37 ----A---- C:\Windows\SYSWOW64\onexui.dll
2013-12-21 17:15:37 ----A---- C:\Windows\SYSWOW64\iTVData.dll
2013-12-21 17:15:36 ----A---- C:\Windows\SYSWOW64\wpdwcn.dll
2013-12-21 17:15:36 ----A---- C:\Windows\SYSWOW64\vdsbas.dll
2013-12-21 17:15:36 ----A---- C:\Windows\SYSWOW64\runonce.exe
2013-12-21 17:15:36 ----A---- C:\Windows\system32\Mcx2Svc.dll
2013-12-21 17:15:35 ----A---- C:\Windows\SYSWOW64\dxdiagn.dll
2013-12-21 17:15:35 ----A---- C:\Windows\system32\nltest.exe
2013-12-21 17:15:35 ----A---- C:\Windows\system32\mstask.dll
2013-12-21 17:15:35 ----A---- C:\Windows\system32\drivers\rmcast.sys
2013-12-21 17:15:34 ----A---- C:\Windows\SYSWOW64\logagent.exe
2013-12-21 17:15:34 ----A---- C:\Windows\system32\bitsadmin.exe
2013-12-21 17:15:33 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2013-12-21 17:15:33 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2013-12-21 17:15:33 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2013-12-21 17:15:33 ----A---- C:\Windows\system32\shacct.dll
2013-12-21 17:15:33 ----A---- C:\Windows\system32\cscapi.dll
2013-12-21 17:15:32 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2013-12-21 17:15:32 ----A---- C:\Windows\system32\vss_ps.dll
2013-12-21 17:15:32 ----A---- C:\Windows\system32\tabcal.exe
2013-12-21 17:15:32 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2013-12-21 17:15:31 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll
2013-12-21 17:15:31 ----A---- C:\Windows\SYSWOW64\shacct.dll
2013-12-21 17:15:30 ----A---- C:\Windows\SYSWOW64\wmpshell.dll
2013-12-21 17:15:30 ----A---- C:\Windows\system32\WPDSp.dll
2013-12-21 17:15:30 ----A---- C:\Windows\system32\wmdrmnet.dll
2013-12-21 17:15:30 ----A---- C:\Windows\system32\qcap.dll
2013-12-21 17:15:30 ----A---- C:\Windows\system32\logman.exe
2013-12-21 17:15:29 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2013-12-21 17:15:29 ----A---- C:\Windows\SYSWOW64\unimdmat.dll
2013-12-21 17:15:29 ----A---- C:\Windows\SYSWOW64\lsmproxy.dll
2013-12-21 17:15:29 ----A---- C:\Windows\SYSWOW64\bitsadmin.exe
2013-12-21 17:15:29 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2013-12-21 17:15:29 ----A---- C:\Windows\system32\mssphtb.dll
2013-12-21 17:15:29 ----A---- C:\Windows\system32\msnetobj.dll
2013-12-21 17:15:28 ----A---- C:\Windows\SYSWOW64\sqlcese30.dll
2013-12-21 17:15:28 ----A---- C:\Windows\SYSWOW64\rdpd3d.dll
2013-12-21 17:15:28 ----A---- C:\Windows\SYSWOW64\iscsium.dll
2013-12-21 17:15:28 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2013-12-21 17:15:28 ----A---- C:\Windows\system32\CscMig.dll
2013-12-21 17:15:27 ----A---- C:\Windows\SYSWOW64\mprapi.dll
2013-12-21 17:15:27 ----A---- C:\Windows\SYSWOW64\Bubbles.scr
2013-12-21 17:15:27 ----A---- C:\Windows\system32\vmictimeprovider.dll
2013-12-21 17:15:27 ----A---- C:\Windows\system32\secproc_ssp.dll
2013-12-21 17:15:27 ----A---- C:\Windows\system32\qdv.dll
2013-12-21 17:15:27 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2013-12-21 17:15:26 ----A---- C:\Windows\SYSWOW64\pdh.dll
2013-12-21 17:15:26 ----A---- C:\Windows\SYSWOW64\OpcServices.dll
2013-12-21 17:15:26 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2013-12-21 17:15:25 ----A---- C:\Windows\SYSWOW64\PortableDeviceSyncProvider.dll
2013-12-21 17:15:25 ----A---- C:\Windows\SYSWOW64\ncryptui.dll
2013-12-21 17:15:25 ----A---- C:\Windows\SYSWOW64\logman.exe
2013-12-21 17:15:25 ----A---- C:\Windows\system32\spbcd.dll
2013-12-21 17:15:25 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2013-12-21 17:15:24 ----A---- C:\Windows\SYSWOW64\WPDSp.dll
2013-12-21 17:15:24 ----A---- C:\Windows\SYSWOW64\srvcli.dll
2013-12-21 17:15:24 ----A---- C:\Windows\SYSWOW64\PortableDeviceStatus.dll
2013-12-21 17:15:24 ----A---- C:\Windows\SYSWOW64\olethk32.dll
2013-12-21 17:15:24 ----A---- C:\Windows\system32\fphc.dll
2013-12-21 17:15:24 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2013-12-21 17:15:24 ----A---- C:\Windows\system32\dot3ui.dll
2013-12-21 17:15:23 ----A---- C:\Windows\SYSWOW64\Ribbons.scr
2013-12-21 17:15:23 ----A---- C:\Windows\SYSWOW64\QSVRMGMT.DLL
2013-12-21 17:15:22 ----A---- C:\Windows\SYSWOW64\Mystify.scr
2013-12-21 17:15:22 ----A---- C:\Windows\system32\takeown.exe
2013-12-21 17:15:22 ----A---- C:\Windows\system32\PnPUnattend.exe
2013-12-21 17:15:21 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2013-12-21 17:15:21 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2013-12-21 17:15:20 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2013-12-21 17:15:20 ----A---- C:\Windows\SYSWOW64\utildll.dll
2013-12-21 17:15:20 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2013-12-21 17:15:20 ----A---- C:\Windows\system32\amstream.dll
2013-12-21 17:15:19 ----A---- C:\Windows\SYSWOW64\fphc.dll
2013-12-21 17:15:19 ----A---- C:\Windows\SYSWOW64\dot3msm.dll
2013-12-21 17:15:18 ----A---- C:\Windows\SYSWOW64\wiavideo.dll
2013-12-21 17:15:18 ----A---- C:\Windows\SYSWOW64\takeown.exe
2013-12-21 17:15:18 ----A---- C:\Windows\system32\vfwwdm32.dll
2013-12-21 17:15:18 ----A---- C:\Windows\system32\EhStorAPI.dll
2013-12-21 17:15:17 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2013-12-21 17:15:17 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll
2013-12-21 17:15:17 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2013-12-21 17:15:17 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2013-12-21 17:15:16 ----A---- C:\Windows\SYSWOW64\qdv.dll
2013-12-21 17:15:16 ----A---- C:\Windows\system32\shimgvw.dll
2013-12-21 17:15:16 ----A---- C:\Windows\system32\QCLIPROV.DLL
2013-12-21 17:15:16 ----A---- C:\Windows\system32\nrpsrv.dll
2013-12-21 17:15:16 ----A---- C:\Windows\system32\djoin.exe
2013-12-21 17:15:16 ----A---- C:\Windows\system32\cmstp.exe
2013-12-21 17:15:16 ----A---- C:\Windows\system32\CertPolEng.dll
2013-12-21 17:15:15 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2013-12-21 17:15:15 ----A---- C:\Windows\SYSWOW64\EhStorAPI.dll
2013-12-21 17:15:15 ----A---- C:\Windows\system32\iasrecst.dll
2013-12-21 17:15:14 ----A---- C:\Windows\SYSWOW64\sppinst.dll
2013-12-21 17:15:14 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2013-12-21 17:15:14 ----A---- C:\Windows\system32\WavDest.dll
2013-12-21 17:15:13 ----A---- C:\Windows\SYSWOW64\QCLIPROV.DLL
2013-12-21 17:15:13 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2013-12-21 17:15:13 ----A---- C:\Windows\SYSWOW64\cca.dll
2013-12-21 17:15:12 ----A---- C:\Windows\SYSWOW64\MuiUnattend.exe
2013-12-21 17:15:12 ----A---- C:\Windows\SYSWOW64\cmstp.exe
2013-12-21 17:15:12 ----A---- C:\Windows\system32\fdProxy.dll
2013-12-21 17:15:12 ----A---- C:\Windows\system32\drivers\pacer.sys
2013-12-21 17:15:11 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2013-12-21 17:15:11 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2013-12-21 17:15:11 ----A---- C:\Windows\SYSWOW64\vfwwdm32.dll
2013-12-21 17:15:11 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2013-12-21 17:15:11 ----A---- C:\Windows\system32\MultiDigiMon.exe
2013-12-21 17:15:11 ----A---- C:\Windows\system32\KMSVC.DLL
2013-12-21 17:15:10 ----A---- C:\Windows\SYSWOW64\setupcln.dll
2013-12-21 17:15:10 ----A---- C:\Windows\SYSWOW64\AzSqlExt.dll
2013-12-21 17:15:10 ----A---- C:\Windows\system32\sscore.dll
2013-12-21 17:15:10 ----A---- C:\Windows\system32\relog.exe
2013-12-21 17:15:10 ----A---- C:\Windows\system32\mydocs.dll
2013-12-21 17:15:10 ----A---- C:\Windows\system32\iscsicli.exe
2013-12-21 17:15:10 ----A---- C:\Windows\system32\diskpart.exe
2013-12-21 17:15:09 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2013-12-21 17:15:09 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2013-12-21 17:15:09 ----A---- C:\Windows\SYSWOW64\iasrecst.dll
2013-12-21 17:15:09 ----A---- C:\Windows\system32\mobsync.exe
2013-12-21 17:15:08 ----A---- C:\Windows\SYSWOW64\relog.exe
2013-12-21 17:15:08 ----A---- C:\Windows\SYSWOW64\netiougc.exe
2013-12-21 17:15:08 ----A---- C:\Windows\SYSWOW64\iscsicli.exe
2013-12-21 17:15:08 ----A---- C:\Windows\system32\BWUnpairElevated.dll
2013-12-21 17:15:08 ----A---- C:\Windows\system32\BdeHdCfg.exe
2013-12-21 17:15:07 ----A---- C:\Windows\SYSWOW64\wkscli.dll
2013-12-21 17:15:07 ----A---- C:\Windows\SYSWOW64\spbcd.dll
2013-12-21 17:15:07 ----A---- C:\Windows\SYSWOW64\mydocs.dll
2013-12-21 17:15:07 ----A---- C:\Windows\SYSWOW64\amstream.dll
2013-12-21 17:15:07 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2013-12-21 17:15:07 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2013-12-21 17:15:07 ----A---- C:\Windows\system32\msdmo.dll
2013-12-21 17:15:07 ----A---- C:\Windows\system32\itircl.dll
2013-12-21 17:15:07 ----A---- C:\Windows\system32\dot3msm.dll
2013-12-21 17:15:06 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2013-12-21 17:15:06 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2013-12-21 17:15:06 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2013-12-21 17:15:06 ----A---- C:\Windows\SYSWOW64\diskpart.exe
2013-12-21 17:15:05 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2013-12-21 17:15:05 ----A---- C:\Windows\SYSWOW64\resutils.dll
2013-12-21 17:15:05 ----A---- C:\Windows\SYSWOW64\itircl.dll
2013-12-21 17:15:04 ----A---- C:\Windows\SYSWOW64\syssetup.dll
2013-12-21 17:15:04 ----A---- C:\Windows\SYSWOW64\CertPolEng.dll
2013-12-21 17:15:04 ----A---- C:\Windows\system32\FXSTIFF.dll
2013-12-21 17:15:03 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2013-12-21 17:15:03 ----A---- C:\Windows\SYSWOW64\wmpps.dll
2013-12-21 17:15:03 ----A---- C:\Windows\system32\qprocess.exe
2013-12-21 17:15:03 ----A---- C:\Windows\system32\mciqtz32.dll
2013-12-21 17:15:03 ----A---- C:\Windows\system32\choice.exe
2013-12-21 17:15:03 ----A---- C:\Windows\system32\findstr.exe
2013-12-21 17:15:03 ----A---- C:\Windows\system32\eappgnui.dll
2013-12-21 17:15:02 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2013-12-21 17:15:02 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2013-12-21 17:15:02 ----A---- C:\Windows\SYSWOW64\ReAgentc.exe
2013-12-21 17:15:01 ----A---- C:\Windows\SYSWOW64\tlscsp.dll
2013-12-21 17:15:01 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2013-12-21 17:15:01 ----A---- C:\Windows\SYSWOW64\findstr.exe
2013-12-21 17:15:01 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2013-12-21 17:15:01 ----A---- C:\Windows\system32\sppc.dll
2013-12-21 17:15:01 ----A---- C:\Windows\system32\onexui.dll
2013-12-21 17:15:01 ----A---- C:\Windows\system32\luainstall.dll
2013-12-21 17:15:01 ----A---- C:\Windows\system32\drivers\tunnel.sys
2013-12-21 17:15:00 ----A---- C:\Windows\SYSWOW64\netutils.dll
2013-12-21 17:15:00 ----A---- C:\Windows\SYSWOW64\mciqtz32.dll
2013-12-21 17:15:00 ----A---- C:\Windows\system32\chglogon.exe
2013-12-21 17:14:59 ----A---- C:\Windows\SYSWOW64\mobsync.exe
2013-12-21 17:14:59 ----A---- C:\Windows\system32\schedcli.dll
2013-12-21 17:14:59 ----A---- C:\Windows\system32\drivers\dfsc.sys
2013-12-21 17:14:58 ----A---- C:\Windows\SYSWOW64\muifontsetup.dll
2013-12-21 17:14:58 ----A---- C:\Windows\SYSWOW64\cabinet.dll
2013-12-21 17:14:58 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2013-12-21 17:14:58 ----A---- C:\Windows\system32\repair-bde.exe
2013-12-21 17:14:58 ----A---- C:\Windows\system32\manage-bde.exe
2013-12-21 17:14:58 ----A---- C:\Windows\system32\inetmib1.dll
2013-12-21 17:14:57 ----A---- C:\Windows\SYSWOW64\sppc.dll
2013-12-21 17:14:57 ----A---- C:\Windows\SYSWOW64\spopk.dll
2013-12-21 17:14:57 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2013-12-21 17:14:57 ----A---- C:\Windows\system32\spopk.dll
2013-12-21 17:14:57 ----A---- C:\Windows\system32\qappsrv.exe
2013-12-21 17:14:56 ----A---- C:\Windows\SYSWOW64\shimgvw.dll
2013-12-21 17:14:55 ----A---- C:\Windows\SYSWOW64\unlodctr.exe
2013-12-21 17:14:55 ----A---- C:\Windows\SYSWOW64\msdmo.dll
2013-12-21 17:14:55 ----A---- C:\Windows\SYSWOW64\luainstall.dll
2013-12-21 17:14:55 ----A---- C:\Windows\system32\RDPENCDD.dll
2013-12-21 17:14:55 ----A---- C:\Windows\system32\chgport.exe
2013-12-21 17:14:54 ----A---- C:\Windows\SYSWOW64\rdprefdrvapi.dll
2013-12-21 17:14:54 ----A---- C:\Windows\system32\vmstorfltres.dll
2013-12-21 17:14:54 ----A---- C:\Windows\system32\vmicres.dll
2013-12-21 17:14:54 ----A---- C:\Windows\system32\tscon.exe
2013-12-21 17:14:54 ----A---- C:\Windows\system32\odbcconf.dll
2013-12-21 17:14:54 ----A---- C:\Windows\system32\logoff.exe
2013-12-21 17:14:54 ----A---- C:\Windows\system32\chgusr.exe
2013-12-21 17:14:54 ----A---- C:\Windows\system32\fixmapi.exe
2013-12-21 17:14:53 ----A---- C:\Windows\SYSWOW64\inetmib1.dll
2013-12-21 17:14:53 ----A---- C:\Windows\system32\tskill.exe
2013-12-21 17:14:53 ----A---- C:\Windows\system32\tsdiscon.exe
2013-12-21 17:14:53 ----A---- C:\Windows\system32\rwinsta.exe
2013-12-21 17:14:52 ----A---- C:\Windows\SYSWOW64\odbcconf.dll
2013-12-21 17:14:52 ----A---- C:\Windows\system32\vmbusres.dll
2013-12-21 17:14:52 ----A---- C:\Windows\system32\shadow.exe
2013-12-21 17:14:52 ----A---- C:\Windows\system32\FXSMON.dll
2013-12-21 17:14:52 ----A---- C:\Windows\system32\elsTrans.dll
2013-12-21 17:14:51 ----A---- C:\Windows\SYSWOW64\wups.dll
2013-12-21 17:14:51 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2013-12-21 17:14:51 ----A---- C:\Windows\system32\UIRibbonRes.dll
2013-12-21 17:14:51 ----A---- C:\Windows\system32\TRAPI.dll
2013-12-21 17:14:51 ----A---- C:\Windows\system32\drivers\tdi.sys
2013-12-21 17:14:50 ----A---- C:\Windows\SYSWOW64\perfts.dll
2013-12-21 17:14:50 ----A---- C:\Windows\system32\wshbth.dll
2013-12-21 17:14:49 ----A---- C:\Windows\SYSWOW64\imm32.dll
2013-12-21 17:14:49 ----A---- C:\Windows\system32\LogonUI.exe
2013-12-21 17:14:48 ----A---- C:\Windows\system32\reset.exe
2013-12-21 17:14:48 ----A---- C:\Windows\system32\query.exe
2013-12-21 17:14:48 ----A---- C:\Windows\system32\napdsnap.dll
2013-12-21 17:14:48 ----A---- C:\Windows\system32\change.exe
2013-12-21 17:14:48 ----A---- C:\Windows\system32\dsauth.dll
2013-12-21 17:14:47 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2013-12-21 17:14:46 ----A---- C:\Windows\SYSWOW64\elsTrans.dll
2013-12-21 17:14:46 ----A---- C:\Windows\system32\FXSUNATD.exe
2013-12-21 17:14:45 ----A---- C:\Windows\SYSWOW64\TRAPI.dll
2013-12-21 17:14:45 ----A---- C:\Windows\SYSWOW64\bitsperf.dll
2013-12-21 17:14:45 ----A---- C:\Windows\system32\cscdll.dll
2013-12-21 17:14:45 ----A---- C:\Windows\system32\bitsperf.dll
2013-12-21 17:14:44 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2013-12-21 17:14:44 ----A---- C:\Windows\SYSWOW64\schedcli.dll
2013-12-21 17:14:44 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2013-12-21 17:14:43 ----A---- C:\Windows\SYSWOW64\napdsnap.dll
2013-12-21 17:14:43 ----A---- C:\Windows\SYSWOW64\dsauth.dll
2013-12-21 17:14:43 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2013-12-21 17:14:41 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2013-12-21 17:14:39 ----A---- C:\Windows\system32\wsdchngr.dll
2013-12-21 17:14:38 ----A---- C:\Windows\SYSWOW64\sscore.dll
2013-12-21 17:14:37 ----A---- C:\Windows\system32\shgina.dll
2013-12-21 17:14:36 ----A---- C:\Windows\SYSWOW64\wsdchngr.dll
2013-12-21 17:14:36 ----A---- C:\Windows\SYSWOW64\shgina.dll
2013-12-21 17:14:35 ----A---- C:\Windows\SYSWOW64\riched32.dll
2013-12-21 17:14:32 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2013-12-21 17:14:32 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2013-12-21 17:14:31 ----A---- C:\Windows\system32\wshirda.dll
2013-12-21 17:14:31 ----A---- C:\Windows\system32\drivers\Dot4Prt.sys
2013-12-21 17:14:29 ----A---- C:\Windows\system32\rdpcfgex.dll
2013-12-21 17:14:29 ----A---- C:\Windows\system32\drivers\hidusb.sys
2013-12-21 17:14:29 ----A---- C:\Windows\system32\drivers\appid.sys
2013-12-21 17:14:28 ----A---- C:\Windows\SYSWOW64\wshirda.dll
2013-12-21 17:14:28 ----A---- C:\Windows\system32\vmbuspipe.dll
2013-12-21 17:14:28 ----A---- C:\Windows\system32\riched32.dll
2013-12-21 17:14:28 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2013-12-21 17:14:26 ----A---- C:\Windows\system32\spwmp.dll
2013-12-21 17:14:26 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2013-12-21 17:14:26 ----A---- C:\Windows\system32\browseui.dll
2013-12-21 17:14:24 ----A---- C:\Windows\SYSWOW64\browseui.dll
2013-12-21 17:14:24 ----A---- C:\Windows\system32\VmdCoinstall.dll
2013-12-21 17:14:24 ----A---- C:\Windows\system32\VmbusCoinstaller.dll
2013-12-21 17:14:24 ----A---- C:\Windows\system32\IcCoinstall.dll
2013-12-21 17:14:24 ----A---- C:\Windows\system32\C_ISCII.DLL
2013-12-21 17:14:23 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2013-12-21 17:14:21 ----AH---- C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2013-12-21 17:14:21 ----A---- C:\Windows\SYSWOW64\C_ISCII.DLL
2013-12-21 17:14:21 ----A---- C:\Windows\system32\shunimpl.dll
2013-12-21 17:14:21 ----A---- C:\Windows\system32\dxmasf.dll
2013-12-21 17:14:21 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2013-12-21 17:14:21 ----A---- C:\Windows\system32\drivers\scfilter.sys
2013-12-21 17:14:21 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2013-12-21 17:14:21 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2013-12-21 17:14:21 ----A---- C:\Windows\system32\drivers\cdrom.sys
2013-12-21 17:14:20 ----A---- C:\Windows\SYSWOW64\shunimpl.dll
2013-12-21 17:14:20 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2013-12-21 17:14:20 ----A---- C:\Windows\system32\KBDTUF.DLL
2013-12-21 17:14:19 ----A---- C:\Windows\SYSWOW64\KBDTUQ.DLL
2013-12-21 17:14:19 ----A---- C:\Windows\SYSWOW64\KBDTUF.DLL
2013-12-21 17:14:19 ----A---- C:\Windows\SYSWOW64\KBDSG.DLL
2013-12-21 17:14:19 ----A---- C:\Windows\SYSWOW64\kbdlk41a.dll
2013-12-21 17:14:19 ----A---- C:\Windows\SYSWOW64\KBDGR1.DLL
2013-12-21 17:14:19 ----A---- C:\Windows\system32\KBDTUQ.DLL
2013-12-21 17:14:19 ----A---- C:\Windows\system32\KBDSG.DLL
2013-12-21 17:14:19 ----A---- C:\Windows\system32\KBDSF.DLL
2013-12-21 17:14:19 ----A---- C:\Windows\system32\KBDPO.DLL
2013-12-21 17:14:19 ----A---- C:\Windows\system32\KBDNEPR.DLL
2013-12-21 17:14:19 ----A---- C:\Windows\system32\KBDINTAM.DLL
2013-12-21 17:14:19 ----A---- C:\Windows\system32\KBDINBEN.DLL
2013-12-21 17:14:18 ----A---- C:\Windows\SYSWOW64\KBDGKL.DLL
2013-12-21 17:14:18 ----A---- C:\Windows\system32\kbdlk41a.dll
2013-12-21 17:14:18 ----A---- C:\Windows\system32\KBDGR1.DLL
2013-12-21 17:14:18 ----A---- C:\Windows\system32\KBDGKL.DLL
2013-12-21 17:14:17 ----A---- C:\Windows\SYSWOW64\KBDUS.DLL
2013-12-21 17:14:17 ----A---- C:\Windows\SYSWOW64\KBDTURME.DLL
2013-12-21 17:14:17 ----A---- C:\Windows\SYSWOW64\KBDTAJIK.DLL
2013-12-21 17:14:17 ----A---- C:\Windows\SYSWOW64\KBDMON.DLL
2013-12-21 17:14:17 ----A---- C:\Windows\SYSWOW64\KBDGEO.DLL
2013-12-21 17:14:17 ----A---- C:\Windows\SYSWOW64\KBDBLR.DLL
2013-12-21 17:14:16 ----A---- C:\Windows\SYSWOW64\KBDUGHR1.DLL
2013-12-21 17:14:16 ----A---- C:\Windows\SYSWOW64\KBDINTEL.DLL
2013-12-21 17:14:16 ----A---- C:\Windows\SYSWOW64\KBDINHIN.DLL
2013-12-21 17:14:16 ----A---- C:\Windows\SYSWOW64\KBDCZ1.DLL
2013-12-21 17:14:16 ----A---- C:\Windows\system32\KBDUS.DLL
2013-12-21 17:14:16 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2013-12-21 17:14:16 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2013-12-21 17:14:16 ----A---- C:\Windows\system32\KBDMON.DLL
2013-12-21 17:14:16 ----A---- C:\Windows\system32\KBDGEO.DLL
2013-12-21 17:14:16 ----A---- C:\Windows\system32\KBDCZ1.DLL
2013-12-21 17:14:16 ----A---- C:\Windows\system32\drivers\vms3cap.sys
2013-12-21 17:14:15 ----A---- C:\Windows\SYSWOW64\KBDMAORI.DLL
2013-12-21 17:14:15 ----A---- C:\Windows\SYSWOW64\KBDLT1.DLL
2013-12-21 17:14:15 ----A---- C:\Windows\SYSWOW64\KBDINTAM.DLL
2013-12-21 17:14:15 ----A---- C:\Windows\SYSWOW64\KBDINORI.DLL
2013-12-21 17:14:15 ----A---- C:\Windows\SYSWOW64\KBDINMAR.DLL
2013-12-21 17:14:15 ----A---- C:\Windows\system32\KBDLT1.DLL
2013-12-21 17:14:14 ----A---- C:\Windows\SYSWOW64\KBDSF.DLL
2013-12-21 17:14:14 ----A---- C:\Windows\SYSWOW64\KBDPO.DLL
2013-12-21 17:14:14 ----A---- C:\Windows\SYSWOW64\KBDINKAN.DLL
2013-12-21 17:14:14 ----A---- C:\Windows\SYSWOW64\KBDINBEN.DLL
2013-12-21 17:14:14 ----A---- C:\Windows\SYSWOW64\KBDBULG.DLL
2013-12-21 17:14:14 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2013-12-21 17:14:14 ----A---- C:\Windows\system32\KBDTURME.DLL
2013-12-21 17:14:14 ----A---- C:\Windows\system32\KBDBULG.DLL
2013-12-21 17:14:14 ----A---- C:\Windows\system32\KBDBLR.DLL
2013-12-21 17:14:14 ----A---- C:\Windows\system32\KBDBASH.DLL
2013-12-21 17:14:13 ----A---- C:\Windows\SYSWOW64\spwizres.dll
2013-12-21 17:14:13 ----A---- C:\Windows\SYSWOW64\pifmgr.dll
2013-12-21 17:14:13 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2013-12-21 17:14:13 ----A---- C:\Windows\SYSWOW64\KBDNEPR.DLL
2013-12-21 17:14:13 ----A---- C:\Windows\system32\spwizres.dll
2013-12-21 17:14:13 ----A---- C:\Windows\system32\pifmgr.dll
2013-12-21 17:14:13 ----A---- C:\Windows\system32\nlsbres.dll
2013-12-21 17:14:13 ----A---- C:\Windows\system32\KBDMAORI.DLL
2013-12-21 17:14:13 ----A---- C:\Windows\system32\KBDINTEL.DLL
2013-12-21 17:14:13 ----A---- C:\Windows\system32\KBDINORI.DLL
2013-12-21 17:14:13 ----A---- C:\Windows\system32\KBDINMAR.DLL
2013-12-21 17:14:13 ----A---- C:\Windows\system32\KBDINKAN.DLL
2013-12-21 17:14:13 ----A---- C:\Windows\system32\KBDINHIN.DLL
2013-12-21 17:14:12 ----A---- C:\Windows\system32\drivers\VMBusHID.sys
2013-12-21 17:14:12 ----A---- C:\Windows\system32\BlbEvents.dll
2013-12-21 17:12:48 ----A---- C:\Windows\SYSWOW64\wdscore.dll
2013-12-21 17:12:48 ----A---- C:\Windows\system32\dpx.dll
2013-12-21 17:12:43 ----A---- C:\Windows\SYSWOW64\sqmapi.dll
2013-12-21 17:12:36 ----A---- C:\Windows\SYSWOW64\wbemcomn.dll
2013-12-21 17:11:32 ----A---- C:\Windows\system32\wbemcomn.dll
2013-12-21 17:11:22 ----A---- C:\Windows\system32\sqmapi.dll
2013-12-21 17:08:23 ----A---- C:\Windows\system32\usp10.dll
2013-12-21 17:08:22 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-12-21 17:08:16 ----A---- C:\Windows\system32\ntshrui.dll
2013-12-21 17:08:15 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2013-12-21 17:07:59 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-12-21 17:07:59 ----A---- C:\Windows\system32\Wpc.dll
2013-12-21 17:07:59 ----A---- C:\Windows\system32\gameux.dll
2013-12-21 17:07:58 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-12-21 17:07:02 ----A---- C:\Windows\system32\wow64win.dll
2013-12-21 17:06:54 ----A---- C:\Windows\system32\wow64cpu.dll
2013-12-21 17:06:54 ----A---- C:\Windows\system32\ntvdm64.dll
2013-12-21 17:05:58 ----A---- C:\Windows\system32\profsvc.dll
2013-12-21 17:05:58 ----A---- C:\Windows\system32\profprov.dll
2013-12-21 17:05:54 ----A---- C:\Windows\SYSWOW64\esent.dll
2013-12-21 17:05:54 ----A---- C:\Windows\system32\esent.dll
2013-12-21 17:05:53 ----A---- C:\Windows\system32\drivers\nvstor.sys
2013-12-21 17:05:53 ----A---- C:\Windows\system32\drivers\nvraid.sys
2013-12-21 17:05:53 ----A---- C:\Windows\system32\drivers\amdsata.sys
2013-12-21 17:05:52 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2013-12-21 17:05:52 ----A---- C:\Windows\system32\fsutil.exe
2013-12-21 17:05:52 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2013-12-21 17:05:52 ----A---- C:\Windows\system32\drivers\storport.sys
2013-12-21 17:05:52 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2013-12-21 17:05:52 ----A---- C:\Windows\system32\drivers\amdxata.sys
2013-12-21 17:05:42 ----A---- C:\Windows\system32\drivers\bthport.sys
2013-12-21 17:05:41 ----A---- C:\Windows\system32\fsquirt.exe
2013-12-21 17:05:41 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2013-12-21 17:05:19 ----A---- C:\Windows\system32\msi.dll
2013-12-21 17:05:18 ----A---- C:\Windows\SYSWOW64\msi.dll
2013-12-21 17:05:16 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-12-21 17:05:16 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-12-21 17:05:16 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-12-21 17:05:16 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-12-21 17:05:16 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-12-21 17:05:16 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-12-21 17:05:16 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-12-21 17:05:10 ----A---- C:\Windows\SYSWOW64\srclient.dll
2013-12-21 17:05:10 ----A---- C:\Windows\system32\srcore.dll
2013-12-21 17:05:10 ----A---- C:\Windows\system32\rstrui.exe
2013-12-21 16:33:36 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-12-21 16:33:35 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2013-12-21 09:42:40 ----A---- C:\ComboFix.txt
2013-12-21 09:38:40 ----D---- C:\$RECYCLE.BIN
2013-12-21 03:10:37 ----D---- C:\Windows\temp
2013-12-21 03:01:15 ----A---- C:\Windows\PEV.exe
2013-12-21 03:01:15 ----A---- C:\Windows\NIRCMD.exe
2013-12-21 03:01:15 ----A---- C:\Windows\MBR.exe
2013-12-21 03:01:14 ----A---- C:\Windows\zip.exe
2013-12-21 03:01:14 ----A---- C:\Windows\SWSC.exe
2013-12-21 03:01:14 ----A---- C:\Windows\SWREG.exe
2013-12-21 03:01:14 ----A---- C:\Windows\sed.exe
2013-12-21 03:01:14 ----A---- C:\Windows\grep.exe
2013-12-21 02:52:08 ----D---- C:\Qoobox
2013-12-21 02:51:28 ----D---- C:\Windows\erdnt
2013-12-21 02:24:08 ----D---- C:\Program Files\Tracker Software
2013-12-19 21:42:46 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-12-16 20:16:30 ----D---- C:\Hry
2013-12-15 00:11:01 ----D---- C:\Program Files\CCleaner
2013-12-13 19:41:35 ----D---- C:\Program Files (x86)\Nero

======List of files/folders modified in the last 1 month======

2014-01-12 11:32:26 ----D---- C:\Windows\Prefetch
2014-01-12 11:32:23 ----RD---- C:\Program Files
2014-01-12 11:30:12 ----RD---- C:\Program Files (x86)
2014-01-12 11:26:39 ----D---- C:\Windows\system32\drivers
2014-01-12 11:23:10 ----A---- C:\Windows\SYSWOW64\log.txt
2014-01-12 08:24:47 ----D---- C:\Windows\system32\Tasks
2014-01-12 08:24:47 ----D---- C:\ProgramData\Comodo
2014-01-12 03:24:05 ----D---- C:\Windows\Downloaded Program Files
2014-01-12 03:08:09 ----SHD---- C:\Windows\Installer
2014-01-12 03:08:03 ----D---- C:\Config.Msi
2014-01-12 03:07:50 ----D---- C:\Windows\inf
2014-01-12 03:05:13 ----D---- C:\Windows\System32
2014-01-12 03:05:07 ----SD---- C:\ProgramData\Microsoft
2014-01-12 03:05:02 ----AD---- C:\Windows
2014-01-12 01:49:34 ----D---- C:\Windows\SoftwareDistribution
2014-01-12 01:49:21 ----D---- C:\Users\XDANCUMP\AppData\Roaming\uTorrent
2014-01-12 01:44:22 ----D---- C:\ProgramData\ProductData
2014-01-12 01:43:01 ----D---- C:\Windows\system32\catroot2
2014-01-12 01:42:49 ----D---- C:\Windows\debug
2014-01-11 12:27:52 ----D---- C:\Windows\system32\config
2014-01-11 12:17:44 ----D---- C:\Windows\SysWOW64
2014-01-11 12:17:42 ----D---- C:\Windows\winsxs
2014-01-11 12:17:41 ----D---- C:\Windows\system32\catroot
2014-01-11 02:09:06 ----D---- C:\Program Files (x86)\Shutdown Timer
2014-01-10 02:35:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-07 22:38:06 ----D---- C:\ProgramData\CanonIJPLM
2014-01-07 18:55:12 ----D---- C:\ProgramData
2014-01-07 18:55:11 ----D---- C:\Windows\system32\FxsTmp
2014-01-06 21:02:57 ----D---- C:\Users\XDANCUMP\AppData\Roaming\Dropbox
2013-12-30 16:53:32 ----D---- C:\Windows\rescache
2013-12-29 20:17:22 ----D---- C:\Windows\Microsoft.NET
2013-12-29 20:16:48 ----RSD---- C:\Windows\assembly
2013-12-29 01:10:32 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-29 01:10:31 ----D---- C:\Program Files\Internet Explorer
2013-12-29 01:10:24 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-29 01:10:21 ----D---- C:\Program Files\Windows Media Player
2013-12-29 01:10:18 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-12-29 01:10:17 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-29 01:10:17 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-29 01:10:16 ----D---- C:\Windows\system32\cs-CZ
2013-12-29 01:10:15 ----D---- C:\Windows\system32\sk-SK
2013-12-29 01:10:15 ----D---- C:\Windows\system32\en-US
2013-12-29 01:10:09 ----D---- C:\Windows\SYSWOW64\wbem
2013-12-29 01:10:06 ----D---- C:\Windows\PolicyDefinitions
2013-12-29 01:10:03 ----D---- C:\Windows\system32\drivers\en-US
2013-12-29 01:10:01 ----D---- C:\Windows\system32\wbem
2013-12-29 01:09:56 ----D---- C:\Windows\AppPatch
2013-12-29 01:09:44 ----D---- C:\Windows\SYSWOW64\migration
2013-12-29 01:09:44 ----D---- C:\Windows\system32\migration
2013-12-29 01:09:42 ----D---- C:\Windows\system32\DriverStore
2013-12-23 02:13:46 ----D---- C:\Program Files\Common Files\Adobe
2013-12-23 02:10:28 ----D---- C:\Program Files\Adobe
2013-12-23 02:08:00 ----D---- C:\Program Files (x86)\Adobe
2013-12-23 02:05:52 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-12-23 01:47:31 ----D---- C:\Windows\Panther
2013-12-23 01:47:31 ----D---- C:\Windows\Logs
2013-12-21 23:23:49 ----D---- C:\Program Files (x86)\Windows Defender
2013-12-21 23:23:48 ----D---- C:\Program Files\Windows Defender
2013-12-21 23:22:34 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-12-21 23:22:33 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-12-21 23:22:33 ----D---- C:\Windows\SYSWOW64\it-IT
2013-12-21 23:22:32 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-12-21 23:22:32 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-12-21 23:22:31 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-12-21 23:22:31 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-12-21 23:22:31 ----D---- C:\Windows\SYSWOW64\el-GR
2013-12-21 23:22:30 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-12-21 23:22:30 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-12-21 23:22:29 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-12-21 23:22:29 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-12-21 23:22:28 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-12-21 23:22:28 ----D---- C:\Windows\SYSWOW64\es-ES
2013-12-21 23:22:27 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-12-21 23:22:27 ----D---- C:\Windows\SYSWOW64\de-DE
2013-12-21 23:22:25 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-12-21 23:22:25 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-12-21 23:22:24 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-12-21 23:22:24 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-12-21 23:22:23 ----D---- C:\Windows\SYSWOW64\da-DK
2013-12-21 23:22:16 ----D---- C:\Windows\system32\pt-BR
2013-12-21 23:22:15 ----D---- C:\Windows\system32\it-IT
2013-12-21 23:22:14 ----D---- C:\Windows\system32\pt-PT
2013-12-21 23:22:14 ----D---- C:\Windows\system32\pl-PL
2013-12-21 23:22:13 ----D---- C:\Windows\system32\ko-KR
2013-12-21 23:22:13 ----D---- C:\Windows\system32\hu-HU
2013-12-21 23:22:12 ----D---- C:\Windows\system32\zh-HK
2013-12-21 23:22:11 ----D---- C:\Windows\system32\nl-NL
2013-12-21 23:22:11 ----D---- C:\Windows\system32\el-GR
2013-12-21 23:22:10 ----D---- C:\Windows\system32\fr-FR
2013-12-21 23:22:09 ----D---- C:\Windows\system32\tr-TR
2013-12-21 23:22:09 ----D---- C:\Windows\system32\fi-FI
2013-12-21 23:22:08 ----D---- C:\Windows\system32\sv-SE
2013-12-21 23:22:08 ----D---- C:\Windows\system32\es-ES
2013-12-21 23:22:07 ----D---- C:\Windows\system32\zh-TW
2013-12-21 23:22:06 ----D---- C:\Windows\system32\de-DE
2013-12-21 23:22:05 ----D---- C:\Windows\system32\zh-CN
2013-12-21 23:22:04 ----D---- C:\Windows\system32\ru-RU
2013-12-21 23:22:04 ----D---- C:\Windows\system32\ja-JP
2013-12-21 23:22:03 ----D---- C:\Windows\system32\nb-NO
2013-12-21 23:22:02 ----D---- C:\Windows\system32\da-DK
2013-12-21 23:21:19 ----D---- C:\Program Files\Windows Journal
2013-12-21 21:13:32 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-12-21 21:13:32 ----D---- C:\Program Files (x86)\Windows Portable Devices
2013-12-21 21:13:32 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2013-12-21 21:13:32 ----D---- C:\Program Files (x86)\Windows Mail
2013-12-21 21:13:29 ----D---- C:\Program Files\Windows Sidebar
2013-12-21 21:13:29 ----D---- C:\Program Files\Windows Mail
2013-12-21 21:13:29 ----D---- C:\Program Files\DVD Maker
2013-12-21 21:13:28 ----D---- C:\Program Files\Windows Portable Devices
2013-12-21 21:13:28 ----D---- C:\Program Files\Windows Photo Viewer
2013-12-21 21:13:23 ----D---- C:\Program Files\Common Files\System
2013-12-21 21:13:21 ----D---- C:\Windows\servicing
2013-12-21 21:13:20 ----D---- C:\Windows\ehome
2013-12-21 21:13:09 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2013-12-21 21:13:03 ----D---- C:\Windows\SYSWOW64\oobe
2013-12-21 21:13:02 ----D---- C:\Windows\SYSWOW64\Setup
2013-12-21 21:13:02 ----D---- C:\Windows\SYSWOW64\cs
2013-12-21 21:13:02 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2013-12-21 21:12:59 ----D---- C:\Windows\SYSWOW64\sppui
2013-12-21 21:12:59 ----D---- C:\Windows\SYSWOW64\manifeststore
2013-12-21 21:12:59 ----D---- C:\Windows\SYSWOW64\en
2013-12-21 21:12:57 ----D---- C:\Windows\SYSWOW64\migwiz
2013-12-21 21:12:57 ----D---- C:\Windows\SYSWOW64\Dism
2013-12-21 21:12:15 ----D---- C:\Windows\system32\oobe
2013-12-21 21:12:14 ----D---- C:\Windows\system32\Setup
2013-12-21 21:12:14 ----D---- C:\Windows\system32\AdvancedInstallers
2013-12-21 21:12:13 ----D---- C:\Windows\system32\cs
2013-12-21 21:12:10 ----D---- C:\Windows\system32\sppui
2013-12-21 21:12:10 ----D---- C:\Windows\system32\manifeststore
2013-12-21 21:12:08 ----D---- C:\Windows\system32\drivers\UMDF
2013-12-21 21:12:08 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-12-21 21:11:59 ----D---- C:\Windows\system32\migwiz
2013-12-21 21:11:58 ----D---- C:\Windows\system32\Dism
2013-12-21 21:11:12 ----RSD---- C:\Windows\Fonts
2013-12-21 21:07:57 ----D---- C:\Windows\system32\Boot
2013-12-21 19:57:16 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2013-12-21 19:57:15 ----A---- C:\Windows\system32\msclmd.dll
2013-12-21 09:38:46 ----A---- C:\Windows\system.ini
2013-12-21 09:38:36 ----D---- C:\Windows\system32\drivers\etc
2013-12-21 03:07:11 ----D---- C:\Windows\SYSWOW64\drivers
2013-12-21 03:07:10 ----D---- C:\Program Files (x86)\Common Files
2013-12-21 02:30:27 ----SHD---- C:\System Volume Information
2013-12-21 02:13:08 ----D---- C:\ProgramData\Adobe
2013-12-17 01:00:37 ----D---- C:\Users\XDANCUMP\AppData\Roaming\DAEMON Tools Lite
2013-12-16 20:33:34 ----D---- C:\ProgramData\Codemasters
2013-12-16 20:32:42 ----D---- C:\Windows\SYSWOW64\directx
2013-12-15 02:36:05 ----D---- C:\Users\XDANCUMP\AppData\Roaming\Juniper Networks
2013-12-13 19:41:35 ----D---- C:\ProgramData\Nero

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-25 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-25 28008]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-06-20 834544]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 cnnctfy2;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy2.sys [2013-11-21 31344]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-28 283200]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2013-01-09 231376]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 PfFilter;PfFilter; \??\C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2013-04-03 39504]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2011-03-21 11576]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-27 6659072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-26 195584]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-07-05 96256]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-04-23 3058168]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-03-31 724536]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2013-08-25 128200]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2013-12-02 250984]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-12-02 32496]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2011-08-05 292024]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2011-07-12 19904]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 67384]
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2011-11-28 33872]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-27 6659072]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-08-20 103576]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2009-07-23 132608]
S3 FaxLffv2;Companion Suite Pro LL2 Modem Driver; C:\Windows\System32\Drivers\FaxLffv2.sys [2008-06-18 31232]
S3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2013-07-25 79592]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2013-07-25 86376]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-04-03 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-04-03 27760]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-07-23 116992]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2009-07-23 113792]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2013-11-17 164736]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2011-08-02 22528]
S3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-25 19456]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-03-26 34336]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 204568]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-12-25 57856]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-03-26 23016]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S4 IObitUnlocker;IObitUnlocker; \??\C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2013-09-30 36568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-26 202752]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 FUSServices;Session Launcher Service; C:\Windows\SysWOW64\FUSServices.exe [2010-01-08 10752]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2012-09-05 66560]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 SamsungAllShareV2.0;Samsung AllShare PC; C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2011-04-01 198064]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03 116648]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03 116648]
S3 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2011-02-07 138192]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-10-26 124368]
S3 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-09-28 489384]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-04-25 335168]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
S4 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S4 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-06-01 736104]

-----------------EOF-----------------

#11 Příspěvek od **Márty84** » 12 led 2014 13:17

Porad v logu vidim veci od IObit

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

dandyli · #12 Příspěvek od **dandyli** » 12 led 2014 13:34

Skoro vše od Iobit je pryč...pouze Iobit Uninstaler a smart Defrag 2 jsem si nechal doufám že neva?

Až doběhne OTL tak vložím log.

#13 Příspěvek od **Márty84** » 12 led 2014 13:41

No v tom logu z RSIT bezi stale i C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe

Ja bych dal pryc vsechno. Ale volba je na vas

dandyli · #14 Příspěvek od **dandyli** » 12 led 2014 13:53

jde o to že Smart Defrag mi pomaha s defragmentací a zdá se že ji nedělá vubec špatně a Iobit Uninstaller mi odinstalovává programy a vyhledává zbytkevé stopy, které také maže a výchozí uninstaller ve Windows asi nedělá.

#15 Příspěvek od **Márty84** » 12 led 2014 14:18

Ja vim na co ty dve veci sjou

Jde o to, ze s IObit mame dost spatne zkusenosti. A ano, mate pravdu, ze nastroje windows nejsou idealni. Ale existuji jine programy, se kterymi nebyvaji problemy. Ale pokud vam vyhovuji.....
Hlavne ze je pryc ASC

VIRY.CZ

Vyskakující okno u stavové lišty Win7 - Roulette Bot Plus

Vyskakující okno u stavové lišty Win7 - Roulette Bot Plus

Re: Vyskakující okno u stavové lišty Win7 - Roulette Bot Plu

Re: Vyskakující okno u stavové lišty Win7 - Roulette Bot Plu

Re: Vyskakující okno u stavové lišty Win7 - Roulette Bot Plu

Re: Vyskakující okno u stavové lišty Win7 - Roulette Bot Plu

Re: Vyskakující okno u stavové lišty Win7 - Roulette Bot Plu

Re: Vyskakující okno u stavové lišty Win7 - Roulette Bot Plu

Re: Vyskakující okno u stavové lišty Win7 - Roulette Bot Plu

Re: Vyskakující okno u stavové lišty Win7 - Roulette Bot Plu

Re: Vyskakující okno u stavové lišty Win7 - Roulette Bot Plu

Re: Vyskakující okno u stavové lišty Win7 - Roulette Bot Plu

Re: Vyskakující okno u stavové lišty Win7 - Roulette Bot Plu

Re: Vyskakující okno u stavové lišty Win7 - Roulette Bot Plu

Re: Vyskakující okno u stavové lišty Win7 - Roulette Bot Plu

Re: Vyskakující okno u stavové lišty Win7 - Roulette Bot Plu