MyCity » Ambulanta -> Arhiva Ambulante » Vec par dana pojavljuje mi se neki trojanac

Vec par dana pojavljuje mi se neki trojanac

Napisano na dan: 6.7.2013
1

Vec par dana pojavljuje mi se neki trojanac
Sledeća strana Pagination

Idi na vrh

Poslao: 06 Jul 2013 17:54
Idi na vrh
offline
  • Dalibor
  • Pridružio: 03 Feb 2011
  • Poruke: 447
  • Gde živiš: Nemačka

Dobar dan !
Vec par dana skeniram racunar i pojavi mi se neki trojanac pa ga sklonim onda ga nema pa mi se ponovo pojavi na SUPERAntiSpaware,
Pa da proverimo sta se kod mene desava !


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 10.25.2
Run by MICA at 17:48:07 on 2013-07-06
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.519 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\VMSnap3.EXE
C:\WINDOWS\Domino.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MCShield\mcshieldrtm.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Maxthon3\Bin\Maxthon.exe
C:\Program Files\Maxthon3\Bin\Maxthon.exe
C:\Program Files\Maxthon3\Bin\Maxthon.exe
C:\Program Files\Maxthon3\Bin\Maxthon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Maxthon3\Bin\Maxthon.exe
C:\Program Files\Skype\Updater\Updater.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
uSearch Bar = [Link mogu videti samo ulogovani korisnici]
uDefault_Page_URL = [Link mogu videti samo ulogovani korisnici]
mStart Page = [Link mogu videti samo ulogovani korisnici]
mDefault_Page_URL = [Link mogu videti samo ulogovani korisnici]
uInternet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici]
uSearchAssistant = [Link mogu videti samo ulogovani korisnici]
mSearchAssistant = [Link mogu videti samo ulogovani korisnici]
mCustomizeSearch = [Link mogu videti samo ulogovani korisnici]
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [VMSnap3] c:\windows\VMSnap3.EXE
mRun: [Domino] c:\windows\Domino.EXE
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [IObit Malware Fighter] "c:\program files\iobit\iobit malware fighter\IMF.exe" /autostart
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\mica\startm~1\programs\startup\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{16BF28D3-AF02-49DB-86A1-9A115159ACDF} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs=
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\mica\application data\mozilla\firefox\profiles\gv3y8h66.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici]
FF - plugin: c:\documents and settings\mica\local settings\application data\google\update\1.3.21.149\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-06-30 10:44; [Link mogu videti samo ulogovani korisnici]; c:\documents and settings\mica\application data\mozilla\firefox\profiles\gv3y8h66.default\extensions\trtv3@trtv.com.xpi
FF - ExtSQL: 2013-07-02 08:14; [Link mogu videti samo ulogovani korisnici]; c:\program files\avast software\avast\webrep\FF
FF - ExtSQL: 2013-07-04 13:42; {505CC4BC-9D39-4BA5-86E0-F25353D6D061}; c:\documents and settings\mica\application data\mozilla\firefox\profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}
FF - ExtSQL: 2013-07-04 13:42; [Link mogu videti samo ulogovani korisnici]; c:\documents and settings\mica\application data\mozilla\firefox\profiles\gv3y8h66.default\extensions\addon@defaulttab.com.xpi
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.mixidj.tlbrSrchUrl -
FF - user.js: extensions.mixidj.id - f8a970ed000000000000001d92472bc2
FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}
FF - user.js: extensions.mixidj.instlDay - 15888
FF - user.js: extensions.mixidj.vrsn - 1.8.18.8
FF - user.js: extensions.mixidj.vrsni - 1.8.18.8
FF - user.js: extensions.mixidj.vrsnTs - 1.8.18.813:38:51
FF - user.js: extensions.mixidj.prtnrId - mixidj
FF - user.js: extensions.mixidj.prdct - mixidj
FF - user.js: extensions.mixidj.aflt - babsst
FF - user.js: extensions.mixidj.smplGrp - none
FF - user.js: extensions.mixidj.tlbrId - baseyh
FF - user.js: extensions.mixidj.instlRef - sst
FF - user.js: extensions.mixidj.dfltLng - en
FF - user.js: extensions.mixidj.excTlbr - false
FF - user.js: extensions.mixidj.ffxUnstlRst - false
FF - user.js: extensions.mixidj.admin - false
FF - user.js: extensions.mixidj.autoRvrt - false
FF - user.js: extensions.mixidj.rvrt - false
FF - user.js: extensions.mixidj.newTab - false
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - f8a970ed000000000000001d92472bc2
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15891
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.514:04:11
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119820&tt=040713_ifrmful&tsp=4934
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: dom.disable_window_status_change - true
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - [Link mogu videti samo ulogovani korisnici]
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Funmoods
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - false
FF - user.js: extensions.funmoods.newTabUrl - [Link mogu videti samo ulogovani korisnici]
FF - user.js: extensions.funmoods.tlbrSrchUrl - [Link mogu videti samo ulogovani korisnici]
FF - user.js: extensions.funmoods.id - 001D92472BC270ED
FF - user.js: extensions.funmoods.instlDay - 15892
FF - user.js: extensions.funmoods.vrsn - 1.8.11.0
FF - user.js: extensions.funmoods.vrsni - 1.8.11.0
FF - user.js: extensions.funmoods_i.vrsnTs - 1.8.11.09:36:48
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - nv2
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef -
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.appId - {EA28B360-05E0-4F93-8150-02891F1D8D3C}
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods_i.hmpg - true
FF - user.js: extensions.funmoods.cr - 983680633
FF - user.js: extensions.funmoods.cd - 2XzuyEtN2Y1L1QzutDtDtC0DzytByEyBtB0B0CtByBtD0E0DtN0D0Tzu0CyDyDtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1G2XtB
FF - user.js: extensions.irspeeddial.aflt - nv2
FF - user.js: extensions.irspeeddial.instlRef -
FF - user.js: extensions.irspeeddial.cr - 983680633
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1QzutDtDtC0DzytByEyBtB0B0CtByBtD0E0DtN0D0Tzu0CyDyDtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1G2XtB
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-7-2 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-7-2 175176]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-7-2 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-7-2 369584]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-7-2 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-7-2 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-7-2 46808]
R2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2013-7-5 335168]
R2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-3 162408]
R2 WsysSvc;Wsys Service;c:\documents and settings\all users\application data\esafe\eGdpSvc.exe [2013-7-3 386112]
R3 vmfilter303;vmfilter303;c:\windows\system32\drivers\vmfilter303.sys [2013-6-26 428160]
S3 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\RegFilter.sys [2013-7-5 31520]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\UrlFilter.sys [2013-7-5 17360]
S4 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\FileMonitor.sys [2013-7-5 247968]
.
=============== Created Last 30 ================
.
2013-07-06 07:36:57 -------- d-----w- c:\documents and settings\mica\application data\Funmoods
2013-07-06 07:24:25 -------- d-----w- c:\documents and settings\mica\application data\PerformerSoft
2013-07-06 07:24:22 18096 ----a-w- c:\windows\system32\roboot.exe
2013-07-06 07:24:12 -------- d-----w- c:\documents and settings\mica\application data\PlusWinks
2013-07-06 07:24:03 -------- d-----w- c:\documents and settings\mica\application data\SpeedAnalysis2
2013-07-06 07:23:52 -------- d-----w- c:\documents and settings\mica\application data\File Scout
2013-07-06 06:50:03 -------- d-----w- c:\documents and settings\mica\local settings\application data\WMTools Downloaded Files
2013-07-05 12:44:52 21728 ----a-w- c:\windows\system32\wucltui.dll.mui
2013-07-05 12:44:52 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui
2013-07-05 12:44:52 -------- d-----w- c:\windows\system32\SoftwareDistribution
2013-07-05 12:44:51 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2013-07-05 12:44:51 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
2013-07-05 12:40:57 23360 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-07-05 12:27:39 -------- d-----w- c:\documents and settings\all users\application data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-05 12:27:36 -------- d-----w- c:\documents and settings\mica\AppData
2013-07-05 12:27:35 -------- d-----w- c:\documents and settings\all users\application data\IObit
2013-07-05 12:27:16 -------- d-----w- c:\program files\IObit
2013-07-05 12:16:46 -------- d-----w- c:\documents and settings\all users\application data\PC Optimizer Pro
2013-07-05 11:34:27 -------- d-----w- c:\documents and settings\all users\application data\VS Revo Group
2013-07-05 06:45:36 -------- d-----w- c:\program files\Gophoto.it
2013-07-05 06:45:03 -------- d-----w- c:\program files\TornTV.com
2013-07-04 11:45:04 839680 ----a-w- c:\windows\system32\lameACM.acm
2013-07-04 11:45:04 3649536 ----a-w- c:\windows\system32\x264vfw.dll
2013-07-04 11:45:04 216064 ----a-w- c:\windows\system32\lagarith.dll
2013-07-04 11:45:03 650752 ----a-w- c:\windows\system32\xvidcore.dll
2013-07-04 11:45:03 243200 ----a-w- c:\windows\system32\xvidvfw.dll
2013-07-04 11:45:02 178688 ----a-w- c:\windows\system32\unrar.dll
2013-07-04 11:45:02 151552 ----a-w- c:\windows\system32\ac3acm.acm
2013-07-04 11:44:57 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2013-07-04 11:44:51 -------- d-----w- c:\program files\K-Lite Codec Pack
2013-07-04 11:42:55 -------- d-----w- c:\program files\MyPC Backup
2013-07-04 11:42:29 -------- d-----w- c:\documents and settings\mica\application data\DefaultTab
2013-07-04 11:42:26 -------- d-----w- c:\program files\DefaultTab
2013-07-04 11:41:53 -------- d-----w- c:\program files\OApps
2013-07-03 09:26:13 -------- d-----w- c:\program files\CoreAAC
2013-07-03 09:07:41 -------- d-----w- c:\documents and settings\mica\application data\OpenCandy
2013-07-03 06:56:55 12872 ----a-w- c:\windows\system32\bootdelete.exe
2013-07-03 06:51:56 -------- d-----w- c:\documents and settings\mica\application data\WinZipper
2013-07-03 06:46:56 -------- d-----w- c:\documents and settings\all users\application data\eSafe
2013-07-03 06:46:29 -------- d-----w- c:\program files\Desk 365
2013-07-03 06:46:29 -------- d-----w- c:\documents and settings\mica\application data\Desk 365
2013-07-03 06:45:44 -------- d-----w- c:\documents and settings\mica\application data\eIntaller
2013-07-03 06:45:41 -------- d-----w- c:\documents and settings\mica\application data\SwvUpdater
2013-07-03 05:20:27 -------- d-----w- c:\windows\system32\searchplugins
2013-07-03 05:20:27 -------- d-----w- c:\windows\system32\Extensions
2013-07-02 14:27:51 -------- d-----w- c:\documents and settings\mica\application data\ExpressFiles
2013-07-02 11:39:37 -------- d-----w- c:\program files\common files\Spigot
2013-07-02 11:39:09 -------- d-----w- c:\program files\Vtools
2013-07-02 11:38:45 -------- d-----w- c:\documents and settings\mica\application data\mixidj
2013-07-02 11:38:24 -------- d-----w- c:\program files\Instair
2013-07-02 11:38:19 -------- d-----w- c:\documents and settings\mica\LocalLow
2013-07-02 11:38:18 -------- d-----w- c:\program files\Instair Speed Dial
2013-07-02 11:38:15 -------- d-----w- c:\documents and settings\mica\application data\IObit
2013-07-02 11:30:55 -------- d-----w- c:\documents and settings\mica\local settings\application data\VS Revo Group
2013-07-02 11:16:11 -------- d-----w- c:\documents and settings\mica\application data\BabSolution
2013-07-02 11:15:46 -------- d-----w- c:\documents and settings\mica\application data\Babylon
2013-07-02 11:15:46 -------- d-----w- c:\documents and settings\all users\application data\Babylon
2013-07-02 11:15:24 -------- d-----w- c:\documents and settings\all users\application data\Tarma Installer
2013-07-02 11:10:27 -------- d-----w- c:\documents and settings\mica\local settings\application data\iLivid
2013-07-02 10:49:14 -------- d-----w- c:\documents and settings\mica\application data\uTorrent
2013-07-02 06:14:58 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-07-02 06:14:58 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-07-02 06:14:58 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-07-02 06:14:57 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-07-02 06:14:37 41664 ----a-w- c:\windows\avastSS.scr
2013-07-02 06:14:19 -------- d-----w- c:\program files\AVAST Software
2013-07-02 06:13:05 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
2013-06-30 07:21:07 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2013-06-30 07:21:06 -------- d-----w- c:\program files\Hitman Pro 3.5
2013-06-30 07:20:44 -------- d-----w- c:\documents and settings\all users\application data\Hitman Pro
2013-06-29 10:37:38 -------- d-----w- c:\windows\system32\NtmsData
2013-06-29 07:00:01 5632 ----a-w- c:\windows\system32\ptpusb.dll
2013-06-29 07:00:00 159232 ----a-w- c:\windows\system32\ptpusd.dll
2013-06-29 06:59:59 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2013-06-29 06:59:59 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-06-27 09:13:50 -------- d-----w- c:\program files\MCShield
2013-06-27 09:13:50 -------- d-----w- c:\documents and settings\all users\application data\MCShield
2013-06-26 20:10:52 -------- d-----w- c:\documents and settings\mica\local settings\application data\Pokki
2013-06-26 20:08:42 221215 ------w- c:\windows\system32\Divxdec.ax
2013-06-26 20:01:26 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2013-06-26 20:01:26 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2013-06-26 20:01:22 -------- d-----w- c:\windows\Logs
2013-06-26 20:01:12 819200 ----a-w- c:\program files\windows media player\wmsetsdk.exe
2013-06-26 20:01:12 47616 ----a-w- c:\program files\windows media player\msoobci.dll
2013-06-26 20:01:12 -------- d-----w- c:\program files\Winamp Detect
2013-06-26 19:57:51 221184 ----a-w- c:\windows\system32\wmpns.dll
2013-06-26 19:50:56 -------- d-----w- c:\documents and settings\mica\local settings\application data\ACD Systems
2013-06-26 19:50:56 -------- d-----w- c:\documents and settings\mica\application data\ACD Systems
2013-06-26 19:50:37 -------- d-----w- c:\documents and settings\all users\application data\ACD Systems
2013-06-26 19:50:36 -------- d-----w- c:\program files\common files\ACD Systems
2013-06-26 19:50:36 -------- d-----w- c:\program files\ACD Systems
2013-06-26 19:46:59 -------- d-----w- c:\documents and settings\mica\local settings\application data\Downloaded Installations
2013-06-26 19:42:24 -------- d-----w- c:\program files\Unlocker
2013-06-26 19:37:44 -------- d-----w- c:\windows\system32\appmgmt
2013-06-26 18:59:20 -------- d-----w- c:\documents and settings\mica\application data\Maxthon3
2013-06-26 18:59:14 -------- d-----w- c:\program files\Maxthon3
2013-06-26 18:56:06 -------- d-----w- c:\documents and settings\mica\local settings\application data\Sun
2013-06-26 18:52:19 -------- d-----w- c:\windows\pss
2013-06-26 18:44:00 -------- d-----w- c:\program files\CCleaner
2013-06-26 18:42:31 -------- d-----w- c:\program files\Defraggler
2013-06-26 18:40:59 -------- d-----w- c:\documents and settings\mica\application data\SUPERAntiSpyware.com
2013-06-26 18:40:20 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-06-26 18:40:20 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2013-06-26 18:38:36 -------- d-----w- c:\documents and settings\mica\local settings\application data\Yahoo
2013-06-26 18:38:33 -------- d-----w- c:\program files\Yahoo!
2013-06-26 18:37:48 -------- d-----w- c:\program files\SpeedFan
2013-06-26 18:34:59 43008 ----a-w- c:\windows\system32\ksxbar.ax
2013-06-26 18:34:54 81920 ----a-w- c:\windows\system32\VM303STI.dll
2013-06-26 18:34:54 49152 ----a-w- c:\windows\vmsnap3.exe
2013-06-26 18:34:54 49152 ----a-w- c:\windows\Domino.exe
2013-06-26 18:34:54 428160 ----a-w- c:\windows\system32\drivers\vmfilter303.sys
2013-06-26 18:34:54 40960 ----a-w- c:\windows\system32\setupfilter.exe
2013-06-26 18:34:54 392122 ----a-w- c:\windows\system32\drivers\usbVM303.sys
2013-06-26 18:34:54 258188 ----a-w- c:\windows\system32\VM303Prp.Ax
2013-06-26 18:34:54 176128 ----a-w- c:\windows\amcap.exe
2013-06-26 18:34:54 102400 ----a-w- c:\windows\VM303Cap.exe
2013-06-26 18:34:46 -------- d-----w- c:\program files\A4 tech
2013-06-26 18:32:00 -------- d-----r- c:\program files\Skype
2013-06-26 18:22:22 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-26 18:22:22 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-26 18:21:25 -------- d-----w- c:\documents and settings\mica\local settings\application data\Adobe
2013-06-26 18:19:26 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-26 18:19:26 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-26 18:19:26 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-26 18:19:22 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-26 18:11:26 -------- d-----w- c:\documents and settings\mica\local settings\application data\Google
2013-06-26 18:07:43 -------- d-----w- c:\documents and settings\mica\application data\CallingID
2013-06-26 18:03:53 -------- d-----w- c:\documents and settings\all users\application data\Avira
2013-06-26 18:00:11 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
.
==================== Find3M ====================
.
2013-06-26 16:26:49 315392 ----a-w- c:\windows\HideWin.exe
.
============= FINISH: 17:48:35,03 ===============

[Link mogu videti samo ulogovani korisnici]



Poslao: 06 Jul 2013 19:23
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Pozdrav,

Sta ti tacno detektuje SAS? Moze li Screenshot ili pun naziv fajla / putanje?


Korak#1


Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt



Korak#2


Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:



process;
srinfo;
installedprogs;
DIR /S /A:L "%systemdrive%\*">>"%temp%\log.txt";b
filesrcm;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;



Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Okaci log u poruku.



Poslao: 06 Jul 2013 21:02
Idi na vrh
offline
  • Dalibor
  • Pridružio: 03 Feb 2011
  • Poruke: 447
  • Gde živiš: Nemačka

Evo sta mi je prijavljivao danas

[Link mogu videti samo ulogovani korisnici]


[Link mogu videti samo ulogovani korisnici]

Zoek.exe Version 4.0.0.3 Updated 05-July-2013
Tool run by MICA on sub 06.07.2013 at 20:50:41,57.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected

==== System Restore Info ======================

7/6/2013 8:50:54 PM Zoek.exe System Restore Point Created Succesfully.

==== Installed Programs ======================

ćTorrent
A4 TECH PC Camera H
ACDSee 9 Photo Manager
Adobe Flash Player 11 Plugin
Adobe Flash Player ActiveX
Adobe Reader XI (11.0.03)
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
ATI Parental Control & Encoder
avast Free Antivirus
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Norwegian
CCC Help Spanish
CCC Help Swedish
CCleaner
CoreAAC
Defraggler
Google Chrome
High Definition Audio Driver Package - KB888111
Hitman Pro 3.5
IObit Malware Fighter
Java 7 Update 25
Java Auto Updater
K-Lite Mega Codec Pack 9.9.5
Maxthon 3
MCShield ::Anti-Malware Tool::
Microsoft .NET Framework 2.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 22.0 (x86 sr)
Mozilla Maintenance Service
Picasa 3
Realtek High Definition Audio Driver
SelectionLinks
Skins
SkypeT 6.5
SpeedFan (remove only)
SUPERAntiSpyware
Unlocker 1.9.2
WebFldrs XP
Winamp
Winamp Detector Plug-in
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Media Format Runtime
Windows XP Service Pack 3
WinRAR 4.20 (32-bit)
Yahoo Install Manager
Yahoo Widgets

==== Running Processes ======================

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\VMSnap3.EXE
C:\WINDOWS\Domino.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MCShield\mcshieldrtm.exe
C:\Program Files\Yahoo\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo\Widgets\YahooWidgets.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\MICA\Desktop\zoek.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc

==== Batch Command(s) Run By Tool======================

Volume in drive C has no label.
Volume Serial Number is F8A9-70ED

Directory of C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices

26.06.2013 18:33 <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes

Total Files Listed:
0 File(s) 0 bytes
1 Dir(s) 2.475.163.648 bytes free

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2013-07-02 06:14:37 E9C8673674ECF840EE59ED805DBE9966 41664 ----a-w- C:\WINDOWS\avastSS.scr
2013-06-26 18:34:54 E45B115037C5CB7D880236862EB7C704 49152 ----a-w- C:\WINDOWS\Domino.exe
2013-06-26 18:34:54 98FF556821502AC055717E732B98FD33 49152 ----a-w- C:\WINDOWS\vmsnap3.exe
2013-06-26 18:34:54 7FF8DC09DC3C0DAEBE545F10702E8506 176128 ----a-w- C:\WINDOWS\amcap.exe
2013-06-26 18:34:54 61FFA98CDAB4CC612F585DF2DE6993E2 102400 ----a-w- C:\WINDOWS\VM303Cap.exe
2013-06-26 17:58:12 53D7F47255085310F50604FDE3076F97 4161 ----a-w- C:\WINDOWS\ODBCINST.INI
2013-06-26 17:57:55 F4DFD83153E8C9088AE2DB704107060D 15360 ----a-w- C:\WINDOWS\TASKMAN.EXE
2013-06-26 17:57:54 5E28284F9B5F9097640D58A73D38AD4C 69120 ----a-w- C:\WINDOWS\notepad.exe
2013-06-26 16:49:17 224A97EA5029845D2F5D1A6D85BBC798 32866 ------w- C:\WINDOWS\slrundll.exe
2013-06-26 16:32:12 F04D09C1405C84AC90D8643C22845D2E 11557 ----a-r- C:\WINDOWS\atiogl.xml
2013-06-26 16:27:14 1AFA1CBBB859A9F335FEC2F8CF3D5D0B 1826816 ------r- C:\WINDOWS\SkyTel.exe
2013-06-26 16:27:14 0D034E8C4F88C5B2B0C1AF3CF438CC4F 86016 ------r- C:\WINDOWS\SoundMan.exe
2013-06-26 16:27:13 964771A8E668CE64708ABE8B95BF5FD2 1191936 ------r- C:\WINDOWS\RtlUpd.exe
2013-06-26 16:27:11 C1E3CF28AAA41F1F1E3AA9D110D9447C 9715200 ------r- C:\WINDOWS\RTLCPL.exe
2013-06-26 16:27:06 03E3D8A81FCC50ECFBD6C8F22AC0B0C7 16384512 ------r- C:\WINDOWS\RTHDCPL.exe
2013-06-26 16:27:05 9E1CADE5FDD67B40A8610BE9CB2B882C 2165760 ------r- C:\WINDOWS\MicCal.exe
2013-06-26 16:27:02 8B4CBBA1EA526830C7F97E7822E2493A 69632 ------r- C:\WINDOWS\Alcmtr.exe
2013-06-26 16:26:59 EC05E964058693D1F71D1B5506B5CF09 2808832 ------r- C:\WINDOWS\alcwzrd.exe
2013-06-26 16:26:49 2D65F8DB74C36819896CF809E4375F0A 315392 ----a-w- C:\WINDOWS\HideWin.exe
2013-06-26 16:26:48 C9D1D65169A08D20AEC8FF318E1C2DDE 520192 ------r- C:\WINDOWS\RtlExUpd.dll
2013-06-26 16:17:19 323D38041436EC6C4975A5073980C1B9 32260 ----a-w- C:\WINDOWS\SchedLgU.Txt
2013-06-26 16:16:59 F3766B53561B1BA61254D93EEF18132A 8192 ----a-w- C:\WINDOWS\REGLOCS.OLD
2013-06-26 16:16:09 6A2CB42966136854F4464516FBB4AE72 2048 --s-a-w- C:\WINDOWS\bootstat.dat
2013-06-26 16:14:02 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\control.ini
2013-06-26 16:13:59 DC17DD0189B0C36D863B4DD0A036C10F 316640 ----a-w- C:\WINDOWS\WMSysPr9.prx
2013-06-26 16:13:04 5A5CFF37F1BD0F86B9BDAAD7A9445882 749 ---ha-r- C:\WINDOWS\WindowsShell.Manifest
2013-06-26 16:12:26 81051BCC2CF1BEDF378224B0A93E2877 2 ----a-w- C:\WINDOWS\desktop.ini
2013-06-26 16:12:26 2F3CDC1D898FD25B2547F5BFEB01FD0D 48680 --sh--w- C:\WINDOWS\winnt256.bmp
2013-06-26 16:12:26 2F3CDC1D898FD25B2547F5BFEB01FD0D 48680 --sh--w- C:\WINDOWS\winnt.bmp
2013-06-26 16:10:58 6C2F0BA210C2B53EF07653ABAC6C2490 37 ----a-w- C:\WINDOWS\vbaddin.ini
2013-06-26 16:10:58 487403459F0B2F1A3ADEEF02496BD80E 36 ----a-w- C:\WINDOWS\vb.ini
2013-06-26 16:10:26 EB3BFC14E41FBAA41B4FD4489AA82D39 65832 ----a-w- C:\WINDOWS\Santa Fe Stucco.bmp
2013-06-26 16:10:26 927A66BD587E31CB12D3AB25381658DC 17362 ----a-w- C:\WINDOWS\Rhododendron.bmp
2013-06-26 16:10:26 73D70ED3EC3BBFD8FD35DF431C38F374 17062 ----a-w- C:\WINDOWS\Coffee Bean.bmp
2013-06-26 16:10:26 5B4AC407E566076BB726BA91E067D313 26680 ----a-w- C:\WINDOWS\River Sumida.bmp
2013-06-26 16:10:26 5290EA6951F4724259F423B12C8E1393 9522 ----a-w- C:\WINDOWS\Zapotec.bmp
2013-06-26 16:10:26 3A8B85AB7B415BF3F8AFE285DFE0CE29 16730 ----a-w- C:\WINDOWS\FeatherTexture.bmp
2013-06-26 16:10:26 280920B6773C74C3649A934257112BE1 65954 ----a-w- C:\WINDOWS\Prairie Wind.bmp
2013-06-26 16:10:26 203EF178BF8B0A8EC34E27E4DEDB6349 17336 ----a-w- C:\WINDOWS\Gone Fishing.bmp
2013-06-26 16:10:26 1AC5E83598D4F2143B59A2D893C3279A 26582 ----a-w- C:\WINDOWS\Greenstone.bmp
2013-06-26 16:10:25 DAC71A10A6A71CB6E3F427AE3283734B 1272 ----a-w- C:\WINDOWS\Blue Lace 16.bmp
2013-06-26 16:10:25 39F43DBCE366B2561DF073B4C0839299 65978 ----a-w- C:\WINDOWS\Soap Bubbles.bmp
====== C:\DOCUME~1\MICA\LOCALS~1\Temp ====
2013-07-06 12:23:16 7E7EB7AFF595774E5E500B34058CC1A7 192512 ----a-w- C:\DOCUME~1\MICA\LOCALS~1\Temp\sfamcc00001.dll
2013-07-06 07:39:50 5405413FFF79B8D9C747AA900F60F082 599419 ----a-w- C:\DOCUME~1\MICA\LOCALS~1\Temp\Sqlite3.dll
2013-07-06 07:39:50 3252EAD684467D3F16A47E7581AAB757 458240 ----a-w- C:\DOCUME~1\MICA\LOCALS~1\Temp\13330uninstall.exe
2013-07-05 12:11:45 5AA3E89A59E3D556B5F9B6D8D8EE3A82 42080 ----a-w- C:\DOCUME~1\MICA\LOCALS~1\Temp\bi_cleaner.exe
2013-07-05 12:03:34 FB58CA29357D25ECD447E79F61B03B67 272128 ----a-w- C:\DOCUME~1\MICA\LOCALS~1\Temp\Setup-D502DD2B71B5.exe
2013-07-05 12:03:31 D36977B52D60F38DCAF276A46B39A3C9 812607 ----a-w- C:\DOCUME~1\MICA\LOCALS~1\Temp\DeltaTB.exe
2013-07-05 12:02:07 A55B82103A202C20717F45C201EC4553 936960 ----a-w- C:\DOCUME~1\MICA\LOCALS~1\Temp\htmlayout.dll
====== C:\WINDOWS\system32 =====
2013-07-05 12:44:52 C2A03905AE2DADE0FA91FF0C26A6421C 21728 ----a-w- C:\WINDOWS\System32\wucltui.dll.mui
2013-07-05 12:44:52 8B62DC7855287089DBE9AB25CFB50431 17632 ----a-w- C:\WINDOWS\System32\wuaueng.dll.mui
2013-07-05 12:44:52 5BD1234E11B39C63BBA87022AF6D43C2 44768 ----a-w- C:\WINDOWS\System32\wups2.dll
2013-07-05 12:44:51 B63D7016211F2323BB5B4FF1F8CB1CF6 15072 ----a-w- C:\WINDOWS\System32\wuaucpl.cpl.mui
2013-07-05 12:44:51 52CF3B23095C47043FC060D9F1A74D2E 15064 ----a-w- C:\WINDOWS\System32\wuapi.dll.mui
2013-07-05 12:40:57 3C30C649895A8F02F46DBC72805AAC70 23360 ----a-w- C:\WINDOWS\System32\RegistryDefragBootTime.exe
2013-07-04 11:45:04 FBE5C2BDED0E85F6F0E68D1D6F2521DF 3649536 ----a-w- C:\WINDOWS\System32\x264vfw.dll
2013-07-04 11:45:04 FA425C74CE2EB719B2A77A7A2ADDAE32 216064 ----a-w- C:\WINDOWS\System32\lagarith.dll
2013-07-04 11:45:04 671FEF5266B8AA14C0B69B38C24BD8BD 415 ----a-w- C:\WINDOWS\System32\lame_acm.xml
2013-07-04 11:45:04 22722B4E887BB95AB071542DE5A42C80 839680 ----a-w- C:\WINDOWS\System32\lameACM.acm
2013-07-04 11:45:03 C26B7B8CA40C627B9DE399F9F8FACC69 650752 ----a-w- C:\WINDOWS\System32\xvidcore.dll
2013-07-04 11:45:03 56552C7C36B6237704CE3BA9DF49FECF 243200 ----a-w- C:\WINDOWS\System32\xvidvfw.dll
2013-07-04 11:45:02 60FEE6F524865950EF0A40D49F969320 178688 ----a-w- C:\WINDOWS\System32\unrar.dll
2013-07-04 11:45:02 006C6378513685ACDFFA84A5ECB86F76 151552 ----a-w- C:\WINDOWS\System32\ac3acm.acm
2013-07-04 11:44:57 DED4C49C39D6CEFC00FDA0C4D7D59407 714 ----a-w- C:\WINDOWS\System32\ff_vfw.dll.manifest
2013-07-04 11:44:57 5BF12FCC4091CD3F6E4AD0FC3DD038BC 112640 ----a-w- C:\WINDOWS\System32\ff_vfw.dll
2013-07-03 06:56:55 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\WINDOWS\System32\bootdelete.exe
2013-07-02 06:14:57 CFE4114B963AB0AB22F6EBEF89564194 229648 ----a-w- C:\WINDOWS\System32\aswBoot.exe
2013-06-29 07:00:01 C32579D70515B47F7C5FB01D54129419 5632 ----a-w- C:\WINDOWS\System32\ptpusb.dll
2013-06-29 07:00:00 AD6390536EEC15B53A3CFFBF2A7B8467 159232 ----a-w- C:\WINDOWS\System32\ptpusd.dll
2013-06-26 20:08:42 EFF71E68DD8F9DC0BBD89CD83153C336 221215 ------w- C:\WINDOWS\System32\Divxdec.ax
2013-06-26 20:01:26 C6A44FC3CF2F5801561804272217B14D 1892184 ----a-w- C:\WINDOWS\System32\D3DX9_42.dll
2013-06-26 20:01:26 797E24743937D67D69F28F2CF5052EE8 2414360 ----a-w- C:\WINDOWS\System32\d3dx9_31.dll
2013-06-26 20:00:03 DFC64F80CBC171FB0631E7F15D79C998 436720 ------w- C:\WINDOWS\System32\pxwave.dll
2013-06-26 20:00:03 B36F01A58631341310C6D4116F2EDF5F 66032 ------w- C:\WINDOWS\System32\pxinsa64.exe
2013-06-26 20:00:03 B248A451721CF86A6CDBA18B379EC80C 551408 ------w- C:\WINDOWS\System32\pxdrv.dll
2013-06-26 20:00:03 9555982C980B760398C09EEFAE6FCF01 129520 ------w- C:\WINDOWS\System32\pxafs.dll
2013-06-26 20:00:03 5420BAFE4BEFBC64452DEE6AF8782A20 1858032 ------w- C:\WINDOWS\System32\pxsfs.dll
2013-06-26 20:00:03 51598A4CD5BFC25C8D4FB1A740A43583 72176 ------w- C:\WINDOWS\System32\pxhpinst.exe
2013-06-26 20:00:03 23C98662461CA549487676E3E4E16C4F 96752 ------w- C:\WINDOWS\System32\vxblock.dll
2013-06-26 20:00:03 09132A1DA77EF78D06421C871B3B92C5 66544 ------w- C:\WINDOWS\System32\pxcpya64.exe
2013-06-26 20:00:02 D4BFF8B48CD9A212B45C425F2A1C9B77 219632 ------w- C:\WINDOWS\System32\pxmas.dll
2013-06-26 20:00:02 174D2EB772E843B6175EED45D8FA11E7 670192 ------w- C:\WINDOWS\System32\px.dll
2013-06-26 19:57:51 C5B41140DBDA488A02E8D33B5FF95686 221184 ----a-w- C:\WINDOWS\System32\wmpns.dll
2013-06-26 18:37:47 A4001C78F2806662B3BD91ACB44E6330 45 ----a-w- C:\WINDOWS\System32\initdebug.nfo
2013-06-26 18:35:32 7366AF0CA5F98A7653851FC2C1D05B0D 16384 ----a-w- C:\WINDOWS\System32\ipsink.ax
2013-06-26 18:35:01 E2A57AC21705D3A05BB89BE201FA5C0C 53760 ----a-w- C:\WINDOWS\System32\vfwwdm32.dll
2013-06-26 18:35:01 C9EF69B25DFA1C0E7932CB02FB8A7E91 91136 ----a-w- C:\WINDOWS\System32\kswdmcap.ax
2013-06-26 18:35:01 264C642770CB6269A67AC8E0ED74419F 61952 ----a-w- C:\WINDOWS\System32\kstvtune.ax
2013-06-26 18:34:59 D5C3D43D0616FF699DB771928AC0E2CD 43008 ----a-w- C:\WINDOWS\System32\ksxbar.ax
2013-06-26 18:34:54 F5BC425947241F67162EBC44D908A085 258188 ----a-w- C:\WINDOWS\System32\VM303Prp.Ax
2013-06-26 18:34:54 8E73B6095502B16D1E3139BB77A9E7C7 40960 ----a-w- C:\WINDOWS\System32\setupfilter.exe
2013-06-26 18:34:54 76949B35005073B3843C1278CB3F97F0 81920 ----a-w- C:\WINDOWS\System32\VM303STI.dll
2013-06-26 18:22:22 F4EEFAA7FE643E45A15C678DA0EFB0AB 71048 ----a-w- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
2013-06-26 18:22:22 9229CC932F2F1C5BC384006C969B00A5 692104 ----a-w- C:\WINDOWS\System32\FlashPlayerApp.exe
2013-06-26 18:19:22 1D9B3568CFDB55316985A053D6D96030 94632 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll
2013-06-26 17:59:11 C2D7189CDD37453234A9BBCB58E50883 74240 ----a-w- C:\WINDOWS\System32\usbui.dll
2013-06-26 17:58:12 AE72389D80DC216AA6368C2D75B61047 458340 ----a-w- C:\WINDOWS\System32\PerfStringBackup.INI
2013-06-26 17:58:08 35448F3A71EBBECF8E997FAD3A99327D 66082 ----a-w- C:\WINDOWS\System32\c_28603.nls
2013-06-26 17:58:06 EFFDFF60A38CF648811BBCDD722ECF5E 66082 ----a-w- C:\WINDOWS\System32\c_10081.nls
2013-06-26 17:58:06 C37A21EE1ADFDC13FC707D97073148ED 66082 ----a-w- C:\WINDOWS\System32\c_28599.nls
2013-06-26 17:58:06 A8764750B22B528D85A691A52CB21856 66594 ----a-w- C:\WINDOWS\System32\c_857.nls
2013-06-26 17:58:06 712A218557F99D136735E0545E5AE223 5632 ----a-r- C:\WINDOWS\System32\kbdazel.dll
2013-06-26 17:58:06 5D569F2951F878EF01D7723DC08682E9 6144 ----a-r- C:\WINDOWS\System32\kbdtuq.dll
2013-06-26 17:58:06 188E56B70419D8353B8D4F3E381D9E52 6144 ----a-r- C:\WINDOWS\System32\kbdtuf.dll
2013-06-26 17:58:05 FA30D45301EE66C33C0BF0F053DD9268 5632 ----a-r- C:\WINDOWS\System32\kbdkyr.dll
2013-06-26 17:58:05 F2D1EEF5ADCD5995C015AB3CB15C9415 5632 ----a-r- C:\WINDOWS\System32\kbdtat.dll
2013-06-26 17:58:05 95D9106D39AB410A7F7EE513F181F84C 5632 ----a-r- C:\WINDOWS\System32\kbdkaz.dll
2013-06-26 17:58:05 4F9CFFBF05831BB81833FC64A5329C36 5632 ----a-r- C:\WINDOWS\System32\kbduzb.dll
2013-06-26 17:58:05 29F119AD63CE42E616E35792DB01A4E0 5632 ----a-r- C:\WINDOWS\System32\kbdmon.dll
2013-06-26 17:58:05 0304318F189E3CC4A99FCCCB0A68147F 5632 ----a-r- C:\WINDOWS\System32\kbdaze.dll
2013-06-26 17:58:04 E5D4673C83271FEEE1ED73E1E281A42B 5632 ----a-r- C:\WINDOWS\System32\kbdycc.dll
2013-06-26 17:58:04 E22D1B9AC7854C0A654E4C4232074E49 66082 ----a-w- C:\WINDOWS\System32\C_28595.NLS
2013-06-26 17:58:04 C6F23BC1411E91C179B0635893BB40A1 5632 ----a-r- C:\WINDOWS\System32\kbdru.dll
2013-06-26 17:58:04 B6E962B7AC1CB4A78876953D369BE6DD 5632 ----a-r- C:\WINDOWS\System32\kbdru1.dll
2013-06-26 17:58:04 AF4A866226BD04ACF06135088D75BB63 66082 ----a-w- C:\WINDOWS\System32\c_10007.nls
2013-06-26 17:58:04 A1FA7A83F9D98D84419A8E64286284F4 5632 ----a-r- C:\WINDOWS\System32\kbdblr.dll
2013-06-26 17:58:04 3DDE3DC57C54452A313DC20F3019F8E3 5632 ----a-r- C:\WINDOWS\System32\kbdur.dll
2013-06-26 17:58:04 314E85390BEBDAE5D1E11DB2D8CBC6E9 66082 ----a-w- C:\WINDOWS\System32\c_10017.nls
2013-06-26 17:58:04 1DF6E4758611E1328567BFE4D1B28E27 5632 ----a-r- C:\WINDOWS\System32\kbdbu.dll
2013-06-26 17:58:03 F2312B8A76FD584ACD1D956688BEB6F8 6656 ----a-r- C:\WINDOWS\System32\kbdhela3.dll
2013-06-26 17:58:03 D26533FDF72381947F823882BBA4A196 6144 ----a-r- C:\WINDOWS\System32\kbdhela2.dll
2013-06-26 17:58:03 B537ACFAB9E70F0EF48DB696A08ADC81 66082 ----a-w- C:\WINDOWS\System32\C_28597.NLS
2013-06-26 17:58:03 AC81A176BA35D1D7A5CD53137F3160FE 5632 ----a-r- C:\WINDOWS\System32\kbdhe319.dll
2013-06-26 17:58:03 A93447C87DDB6B1945F1F5F87EAB68DC 6144 ----a-r- C:\WINDOWS\System32\kbdgkl.dll
2013-06-26 17:58:03 90CC52E8B52F0EC3A41D14FFBE789324 8192 ----a-r- C:\WINDOWS\System32\kbdhept.dll
2013-06-26 17:58:03 8BE0D77A873730B4EB1DAB7C6622CD46 66082 ----a-w- C:\WINDOWS\System32\c_875.nls
2013-06-26 17:58:03 83C99B438B3D6DBE7B838DA783E173AC 5632 ----a-r- C:\WINDOWS\System32\kbdhe.dll
2013-06-26 17:58:03 780C444EB16B65E6DE96F794A732DA12 66594 ----a-w- C:\WINDOWS\System32\c_869.nls
2013-06-26 17:58:03 1E81E1F3D5ACB3371CF73C1DE8F800BF 5632 ----a-r- C:\WINDOWS\System32\kbdhe220.dll
2013-06-26 17:58:03 0A206B5CACD3CA70D2044DA691304765 66082 ----a-w- C:\WINDOWS\System32\c_10006.nls
2013-06-26 17:58:02 BAC7072B365F9648CA318154BA7E03EC 66594 ----a-w- C:\WINDOWS\System32\c_737.nls
2013-06-26 17:58:01 F5B3B152A1D2752BC88928EB1E031B7E 5632 ----a-r- C:\WINDOWS\System32\kbdlt.dll
2013-06-26 17:58:01 C047165ED75FF85DB5A89EFEE3DA1133 6144 ----a-r- C:\WINDOWS\System32\kbdlv.dll
2013-06-26 17:58:01 BBB6C3346064C6AECEE6AD9F144B1AEA 6144 ----a-r- C:\WINDOWS\System32\kbdest.dll
2013-06-26 17:58:01 AF05A41DBD1B0424B5CB47092152C7F6 5632 ----a-r- C:\WINDOWS\System32\kbdlt1.dll
2013-06-26 17:58:01 5D038EEABA8EA438F6B5ABD5E91BC851 66082 ----a-w- C:\WINDOWS\System32\C_28594.NLS
2013-06-26 17:58:01 5CD475CA7B87844DE1E0483B536F9AAE 66594 ----a-w- C:\WINDOWS\System32\c_866.nls
2013-06-26 17:58:01 3E969213F35127D83DAB48FF1283E8E4 66594 ----a-w- C:\WINDOWS\System32\c_855.nls
2013-06-26 17:58:01 27D72BCF2B495FCDA073DBA5F189D7A1 6144 ----a-r- C:\WINDOWS\System32\kbdlv1.dll
2013-06-26 17:58:00 F3D1EEC756847C70E65335E8CA1AE64B 5632 ----a-r- C:\WINDOWS\System32\kbdhu1.dll
2013-06-26 17:58:00 DCCE231E5BDF1401AC0F770EE16902AA 6656 ----a-r- C:\WINDOWS\System32\kbdsl.dll
2013-06-26 17:58:00 D199B05901C2407FC0F87444A24A4F3C 6656 ----a-r- C:\WINDOWS\System32\kbdpl.dll
2013-06-26 17:58:00 C2E62748C875A310A6D5B10498238A68 5632 ----a-r- C:\WINDOWS\System32\kbdro.dll
2013-06-26 17:58:00 93033C3EA80FB24B198B24DDECA07D4A 6656 ----a-r- C:\WINDOWS\System32\kbdsl1.dll
2013-06-26 17:58:00 897663C8606357A8E86E57CDEA8EE219 5632 ----a-r- C:\WINDOWS\System32\kbdpl1.dll
2013-06-26 17:57:59 D2CA471D36A69D17F82D5C1B64FAEE39 66082 ----a-w- C:\WINDOWS\System32\c_10029.nls
2013-06-26 17:57:59 CF92D95B5CB6649CB9D7E8D7616487A7 6656 ----a-r- C:\WINDOWS\System32\kbdhu.dll
2013-06-26 17:57:59 AFA30A44ED11A5F9A059A2767AB6A81A 6656 ----a-r- C:\WINDOWS\System32\kbdcz1.dll
2013-06-26 17:57:59 9CA501D2A8E6909C5B2E8C9274682BF1 66082 ----a-w- C:\WINDOWS\System32\c_10082.nls
2013-06-26 17:57:59 90535C13EB54E1F2C95478F1B99DCCEB 6656 ----a-r- C:\WINDOWS\System32\kbdcz2.dll
2013-06-26 17:57:59 6F8A509550FE8C92D07EE0143BF29BA1 66082 ----a-w- C:\WINDOWS\System32\c_10010.nls
2013-06-26 17:57:59 615DDBB5CBBAE8301C1E7FA95F1E66A3 6656 ----a-r- C:\WINDOWS\System32\KBDAL.DLL
2013-06-26 17:57:59 5B46568257EE49714564511D58E0DE53 6656 ----a-r- C:\WINDOWS\System32\kbdcr.dll
2013-06-26 17:57:59 552221E92D6BF55F8358B927F00696C3 6656 ----a-r- C:\WINDOWS\System32\kbdycl.dll
2013-06-26 17:57:59 36E68E02AF2206FC4A8C73CAEABE1FB0 7168 ----a-r- C:\WINDOWS\System32\kbdcz.dll
2013-06-26 17:57:59 21E928C8E6ED8EEAB0D1AAEE82ACDD76 66594 ----a-w- C:\WINDOWS\System32\c_852.nls
2013-06-26 17:57:58 6CB26848BCDAA361B6EE21264FB362C3 66082 ----a-w- C:\WINDOWS\System32\c_20127.nls
2013-06-26 17:57:57 FACEF4325FE4795647149DEC6FF728C7 13312 ----a-w- C:\WINDOWS\System32\irclass.dll
2013-06-26 17:57:57 5726CB81771655731D011ABD878CB65D 103424 ----a-w- C:\WINDOWS\System32\EqnClass.Dll
2013-06-26 17:57:57 1E8F9818D695F8759B125EE146BEB935 176157 ----a-w- C:\WINDOWS\System32\dgrpsetu.dll
2013-06-26 17:57:57 1C3C9B5B42A50D2D86CAF2EC05D34B3C 24661 ----a-w- C:\WINDOWS\System32\spxcoins.dll
2013-06-26 17:57:57 060110976C713D49CEFEE9A7291CE9D7 85020 ----a-w- C:\WINDOWS\System32\dgsetup.dll
2013-06-26 17:57:55 A956751EF995DF776F19831123868A83 8704 ----a-w- C:\WINDOWS\System32\batt.dll
2013-06-26 17:57:55 30475F091008E24550523515A023270D 1688 ----a-w- C:\WINDOWS\System32\AUTOEXEC.NT
2013-06-26 17:57:54 3FE791B7714A592B17C4DD8C24B382AF 74752 ----a-w- C:\WINDOWS\System32\storprop.dll
2013-06-26 17:57:10 A884287E63B1ECD756FDECFA81F6EEA1 93480 ----a-w- C:\WINDOWS\System32\FNTCACHE.DAT
2013-06-26 17:56:12 CBCB5D8671AA0EC4ECC820685B89D12E 261 ----a-w- C:\WINDOWS\System32\$winnt$.inf
2013-06-26 16:49:32 93E3D65953C59685ED1D823949C08722 1306624 ------w- C:\WINDOWS\System32\msxml6.dll
2013-06-26 16:49:32 89AFA12F6A1AD5837377E0B01C11E40E 79872 ------w- C:\WINDOWS\System32\msxml6r.dll
2013-06-26 16:49:22 F22ED2CD5E26514C6E8D21B5DA4572A3 10752 ------w- C:\WINDOWS\System32\smtpapi.dll
2013-06-26 16:49:22 5D55DEFB3AB92BC43C4DFD06935FA0F1 9728 ------w- C:\WINDOWS\System32\rwnh.dll
2013-06-26 16:49:22 5B431DCAC4A76276CEB8A1AB0C1C11F2 9728 ------w- C:\WINDOWS\System32\comsdupd.exe
2013-06-26 16:49:21 B0C23B6813A9FCBAE18370247BE594CE 136192 ------w- C:\WINDOWS\System32\aaclient.dll
2013-06-26 16:49:21 994F947386C9A17BBA19569DC3A92B2C 32768 ------w- C:\WINDOWS\System32\ativtmxx.dll
2013-06-26 16:49:21 96FF2C80DC7962D1B5016B85558109B4 9728 ------w- C:\WINDOWS\System32\ativdaxx.ax
2013-06-26 16:49:21 481A805B5ABC92363CF901CFCF1EE68D 23040 ------w- C:\WINDOWS\System32\ativmvxx.ax
2013-06-26 16:49:21 2C15B4A5E8AB5BB8CFBEB375750AC05C 377984 ------w- C:\WINDOWS\System32\ati2dvaa.dll
2013-06-26 16:49:21 1B874ADE4C19D65D6557527189B8A968 870784 ------w- C:\WINDOWS\System32\ati3d1ag.dll
2013-06-26 16:49:20 F69189EB97B118B690ACCA93760AD738 39936 ------w- C:\WINDOWS\System32\dot3gpclnt.dll
2013-06-26 16:49:20 F21A712EB2B656CD86FCC057446F9C34 650752 ------w- C:\WINDOWS\System32\dot3ui.dll
2013-06-26 16:49:20 EA39DA293C8BBAA0F89419BA64734CC7 56320 ------w- C:\WINDOWS\System32\dot3msm.dll
2013-06-26 16:49:20 E85FD6ABA80BD637AA2AA9D93308D355 57856 ------w- C:\WINDOWS\System32\dot3cfg.dll
2013-06-26 16:49:20 E6EF7BC927D9F8F9BA1584BFC39E0C6F 30720 ------w- C:\WINDOWS\System32\eapolqec.dll
2013-06-26 16:49:20 E2092F0A1D7ABC243F9C2362483D150D 19456 ------w- C:\WINDOWS\System32\dimsntfy.dll
2013-06-26 16:49:20 ABC4206543450C0666D152F4B65833B8 40960 ------w- C:\WINDOWS\System32\eappprxy.dll
2013-06-26 16:49:20 97AE3A4180CAB360F44F7F03E5E0F409 7168 ------w- C:\WINDOWS\System32\bitsprx4.dll
2013-06-26 16:49:20 8E2CC37BA87D8F681066E0E9C8A19F73 26112 ------w- C:\WINDOWS\System32\dot3api.dll
2013-06-26 16:49:20 8E20D83D04076A3682706A2BE1BBA80E 12800 ------w- C:\WINDOWS\System32\credssp.dll
2013-06-26 16:49:20 7954A8B0657676E947403F0AC0F21755 184832 ------w- C:\WINDOWS\System32\eapp3hst.dll
2013-06-26 16:49:20 5DB625E7D095604010CF84DE2D8ACFA6 126976 ------w- C:\WINDOWS\System32\eappcfg.dll
2013-06-26 16:49:20 5B6EDB1DD780D8256CB301E58B4BC690 32285 ------w- C:\WINDOWS\System32\hsfcisp2.dll
2013-06-26 16:49:20 5B6245518D71A6108BC385C4A8348218 233472 ------w- C:\WINDOWS\System32\azroles.dll
2013-06-26 16:49:20 4E8F3230BAC8C1CAADF01A8C728E1C5C 9216 ------w- C:\WINDOWS\System32\dot3dlg.dll
2013-06-26 16:49:20 3B06CDD1A41618944A906589C052F2B3 59392 ------w- C:\WINDOWS\System32\eapqec.dll
2013-06-26 16:49:20 395FD41D69C1AB8CE91FEABD2168097E 94208 ------w- C:\WINDOWS\System32\eappgnui.dll
2013-06-26 16:49:20 2187855A7703ADEF0CEF9EE4285182CC 33792 ------w- C:\WINDOWS\System32\eapsvc.dll
2013-06-26 16:49:20 11F4A22796CB652BD574D8CB03B9874C 39936 ------w- C:\WINDOWS\System32\dimsroam.dll
2013-06-26 16:49:20 11A9E0581F6441876FFBF331D294C10A 48640 ------w- C:\WINDOWS\System32\dhcpqec.dll
2013-06-26 16:49:20 0F0F6E687E5E15579EF4DA8DD6945814 132096 ------w- C:\WINDOWS\System32\dot3svc.dll
2013-06-26 16:49:20 0BCB0EBC1B08FA384EC68F253C7253EF 180224 ------w- C:\WINDOWS\System32\eapphost.dll
2013-06-26 16:49:19 F7BBAA9485F04E46A053E147CDFAD079 155136 ------w- C:\WINDOWS\System32\mssha.dll
2013-06-26 16:49:19 F0874563D668EEC633AC52F8B6167ACD 6144 ------w- C:\WINDOWS\System32\kbdbhc.dll
2013-06-26 16:49:19 A445F7BE8100EFB90161E4868A643E34 6144 ------w- C:\WINDOWS\System32\kbdnepr.dll
2013-06-26 16:49:19 9FE65E81B4C27D967DB6646271AB242F 6144 ------w- C:\WINDOWS\System32\kbdpash.dll
2013-06-26 16:49:19 9AF037DF48AE21B6E30177DFE1481C45 86016 ------w- C:\WINDOWS\System32\mdmxsdk.dll
2013-06-26 16:49:19 9A425D4F1C1ED0DA1A35B25DE5632378 184320 ------w- C:\WINDOWS\System32\microsoft.managementconsole.dll
2013-06-26 16:49:19 8878BD685E490239777BFE51320B88E9 61440 ------w- C:\WINDOWS\System32\kmsvc.dll
2013-06-26 16:49:19 87906187B3AF89582380D156DA601F68 30208 ------w- C:\WINDOWS\System32\napipsec.dll
2013-06-26 16:49:19 82FDD74B54E27D9BB2A486B1181EC7A9 6144 ------w- C:\WINDOWS\System32\kbdiultn.dll
2013-06-26 16:49:19 568B07313D95BD82BF7C9089FBAB1118 76800 ------w- C:\WINDOWS\System32\msshavmsg.dll
2013-06-26 16:49:19 5099188F965E8C3DA76281E9CBCB0E7F 193024 ------w- C:\WINDOWS\System32\napmontr.dll
2013-06-26 16:49:19 4BD42056A26567FF609902DC2840BFEC 106496 ------w- C:\WINDOWS\System32\mmcfxcommon.dll
2013-06-26 16:49:19 3F8C2784BD466834FA87F973D0FBB120 33792 ------w- C:\WINDOWS\System32\mmcperf.exe
2013-06-26 16:49:19 3EF3363283E118A9F460E31BB17A702A 1737856 ------w- C:\WINDOWS\System32\mtxparhd.dll
2013-06-26 16:49:19 3AF52290B3C5F21E25F1C582A60CEBF2 176640 ------w- C:\WINDOWS\System32\napstat.exe
2013-06-26 16:49:19 3879D931FBB110292A16C8A3A11D7ED4 37376 ------w- C:\WINDOWS\System32\l2gpstore.dll
2013-06-26 16:49:19 308EC3363A4784EDF02100D597111F2D 397312 ------w- C:\WINDOWS\System32\mmcex.dll
2013-06-26 16:49:18 FB8E05CEDB3EF65C80FEBD2698C80998 150528 ------w- C:\WINDOWS\System32\qagent.dll
2013-06-26 16:49:18 F41358AD08C811F6B28FBC45600D1F49 286792 ------w- C:\WINDOWS\System32\slextspk.dll
2013-06-26 16:49:18 EF3EC9DCFEECE43A1F69C8A95505E47A 276992 ------w- C:\WINDOWS\System32\wmphoto.dll
2013-06-26 16:49:18 EB2D2E05E471208CD651DDCDF77904BF 346112 ------w- C:\WINDOWS\System32\windowscodecsext.dll
2013-06-26 16:49:18 E23C2933A53B4459482E84BB56D24681 50688 ------w- C:\WINDOWS\System32\tspkg.dll
2013-06-26 16:49:18 D8DBD3FF60BDAC98ACD115F8F0A3B161 73832 ------w- C:\WINDOWS\System32\slcoinst.dll
2013-06-26 16:49:18 CA04959077AFE36369D37B3504740C87 144384 ------w- C:\WINDOWS\System32\onex.dll
2013-06-26 16:49:18 BA71647BD0BF68A3A127E061FA816E9B 412160 ------w- C:\WINDOWS\System32\photometadatahandler.dll
2013-06-26 16:49:18 B726ACE88025433615F2918B0FD07F9C 32768 ------w- C:\WINDOWS\System32\setupn.exe
2013-06-26 16:49:18 A655C88AA555BB8EF8957BD29408827F 61952 ------w- C:\WINDOWS\System32\rasqec.dll
2013-06-26 16:49:18 9EEFE69139FDBB4A3C327630F8EB993A 69120 ------w- C:\WINDOWS\System32\wlanapi.dll
2013-06-26 16:49:18 94BA90C6AF5C50FF5F7A6392514C4642 28672 ----a-w- C:\WINDOWS\System32\vidcap.ax
2013-06-26 16:49:18 91790D6749EBED90E2C40479C0A91879 28672 ------w- C:\WINDOWS\System32\verclsid.exe
2013-06-26 16:49:18 8AE93AACC648921BAACB8602991AC4B3 76800 ------w- C:\WINDOWS\System32\qutil.dll
2013-06-26 16:49:18 66C217ADC165BE397788EBC24BF21D2C 4274816 ------w- C:\WINDOWS\System32\nv4_disp.dll
2013-06-26 16:49:18 5F63E2B2A72E1E6448123E0920D31530 712704 ------w- C:\WINDOWS\System32\windowscodecs.dll
2013-06-26 16:49:18 492D127C533F328380F0BD1C2C59B44B 62464 ------w- C:\WINDOWS\System32\qcliprov.dll
2013-06-26 16:49:18 28D9646A6B8DE72980B683AF06D9D981 290304 ------w- C:\WINDOWS\System32\rhttpaa.dll
2013-06-26 16:49:18 224A97EA5029845D2F5D1A6D85BBC798 32866 ------w- C:\WINDOWS\System32\slrundll.exe
2013-06-26 16:49:18 2248F303CCFF449FC5DEA712C92D4B2E 60416 ------w- C:\WINDOWS\System32\tzchange.exe
2013-06-26 16:49:18 1396F781364754123E5180074FC3CB85 53248 ------w- C:\WINDOWS\System32\tsgqec.dll
2013-06-26 16:49:18 1144070C67CC7F3E673EBB124F1B06AA 397056 ------w- C:\WINDOWS\System32\s3gnb.dll
2013-06-26 16:49:18 10485BD94D0C8B0C9DE0A4A05D19EBA0 188508 ------w- C:\WINDOWS\System32\slgen.dll
2013-06-26 16:49:18 054177EFA4EA208003DD88637B02BA2B 73796 ------w- C:\WINDOWS\System32\slserv.exe
2013-06-26 16:49:18 0102140028FAD045756796E1C685D695 291328 ------w- C:\WINDOWS\System32\qagentrt.dll
2013-06-26 16:49:17 BEA4AEE74FEF171EB61DE1BAD8FAF427 121856 ------w- C:\WINDOWS\System32\xmllite.dll
2013-06-26 16:49:17 1B3B381E1AAB46F7B321A46150D890CB 689152 ------w- C:\WINDOWS\System32\xpsp3res.dll
2013-06-26 16:44:58 96C9A439DCDA7643DCB20D88F6DB66F3 17272 ------w- C:\WINDOWS\System32\spmsg.dll
2013-06-26 16:32:25 C148BD421F063443FE628F08099A1E48 520192 ------w- C:\WINDOWS\System32\ati2sgag.exe
2013-06-26 16:32:12 0E0A65522C79A6AE101DD53DBAE2D8DE 307200 ----a-r- C:\WINDOWS\System32\atiiiexx.dll
2013-06-26 16:32:10 64C98CAB60AD11D3E74CC2B533A3E9C8 339968 ----a-r- C:\WINDOWS\System32\ATIDEMGX.dll
2013-06-26 16:32:10 48E4EC7A0CDF011CE643A92B5147AC0C 7069 ----a-r- C:\WINDOWS\System32\atifglpf.xml
2013-06-26 16:32:08 56A70F26B71B81AD32789A0C589D6109 972072 ----a-r- C:\WINDOWS\System32\ativva6x.dat
2013-06-26 16:32:06 31B434EDEC919137787CABF10E76266B 3107788 ----a-r- C:\WINDOWS\System32\ativva5x.dat
2013-06-26 16:32:02 A7CDA83DEA4791B4B3FC52AE2A09DD98 144357 ----a-r- C:\WINDOWS\System32\atiicdxx.dat
2013-06-26 16:32:02 31B434EDEC919137787CABF10E76266B 3107788 ----a-r- C:\WINDOWS\System32\ativvaxx.dat
2013-06-26 16:29:15 E2FA75ADE398C9A44815B11CC141105C 940794 ----a-w- C:\WINDOWS\System32\LoopyMusic.wav
2013-06-26 16:29:15 6D0634CEBBFF7F428DD816706F5AA1FB 146650 ----a-w- C:\WINDOWS\System32\BuzzingBee.wav
2013-06-26 16:28:07 43C3571EADA5BC1EDEAD7CA22AD66F30 49152 ------r- C:\WINDOWS\System32\ChCfg.exe
2013-06-26 16:27:47 F1941197A42F9F373CC70042FC82C950 129536 ----a-w- C:\WINDOWS\System32\ksproxy.ax
2013-06-26 16:27:47 9B9F1C38D559047B8AC0DBA2D5FEBDE9 4096 ----a-w- C:\WINDOWS\System32\ksuser.dll
2013-06-26 16:27:19 5329079D8726DE34A58C2EF0BD2AC8B9 26488 ----a-w- C:\WINDOWS\System32\spupdsvc.exe
2013-06-26 16:27:13 F64D1364B1332E8E5B9B96AFFC9EE118 282624 ------r- C:\WINDOWS\System32\RTSndMgr.cpl
2013-06-26 16:26:58 C76445E155590D42F47EA86F9C2D7C2B 299008 ------r- C:\WINDOWS\System32\ALSndMgr.cpl
2013-06-26 16:14:02 01C47C2ECED034EF6F8C1552A97CFF00 2577 ----a-w- C:\WINDOWS\System32\CONFIG.NT
2013-06-26 16:14:00 6D6F4B1886E91EB37ABCCAD19C561EE0 16832 ----a-w- C:\WINDOWS\System32\amcompat.tlb
2013-06-26 16:13:59 A32B14BE5EDAE794FCE1A9E970827509 23392 ----a-w- C:\WINDOWS\System32\nscompat.tlb
2013-06-26 16:13:50 E81BBE78A8EF85ACD490B3E64EF63A7C 112128 ----a-w- C:\WINDOWS\System32\mapi32.dll
2013-06-26 16:13:04 5A5CFF37F1BD0F86B9BDAAD7A9445882 749 ---ha-r- C:\WINDOWS\System32\wuaucpl.cpl.manifest
2013-06-26 16:13:04 5A5CFF37F1BD0F86B9BDAAD7A9445882 749 ---ha-r- C:\WINDOWS\System32\sapi.cpl.manifest
2013-06-26 16:13:04 5A5CFF37F1BD0F86B9BDAAD7A9445882 749 ---ha-r- C:\WINDOWS\System32\nwc.cpl.manifest
2013-06-26 16:13:04 5A5CFF37F1BD0F86B9BDAAD7A9445882 749 ---ha-r- C:\WINDOWS\System32\ncpa.cpl.manifest
2013-06-26 16:13:04 5A5CFF37F1BD0F86B9BDAAD7A9445882 749 ---ha-r- C:\WINDOWS\System32\cdplayer.exe.manifest
2013-06-26 16:12:28 1204FA2AB2A5F321125F777E8D061B22 11264 ----a-w- C:\WINDOWS\System32\atrace.dll
2013-06-26 16:12:26 81051BCC2CF1BEDF378224B0A93E2877 2 ----a-w- C:\WINDOWS\System32\desktop.ini
2013-06-26 16:12:20 B87F759738C52E8D6FBCDAAA84C6486F 118784 ----a-w- C:\WINDOWS\System32\msg723.acm
2013-06-26 16:12:20 3C891D38FF07120FD926F51A37568646 12288 ----a-w- C:\WINDOWS\System32\nmevtmsg.dll
2013-06-26 16:12:19 441086F355F0DEA94621984C9A3BE765 64512 ----a-w- C:\WINDOWS\System32\acctres.dll
2013-06-26 16:12:17 BE085C746EA903B38204053FF709C634 16384 ----a-w- C:\WINDOWS\System32\icfgnt5.dll
2013-06-26 16:12:10 CAD35C78C72E1D2154CB55A49FB4E1CC 183296 ----a-w- C:\WINDOWS\System32\wuaueng1.dll
2013-06-26 16:12:10 7EF35DB257F647A73DB396AA9760D011 165888 ----a-w- C:\WINDOWS\System32\wuauclt1.exe
2013-06-26 16:12:10 6298277B73C77FA99106B271A7525163 1929952 ----a-w- C:\WINDOWS\System32\wuaueng.dll
2013-06-26 16:12:10 39AA47A1ACBB6A92BF875B535EEAF911 327896 ----a-w- C:\WINDOWS\System32\wucltui.dll
2013-06-26 16:12:10 37BF196917FA0C591BAFCD7949524FF3 217816 ----a-w- C:\WINDOWS\System32\wuaucpl.cpl
2013-06-26 16:12:10 35321FB577CDC98CE3EB3A3EB9E4610A 6656 ----a-w- C:\WINDOWS\System32\wuauserv.dll
2013-06-26 16:12:10 1D326842006C4BE77ECD848CF89F01AB 35552 ----a-w- C:\WINDOWS\System32\wups.dll
2013-06-26 16:12:10 033AF4CE25B6D871F0DE2C982658E049 209632 ----a-w- C:\WINDOWS\System32\wuweb.dll
2013-06-26 16:12:09 62BB79160F86CD962F312C68C6239BFD 53472 ----a-w- C:\WINDOWS\System32\wuauclt.exe
2013-06-26 16:12:09 009758CC06B7F55B4A4D16A66E243C24 575704 ----a-w- C:\WINDOWS\System32\wuapi.dll
2013-06-26 16:12:08 F1DAC7969C1337AF790BD1D981AA780C 18944 ----a-w- C:\WINDOWS\System32\qmgrprxy.dll
2013-06-26 16:12:08 9B2E14F4D66A59306584566A705F8CDD 8192 ----a-w- C:\WINDOWS\System32\bitsprx2.dll
2013-06-26 16:12:08 574738F61FCA2935F5265DC4E5691314 409088 ----a-w- C:\WINDOWS\System32\qmgr.dll
2013-06-26 16:12:08 08763C1AE79D88D122207D0471E834DB 7168 ----a-w- C:\WINDOWS\System32\bitsprx3.dll
2013-06-26 16:11:57 CC8E648AE54B18037F7D0A91D196FE91 43520 ----a-w- C:\WINDOWS\System32\safrcdlg.dll
2013-06-26 16:11:57 62A9B35C335A85311DC1280568CE9D89 45568 ----a-w- C:\WINDOWS\System32\safrslv.dll
2013-06-26 16:11:57 482A0A0E3AE3F6A2564F8BE32767DCDB 29696 ----a-w- C:\WINDOWS\System32\safrdm.dll
2013-06-26 16:11:56 59AD4CEDBFCD1EEFCAC19E25BA15E2F3 43520 ----a-w- C:\WINDOWS\System32\racpldlg.dll
2013-06-26 16:11:51 5D43C9A33F18C707BA169AFDA88BDF30 16896 ----a-w- C:\WINDOWS\System32\fltlib.dll
2013-06-26 16:11:51 1DE61BAEDE3FD349B7AE86F428C25482 23040 ----a-w- C:\WINDOWS\System32\fltmc.exe
2013-06-26 16:11:50 92E2A2574186BCBB7027A6048E1B8B1B 239104 ----a-w- C:\WINDOWS\System32\srrstr.dll
2013-06-26 16:11:50 3805DF0AC4296A34BA4BF93B346CC378 171008 ----a-w- C:\WINDOWS\System32\srsvc.dll
2013-06-26 16:11:49 77A54BDFBAD4604E6131AE68E3CF76D6 67584 ----a-w- C:\WINDOWS\System32\srclient.dll
2013-06-26 16:11:48 D18F1F0C101D06A1C1ADF26EED16FCDD 32768 ----a-w- C:\WINDOWS\System32\mnmsrvc.exe
2013-06-26 16:11:48 C6FD300A6100AC89BC4CB944C19FA2A9 188416 ----a-w- C:\WINDOWS\System32\msh261.drv
2013-06-26 16:11:48 BBF115327F043F0BD46C58393261E6DD 69632 ----a-w- C:\WINDOWS\System32\msconf.dll
2013-06-26 16:11:48 A1E481512C1602C36D3384FEB7DDEC12 81920 ----a-w- C:\WINDOWS\System32\ils.dll
2013-06-26 16:11:48 621822F2F2BDE521D3FC687B62659B76 34560 ----a-w- C:\WINDOWS\System32\mnmdd.dll
2013-06-26 16:11:48 14E333392A7C41AF18F21849AEE1741E 28672 ----a-w- C:\WINDOWS\System32\nmmkcert.dll
2013-06-26 16:11:48 0C56AFBBDFA19694CA03F159A5724EA6 32768 ----a-w- C:\WINDOWS\System32\isrdbg32.dll
2013-06-26 16:11:44 871888B4AA0CA343E73C81E94AD4ED93 252928 ----a-w- C:\WINDOWS\System32\msoeacct.dll
2013-06-26 16:11:44 0485AB01B862FB91C21D39BD60BDF2AC 105984 ----a-w- C:\WINDOWS\System32\msoert2.dll
2013-06-26 16:11:42 A6F6923B46802785B9A47A03AE3CD8BF 48128 ----a-w- C:\WINDOWS\System32\inetres.dll
2013-06-26 16:11:41 9DD302F647227DE5133E2B5E09A5E63F 691712 ----a-w- C:\WINDOWS\System32\inetcomm.dll
2013-06-26 16:11:38 D5788A5243D1DD160E0F97AA4808B2BE 12288 ----a-w- C:\WINDOWS\System32\mstinit.exe
2013-06-26 16:11:38 4044E880593FE1AC9942190FCE414BE7 274944 ----a-w- C:\WINDOWS\System32\mstask.dll
2013-06-26 16:11:38 0A9A7365A1CA4319AA7C1D6CD8E4EAFA 192512 ----a-w- C:\WINDOWS\System32\schedsvc.dll
2013-06-26 16:11:37 F15BDF85AA23961FB61338D34B988B1C 81920 ----a-w- C:\WINDOWS\System32\isign32.dll
2013-06-26 16:11:37 922ED2C991F4D05107467C854D38BB71 65536 ----a-w- C:\WINDOWS\System32\icwphbk.dll
2013-06-26 16:11:37 474EABDCA846408BB854EE6542888D29 274432 ----a-w- C:\WINDOWS\System32\inetcfg.dll
2013-06-26 16:11:37 009F0BE67B62150904D266A1D5BDC95B 73728 ----a-w- C:\WINDOWS\System32\icwdial.dll
2013-06-26 16:11:08 1BA5E0C1DF01CFD4CEB6AC67270FD5D3 21640 ----a-w- C:\WINDOWS\System32\emptyregdb.dat
2013-06-26 16:10:38 BB75ED2CEA65D2DE97E88FDE1B1A0BF8 5632 ----a-w- C:\WINDOWS\System32\write.exe
2013-06-26 16:10:31 F759A6E14403BC3D7A55CCAD1B8F7B4A 44544 ----a-w- C:\WINDOWS\System32\hticons.dll
2013-06-26 16:10:31 F415ACC27107AA6DADABE339949EE670 73216 ----a-w- C:\WINDOWS\System32\avwav.dll
2013-06-26 16:10:31 B82C4535E430DDC631FEC10D63390ECA 227840 ----a-w- C:\WINDOWS\System32\avtapi.dll
2013-06-26 16:10:31 7DF33946B5911E75320CCA9AC1A3492B 138752 ----a-w- C:\WINDOWS\System32\sndvol32.exe
2013-06-26 16:10:31 399495998BCEEA80F23E57CCAB074508 16384 ----a-w- C:\WINDOWS\System32\avmeter.dll
2013-06-26 16:10:30 FEFC52216D2787EA1DE42BABA01AF9BF 35328 ----a-w- C:\WINDOWS\System32\winchat.exe
2013-06-26 16:10:25 8CA32E9D986FA76F60EFBCFCD9D80A58 16740 ----a-w- C:\WINDOWS\System32\shiftjis.uce
2013-06-26 16:10:25 7C0C25F4BA1084C4ABBEEA2C74194C5F 6948 ----a-w- C:\WINDOWS\System32\kanji_1.uce
2013-06-26 16:10:25 7A7A04370A6030B9B0E8178DAD4A6E41 12876 ----a-w- C:\WINDOWS\System32\korean.uce
2013-06-26 16:10:25 60B9959D333C3D11255D8695D2685430 605696 ----a-w- C:\WINDOWS\System32\getuname.dll
2013-06-26 16:10:25 529BBD63519BBD654EF328454019693F 8484 ----a-w- C:\WINDOWS\System32\kanji_2.uce
2013-06-26 16:10:25 4FDED87068052EEB9B72A97FDBC141DB 24006 ----a-w- C:\WINDOWS\System32\gb2312.uce
2013-06-26 16:10:25 30F5568679A54042F99CA9EC1102EBCD 93702 ----a-w- C:\WINDOWS\System32\subrange.uce
2013-06-26 16:10:25 038F6AD6CEE43585D814CDBC7CDFD3EC 60458 ----a-w- C:\WINDOWS\System32\ideograf.uce
2013-06-26 16:10:24 BE1B85306352E0AC901EC08506792B6B 126976 ----a-w- C:\WINDOWS\System32\mshearts.exe
2013-06-26 16:10:24 AC9FA2BA34225342A8897930503AE12F 80384 ----a-w- C:\WINDOWS\System32\charmap.exe
2013-06-26 16:10:24 9C45D38B74634C9DED60BEC640C5C3CA 119808 ----a-w- C:\WINDOWS\System32\winmine.exe
2013-06-26 16:10:24 829E4805B0E12B383EE09ABDC9E2DC3C 114688 ----a-w- C:\WINDOWS\System32\calc.exe
2013-06-26 16:10:24 405E1EF8E3C88E9BCD2853382BB12430 22984 ----a-w- C:\WINDOWS\System32\bopomofo.uce
2013-06-26 16:10:24 373E7A863A1A345C60EDB9E20EC32311 56832 ----a-w- C:\WINDOWS\System32\sol.exe
2013-06-26 16:10:23 F5FE756927FEF0F4A069DE0A832B5F0F 16384 ----a-w- C:\WINDOWS\System32\tskill.exe
2013-06-26 16:10:23 DC8AAE44CDB63F178BC7B993B43C3318 14848 ----a-w- C:\WINDOWS\System32\tsdiscon.exe
2013-06-26 16:10:23 A72C27CE68318023981A4E034F85131C 14848 ----a-w- C:\WINDOWS\System32\shadow.exe
2013-06-26 16:10:23 900D05DAB18DA23083358D0839DC1134 14848 ----a-w- C:\WINDOWS\System32\tscon.exe
2013-06-26 16:10:23 88F105251EE261ACF11AD88E7567258C 9728 ----a-w- C:\WINDOWS\System32\reset.exe
2013-06-26 16:10:23 725902D25A3B8F234F729CA057052C41 16896 ----a-w- C:\WINDOWS\System32\tsshutdn.exe
2013-06-26 16:10:23 4ED862390A8986E2423122FC6A326EC4 15872 ----a-w- C:\WINDOWS\System32\rwinsta.exe
2013-06-26 16:10:23 4D9B5E540158BF8E9B1BCAC1AEDD8C60 55296 ----a-w- C:\WINDOWS\System32\freecell.exe
2013-06-26 16:10:23 4A547D74B435E78418BE06406250C1D3 3286 ----a-w- C:\WINDOWS\System32\tslabels.h
2013-06-26 16:10:23 4114B8D04AEE5FF6700A5CE1130D64FA 33792 ----a-w- C:\WINDOWS\System32\regini.exe
2013-06-26 16:10:23 1556473E920CA676702516DA38DCAC86 16896 ----a-w- C:\WINDOWS\System32\qappsrv.exe
2013-06-26 16:10:23 1317CB79629C34B5FF8260C297B09A1C 22016 ----a-w- C:\WINDOWS\System32\qwinsta.exe
2013-06-26 16:10:23 092D468C0BDF67EC129C28692276AC88 4096 ----a-w- C:\WINDOWS\System32\rdpcfgex.dll
2013-06-26 16:10:23 03C361FAB5AD67924C5150A384C62BE6 13223 ----a-w- C:\WINDOWS\System32\tslabels.ini
2013-06-26 16:10:22 DE60FA13A37BEA1EE44228DCB60F44BF 20992 ----a-w- C:\WINDOWS\System32\msg.exe
2013-06-26 16:10:22 CDD932EDCB756FB5F7CE5E2F090BA838 768 ----a-w- C:\WINDOWS\System32\msdtcprf.h
2013-06-26 16:10:22 28E3647CBB608139AFB076103208552B 1931 ----a-w- C:\WINDOWS\System32\msdtcprf.ini
2013-06-26 16:10:22 238BDCE83AF21A6C2C0FCF216D3260E3 6144 ----a-w- C:\WINDOWS\System32\dcomcnfg.exe
2013-06-26 16:10:22 0D72D44A333628B15288C69738583A2E 15872 ----a-w- C:\WINDOWS\System32\cdmodem.dll
2013-06-26 16:10:21 E7427B6BD2F2B32403C23A4FE15DF3B3 97792 ----a-w- C:\WINDOWS\System32\comrepl.dll
2013-06-26 16:10:21 BC958016A1F7A23A1A9282C82D73D074 4096 ----a-w- C:\WINDOWS\System32\mtxex.dll
2013-06-26 16:10:21 9089B700986B7A441F79FE68F96E5149 59392 ----a-w- C:\WINDOWS\System32\stclient.dll
2013-06-26 16:10:21 85A335171B8D56B09276D1C6DF2A63B2 167424 ----a-w- C:\WINDOWS\System32\comsnap.dll
2013-06-26 16:10:21 7827FB784D9B3029F3DAF73D3331A9CC 30720 ----a-w- C:\WINDOWS\System32\mtxdm.dll
2013-06-26 16:10:21 2A516AC024EA9E34AE0F0297293EABAB 34304 ----a-w- C:\WINDOWS\System32\mtxlegih.dll
2013-06-26 16:10:21 035FECD913735E843E95510D7CC89A4E 28160 ----a-w- C:\WINDOWS\System32\comaddin.dll
2013-06-26 16:10:17 2CE7B1EEB99C14032C0E2201B004F80E 63488 ----a-w- C:\WINDOWS\System32\wmimgmt.msc
2013-06-26 16:10:04 D4B13D675DEC600C5A0ED2BB0EB301E6 184320 ----a-w- C:\WINDOWS\System32\accwiz.exe
2013-06-26 16:10:04 B22332758A8293C14DB318748A928CC4 131584 ----a-w- C:\WINDOWS\System32\sndrec32.exe
2013-06-26 16:10:04 841FB340ABC439B4557FBDD32B7BA11D 68608 ----a-w- C:\WINDOWS\System32\access.cpl
2013-06-26 16:10:03 954BD0D7C3CB90D23C136FEC90999377 123392 ----a-w- C:\WINDOWS\System32\mplay32.exe
2013-06-26 16:10:03 277BDF16A94BE0D063988D692541650B 347136 ----a-w- C:\WINDOWS\System32\hypertrm.dll
2013-06-26 16:10:02 949BC05CEF66BCD68EB23F08EB4C2DFF 343040 ----a-w- C:\WINDOWS\System32\mspaint.exe
2013-06-26 16:10:02 7A526169AC958E6602023A39734C8684 102912 ----a-w- C:\WINDOWS\System32\clipbrd.exe
2013-06-26 16:10:01 8D1492DBE9A856EE306EDC5A103E0BF2 538624 ----a-w- C:\WINDOWS\System32\spider.exe
2013-06-26 16:10:00 ACD3B2A1BC785A8B9FBC70280E1D8663 2061824 ----a-w- C:\WINDOWS\System32\mstscax.dll
2013-06-26 16:10:00 A125CBFE55C05735417786DD15A5BE76 93696 ----a-w- C:\WINDOWS\System32\tscfgwmi.dll
2013-06-26 16:10:00 8DD5CF6D82BD78433E95D86EFA117D67 677888 ----a-w- C:\WINDOWS\System32\mstsc.exe
2013-06-26 16:09:59 C29AB058E20C56E8D1ECB44FEDEBC69F 13824 ----a-w- C:\WINDOWS\System32\rdsaddin.exe
2013-06-26 16:09:59 B84AA6E863DE4A3BD9A0A39AEC207ECC 147968 ----a-w- C:\WINDOWS\System32\rdchost.dll
2013-06-26 16:09:59 B30637E52CB169F89335119978BDBD3E 60416 ----a-w- C:\WINDOWS\System32\remotepg.dll
2013-06-26 16:09:59 57E036885A222D1A8EF237C7399BE98B 67072 ----a-w- C:\WINDOWS\System32\rdshost.exe
2013-06-26 16:09:59 3C37BF86641BDA977C3BF8A840F3B7FA 141312 ----a-w- C:\WINDOWS\System32\sessmgr.exe
2013-06-26 16:09:59 20EE93BBAFD755E7889A1B27CAC6B8D3 44544 ----a-w- C:\WINDOWS\System32\tscupgrd.exe
2013-06-26 16:09:58 FF3477C03BE7201C294C35F684B3479F 295424 ----a-w- C:\WINDOWS\System32\termsrv.dll
2013-06-26 16:09:58 DF6551E4C4C46655A0C76194F1FCEA5D 11264 ----a-w- C:\WINDOWS\System32\icaapi.dll
2013-06-26 16:09:58 DCCF6ED915BC05C244801B550AD12B17 62976 ----a-w- C:\WINDOWS\System32\rdpclip.exe
2013-06-26 16:09:58 C7C84DF7233F4834CD190F3DCCAF50CA 87176 ----a-w- C:\WINDOWS\System32\rdpwsx.dll
2013-06-26 16:09:58 AA4A015E2ACAE6127FDF833F301C1FE4 38912 ----a-w- C:\WINDOWS\System32\cfgbkend.dll
2013-06-26 16:09:58 5AD00EED5722CAABDDAAC1CB92F68E57 19968 ----a-w- C:\WINDOWS\System32\qprocess.exe
2013-06-26 16:09:58 31DD1EF4149B0F22AFB12A2DD360B34D 19968 ----a-w- C:\WINDOWS\System32\rdpsnd.dll
2013-06-26 16:09:57 98A70D16C400CF422962247B238283DC 91648 ----a-w- C:\WINDOWS\System32\mtxoci.dll
2013-06-26 16:09:57 801BA87302E1621B7752EDE603C66E17 161792 ----a-w- C:\WINDOWS\System32\msdtcuiu.dll
2013-06-26 16:09:57 3FE4E646DBF75864EA5ECC73402F3EBE 427008 ----a-w- C:\WINDOWS\System32\msdtcprx.dll
2013-06-26 16:09:56 FB48946E4DC87309A05F3694970703BA 956928 ----a-w- C:\WINDOWS\System32\msdtctm.dll
2013-06-26 16:09:56 AE3470D2BF8F16FD93FA54167B87172D 11776 ----a-w- C:\WINDOWS\System32\xolehlp.dll
2013-06-26 16:09:56 A137F1470499A205ABBB9AAFB3B6F2B1 6144 ----a-w- C:\WINDOWS\System32\msdtc.exe
2013-06-26 16:09:54 846300110A32ACDEE7CB60E54C7F693A 625664 ----a-w- C:\WINDOWS\System32\catsrvut.dll
2013-06-26 16:09:54 690D97864735E8ECD87F55777E266690 60416 ----a-w- C:\WINDOWS\System32\colbact.dll
2013-06-26 16:09:54 5F5E83E18E9344BCD680704101CEA78A 85504 ----a-w- C:\WINDOWS\System32\catsrvps.dll
2013-06-26 16:09:54 33B37BB0C69F2DBD19277220435590BE 110592 ----a-w- C:\WINDOWS\System32\clbcatex.dll
2013-06-26 16:09:53 ED0C0DF222209E43AD9AFBF3FE87DDE0 1267200 ----a-w- C:\WINDOWS\System32\comsvcs.dll
2013-06-26 16:09:53 28CDB50D882D3BAD993D25BE596307EA 226304 ----a-w- C:\WINDOWS\System32\catsrv.dll
2013-06-26 16:09:52 F137A0CA70003DB20448D540651FA003 498688 ----a-w- C:\WINDOWS\System32\clbcatq.dll
2013-06-26 16:09:52 E0950A5B73350A26AB063EF6772FDCA4 539648 ----a-w- C:\WINDOWS\System32\comuid.dll
2013-06-26 16:09:43 8E7C1B8BBA4070615D6E2F704F272255 56320 ----a-w- C:\WINDOWS\System32\servdeps.dll
2013-06-26 16:09:43 6895427873D6C37A6D6DA7C3DB37DA14 58880 ----a-w- C:\WINDOWS\System32\licwmi.dll
2013-06-26 16:09:43 56C0F2EF981F235AB011FBFE26D92088 17408 ----a-w- C:\WINDOWS\System32\mmfutil.dll
2013-06-26 16:09:43 1C2C0143333F9651F088E29344D3BD0F 185344 ----a-w- C:\WINDOWS\System32\cmprops.dll
====== C:\WINDOWS\system32\drivers =====
2013-07-02 06:22:28 FAF091AA45A6A6CF3CF94FE065950956 175 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
2013-07-02 06:22:28 3FFBEE694566CADB0A64D8A1ACD7DBCE 175 ----a-w- C:\WINDOWS\System32\drivers\aswSP.sys.sum
2013-07-02 06:22:28 22EA82FFE8CA4965C1994F24C35DC202 175 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
2013-07-02 06:15:00 937300BC7C4CDF7576BCCE44E19BBB9D 369584 ----a-w- C:\WINDOWS\System32\drivers\aswSP.sys
2013-07-02 06:15:00 4AF5F360BA1E8794D32B366E45A64A0A 29816 ----a-w- C:\WINDOWS\System32\drivers\aswFsBlk.sys
2013-07-02 06:14:59 7B43265F92257A21CBFD88E7A651044C 49760 ----a-w- C:\WINDOWS\System32\drivers\aswRdr.sys
2013-07-02 06:14:58 CCD565A8A72AF7D45F9A242013870926 770344 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys
2013-07-02 06:14:58 B680134BA1813B78B47FDD1DFF223CA5 49376 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
2013-07-02 06:14:58 8CFAA2B965773A653F48F1207A9CB9C4 175176 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys
2013-07-02 06:14:58 1F71F170D90E42EFDE9633D81D5E12DC 56080 ----a-w- C:\WINDOWS\System32\drivers\aswTdi.sys
2013-07-02 06:14:57 1F7094D4268D46F718C51286DC189791 66336 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
2013-06-30 07:21:07 72472B9CE5D02E443CFF49A40355455D 23624 ----a-w- C:\WINDOWS\System32\drivers\hitmanpro35.sys
2013-06-29 06:59:59 A0B8CF9DEB1184FBDD20784A58FA75D4 15104 ----a-w- C:\WINDOWS\System32\drivers\usbscan.sys
2013-06-26 20:00:03 9714B7C918C6543D69074EC101F86AC4 9072 ------w- C:\WINDOWS\System32\drivers\cdr4_xp.sys
2013-06-26 20:00:03 153D02480A0A2F45785522E814C634B6 44944 ------w- C:\WINDOWS\System32\drivers\PxHelp20.sys
2013-06-26 20:00:03 0D856D16C08440BFB566D6CDD9948D4E 9200 ------w- C:\WINDOWS\System32\drivers\cdralw2k.sys
2013-06-26 18:35:37 E53736A9E30C45FA9E7B5EAC55056D1D 5504 ----a-w- C:\WINDOWS\System32\drivers\MSTEE.sys
2013-06-26 18:35:34 7FF1F1FD8609C149AA432F95A8163D97 10880 ----a-w- C:\WINDOWS\System32\drivers\NdisIP.sys
2013-06-26 18:35:32 77813007BA6265C4B6098187E6ED79D2 15232 ----a-w- C:\WINDOWS\System32\drivers\StreamIP.sys
2013-06-26 18:35:31 866D538EBE33709A5C9F5C62B73B7D14 11136 ----a-w- C:\WINDOWS\System32\drivers\SLIP.sys
2013-06-26 18:35:29 C98B39829C2BBD34E454150633C62C78 19200 ----a-w- C:\WINDOWS\System32\drivers\WSTCODEC.SYS
2013-06-26 18:35:27 5B50F1B2A2ED47D560577B221DA734DB 85248 ----a-w- C:\WINDOWS\System32\drivers\NABTSFEC.sys
2013-06-26 18:35:25 0BE5AEF125BE881C4F854C554F2B025C 17024 ----a-w- C:\WINDOWS\System32\drivers\CCDECODE.sys
2013-06-26 18:34:54 3DE80BAA4AF21883CF938197D508B848 392122 ----a-w- C:\WINDOWS\System32\drivers\usbVM303.sys
2013-06-26 18:34:54 233509E1AD024A3E451D8DF6795EEED5 428160 ----a-w- C:\WINDOWS\System32\drivers\vmfilter303.sys
2013-06-26 18:00:11 D9F724AA26C010A217C97606B160ED68 3072 ----a-w- C:\WINDOWS\System32\drivers\audstub.sys
2013-06-26 17:59:49 F828DD7E1419B6653894A8F97A0094C5 57600 ----a-w- C:\WINDOWS\System32\drivers\redbook.sys
2013-06-26 17:57:55 C93C9FF7B04D772627A3646D89F7BF89 11264 ----a-w- C:\WINDOWS\System32\drivers\irenum.sys
2013-06-26 16:49:22 B43B36B382AEA10861F7C7A37F9D4AE2 46592 ------w- C:\WINDOWS\System32\drivers\irbus.sys
2013-06-26 16:46:06 E2FB83E16D003E973C0A6F25CA39A281 3615 ------w- C:\WINDOWS\System32\drivers\adv05nt5.dll
2013-06-26 16:46:06 DB6D4CBF4DEBFA810A83035952EEC707 3775 ------w- C:\WINDOWS\System32\drivers\adv11nt5.dll
2013-06-26 16:46:06 9FD9797D7E74AEA57915C726D82697F4 3135 ------w- C:\WINDOWS\System32\drivers\adv08nt5.dll
2013-06-26 16:46:06 9A193E5B5416E800B1FEDD7A4C5425C9 3967 ------w- C:\WINDOWS\System32\drivers\adv02nt5.dll
2013-06-26 16:46:06 76DEC026845C0C7679C194BF3FAD81F0 3711 ------w- C:\WINDOWS\System32\drivers\adv09nt5.dll
2013-06-26 16:46:06 23C8D06EBE70CA5D8364818AD6342BDA 3647 ------w- C:\WINDOWS\System32\drivers\adv07nt5.dll
2013-06-26 16:46:06 1A7DDD37DEB481A9C25BBE705D63966B 4255 ------w- C:\WINDOWS\System32\drivers\adv01nt5.dll
2013-06-26 16:46:06 08FD04AA961BDC77FB983F328334E3D7 42368 ------w- C:\WINDOWS\System32\drivers\agp440.sys
2013-06-26 16:46:06 03A7E0922ACFE1B07D5DB2EEB0773063 44928 ------w- C:\WINDOWS\System32\drivers\agpcpq.sys
2013-06-26 16:46:05 F7706DAE7D101F1B19CE552D772EBFCE 21343 ------w- C:\WINDOWS\System32\drivers\ati1ttxx.sys
2013-06-26 16:46:05 EDD66332608D27F4FD5069BCD0BC5164 73216 ------w- C:\WINDOWS\System32\drivers\atintuxx.sys
2013-06-26 16:46:05 ED4C2BF8403F4437987C0BA09CF48716 13824 ------w- C:\WINDOWS\System32\drivers\atinmdxx.sys
2013-06-26 16:46:05 E90AC2B14E98F1A4372E5891B4278784 14336 ------w- C:\WINDOWS\System32\drivers\atinpdxx.sys
2013-06-26 16:46:05 DAC7D785CF62F5BD41441E9D6F5A6EFE 26367 ------w- C:\WINDOWS\System32\drivers\ati1snxx.sys
2013-06-26 16:46:05 DA36687D701C833430605A298731410B 52224 ------w- C:\WINDOWS\System32\drivers\atinraxx.sys
2013-06-26 16:46:05 D80A8F6C0A717446496C3A06D33B0D9C 13824 ------w- C:\WINDOWS\System32\drivers\atinttxx.sys
2013-06-26 16:46:05 D649C57DA6FA762C64013747E5D7D2D6 56623 ------w- C:\WINDOWS\System32\drivers\ati1btxx.sys
2013-06-26 16:46:05 CEDDEE2E0591894D19654D458FD3B9BE 28672 ------w- C:\WINDOWS\System32\drivers\atinsnxx.sys
2013-06-26 16:46:05 CB08AED0DE2DD889A8A820CD8082D83C 42752 ------w- C:\WINDOWS\System32\drivers\alim1541.sys
2013-06-26 16:46:05 BCAF267B10620F8C93F6E87AB726E145 63663 ------w- C:\WINDOWS\System32\drivers\ati1rvxx.sys
2013-06-26 16:46:05 AA4F39968C3C48F44AC93C19C74531AC 17279 ------w- C:\WINDOWS\System32\drivers\atv10nt5.dll
2013-06-26 16:46:05 A7A01B907DB63898D40B0A14248FF9A2 104960 ------w- C:\WINDOWS\System32\drivers\atinrvxx.sys
2013-06-26 16:46:05 9D318099BF3876A4AF4BC75966D27603 30671 ------w- C:\WINDOWS\System32\drivers\ati1raxx.sys
2013-06-26 16:46:05 993E7BD6438FE989E328C6B4BCA246A9 57856 ------w- C:\WINDOWS\System32\drivers\atinbtxx.sys
2013-06-26 16:46:05 99265584139E0361156AF8AAFB9F05FD 11359 ------w- C:\WINDOWS\System32\drivers\atv02nt5.dll
2013-06-26 16:46:05 95B4FB835E28AA1336CEEB07FD5B9398 43008 ------w- C:\WINDOWS\System32\drivers\amdagp.sys
2013-06-26 16:46:05 8E59F9BE251C8AE32A1CEB068B3F96B1 64352 ------w- C:\WINDOWS\System32\drivers\ativmc20.cod
2013-06-26 16:46:05 77B575D7AAB35D5908AE6CE681608D62 63488 ------w- C:\WINDOWS\System32\drivers\atinxsxx.sys
2013-06-26 16:46:05 6FDC61E8E8E17F6ECC2D9A10FA8DF347 12047 ------w- C:\WINDOWS\System32\drivers\ati1pdxx.sys
2013-06-26 16:46:05 6F714B4720DD80FFA9F8D2731594EA4C 36463 ------w- C:\WINDOWS\System32\drivers\ati1tuxx.sys
2013-06-26 16:46:05 67FFBC158DD4D27BA3FC92C6ACD87F73 29455 ------w- C:\WINDOWS\System32\drivers\ati1xbxx.sys
2013-06-26 16:46:05 60B6AA2DC1521DA343F781B70EB7895A 11615 ------w- C:\WINDOWS\System32\drivers\ati1mdxx.sys
2013-06-26 16:46:05 4CCDEF76BC20B56037C24D39E5C0E4EA 14143 ------w- C:\WINDOWS\System32\drivers\atv06nt5.dll
2013-06-26 16:46:05 3E7D485CBD0B0D9F6EA2AD9442411831 31744 ------w- C:\WINDOWS\System32\drivers\atinxbxx.sys
2013-06-26 16:46:05 379F31C68379519C15A2B7BF66F8A80E 25471 ------w- C:\WINDOWS\System32\drivers\atv04nt5.dll
2013-06-26 16:46:05 2D030C2F6B036CA0BC243E1B16D924D1 327040 ------w- C:\WINDOWS\System32\drivers\ati2mtaa.sys
2013-06-26 16:46:05 1532382086A0B61982E69FEFFBA77469 21183 ------w- C:\WINDOWS\System32\drivers\atv01nt5.dll
2013-06-26 16:46:05 0D8CAB1F08F7D3C4DE228B49E12E596A 34735 ------w- C:\WINDOWS\System32\drivers\ati1xsxx.sys
2013-06-26 16:46:04 FCA6F069597B62D42495191ACE3FC6C1 37888 ------w- C:\WINDOWS\System32\drivers\bthmodem.sys
2013-06-26 16:46:04 EBB354438A4C5A3327FB97306260714A 1041536 ------w- C:\WINDOWS\System32\drivers\hsfdpsp2.sys
2013-06-26 16:46:04 C53775780148884AC87C455489A0C070 126686 ------w- C:\WINDOWS\System32\drivers\mtlmnt5.sys
2013-06-26 16:46:04 BB68CEBFFD181E18A26112D1B9F90F3D 36480 ------w- C:\WINDOWS\System32\drivers\bthprint.sys
2013-06-26 16:46:04 BB1A6FB7D35A91E599973FA74A619056 19200 ------w- C:\WINDOWS\System32\drivers\hidir.sys
2013-06-26 16:46:04 B279426E3C0C344893ED78A613A73BDE 17024 ------w- C:\WINDOWS\System32\drivers\bthenum.sys
2013-06-26 16:46:04 970178E8E003EB1481293830069624B9 220032 ------w- C:\WINDOWS\System32\drivers\hsfbs2s2.sys
2013-06-26 16:46:04 80602B8746D3738F5886CE3D67EF06B6 101120 ------w- C:\WINDOWS\System32\drivers\bthpan.sys
2013-06-26 16:46:04 7BD2DE4C85EB4241EED57672B16A7D8D 25600 ------w- C:\WINDOWS\System32\drivers\hidbth.sys
2013-06-26 16:46:04 61ED91FDC8BDC432C9E51DDCB3D66FEE 15423 ------w- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
2013-06-26 16:46:04 61364CD71EF63B0F038B7E9DF00F1EFA 18944 ------w- C:\WINDOWS\System32\drivers\bthusb.sys
2013-06-26 16:46:04 3A74C423CF6BCCA6982715878F450A3B 46464 ------w- C:\WINDOWS\System32\drivers\gagp30kx.sys
2013-06-26 16:46:04 3194C32E8A2403073B812183355E25C6 129045 ------w- C:\WINDOWS\System32\drivers\cxthsfs2.cty
2013-06-26 16:46:04 195741AEE20369980796B557358CD774 11868 ------w- C:\WINDOWS\System32\drivers\mdmxsdk.sys
2013-06-26 16:46:04 1225EBEA76AAC3C84DF6C54FE5E5D8BE 685056 ------w- C:\WINDOWS\System32\drivers\hsfcxts2.sys
2013-06-26 16:46:04 10B85171B90C449F8DA71C2640B797E9 273024 ------w- C:\WINDOWS\System32\drivers\bthport.sys
2013-06-26 16:46:03 F9B8E30E82EE95CF3E1D3E495599B99C 95424 ------w- C:\WINDOWS\System32\drivers\slnthal.sys
2013-06-26 16:46:03 E9AAA0092D74A9D371659C4C38882E12 13776 ------w- C:\WINDOWS\System32\drivers\recagent.sys
2013-06-26 16:46:03 DB56BB2C55723815CF549D7FC50CFCEB 13240 ------w- C:\WINDOWS\System32\drivers\slwdmsup.sys
2013-06-26 16:46:03 D9673011648A71ED1E1F77B831BC85E6 129535 ------w- C:\WINDOWS\System32\drivers\slnt7554.sys
2013-06-26 16:46:03 D66D22D76878BF3483A6BE30183FB648 10240 ------w- C:\WINDOWS\System32\drivers\sffp_mmc.sys
2013-06-26 16:46:03 B538DCD9816EA35FA4F637CFC261AAA8 12672 ------w- C:\WINDOWS\System32\drivers\mutohpen.sys
2013-06-26 16:46:03 905CB655E93D39C97E078A3C4C884F31 67866 ------w- C:\WINDOWS\System32\drivers\netwlan5.img
2013-06-26 16:46:03 895BE38A993B9BD5ABBE570D63D88A2E 5888 ------w- C:\WINDOWS\System32\drivers\smbali.sys
2013-06-26 16:46:03 851C30DF2807FCFA21E4C681A7D6440E 59136 ------w- C:\WINDOWS\System32\drivers\rfcomm.sys
2013-06-26 16:46:03 726548542AFECA56257FF01EB13BB6D7 30592 ------w- C:\WINDOWS\System32\drivers\rndismpx.sys
2013-06-26 16:46:03 6DDA78A0BE692B61B668FAB860F276CF 452736 ------w- C:\WINDOWS\System32\drivers\mtxparhm.sys
2013-06-26 16:46:03 6B910A4F9FD45CAE6579564DA22D69AE 3901 ------w- C:\WINDOWS\System32\drivers\siint5.dll
2013-06-26 16:46:03 6B33D0EBD30DB32E27D1D78FE946A754 40960 ------w- C:\WINDOWS\System32\drivers\sisagp.sys
2013-06-26 16:46:03 576B34CEAE5B7E5D9FD2775E93B3DB53 180360 ------w- C:\WINDOWS\System32\drivers\ntmtlfax.sys
2013-06-26 16:46:03 54886A652BF5685192141DF304E923FD 1309184 ------w- C:\WINDOWS\System32\drivers\mtlstrm.sys
2013-06-26 16:46:03 2C1779C0FEB1F4A6033600305EBA623A 404990 ------w- C:\WINDOWS\System32\drivers\slntamr.sys
2013-06-26 16:46:03 2B298519EDBFCF451D43E0F1E8F1006D 1897408 ------w- C:\WINDOWS\System32\drivers\nv4_mini.sys
2013-06-26 16:46:03 0DBCC071A268E0340A2BA6BDD98BACE4 166912 ------w- C:\WINDOWS\System32\drivers\s3gnbm.sys
2013-06-26 16:46:02 D85938F272D1BCF3DB3A31FC0A048928 44672 ------w- C:\WINDOWS\System32\drivers\uagp35.sys
2013-06-26 16:46:02 B6CC50279D6CD28E090A5D33244ADC9A 12800 ------w- C:\WINDOWS\System32\drivers\usb8023x.sys
2013-06-26 16:46:02 ACED8C149B30F8496C237BCBA3727B48 14208 ------w- C:\WINDOWS\System32\drivers\wacompen.sys
2013-06-26 16:46:02 7BB3AA595E4507A788DE1CDC63F4C8C4 11871 ------w- C:\WINDOWS\System32\drivers\wadv09nt.sys
2013-06-26 16:46:02 754292CE5848B3738281B4F3607EAEF4 42240 ------w- C:\WINDOWS\System32\drivers\viaagp.sys
2013-06-26 16:46:02 714038A8AA5DE08E12062202CD7EAEB5 11295 ------w- C:\WINDOWS\System32\drivers\wadv08nt.sys
2013-06-26 16:46:02 63BBFCA7F390F4C49ED4B96BFB1633E0 121984 ------w- C:\WINDOWS\System32\drivers\usbvideo.sys
2013-06-26 16:46:02 5E9313B8BFB6025E7C38E9A0BF185303 11325 ------w- C:\WINDOWS\System32\drivers\vchnt5.dll
2013-06-26 16:46:02 36E6C405B6143D09687F4056FD9A0D10 11935 ------w- C:\WINDOWS\System32\drivers\wadv11nt.sys
2013-06-26 16:46:02 0308AEF61941E4AF478FA1A0F83812F5 11807 ------w- C:\WINDOWS\System32\drivers\wadv07nt.sys
2013-06-26 16:46:01 791CC45DE6E50445BE72E8AD6401FF45 25471 ------w- C:\WINDOWS\System32\drivers\watv10nt.sys
2013-06-26 16:46:01 352FA0E98BC461CE1CE5D41F64DB558D 22271 ------w- C:\WINDOWS\System32\drivers\watv06nt.sys
2013-06-26 16:31:57 28E860FB66A500412E0E0ABE74AE4C28 2096 ----a-r- C:\WINDOWS\System32\drivers\ativdkxx.vp
2013-06-26 16:31:56 302C658113F5D8D6782A9D4E802E501A 929 ----a-r- C:\WINDOWS\System32\drivers\ativcaxx.vp
2013-06-26 16:31:56 2406E91EF0352F157BB06504530F9A95 1311202 ----a-r- C:\WINDOWS\System32\drivers\ativcaxx.cpa
2013-06-26 16:31:55 A7D6B652A58F1006F17A608ABD0A5733 2096 ----a-r- C:\WINDOWS\System32\drivers\ativckxx.vp
2013-06-26 16:31:55 180D6B56F99C8276322C16BB7CBF09C7 43152 ----a-r- C:\WINDOWS\System32\drivers\ativvpxx.vp
2013-06-26 16:28:06 AB8B92451ECB048A4D1DE7C3FFCB4A9F 6272 ----a-w- C:\WINDOWS\System32\drivers\splitter.sys
2013-06-26 16:28:05 6768ACF64B18196494413695F0C3A00F 83072 ----a-w- C:\WINDOWS\System32\drivers\wdmaud.sys
2013-06-26 16:28:04 8A208DFCF89792A484E76C40E5F50B45 52864 ----a-w- C:\WINDOWS\System32\drivers\dmusic.sys
2013-06-26 16:28:00 8CE882BCC6CF8A62F2B2323D95CB3D01 56576 ----a-w- C:\WINDOWS\System32\drivers\swmidi.sys
2013-06-26 16:27:59 8BED39E3C35D6A489438B8141717A557 142592 ----a-w- C:\WINDOWS\System32\drivers\aec.sys
2013-06-26 16:27:58 692BCF44383D056AED41B045A323D378 172416 ----a-w- C:\WINDOWS\System32\drivers\kmixer.sys
2013-06-26 16:27:57 8F5FCFF8E8848AFAC920905FBD9D33C8 2944 ----a-w- C:\WINDOWS\System32\drivers\drmkaud.sys
2013-06-26 16:27:56 8B83F3ED0F1688B4958F77CD6D2BF290 60800 ----a-w- C:\WINDOWS\System32\drivers\sysaudio.sys
2013-06-26 16:27:54 D1575E71568F4D9E14CA56B7B0453BF1 7552 ----a-w- C:\WINDOWS\System32\drivers\mskssrv.sys
2013-06-26 16:27:53 BAD59648BA099DA4A17680B39730CB3D 4992 ----a-w- C:\WINDOWS\System32\drivers\mspqm.sys
2013-06-26 16:27:52 325BB26842FC7CCC1FCCE2C457317F3E 5376 ----a-w- C:\WINDOWS\System32\drivers\mspclock.sys
2013-06-26 16:27:47 6CB08593487F5701D2D2254E693EAFCE 60160 ----a-w- C:\WINDOWS\System32\drivers\drmk.sys
2013-06-26 16:27:10 B1A809E7FE19BECD5ACA61F0E7088C8C 4609024 ------r- C:\WINDOWS\System32\drivers\RtkHDAud.sys
2013-06-26 16:25:12 1E11171C0B9989E1BDAA59E96B2E81C4 85120 ----a-r- C:\WINDOWS\System32\drivers\Rtnicxp.sys
2013-06-26 16:11:50 B2CF4B0786F8212CB92ED2B50C6DB6B0 129792 ----a-w- C:\WINDOWS\System32\drivers\fltmgr.sys
2013-06-26 16:11:49 76BB022C2FB6902FD5BDD4F78FC13A5D 73472 ----a-w- C:\WINDOWS\System32\drivers\sr.sys
2013-06-26 16:10:01 C56B6D0402371CF3700EB322EF3AAF61 21896 ----a-w- C:\WINDOWS\System32\drivers\tdtcp.sys
2013-06-26 16:10:01 6728E45B66F93C08F11DE2E316FC70DD 139656 ----a-w- C:\WINDOWS\System32\drivers\rdpwd.sys
2013-06-26 16:10:01 6471A66807F5E104E4885F5B67349397 12040 ----a-w- C:\WINDOWS\System32\drivers\tdpipe.sys
2013-06-26 16:09:41 15CABD0F7C00C47C70124907916AF3F1 196224 ----a-w- C:\WINDOWS\System32\drivers\rdpdr.sys
2013-06-26 16:09:40 88155247177638048422893737429D9E 40840 ----a-w- C:\WINDOWS\System32\drivers\termdd.sys
====== C:\WINDOWS\Tasks ======
2013-07-06 07:36:58 8C1E84E652F1438244B54C62463D0D66 412 ----a-w- C:\WINDOWS\Tasks\At1.job
2013-07-02 14:27:52 5E22E0793DF7747B3A7BD2A2874D9B3C 290 ----a-w- C:\WINDOWS\Tasks\Express FilesUpdate.job
2013-07-02 06:14:57 DFD3B933609C4161A48B0E9B81C7E5AC 312 ---ha-w- C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-06-26 18:22:23 2ADED58F3BA5DDD97752A3BFD7611223 830 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-06-26 18:11:28 C5F32F0C0EA1C9A8FFFF41146E391D4B 1016 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1454471165-725345543-1003UA.job
2013-06-26 18:11:27 9585771FD7B6F3A9B0AAC2931F963972 964 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1454471165-725345543-1003Core.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2013-07-05 12:27:16 -------- d-----w- C:\Program Files\IObit
2013-07-04 11:44:51 -------- d-----w- C:\Program Files\K-Lite Codec Pack
2013-07-04 11:42:55 -------- d-----w- C:\Program Files\MyPC Backup
2013-07-03 09:26:13 -------- d-----w- C:\Program Files\CoreAAC
2013-07-02 11:39:09 -------- d-----w- C:\Program Files\Vtools
2013-07-02 11:38:24 -------- d-----w- C:\Program Files\Instair
2013-07-02 11:38:18 -------- d-----w- C:\Program Files\Instair Speed Dial
2013-06-30 07:21:06 -------- d-----w- C:\Program Files\Hitman Pro 3.5
2013-06-27 09:13:50 -------- d-----w- C:\Program Files\MCShield
2013-06-26 20:01:12 -------- d-----w- C:\Program Files\Winamp Detect
2013-06-26 20:00:00 -------- d-----w- C:\Program Files\Winamp
2013-06-26 19:50:36 -------- d-----w- C:\Program Files\Common Files\ACD Systems
2013-06-26 19:50:36 -------- d-----w- C:\Program Files\ACD Systems
2013-06-26 19:42:24 -------- d-----w- C:\Program Files\Unlocker
2013-06-26 19:27:20 -------- d-----w- C:\Program Files\Google
2013-06-26 19:17:32 -------- d-----w- C:\Program Files\Mozilla Maintenance Service
2013-06-26 18:59:14 -------- d-----w- C:\Program Files\Maxthon3
2013-06-26 18:42:31 -------- d-----w- C:\Program Files\Defraggler
2013-06-26 18:40:20 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-06-26 18:38:33 -------- d-----w- C:\Program Files\Yahoo!
2013-06-26 18:37:48 -------- d-----w- C:\Program Files\SpeedFan
2013-06-26 18:34:46 -------- d-----w- C:\Program Files\A4 tech
2013-06-26 18:32:01 -------- d-----w- C:\Program Files\Common Files\Skype
2013-06-26 18:32:00 -------- d-----r- C:\Program Files\Skype
2013-06-26 18:28:06 -------- d-----w- C:\Program Files\WinRAR
2013-06-26 18:25:15 -------- d-----w- C:\Program Files\Common Files\Adobe
2013-06-26 18:25:15 -------- d-----w- C:\Program Files\Adobe
2013-06-26 17:58:09 -------- d-----w- C:\Program Files\Common Files\SpeechEngines
2013-06-26 17:58:09 -------- d-----w- C:\Program Files\Common Files\Microsoft Shared
2013-06-26 17:58:09 -------- d-----w- C:\Program Files\Common Files
2013-06-26 16:26:57 -------- d-----w- C:\Program Files\Realtek
2013-06-26 16:26:54 -------- d--h--w- C:\Program Files\InstallShield Installation Information
2013-06-26 16:26:43 -------- d-----w- C:\Program Files\Common Files\InstallShield
2013-06-26 16:23:03 -------- d-----w- C:\Program Files\Intel
2013-06-26 16:18:24 -------- d--h--w- C:\Program Files\Uninstall Information
2013-06-26 16:14:16 -------- d-----w- C:\Program Files\xerox
2013-06-26 16:14:16 -------- d-----w- C:\Program Files\microsoft frontpage
2013-06-26 16:13:00 -------- d--h--w- C:\Program Files\WindowsUpdate
2013-06-26 16:12:19 -------- d-----w- C:\Program Files\Common Files\Services
2013-06-26 16:12:16 -------- d-----w- C:\Program Files\Common Files\MSSoap
2013-06-26 16:12:02 -------- d-----w- C:\Program Files\Movie Maker
2013-06-26 16:11:44 -------- d-----w- C:\Program Files\NetMeeting
2013-06-26 16:11:38 -------- d-----w- C:\Program Files\Outlook Express
2013-06-26 16:11:28 -------- d-----w- C:\Program Files\Common Files\System
2013-06-26 16:11:27 -------- d-----w- C:\Program Files\Internet Explorer
2013-06-26 16:10:48 -------- d-----w- C:\Program Files\Online Services
2013-06-26 16:10:47 -------- d-----w- C:\Program Files\Windows Media Player
2013-06-26 16:10:41 -------- d-----w- C:\Program Files\Messenger
2013-06-26 16:10:38 -------- d-----w- C:\Program Files\MSN Gaming Zone
2013-06-26 16:10:05 -------- d-----w- C:\Program Files\MSN
2013-06-26 16:10:02 -------- d-----w- C:\Program Files\Windows NT
======= C: =====
2013-06-26 17:56:14 FA579938B0733B87066546AFE951082C 211 --sh--w- C:\boot.ini
2013-06-26 16:14:02 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\MSDOS.SYS
2013-06-26 16:14:02 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\IO.SYS
2013-06-26 16:14:02 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\CONFIG.SYS
2013-06-26 16:14:02 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\AUTOEXEC.BAT
====== C:\Documents and Settings\MICA\Application Data ======
2013-07-06 07:24:12 -------- d-----w- C:\Documents and Settings\MICA\Application Data\PlusWinks
2013-07-06 07:23:56 7E87C3301ED85E468ABF1204B85B335C 30894 ----a-w- C:\Documents and Settings\MICA\Application Data\speedanalysis.ico
2013-07-06 06:50:03 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\WMTools Downloaded Files
2013-07-05 12:55:01 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter
2013-07-05 12:27:39 -------- d-----w- C:\Documents and Settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-05 12:27:36 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Apple Computer
2013-07-05 12:27:35 -------- d-----w- C:\Documents and Settings\All Users\Application Data\IObit
2013-07-05 11:34:27 -------- d-----w- C:\Documents and Settings\All Users\Application Data\VS Revo Group
2013-07-04 11:48:06 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Media Player Classic
2013-07-04 11:45:06 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack\Uninstall
2013-07-04 11:45:06 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack\Tools
2013-07-04 11:45:06 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack\Help
2013-07-04 11:45:05 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack\Configuration
2013-07-04 11:45:05 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
2013-07-04 11:39:59 -------- d-----r- C:\Documents and Settings\MICA\Start Menu\Programs\Administrative Tools
2013-07-03 09:26:15 -------- d---a-w- C:\Documents and Settings\All Users\Application Data\TEMP
2013-07-03 06:51:56 -------- d-----w- C:\Documents and Settings\MICA\Application Data\WinZipper
2013-07-03 06:46:56 -------- d-----w- C:\Documents and Settings\All Users\Application Data\eSafe
2013-07-02 14:23:06 B00F1D142611D136D80E7953B2C46D53 10752 ----a-w- C:\Documents and Settings\MICA\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-02 11:38:15 -------- d-----w- C:\Documents and Settings\MICA\Application Data\IObit
2013-07-02 11:30:55 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\VS Revo Group
2013-07-02 10:49:14 -------- d-----w- C:\Documents and Settings\MICA\Application Data\uTorrent
2013-07-02 06:15:00 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
2013-06-30 07:21:06 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Hitman Pro 3.5
2013-06-30 07:20:44 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Hitman Pro
2013-06-27 09:13:51 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\MCShield\Uninstall
2013-06-27 09:13:51 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\MCShield
2013-06-27 09:13:50 -------- d-----w- C:\Documents and Settings\All Users\Application Data\MCShield
2013-06-26 20:10:52 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Pokki
2013-06-26 20:09:38 -------- d-----w- C:\Documents and Settings\MICA\Application Data\CyberLink
2013-06-26 20:01:12 -------- d-----w- C:\Documents and Settings\MICA\Start Menu\Programs\Winamp Detector Plug-in
2013-06-26 20:00:00 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Winamp
2013-06-26 19:50:56 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\ACD Systems
2013-06-26 19:50:56 -------- d-----w- C:\Documents and Settings\MICA\Application Data\ACD Systems
2013-06-26 19:50:41 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\ACD Systems
2013-06-26 19:50:37 -------- d-----w- C:\Documents and Settings\All Users\Application Data\ACD Systems
2013-06-26 19:46:59 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Downloaded Installations
2013-06-26 19:42:24 -------- d-----w- C:\Documents and Settings\MICA\Start Menu\Programs\Unlocker
2013-06-26 19:28:09 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Picasa 3
2013-06-26 19:17:36 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Mozilla
2013-06-26 19:17:35 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Mozilla
2013-06-26 19:17:32 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Mozilla
2013-06-26 18:59:20 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Maxthon3
2013-06-26 18:56:06 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Sun
2013-06-26 18:40:59 -------- d-----w- C:\Documents and Settings\MICA\Application Data\SUPERAntiSpyware.com
2013-06-26 18:40:24 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
2013-06-26 18:40:20 -------- d-----w- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2013-06-26 18:40:17 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Adobe
2013-06-26 18:38:36 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Yahoo
2013-06-26 18:38:36 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Widgets
2013-06-26 18:37:48 -------- d-----w- C:\Documents and Settings\MICA\Start Menu\Programs\SpeedFan
2013-06-26 18:35:17 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\A4 TECH PC Camera H
2013-06-26 18:34:40 -------- d-----w- C:\Documents and Settings\MICA\Application Data\InstallShield
2013-06-26 18:32:09 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Skype
2013-06-26 18:32:01 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2013-06-26 18:31:56 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Skype
2013-06-26 18:28:08 -------- d-----w- C:\Documents and Settings\MICA\Start Menu\Programs\WinRAR
2013-06-26 18:28:08 -------- d-----w- C:\Documents and Settings\MICA\Application Data\WinRAR
2013-06-26 18:28:08 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
2013-06-26 18:25:00 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Adobe
2013-06-26 18:21:25 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Adobe
2013-06-26 18:19:29 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Sun
2013-06-26 18:17:48 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Sun
2013-06-26 18:12:54 -------- d-----w- C:\Documents and Settings\MICA\Start Menu\Programs\Google Chrome
2013-06-26 18:11:26 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Google
2013-06-26 18:07:43 -------- d-----w- C:\Documents and Settings\MICA\Application Data\CallingID
2013-06-26 18:03:53 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Avira
2013-06-26 17:57:47 88CF0FF92A4A9FA7BD9B7513B2E9E22B 62 --sha-w- C:\Documents and Settings\Default User\Application Data\desktop.ini
2013-06-26 17:57:47 88CF0FF92A4A9FA7BD9B7513B2E9E22B 62 --sha-w- C:\Documents and Settings\All Users\Application Data\desktop.ini
2013-06-26 17:57:47 -------- d-----r- C:\Documents and Settings\Default User\Start Menu\Programs\Startup
2013-06-26 17:57:47 -------- d-----r- C:\Documents and Settings\Default User\Start Menu\Programs
2013-06-26 17:57:47 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
2013-06-26 17:57:47 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs
2013-06-26 17:57:32 -------- d-s---w- C:\Documents and Settings\Default User\Application Data\Microsoft
2013-06-26 17:57:32 -------- d-s---w- C:\Documents and Settings\All Users\Application Data\Microsoft
2013-06-26 16:38:30 CC6390AD9641C7A96587AF54C85C8F17 13560 ----a-w- C:\Documents and Settings\MICA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-06-26 16:38:15 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\ATI
2013-06-26 16:38:15 -------- d-----w- C:\Documents and Settings\MICA\Application Data\ATI
2013-06-26 16:36:15 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Control Center
2013-06-26 16:18:26 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Identities
2013-06-26 16:18:20 88CF0FF92A4A9FA7BD9B7513B2E9E22B 62 --sha-w- C:\Documents and Settings\MICA\Application Data\desktop.ini
2013-06-26 16:18:19 -------- d-s---w- C:\Documents and Settings\MICA\Application Data\Microsoft
2013-06-26 16:18:19 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Microsoft
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\Start Menu\Programs\Startup
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\Start Menu\Programs\Accessories\Entertainment
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\Start Menu\Programs\Accessories\Accessibility
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\Start Menu\Programs\Accessories
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\Start Menu\Programs
2013-06-26 16:17:19 -------- d-s---w- C:\Documents and Settings\LocalService\Application Data\Microsoft
2013-06-26 16:17:19 -------- d-----w- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
2013-06-26 16:16:57 -------- d-----w- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
2013-06-26 16:16:56 -------- d-s---w- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2013-06-26 16:14:07 -------- d-----r- C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility
2013-06-26 16:14:02 -------- d-----r- C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Entertainment
2013-06-26 16:13:58 -------- d-----w- C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft
2013-06-26 16:12:57 -------- d-----r- C:\Documents and Settings\Default User\Start Menu\Programs\Accessories
2013-06-26 16:11:10 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Games
2013-06-26 16:11:10 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Entertainment
2013-06-26 16:11:10 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Accessibility
2013-06-26 16:11:09 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools
2013-06-26 16:10:54 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
2013-06-26 16:09:21 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Communications
2013-06-26 16:09:21 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
====== C:\Documents and Settings\MICA ======
2013-07-06 15:48:07 -------- d-----w- C:\Documents and Settings\All Users\Favorites
2013-07-06 08:07:56 -------- d--h--r- C:\Documents and Settings\MICA\Recent
2013-07-05 12:27:36 -------- d-----w- C:\Documents and Settings\MICA\AppData
2013-07-02 11:38:19 -------- d-----w- C:\Documents and Settings\MICA\LocalLow
2013-06-26 18:05:31 -------- d-----r- C:\Documents and Settings\LocalService\Favorites
2013-06-26 17:57:47 -------- d-s---w- C:\Documents and Settings\Default User\Cookies
2013-06-26 17:57:47 -------- d--h--w- C:\Documents and Settings\Default User\Templates
2013-06-26 17:57:47 -------- d--h--w- C:\Documents and Settings\Default User\Recent
2013-06-26 17:57:47 -------- d--h--w- C:\Documents and Settings\Default User\PrintHood
2013-06-26 17:57:47 -------- d--h--w- C:\Documents and Settings\Default User\NetHood
2013-06-26 17:57:47 -------- d--h--w- C:\Documents and Settings\All Users\Templates
2013-06-26 17:57:47 -------- d--h--r- C:\Documents and Settings\Default User\SendTo
2013-06-26 17:57:47 -------- d--h--r- C:\Documents and Settings\Default User\Local Settings
2013-06-26 17:57:47 -------- d-----w- C:\Documents and Settings\Default User\My Documents
2013-06-26 17:57:47 -------- d-----w- C:\Documents and Settings\Default User\Favorites
2013-06-26 17:57:47 -------- d-----w- C:\Documents and Settings\Default User\Desktop
2013-06-26 17:57:47 -------- d-----w- C:\Documents and Settings\All Users\Desktop
2013-06-26 17:57:47 -------- d-----r- C:\Documents and Settings\Default User\Start Menu
2013-06-26 17:57:47 -------- d-----r- C:\Documents and Settings\All Users\Start Menu
2013-06-26 17:57:47 -------- d-----r- C:\Documents and Settings\All Users\Documents
2013-06-26 17:57:33 -------- d-s---w- C:\Documents and Settings\MICA\UserData
2013-06-26 17:57:32 -------- d--h--r- C:\Documents and Settings\Default User\Application Data
2013-06-26 17:57:32 -------- d--h--r- C:\Documents and Settings\All Users\Application Data
2013-06-26 16:18:20 CBDA6984D2ECC537AEF07205AE001013 178 --sh--w- C:\Documents and Settings\MICA\ntuser.ini
2013-06-26 16:18:19 -------- d-s---w- C:\Documents and Settings\MICA\Cookies
2013-06-26 16:18:19 -------- d--h--w- C:\Documents and Settings\MICA\Templates
2013-06-26 16:18:19 -------- d--h--w- C:\Documents and Settings\MICA\PrintHood
2013-06-26 16:18:19 -------- d--h--w- C:\Documents and Settings\MICA\NetHood
2013-06-26 16:18:19 -------- d--h--w- C:\Documents and Settings\MICA\Local Settings
2013-06-26 16:18:19 -------- d--h--r- C:\Documents and Settings\MICA\SendTo
2013-06-26 16:18:19 -------- d--h--r- C:\Documents and Settings\MICA\Application Data
2013-06-26 16:18:19 -------- d-----w- C:\Documents and Settings\MICA\Desktop
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\Start Menu
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\My Documents
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\Favorites
2013-06-26 16:17:19 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Documents and Settings\LocalService\ntuser.ini
2013-06-26 16:17:19 -------- d-s---w- C:\Documents and Settings\LocalService\Cookies
2013-06-26 16:17:19 -------- d--h--w- C:\Documents and Settings\LocalService\Local Settings
2013-06-26 16:17:19 -------- d-----w- C:\Documents and Settings\LocalService\Application Data
2013-06-26 16:16:57 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Documents and Settings\NetworkService\ntuser.ini
2013-06-26 16:16:56 -------- d-s---w- C:\Documents and Settings\NetworkService\Cookies
2013-06-26 16:16:56 -------- d--h--w- C:\Documents and Settings\NetworkService\Local Settings
2013-06-26 16:16:56 -------- d-----w- C:\Documents and Settings\NetworkService\Application Data
2013-06-26 16:13:17 -------- d-sh--w- C:\Documents and Settings\All Users\DRM

====== C: exe-files ==
2013-07-06 08:06:55 66301EAD120DB10769DFC28872295763 2240832 ----a-w- C:\Documents and Settings\MICA\Local Settings\Temp\ASCDownloader\ActionCenterDownloader.exe
2013-07-06 08:03:13 069F1BB782EF1A4D2A1A1A035B9D8FC6 2972992 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Sun12_SystemControl.exe
2013-07-06 08:01:46 BBA43ED23437F233FAAD0B56EB502F74 857408 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Sua13_EmptyFolderScanner.exe
2013-07-06 07:58:20 7175E0F1D9F142562F957E0822FC6EA3 978752 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Sus12_DriverManager.exe
2013-07-06 07:46:46 78185A1C861FA7AD6BE016D54D050119 491840 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
2013-07-06 07:46:44 9BEE8532FAAEEC2D9F4887A7F7459B02 4042560 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\ASC.exe
2013-07-06 07:46:27 D7DC2A7824F6910903EDE353761E22C0 4710160 ----a-w- C:\Documents and Settings\All Users\Application Data\IObit\ASCDownloader\Smart Defrag.exe
2013-07-06 07:39:50 3252EAD684467D3F16A47E7581AAB757 458240 ----a-w- C:\Documents and Settings\MICA\Local Settings\Temp\13330uninstall.exe
2013-07-05 12:59:13 B557EE752636B3B47323B0F495E79062 389440 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Suc13_FileShredder.exe
2013-07-05 12:58:46 E4C3EC8D01B108581FBEB0F5D971CA4D 505152 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Sur10_Undelete.exe
2013-07-05 12:54:55 DF551690EEB462238A09BE3AB6D43ECE 547672 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\TaskSchedule.exe
2013-07-05 12:54:55 AA2736A07219D66D1FBD670F14859E0C 2133824 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\UninstallPromote.exe
2013-07-05 12:54:55 3CE56A6001B630F8BD44E4E72C615261 1094464 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\IMF_ActionCenterDownloader.exe
2013-07-05 12:54:54 C0227B33BAB59AE7BDF36FF7D4EFDD9A 50640 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe
2013-07-05 12:54:53 8CAEC53A5597AAA5383A416F85ACC71E 63296 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\SendBugReport.exe
2013-07-05 12:54:53 3802C657EC39998BCFA54BC9820837FD 1515328 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
2013-07-05 12:54:53 24EA4E2F76E216CE70353736E3556585 335168 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
2013-07-05 12:54:52 D9A3A088C517B8C94EE12184A389F4D5 128832 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\BlueBirdInit.exe
2013-07-05 12:54:52 341D01D2CB848E096A4F4C6D09CF1957 1178432 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\unins000.exe
2013-07-05 12:53:41 31FA2B82DD28BF077ABA18083C2B8050 20185568 ----a-w- C:\Documents and Settings\All Users\Application Data\IObit\ASCDownloader\IObit Malware Fighter.exe
2013-07-05 12:40:57 3C30C649895A8F02F46DBC72805AAC70 23360 ----a-w- C:\WINDOWS\system32\RegistryDefragBootTime.exe
2013-07-05 12:40:46 E6182F782C0DB9DA7CCCED9467D8F078 422208 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Suo13_RegistryDefrag.exe
2013-07-05 12:37:55 E68727BE58B10E8DDF64BA1B720E3C09 948544 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Sur13_WinFix.exe
2013-07-05 12:36:51 6805C6BC04E7F6F10C79653F47EE8F81 766272 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Sur12_DiskDoctor.exe
2013-07-05 12:35:49 781473B1320FE797BCB0312D69773734 585536 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Suc12_DiskCleaner.exe
2013-07-05 12:35:30 AE9F6DD240764F6AF28380704C09116D 18110448 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\imf-setup.exe
2013-07-05 12:28:19 D4A740E814C8DA2D60821259D3AB4F9F 321344 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\newyear.exe
2013-07-05 12:11:45 5AA3E89A59E3D556B5F9B6D8D8EE3A82 42080 ----a-w- C:\Documents and Settings\MICA\Local Settings\Temp\bi_cleaner.exe
2013-07-05 12:04:45 39E8381784004AF0C32445DE380CA51C 4482832 ----a-w- C:\WINDOWS\Temp\Optimizer_Pro.exe
2013-07-05 12:03:34 FB58CA29357D25ECD447E79F61B03B67 272128 ----a-w- C:\Documents and Settings\MICA\Local Settings\Temp\Setup-D502DD2B71B5.exe
2013-07-05 12:03:31 D36977B52D60F38DCAF276A46B39A3C9 812607 ----a-w- C:\Documents and Settings\MICA\Local Settings\Temp\DeltaTB.exe
2013-07-04 11:45:05 08170EA8211B667ED378AABBA247D094 2627072 ----a-w- C:\Program Files\K-Lite Codec Pack\Tools\GraphStudioNext.exe
2013-07-04 11:45:04 AD937F57725167E2D5D7BE534FEED706 1048576 ----a-w- C:\Program Files\K-Lite Codec Pack\Tools\mediainfo.exe
2013-07-04 11:45:02 32C67CE61370B21A539786A3A2E674CA 2636448 ----a-w- C:\Program Files\K-Lite Codec Pack\Filters\madVR\madHcCtrl.exe
2013-07-04 11:44:52 150A123EE610E812B7555CB7F056FE4C 5893120 ----a-w- C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
2013-07-04 11:44:51 8EB5CB60390C1FEAD4EE674D466BBDAD 1324115 ----a-w- C:\Program Files\K-Lite Codec Pack\unins000.exe
2013-07-04 11:44:51 29CD1D8A7ABBC8EEB424758E357450C0 1163776 ----a-w- C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe
2013-07-03 19:21:36 C3190BA6ED6220369EEEED081A14DDFC 59784 ----atw- C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleUpdateOnDemand.exe
2013-07-03 19:21:36 1017788353D8349BF6086B9CDDC8CB7B 59784 ----atw- C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleUpdateBroker.exe
2013-07-03 19:21:35 CA35155F6B4C4DB2513AAAA868BAFF47 324488 ----atw- C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleCrashHandler64.exe
2013-07-03 19:21:35 09C87F376507122A5FE1CBE06E015512 239496 ----atw- C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleCrashHandler.exe
2013-07-03 19:21:34 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleUpdate.exe
2013-07-03 19:21:26 5F42FBCE3A8D9ED552E9852A23CA382F 800024 ----a-w- C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.149\GoogleUpdateSetup.exe
2013-07-03 09:26:13 02257E7FB8220C0D1B061AEEF486C252 46764 ----a-w- C:\Program Files\CoreAAC\Uninstall.exe
2013-07-03 06:56:55 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\WINDOWS\system32\bootdelete.exe
2013-07-03 06:46:56 640D75DC77F6D0CFE654F7EA5BFE1421 386112 ----a-w- C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe
2013-07-02 11:39:10 30D739B11AD749BE476E4841C1D954F2 394576 ----a-w- C:\Program Files\Vtools\Windows Cleaner\UninstallPromote.exe
2013-07-02 10:50:10 307EED07597789770F1EE9DD941E1BDF 1126480 ----a-w- C:\Documents and Settings\MICA\Application Data\uTorrent\updates\3.3.1_29812.exe
2013-07-02 10:49:55 307EED07597789770F1EE9DD941E1BDF 1126480 ----a-w- C:\Documents and Settings\MICA\Application Data\uTorrent\uTorrent.exe
2013-07-02 06:14:57 CFE4114B963AB0AB22F6EBEF89564194 229648 ----a-w- C:\WINDOWS\system32\aswBoot.exe
2013-07-01 17:48:22 76A56E7CA5FC87CB6B2ADB0C9F0C71F0 15872 ----a-w- C:\Program Files\MyPC Backup\DEL_UnRegisterExtensions.exe
2013-06-30 07:21:06 39332AD13D6EAF9CF1A144495396AB4D 6355002 ----a-w- C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe
=== C: other files ==
2013-07-06 07:24:25 167BA8001F694363E8A04EDA5C45DDA3 190 ----a-w- C:\Documents and Settings\MICA\Local Settings\Temp\796.bat
2013-07-05 17:45:26 E81DE0D234995DBC2DE3F1481A92DF83 1807 ----a-w- C:\Documents and Settings\MICA\Local Settings\Temp\scoped_dir_1512_15081\chrome-sl.crx
2013-07-05 12:54:57 FB3C60FDF9CAF7183080E91BC8D923CF 35848 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_ia64\UrlFilter.sys
2013-07-05 12:54:57 CAAEF0A4B5AE343918AE6287D5A4843D 17360 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys
2013-07-05 12:54:57 BA5148E2DA9AB2B786EE239510BE819A 31520 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys
2013-07-05 12:54:57 9B9E80E64DC0212CA8B38ED0763B1CCE 64080 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_ia64\RegFilter.sys
2013-07-05 12:54:57 9840396B26E424046AD335C98B3F16C3 247968 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
2013-07-05 12:54:57 443440BCF3074CC76B38BD648DB56CB3 18384 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_x86\UrlFilter.sys
2013-07-05 12:54:56 F5DBCF84176C62B4BEDF22DB56444CBD 21480 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
2013-07-05 12:54:56 EDFC44468C59A19FB810AFC85320536B 36896 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\FileMonitor.sys
2013-07-05 12:54:56 D409D4A4517865131999FAC96D366CBF 23048 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
2013-07-05 12:54:56 C87830B9FAADAFAA621E31478B4BA256 41504 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\UrlFilter.sys
2013-07-05 12:54:56 C2C5672B001A471FCE195CC15910AED9 23016 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys
2013-07-05 12:54:56 C1D42E31D249BD553EF494D5D9DFD28C 35848 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\UrlFilter.sys
2013-07-05 12:54:56 BB26BDE6308A46A8497AA7C4AB569B77 34336 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys
2013-07-05 12:54:56 B56C68DB46DF55A657C5C4A4DF16E082 31752 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys
2013-07-05 12:54:56 B1AD8087079D7C0AF40EB5A38BD2201F 65616 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_ia64\RegFilter.sys
2013-07-05 12:54:56 AC9471B4829936360459C246162DD3FA 31752 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_x86\RegFilter.sys
2013-07-05 12:54:56 AA1639ED5610A85C95CEAB38978CED5A 23048 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\FileMonitor.sys
2013-07-05 12:54:56 9584DF93F59EAA5975F4F5663653E26B 34336 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\RegFilter.sys
2013-07-05 12:54:56 8C340DFCB074E0CEEE070DD12CFB36C9 65616 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\RegFilter.sys
2013-07-05 12:54:56 7EBAB88FEE6E97397C183ED3B71F0797 21480 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys
2013-07-05 12:54:56 795BE722AACDDAE782F495C7FDAE6BA0 20944 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys
2013-07-05 12:54:56 6BB17E7A108A5D5B21ECD95C6297B4AE 21480 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_x86\FileMonitor.sys
2013-07-05 12:54:56 6A084811121D652B11A98617B68E1434 23016 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\UrlFilter.sys
2013-07-05 12:54:56 4A03296A4F482D877FEF95FB7488216D 36384 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\FileMonitor.sys
2013-07-05 12:54:56 488F6A96E03A5A61B7F1FA6A6AB75457 31752 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys
2013-07-05 12:54:56 432F066B591A4DB93C848A503F959CA6 41504 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_ia64\UrlFilter.sys
2013-07-05 12:54:56 3C7682F5BC9E65A0AB6CA980009D5631 39992 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_ia64\FileMonitor.sys
2013-07-05 12:54:56 2D7B25CF753589EC6FD26CA8D082E2CA 64080 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\RegFilter.sys
2013-07-05 12:54:56 2AC63E2EBD94A7788B6D91A15DDC2D41 23048 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\FileMonitor.sys
2013-07-05 12:54:56 1DDB7F0EC75BBCC358DA4508D9A42295 34336 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\RegFilter.sys
2013-07-05 12:54:56 1A05A2CBE90B0080B27543B77E94330C 20432 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\UrlFilter.sys
2013-07-05 12:54:56 085C7D657B6594D73A473EE55079810B 20944 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys
2013-07-04 14:52:29 E83ECB67E6BA04235BEC3E8966683ED2 16917 ----a-w- C:\Documents and Settings\MICA\Local Settings\Temp\6264B869-BAB0-7891-93F0-70DED9BAA7D2\Latest\Delta.crx
2013-07-04 11:45:04 A147DA4D88A5B0AA9D5F145FF0422AB0 13922 ----a-w- C:\Program Files\K-Lite Codec Pack\Tools\Xvid_Quant_Matrices.zip
2013-07-02 11:38:25 B305986F21F246EC0194A4471B0BECFE 19143 ----a-w- C:\Program Files\Instair\Instair_SpeedDial_1.1.0.xpi
2013-07-02 11:38:24 5CBA37429E04F733DF3AD29132FB0B0F 135407 ----a-w- C:\Program Files\Instair\SpeedDial_1.1.0\kikeacjcceacohckgiajooneiabebfjj.zip
2013-07-02 06:15:00 937300BC7C4CDF7576BCCE44E19BBB9D 369584 ----a-w- C:\WINDOWS\system32\drivers\aswSP.sys
2013-07-02 06:15:00 4AF5F360BA1E8794D32B366E45A64A0A 29816 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2013-07-02 06:14:59 7B43265F92257A21CBFD88E7A651044C 49760 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys
2013-07-02 06:14:58 CCD565A8A72AF7D45F9A242013870926 770344 ----a-w- C:\WINDOWS\system32\drivers\aswSnx.sys
2013-07-02 06:14:58 B680134BA1813B78B47FDD1DFF223CA5 49376 ----a-w- C:\WINDOWS\system32\drivers\aswRvrt.sys
2013-07-02 06:14:58 8CFAA2B965773A653F48F1207A9CB9C4 175176 ----a-w- C:\WINDOWS\system32\drivers\aswVmm.sys
2013-07-02 06:14:58 1F71F170D90E42EFDE9633D81D5E12DC 56080 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys
2013-07-02 06:14:57 1F7094D4268D46F718C51286DC189791 66336 ----a-w- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2013-06-30 08:44:04 7FB43797F5579B3C572248AD65D80BCE 239491 ----a-w- C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\trtv3@trtv.com.xpi
2013-06-30 07:21:07 72472B9CE5D02E443CFF49A40355455D 23624 ----a-w- C:\WINDOWS\system32\drivers\hitmanpro35.sys

======== System Restore Points ========

RP28: 7/4/2013 3:19:14 PM - System Checkpoint
RP29: 7/5/2013 1:34:58 PM - Revo Uninstaller Pro's restore point - Torntv 2
RP30: 7/5/2013 1:35:32 PM - Revo Uninstaller Pro's restore point - TornTV
RP31: 7/5/2013 1:36:22 PM - Revo Uninstaller Pro's restore point - TornTV
RP32: 7/5/2013 2:45:59 PM - Removed IObit Apps Toolbar v7.2.
RP33: 7/6/2013 5:08:17 PM - System Checkpoint
RP34: 7/6/2013 8:50:54 PM - zoek.exe restore point

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-1645522239-1454471165-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
"MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE"
"Alcmtr"="ALCMTR.EXE"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"VMSnap3"="C:\WINDOWS\VMSnap3.EXE"
"Domino"="C:\WINDOWS\Domino.EXE"
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
"IObit Malware Fighter"="C:\Program Files\IObit\IObit Malware Fighter\IMF.exe /autostart"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
"MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 6]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Advanced SystemCare 6"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\IObit\\Advanced SystemCare 6\\ASCTray.exe\" /AutoStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BigDog303]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BigDog303"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Documents and Settings\\MICA\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_1F3DE4F751417FC1AA6C815FB8696022]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleChromeAutoLaunch_1F3DE4F751417FC1AA6C815FB8696022"
"hkey"="HKCU"
"command"="\"C:\\Documents and Settings\\MICA\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HitmanPro35]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HitmanPro35"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Hitman Pro 3.5\\HitmanPro35.exe\" /scan:boot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StartCCC"
"hkey"="HKLM"
"command"="C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SUPERAntiSpyware"
"hkey"="HKCU"
"command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UnlockerAssistant]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UnlockerAssistant"
"hkey"="HKLM"
"command"="C:\\Program Files\\Unlocker\\UnlockerAssistant.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
"item"="McAfee Security Scan Plus"
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk"
"backup"="C:\\WINDOWS\\pss\\McAfee Security Scan Plus.lnkCommon Startup"
"command"="C:\\PROGRA~1\\MCAFEE~1\\30D80A~1.285\\SSSCHE~1.EXE"


==== Startup Folders ======================


==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:@C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe []
C:\WINDOWS\tasks\At1.job --a------ C:\DOCUME1\MICA\APPLIC1\Funmoods\UPDATE1\UPDATE1.exe []
C:\WINDOWS\tasks\avast\Undetermined Task.exe []
C:\WINDOWS\tasks\Express FilesUpdate.job --a------ C:\Program Files\ExpressFiles\EFUpdater.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1454471165-725345543-1003Core.job --a------ [Undetermined Task]
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1454471165-725345543-1003UA.job --a------ [Undetermined Task]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default
- Undetermined - C:\Program Files\IObit Apps Toolbar\FF
- SelectionLinks - %ProfilePath%\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}
- Torntv 3 - %ProfilePath%\extensions\trtv3@trtv.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default
02C317A415A91112EDEF07AAC78AF6D5 - C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\1.3.21.149\npGoogleUpdate3.dll - Google Update
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash
ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U25
D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
3A523765D795DB006C010B915C3A840A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
42A9B216A7A288512CE2F9A6BCCE96BC - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
6B171450E38C8569DA7258FEE21E7D17 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
68A131335A20B343923A2957EB1E413D - C:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bicnnkjibmphdeigoodpjlcklcnaobdj - C:\Program Files\TornTV.com\torntv10.crx[]
fkcinonjfpebnmicldhphndmkddgiomn - C:\Program Files\OApps\chrome-sl.crx[]
hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx[]
icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx[]
mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx[]
mocblcnaofikinigmceddfghppkkjbog - C:\Documents and Settings\MICA\Application Data\PlusWinks\PlusWinks.crx[11.06.2013 18:53]
pfndaklgolladniicklehhancnlgocpp - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx[]

Select Links App - MICA - Default\Extensions\fkcinonjfpebnmicldhphndmkddgiomn
Ebay Shopping Assistant by Spigot - MICA - Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Domain Error Assistant - MICA - Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Slick Savings - MICA - Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Cool Smiley Bar for Facebook - MICA - Default\Extensions\mocblcnaofikinigmceddfghppkkjbog
Amazon Shopping Assistant by Spigot - MICA - Default\Extensions\pfndaklgolladniicklehhancnlgocpp

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
"CustomizeSearch"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"

==== EOF on sub 06.07.2013 at 20:52:21,84 ======================

Poslao: 06 Jul 2013 21:29
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:


emptyclsid;
resetIEproxy;
C:\Documents and Settings\MICA\Local Settings\Temp\Setup-D502DD2B71B5.exe;f
C:\Documents and Settings\MICA\Local Settings\Temp\DeltaTB.exe;f
C:\WINDOWS\Tasks\At*.job;f
C:\Documents and Settings\MICA\Application Data\PlusWinks;f
C:\Documents and Settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A};vs
C:\WINDOWS\Temp\Optimizer_Pro.exe;f
C:\DOCUME1\MICA\APPLIC1\Funmoods;fs
C:\Program Files\ExpressFiles\EFUpdater.exe;i
C:\Program Files\IObit Apps Toolbar;fs
FFdefaults;
chrdefaults;
iedefaults;
SelectionLinks;ff
C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061};f
Torntv 3;ff
bicnnkjibmphdeigoodpjlcklcnaobdj ;chr
C:\Program Files\TornTV.com;fs
mocblcnaofikinigmceddfghppkkjbog;chr
hbcennhacfaagdopikcegfcobcadeocj;chr
icdlfehblmklkikfigmjhbmmpmkmpooj;chr
mhkaekfpcppmmioggniknbnbdbcigpkk;chr
pfndaklgolladniicklehhancnlgocpp;chr
C:\Program Files\Common Files\Spigot;fs
ipconfig /flushdns >> %temp%\log.txt;b
resethosts;
emptyalltemp;
autoclean;


Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.

Poslao: 06 Jul 2013 21:44
Idi na vrh
offline
  • Dalibor
  • Pridružio: 03 Feb 2011
  • Poruke: 447
  • Gde živiš: Nemačka

Zoek.exe Version 4.0.0.3 Updated 05-July-2013
Tool run by MICA on sub 06.07.2013 at 21:36:44,10.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected

==== System Restore Info ======================

7/6/2013 9:36:54 PM Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== File Information Results ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\prefs.js:
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Yahoo");
user_pref("browser.search.selectedEngine", "Yahoo");
user_pref("keyword.URL", "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default

user.js not found
---- Lines SelectionLinks removed from prefs.js ----

user_pref("extensions.vfdownload.installedProduct", "selectionlinks");

---- Lines SelectionLinks modified from prefs.js ----


---- Lines Torntv 3 removed from prefs.js ----


---- Lines Torntv 3 modified from prefs.js ----


---- Lines mixidj removed from prefs.js ----

user_pref("extensions.mixidj.admin", false);
user_pref("extensions.mixidj.aflt", "babsst");
user_pref("extensions.mixidj.appId", "{A2773ED4-83BD-488A-A186-73590706C916}");
user_pref("extensions.mixidj.autoRvrt", "false");
user_pref("extensions.mixidj.dfltLng", "en");
user_pref("extensions.mixidj.excTlbr", false);
user_pref("extensions.mixidj.ffxUnstlRst", false);
user_pref("extensions.mixidj.id", "f8a970ed000000000000001d92472bc2");
user_pref("extensions.mixidj.instlDay", "15888");
user_pref("extensions.mixidj.instlRef", "sst");
user_pref("extensions.mixidj.newTab", false);
user_pref("extensions.mixidj.prdct", "mixidj");
user_pref("extensions.mixidj.prtnrId", "mixidj");
user_pref("extensions.mixidj.rvrt", "false");
user_pref("extensions.mixidj.smplGrp", "none");
user_pref("extensions.mixidj.tlbrId", "baseyh");
user_pref("extensions.mixidj.tlbrSrchUrl", "");
user_pref("extensions.mixidj.vrsn", "1.8.18.8");
user_pref("extensions.mixidj.vrsni", "1.8.18.8");
user_pref("extensions.mixidj.vrsnTs", "1.8.18.813:38:51");

---- Lines mixidj modified from prefs.js ----


---- Lines PlusWinks removed from prefs.js ----

user_pref("extensions.pluswinks@PlusWinks.id", "\"1c325ffa-28e4-8340-fdca-e8acbdd9fe54\"");
user_pref("extensions.pluswinks@PlusWinks.mzID", "63");
user_pref("extensions.pluswinks@PlusWinks.uuid", "\"b13c32ee-e60d-11e2-bd2c-0025901ef77c\"");

---- Lines PlusWinks modified from prefs.js ----

user_pref("extensions.enabledAddons", "addon%40defaulttab.com:2.0,%7B505CC4BC-9D39-4BA5-86E0-F25353D6D061%7D:1.5,pluswinks%40PlusWinks:1.0.0.3,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0");
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":1372745688312,\"rdfTime\":1368089726000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1372274251453,\"rdfTime\":1371557658000}}},{\"name\":\"app-profile\",\"addons\":{\"addon@defaulttab.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\MICA\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gv3y8h66.default\\\\extensions\\\\addon@defaulttab.com.xpi\",\"mtime\":1372938145062},\"gophoto@gophoto.it\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\MICA\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gv3y8h66.default\\\\extensions\\\\gophoto@gophoto.it.xpi\",\"mtime\":1373059900915},\"pluswinks@PlusWinks\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\MICA\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gv3y8h66.default\\\\extensions\\\\pluswinks@PlusWinks\",\"mtime\":1373095455468,\"rdfTime\":1373095455468},\"trtv3@trtv.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\MICA\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gv3y8h66.default\\\\extensions\\\\trtv3@trtv.com.xpi\",\"mtime\":1372581844000},\"{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\MICA\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gv3y8h66.default\\\\extensions\\\\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\",\"mtime\":1372938127031,\"rdfTime\":1372938126921}}}]");

---- Lines SpeedAnalysis removed from prefs.js ----

user_pref("extensions.speedanalysis02@SpeedAnalysis.com.id", "\"c63ada3c-8eb0-308a-a7ed-bc45fb5be94c\"");
user_pref("extensions.speedanalysis02@SpeedAnalysis.com.mzID", "75");

---- Lines SpeedAnalysis modified from prefs.js ----


---- Lines defaulttab removed from prefs.js ----

user_pref("extensions.defaulttab.lastUsed", 1372939968);

---- Lines defaulttab modified from prefs.js ----

user_pref("extensions.enabledAddons", "addon%40defaulttab.com:2.0,%7B505CC4BC-9D39-4BA5-86E0-F25353D6D061%7D:1.5,disabled%40disabled:1.0.0.3,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0");
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":1372745688312,\"rdfTime\":1368089726000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1372274251453,\"rdfTime\":1371557658000}}},{\"name\":\"app-profile\",\"addons\":{\"addon@defaulttab.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\MICA\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gv3y8h66.default\\\\extensions\\\\addon@defaulttab.com.xpi\",\"mtime\":1372938145062},\"gophoto@gophoto.it\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\MICA\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gv3y8h66.default\\\\extensions\\\\gophoto@gophoto.it.xpi\",\"mtime\":1373059900915},\"disabled@disabled\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\MICA\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gv3y8h66.default\\\\extensions\\\\disabled@disabled\",\"mtime\":1373095455468,\"rdfTime\":1373095455468},\"trtv3@trtv.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\MICA\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gv3y8h66.default\\\\extensions\\\\trtv3@trtv.com.xpi\",\"mtime\":1372581844000},\"{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\MICA\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gv3y8h66.default\\\\extensions\\\\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\",\"mtime\":1372938127031,\"rdfTime\":1372938126921}}}]");

---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 3);

---- Lines browser.startup.page modified from prefs.js ----


---- FireFox user.js and prefs.js backups ----

prefs_06.07.2013_2139_.backup

==== Batch Command(s) Run By Tool======================



Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


==== Deleting Files \ Folders ======================

"C:\DOCUME1\MICA\APPLIC1\Funmoods" not found
"C:\Program Files\IObit Apps Toolbar" not found
"C:\Program Files\TornTV.com" not found
"C:\Program Files\Common Files\Spigot" not found
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\pluswinks@PlusWinks" not found
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\addon@defaulttab.com.xpi" not found
"C:\Documents and Settings\MICA\Local Settings\Temp\Setup-D502DD2B71B5.exe" deleted
"C:\Documents and Settings\MICA\Local Settings\Temp\DeltaTB.exe" deleted
"C:\WINDOWS\Tasks\At1.job" deleted
"C:\WINDOWS\Temp\Optimizer_Pro.exe" deleted
"C:\Documents and Settings\MICA\Application Data\desktop.ini" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\chrome.manifest" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\install.rdf" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\install.rdf.old" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\content\.DS_Store" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\content\firefoxOverlay.xul" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\content\installid.js" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\content\overlay.js" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\content\vfdownload.js" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\content\vfdownload.js.old" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\defaults\.DS_Store" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\locale\.DS_Store" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\skin\overlay.css" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\defaults\preferences\.DS_Store" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\defaults\preferences\vfdownload.js" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\locale\en-US\.DS_Store" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\locale\en-US\._vfdownload.properties" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\locale\en-US\vfdownload.properties" deleted
"C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe" deleted
"C:\Documents and Settings\MICA\Application Data\PlusWinks" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\content" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\defaults" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\locale" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\skin" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\defaults\preferences" deleted
"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\{505CC4BC-9D39-4BA5-86E0-F25353D6D061}\locale\en-US" deleted
"C:\Program Files\MyPC Backup" deleted
"C:\Documents and Settings\MICA\Application Data\PlusWinks" deleted
"C:\Documents and Settings\MICA\Application Data\WinZipper" deleted
"C:\WINDOWS\System32\searchplugins" deleted
"C:\WINDOWS\System32\Extensions" deleted
"C:\Documents and Settings\All Users\Application Data\eSafe" not deleted

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default
- Undetermined - C:\Program Files\IObit Apps Toolbar\FF
- Torntv 3 - %ProfilePath%\extensions\trtv3@trtv.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default
02C317A415A91112EDEF07AAC78AF6D5 - C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\1.3.21.149\npGoogleUpdate3.dll - Google Update
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash
ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U25
D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
3A523765D795DB006C010B915C3A840A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
42A9B216A7A288512CE2F9A6BCCE96BC - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
6B171450E38C8569DA7258FEE21E7D17 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
68A131335A20B343923A2957EB1E413D - C:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bicnnkjibmphdeigoodpjlcklcnaobdj - C:\Program Files\TornTV.com\torntv10.crx[]
fkcinonjfpebnmicldhphndmkddgiomn - C:\Program Files\OApps\chrome-sl.crx[]
hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx[]
icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx[]
mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx[]
mocblcnaofikinigmceddfghppkkjbog - C:\Documents and Settings\MICA\Application Data\PlusWinks\PlusWinks.crx[]
pfndaklgolladniicklehhancnlgocpp - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx[]

Select Links App - MICA - Default\Extensions\fkcinonjfpebnmicldhphndmkddgiomn
Ebay Shopping Assistant by Spigot - MICA - Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Domain Error Assistant - MICA - Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Slick Savings - MICA - Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Cool Smiley Bar for Facebook - MICA - Default\Extensions\mocblcnaofikinigmceddfghppkkjbog
Amazon Shopping Assistant by Spigot - MICA - Default\Extensions\pfndaklgolladniicklehhancnlgocpp

==== Chrome Fix ======================

C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog deleted successfully
C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mocblcnaofikinigmceddfghppkkjbog_0.localstorage deleted successfully
C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mocblcnaofikinigmceddfghppkkjbog_0.localstorage-journal deleted successfully
C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully
C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully
C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully
C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully
C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fkcinonjfpebnmicldhphndmkddgiomn deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
"CustomizeSearch"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fkcinonjfpebnmicldhphndmkddgiomn deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\MICA\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\MICA\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\MICA\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\MICA\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\All Users\Application Data\eSafe" not found

==== EOF on sub 06.07.2013 at 21:42:04,12 ======================

Poslao: 06 Jul 2013 21:49
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Ponovo pokreni Zoek.exe kao sto si i do sada ali preko ove skripte:

filesrcm;
startupall;
firefoxlook;
chromelook;

Postavi mi svez zoek log na uvid.

Poslao: 06 Jul 2013 21:55
Idi na vrh
offline
  • Dalibor
  • Pridružio: 03 Feb 2011
  • Poruke: 447
  • Gde živiš: Nemačka

Zoek.exe Version 4.0.0.3 Updated 05-July-2013
Tool run by MICA on sub 06.07.2013 at 21:53:00,20.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected

==== System Restore Info ======================

7/6/2013 9:53:32 PM Zoek.exe System Restore Point Created Succesfully.

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2013-07-02 06:14:37 E9C8673674ECF840EE59ED805DBE9966 41664 ----a-w- C:\WINDOWS\avastSS.scr
2013-06-26 18:34:54 E45B115037C5CB7D880236862EB7C704 49152 ----a-w- C:\WINDOWS\Domino.exe
2013-06-26 18:34:54 98FF556821502AC055717E732B98FD33 49152 ----a-w- C:\WINDOWS\vmsnap3.exe
2013-06-26 18:34:54 7FF8DC09DC3C0DAEBE545F10702E8506 176128 ----a-w- C:\WINDOWS\amcap.exe
2013-06-26 18:34:54 61FFA98CDAB4CC612F585DF2DE6993E2 102400 ----a-w- C:\WINDOWS\VM303Cap.exe
2013-06-26 17:58:12 53D7F47255085310F50604FDE3076F97 4161 ----a-w- C:\WINDOWS\ODBCINST.INI
2013-06-26 17:57:55 F4DFD83153E8C9088AE2DB704107060D 15360 ----a-w- C:\WINDOWS\TASKMAN.EXE
2013-06-26 17:57:54 5E28284F9B5F9097640D58A73D38AD4C 69120 ----a-w- C:\WINDOWS\notepad.exe
2013-06-26 16:49:17 224A97EA5029845D2F5D1A6D85BBC798 32866 ------w- C:\WINDOWS\slrundll.exe
2013-06-26 16:32:12 F04D09C1405C84AC90D8643C22845D2E 11557 ----a-r- C:\WINDOWS\atiogl.xml
2013-06-26 16:27:14 1AFA1CBBB859A9F335FEC2F8CF3D5D0B 1826816 ------r- C:\WINDOWS\SkyTel.exe
2013-06-26 16:27:14 0D034E8C4F88C5B2B0C1AF3CF438CC4F 86016 ------r- C:\WINDOWS\SoundMan.exe
2013-06-26 16:27:13 964771A8E668CE64708ABE8B95BF5FD2 1191936 ------r- C:\WINDOWS\RtlUpd.exe
2013-06-26 16:27:11 C1E3CF28AAA41F1F1E3AA9D110D9447C 9715200 ------r- C:\WINDOWS\RTLCPL.exe
2013-06-26 16:27:06 03E3D8A81FCC50ECFBD6C8F22AC0B0C7 16384512 ------r- C:\WINDOWS\RTHDCPL.exe
2013-06-26 16:27:05 9E1CADE5FDD67B40A8610BE9CB2B882C 2165760 ------r- C:\WINDOWS\MicCal.exe
2013-06-26 16:27:02 8B4CBBA1EA526830C7F97E7822E2493A 69632 ------r- C:\WINDOWS\Alcmtr.exe
2013-06-26 16:26:59 EC05E964058693D1F71D1B5506B5CF09 2808832 ------r- C:\WINDOWS\alcwzrd.exe
2013-06-26 16:26:49 2D65F8DB74C36819896CF809E4375F0A 315392 ----a-w- C:\WINDOWS\HideWin.exe
2013-06-26 16:26:48 C9D1D65169A08D20AEC8FF318E1C2DDE 520192 ------r- C:\WINDOWS\RtlExUpd.dll
2013-06-26 16:17:19 5253F5C515AEC43EC62ECE703FB69A71 32260 ----a-w- C:\WINDOWS\SchedLgU.Txt
2013-06-26 16:16:59 F3766B53561B1BA61254D93EEF18132A 8192 ----a-w- C:\WINDOWS\REGLOCS.OLD
2013-06-26 16:16:09 6A2CB42966136854F4464516FBB4AE72 2048 --s-a-w- C:\WINDOWS\bootstat.dat
2013-06-26 16:14:02 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\control.ini
2013-06-26 16:13:59 DC17DD0189B0C36D863B4DD0A036C10F 316640 ----a-w- C:\WINDOWS\WMSysPr9.prx
2013-06-26 16:13:04 5A5CFF37F1BD0F86B9BDAAD7A9445882 749 ---ha-r- C:\WINDOWS\WindowsShell.Manifest
2013-06-26 16:12:26 81051BCC2CF1BEDF378224B0A93E2877 2 ----a-w- C:\WINDOWS\desktop.ini
2013-06-26 16:12:26 2F3CDC1D898FD25B2547F5BFEB01FD0D 48680 --sh--w- C:\WINDOWS\winnt256.bmp
2013-06-26 16:12:26 2F3CDC1D898FD25B2547F5BFEB01FD0D 48680 --sh--w- C:\WINDOWS\winnt.bmp
2013-06-26 16:10:58 6C2F0BA210C2B53EF07653ABAC6C2490 37 ----a-w- C:\WINDOWS\vbaddin.ini
2013-06-26 16:10:58 487403459F0B2F1A3ADEEF02496BD80E 36 ----a-w- C:\WINDOWS\vb.ini
2013-06-26 16:10:26 EB3BFC14E41FBAA41B4FD4489AA82D39 65832 ----a-w- C:\WINDOWS\Santa Fe Stucco.bmp
2013-06-26 16:10:26 927A66BD587E31CB12D3AB25381658DC 17362 ----a-w- C:\WINDOWS\Rhododendron.bmp
2013-06-26 16:10:26 73D70ED3EC3BBFD8FD35DF431C38F374 17062 ----a-w- C:\WINDOWS\Coffee Bean.bmp
2013-06-26 16:10:26 5B4AC407E566076BB726BA91E067D313 26680 ----a-w- C:\WINDOWS\River Sumida.bmp
2013-06-26 16:10:26 5290EA6951F4724259F423B12C8E1393 9522 ----a-w- C:\WINDOWS\Zapotec.bmp
2013-06-26 16:10:26 3A8B85AB7B415BF3F8AFE285DFE0CE29 16730 ----a-w- C:\WINDOWS\FeatherTexture.bmp
2013-06-26 16:10:26 280920B6773C74C3649A934257112BE1 65954 ----a-w- C:\WINDOWS\Prairie Wind.bmp
2013-06-26 16:10:26 203EF178BF8B0A8EC34E27E4DEDB6349 17336 ----a-w- C:\WINDOWS\Gone Fishing.bmp
2013-06-26 16:10:26 1AC5E83598D4F2143B59A2D893C3279A 26582 ----a-w- C:\WINDOWS\Greenstone.bmp
2013-06-26 16:10:25 DAC71A10A6A71CB6E3F427AE3283734B 1272 ----a-w- C:\WINDOWS\Blue Lace 16.bmp
2013-06-26 16:10:25 39F43DBCE366B2561DF073B4C0839299 65978 ----a-w- C:\WINDOWS\Soap Bubbles.bmp
====== C:\DOCUME~1\MICA\LOCALS~1\Temp ====
====== C:\WINDOWS\system32 =====
2013-07-05 12:44:52 C2A03905AE2DADE0FA91FF0C26A6421C 21728 ----a-w- C:\WINDOWS\System32\wucltui.dll.mui
2013-07-05 12:44:52 8B62DC7855287089DBE9AB25CFB50431 17632 ----a-w- C:\WINDOWS\System32\wuaueng.dll.mui
2013-07-05 12:44:52 5BD1234E11B39C63BBA87022AF6D43C2 44768 ----a-w- C:\WINDOWS\System32\wups2.dll
2013-07-05 12:44:51 B63D7016211F2323BB5B4FF1F8CB1CF6 15072 ----a-w- C:\WINDOWS\System32\wuaucpl.cpl.mui
2013-07-05 12:44:51 52CF3B23095C47043FC060D9F1A74D2E 15064 ----a-w- C:\WINDOWS\System32\wuapi.dll.mui
2013-07-05 12:40:57 3C30C649895A8F02F46DBC72805AAC70 23360 ----a-w- C:\WINDOWS\System32\RegistryDefragBootTime.exe
2013-07-04 11:45:04 FBE5C2BDED0E85F6F0E68D1D6F2521DF 3649536 ----a-w- C:\WINDOWS\System32\x264vfw.dll
2013-07-04 11:45:04 FA425C74CE2EB719B2A77A7A2ADDAE32 216064 ----a-w- C:\WINDOWS\System32\lagarith.dll
2013-07-04 11:45:04 671FEF5266B8AA14C0B69B38C24BD8BD 415 ----a-w- C:\WINDOWS\System32\lame_acm.xml
2013-07-04 11:45:04 22722B4E887BB95AB071542DE5A42C80 839680 ----a-w- C:\WINDOWS\System32\lameACM.acm
2013-07-04 11:45:03 C26B7B8CA40C627B9DE399F9F8FACC69 650752 ----a-w- C:\WINDOWS\System32\xvidcore.dll
2013-07-04 11:45:03 56552C7C36B6237704CE3BA9DF49FECF 243200 ----a-w- C:\WINDOWS\System32\xvidvfw.dll
2013-07-04 11:45:02 60FEE6F524865950EF0A40D49F969320 178688 ----a-w- C:\WINDOWS\System32\unrar.dll
2013-07-04 11:45:02 006C6378513685ACDFFA84A5ECB86F76 151552 ----a-w- C:\WINDOWS\System32\ac3acm.acm
2013-07-04 11:44:57 DED4C49C39D6CEFC00FDA0C4D7D59407 714 ----a-w- C:\WINDOWS\System32\ff_vfw.dll.manifest
2013-07-04 11:44:57 5BF12FCC4091CD3F6E4AD0FC3DD038BC 112640 ----a-w- C:\WINDOWS\System32\ff_vfw.dll
2013-07-03 06:56:55 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\WINDOWS\System32\bootdelete.exe
2013-07-02 06:14:57 CFE4114B963AB0AB22F6EBEF89564194 229648 ----a-w- C:\WINDOWS\System32\aswBoot.exe
2013-06-29 07:00:01 C32579D70515B47F7C5FB01D54129419 5632 ----a-w- C:\WINDOWS\System32\ptpusb.dll
2013-06-29 07:00:00 AD6390536EEC15B53A3CFFBF2A7B8467 159232 ----a-w- C:\WINDOWS\System32\ptpusd.dll
2013-06-26 20:08:42 EFF71E68DD8F9DC0BBD89CD83153C336 221215 ------w- C:\WINDOWS\System32\Divxdec.ax
2013-06-26 20:01:26 C6A44FC3CF2F5801561804272217B14D 1892184 ----a-w- C:\WINDOWS\System32\D3DX9_42.dll
2013-06-26 20:01:26 797E24743937D67D69F28F2CF5052EE8 2414360 ----a-w- C:\WINDOWS\System32\d3dx9_31.dll
2013-06-26 20:00:03 DFC64F80CBC171FB0631E7F15D79C998 436720 ------w- C:\WINDOWS\System32\pxwave.dll
2013-06-26 20:00:03 B36F01A58631341310C6D4116F2EDF5F 66032 ------w- C:\WINDOWS\System32\pxinsa64.exe
2013-06-26 20:00:03 B248A451721CF86A6CDBA18B379EC80C 551408 ------w- C:\WINDOWS\System32\pxdrv.dll
2013-06-26 20:00:03 9555982C980B760398C09EEFAE6FCF01 129520 ------w- C:\WINDOWS\System32\pxafs.dll
2013-06-26 20:00:03 5420BAFE4BEFBC64452DEE6AF8782A20 1858032 ------w- C:\WINDOWS\System32\pxsfs.dll
2013-06-26 20:00:03 51598A4CD5BFC25C8D4FB1A740A43583 72176 ------w- C:\WINDOWS\System32\pxhpinst.exe
2013-06-26 20:00:03 23C98662461CA549487676E3E4E16C4F 96752 ------w- C:\WINDOWS\System32\vxblock.dll
2013-06-26 20:00:03 09132A1DA77EF78D06421C871B3B92C5 66544 ------w- C:\WINDOWS\System32\pxcpya64.exe
2013-06-26 20:00:02 D4BFF8B48CD9A212B45C425F2A1C9B77 219632 ------w- C:\WINDOWS\System32\pxmas.dll
2013-06-26 20:00:02 174D2EB772E843B6175EED45D8FA11E7 670192 ------w- C:\WINDOWS\System32\px.dll
2013-06-26 19:57:51 C5B41140DBDA488A02E8D33B5FF95686 221184 ----a-w- C:\WINDOWS\System32\wmpns.dll
2013-06-26 18:37:47 A4001C78F2806662B3BD91ACB44E6330 45 ----a-w- C:\WINDOWS\System32\initdebug.nfo
2013-06-26 18:35:32 7366AF0CA5F98A7653851FC2C1D05B0D 16384 ----a-w- C:\WINDOWS\System32\ipsink.ax
2013-06-26 18:35:01 E2A57AC21705D3A05BB89BE201FA5C0C 53760 ----a-w- C:\WINDOWS\System32\vfwwdm32.dll
2013-06-26 18:35:01 C9EF69B25DFA1C0E7932CB02FB8A7E91 91136 ----a-w- C:\WINDOWS\System32\kswdmcap.ax
2013-06-26 18:35:01 264C642770CB6269A67AC8E0ED74419F 61952 ----a-w- C:\WINDOWS\System32\kstvtune.ax
2013-06-26 18:34:59 D5C3D43D0616FF699DB771928AC0E2CD 43008 ----a-w- C:\WINDOWS\System32\ksxbar.ax
2013-06-26 18:34:54 F5BC425947241F67162EBC44D908A085 258188 ----a-w- C:\WINDOWS\System32\VM303Prp.Ax
2013-06-26 18:34:54 8E73B6095502B16D1E3139BB77A9E7C7 40960 ----a-w- C:\WINDOWS\System32\setupfilter.exe
2013-06-26 18:34:54 76949B35005073B3843C1278CB3F97F0 81920 ----a-w- C:\WINDOWS\System32\VM303STI.dll
2013-06-26 18:22:22 F4EEFAA7FE643E45A15C678DA0EFB0AB 71048 ----a-w- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
2013-06-26 18:22:22 9229CC932F2F1C5BC384006C969B00A5 692104 ----a-w- C:\WINDOWS\System32\FlashPlayerApp.exe
2013-06-26 18:19:22 1D9B3568CFDB55316985A053D6D96030 94632 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll
2013-06-26 17:59:11 C2D7189CDD37453234A9BBCB58E50883 74240 ----a-w- C:\WINDOWS\System32\usbui.dll
2013-06-26 17:58:12 AE72389D80DC216AA6368C2D75B61047 458340 ----a-w- C:\WINDOWS\System32\PerfStringBackup.INI
2013-06-26 17:58:08 35448F3A71EBBECF8E997FAD3A99327D 66082 ----a-w- C:\WINDOWS\System32\c_28603.nls
2013-06-26 17:58:06 EFFDFF60A38CF648811BBCDD722ECF5E 66082 ----a-w- C:\WINDOWS\System32\c_10081.nls
2013-06-26 17:58:06 C37A21EE1ADFDC13FC707D97073148ED 66082 ----a-w- C:\WINDOWS\System32\c_28599.nls
2013-06-26 17:58:06 A8764750B22B528D85A691A52CB21856 66594 ----a-w- C:\WINDOWS\System32\c_857.nls
2013-06-26 17:58:06 712A218557F99D136735E0545E5AE223 5632 ----a-r- C:\WINDOWS\System32\kbdazel.dll
2013-06-26 17:58:06 5D569F2951F878EF01D7723DC08682E9 6144 ----a-r- C:\WINDOWS\System32\kbdtuq.dll
2013-06-26 17:58:06 188E56B70419D8353B8D4F3E381D9E52 6144 ----a-r- C:\WINDOWS\System32\kbdtuf.dll
2013-06-26 17:58:05 FA30D45301EE66C33C0BF0F053DD9268 5632 ----a-r- C:\WINDOWS\System32\kbdkyr.dll
2013-06-26 17:58:05 F2D1EEF5ADCD5995C015AB3CB15C9415 5632 ----a-r- C:\WINDOWS\System32\kbdtat.dll
2013-06-26 17:58:05 95D9106D39AB410A7F7EE513F181F84C 5632 ----a-r- C:\WINDOWS\System32\kbdkaz.dll
2013-06-26 17:58:05 4F9CFFBF05831BB81833FC64A5329C36 5632 ----a-r- C:\WINDOWS\System32\kbduzb.dll
2013-06-26 17:58:05 29F119AD63CE42E616E35792DB01A4E0 5632 ----a-r- C:\WINDOWS\System32\kbdmon.dll
2013-06-26 17:58:05 0304318F189E3CC4A99FCCCB0A68147F 5632 ----a-r- C:\WINDOWS\System32\kbdaze.dll
2013-06-26 17:58:04 E5D4673C83271FEEE1ED73E1E281A42B 5632 ----a-r- C:\WINDOWS\System32\kbdycc.dll
2013-06-26 17:58:04 E22D1B9AC7854C0A654E4C4232074E49 66082 ----a-w- C:\WINDOWS\System32\C_28595.NLS
2013-06-26 17:58:04 C6F23BC1411E91C179B0635893BB40A1 5632 ----a-r- C:\WINDOWS\System32\kbdru.dll
2013-06-26 17:58:04 B6E962B7AC1CB4A78876953D369BE6DD 5632 ----a-r- C:\WINDOWS\System32\kbdru1.dll
2013-06-26 17:58:04 AF4A866226BD04ACF06135088D75BB63 66082 ----a-w- C:\WINDOWS\System32\c_10007.nls
2013-06-26 17:58:04 A1FA7A83F9D98D84419A8E64286284F4 5632 ----a-r- C:\WINDOWS\System32\kbdblr.dll
2013-06-26 17:58:04 3DDE3DC57C54452A313DC20F3019F8E3 5632 ----a-r- C:\WINDOWS\System32\kbdur.dll
2013-06-26 17:58:04 314E85390BEBDAE5D1E11DB2D8CBC6E9 66082 ----a-w- C:\WINDOWS\System32\c_10017.nls
2013-06-26 17:58:04 1DF6E4758611E1328567BFE4D1B28E27 5632 ----a-r- C:\WINDOWS\System32\kbdbu.dll
2013-06-26 17:58:03 F2312B8A76FD584ACD1D956688BEB6F8 6656 ----a-r- C:\WINDOWS\System32\kbdhela3.dll
2013-06-26 17:58:03 D26533FDF72381947F823882BBA4A196 6144 ----a-r- C:\WINDOWS\System32\kbdhela2.dll
2013-06-26 17:58:03 B537ACFAB9E70F0EF48DB696A08ADC81 66082 ----a-w- C:\WINDOWS\System32\C_28597.NLS
2013-06-26 17:58:03 AC81A176BA35D1D7A5CD53137F3160FE 5632 ----a-r- C:\WINDOWS\System32\kbdhe319.dll
2013-06-26 17:58:03 A93447C87DDB6B1945F1F5F87EAB68DC 6144 ----a-r- C:\WINDOWS\System32\kbdgkl.dll
2013-06-26 17:58:03 90CC52E8B52F0EC3A41D14FFBE789324 8192 ----a-r- C:\WINDOWS\System32\kbdhept.dll
2013-06-26 17:58:03 8BE0D77A873730B4EB1DAB7C6622CD46 66082 ----a-w- C:\WINDOWS\System32\c_875.nls
2013-06-26 17:58:03 83C99B438B3D6DBE7B838DA783E173AC 5632 ----a-r- C:\WINDOWS\System32\kbdhe.dll
2013-06-26 17:58:03 780C444EB16B65E6DE96F794A732DA12 66594 ----a-w- C:\WINDOWS\System32\c_869.nls
2013-06-26 17:58:03 1E81E1F3D5ACB3371CF73C1DE8F800BF 5632 ----a-r- C:\WINDOWS\System32\kbdhe220.dll
2013-06-26 17:58:03 0A206B5CACD3CA70D2044DA691304765 66082 ----a-w- C:\WINDOWS\System32\c_10006.nls
2013-06-26 17:58:02 BAC7072B365F9648CA318154BA7E03EC 66594 ----a-w- C:\WINDOWS\System32\c_737.nls
2013-06-26 17:58:01 F5B3B152A1D2752BC88928EB1E031B7E 5632 ----a-r- C:\WINDOWS\System32\kbdlt.dll
2013-06-26 17:58:01 C047165ED75FF85DB5A89EFEE3DA1133 6144 ----a-r- C:\WINDOWS\System32\kbdlv.dll
2013-06-26 17:58:01 BBB6C3346064C6AECEE6AD9F144B1AEA 6144 ----a-r- C:\WINDOWS\System32\kbdest.dll
2013-06-26 17:58:01 AF05A41DBD1B0424B5CB47092152C7F6 5632 ----a-r- C:\WINDOWS\System32\kbdlt1.dll
2013-06-26 17:58:01 5D038EEABA8EA438F6B5ABD5E91BC851 66082 ----a-w- C:\WINDOWS\System32\C_28594.NLS
2013-06-26 17:58:01 5CD475CA7B87844DE1E0483B536F9AAE 66594 ----a-w- C:\WINDOWS\System32\c_866.nls
2013-06-26 17:58:01 3E969213F35127D83DAB48FF1283E8E4 66594 ----a-w- C:\WINDOWS\System32\c_855.nls
2013-06-26 17:58:01 27D72BCF2B495FCDA073DBA5F189D7A1 6144 ----a-r- C:\WINDOWS\System32\kbdlv1.dll
2013-06-26 17:58:00 F3D1EEC756847C70E65335E8CA1AE64B 5632 ----a-r- C:\WINDOWS\System32\kbdhu1.dll
2013-06-26 17:58:00 DCCE231E5BDF1401AC0F770EE16902AA 6656 ----a-r- C:\WINDOWS\System32\kbdsl.dll
2013-06-26 17:58:00 D199B05901C2407FC0F87444A24A4F3C 6656 ----a-r- C:\WINDOWS\System32\kbdpl.dll
2013-06-26 17:58:00 C2E62748C875A310A6D5B10498238A68 5632 ----a-r- C:\WINDOWS\System32\kbdro.dll
2013-06-26 17:58:00 93033C3EA80FB24B198B24DDECA07D4A 6656 ----a-r- C:\WINDOWS\System32\kbdsl1.dll
2013-06-26 17:58:00 897663C8606357A8E86E57CDEA8EE219 5632 ----a-r- C:\WINDOWS\System32\kbdpl1.dll
2013-06-26 17:57:59 D2CA471D36A69D17F82D5C1B64FAEE39 66082 ----a-w- C:\WINDOWS\System32\c_10029.nls
2013-06-26 17:57:59 CF92D95B5CB6649CB9D7E8D7616487A7 6656 ----a-r- C:\WINDOWS\System32\kbdhu.dll
2013-06-26 17:57:59 AFA30A44ED11A5F9A059A2767AB6A81A 6656 ----a-r- C:\WINDOWS\System32\kbdcz1.dll
2013-06-26 17:57:59 9CA501D2A8E6909C5B2E8C9274682BF1 66082 ----a-w- C:\WINDOWS\System32\c_10082.nls
2013-06-26 17:57:59 90535C13EB54E1F2C95478F1B99DCCEB 6656 ----a-r- C:\WINDOWS\System32\kbdcz2.dll
2013-06-26 17:57:59 6F8A509550FE8C92D07EE0143BF29BA1 66082 ----a-w- C:\WINDOWS\System32\c_10010.nls
2013-06-26 17:57:59 615DDBB5CBBAE8301C1E7FA95F1E66A3 6656 ----a-r- C:\WINDOWS\System32\KBDAL.DLL
2013-06-26 17:57:59 5B46568257EE49714564511D58E0DE53 6656 ----a-r- C:\WINDOWS\System32\kbdcr.dll
2013-06-26 17:57:59 552221E92D6BF55F8358B927F00696C3 6656 ----a-r- C:\WINDOWS\System32\kbdycl.dll
2013-06-26 17:57:59 36E68E02AF2206FC4A8C73CAEABE1FB0 7168 ----a-r- C:\WINDOWS\System32\kbdcz.dll
2013-06-26 17:57:59 21E928C8E6ED8EEAB0D1AAEE82ACDD76 66594 ----a-w- C:\WINDOWS\System32\c_852.nls
2013-06-26 17:57:58 6CB26848BCDAA361B6EE21264FB362C3 66082 ----a-w- C:\WINDOWS\System32\c_20127.nls
2013-06-26 17:57:57 FACEF4325FE4795647149DEC6FF728C7 13312 ----a-w- C:\WINDOWS\System32\irclass.dll
2013-06-26 17:57:57 5726CB81771655731D011ABD878CB65D 103424 ----a-w- C:\WINDOWS\System32\EqnClass.Dll
2013-06-26 17:57:57 1E8F9818D695F8759B125EE146BEB935 176157 ----a-w- C:\WINDOWS\System32\dgrpsetu.dll
2013-06-26 17:57:57 1C3C9B5B42A50D2D86CAF2EC05D34B3C 24661 ----a-w- C:\WINDOWS\System32\spxcoins.dll
2013-06-26 17:57:57 060110976C713D49CEFEE9A7291CE9D7 85020 ----a-w- C:\WINDOWS\System32\dgsetup.dll
2013-06-26 17:57:55 A956751EF995DF776F19831123868A83 8704 ----a-w- C:\WINDOWS\System32\batt.dll
2013-06-26 17:57:55 30475F091008E24550523515A023270D 1688 ----a-w- C:\WINDOWS\System32\AUTOEXEC.NT
2013-06-26 17:57:54 3FE791B7714A592B17C4DD8C24B382AF 74752 ----a-w- C:\WINDOWS\System32\storprop.dll
2013-06-26 17:57:10 A884287E63B1ECD756FDECFA81F6EEA1 93480 ----a-w- C:\WINDOWS\System32\FNTCACHE.DAT
2013-06-26 17:56:12 CBCB5D8671AA0EC4ECC820685B89D12E 261 ----a-w- C:\WINDOWS\System32\$winnt$.inf
2013-06-26 16:49:32 93E3D65953C59685ED1D823949C08722 1306624 ------w- C:\WINDOWS\System32\msxml6.dll
2013-06-26 16:49:32 89AFA12F6A1AD5837377E0B01C11E40E 79872 ------w- C:\WINDOWS\System32\msxml6r.dll
2013-06-26 16:49:22 F22ED2CD5E26514C6E8D21B5DA4572A3 10752 ------w- C:\WINDOWS\System32\smtpapi.dll
2013-06-26 16:49:22 5D55DEFB3AB92BC43C4DFD06935FA0F1 9728 ------w- C:\WINDOWS\System32\rwnh.dll
2013-06-26 16:49:22 5B431DCAC4A76276CEB8A1AB0C1C11F2 9728 ------w- C:\WINDOWS\System32\comsdupd.exe
2013-06-26 16:49:21 B0C23B6813A9FCBAE18370247BE594CE 136192 ------w- C:\WINDOWS\System32\aaclient.dll
2013-06-26 16:49:21 994F947386C9A17BBA19569DC3A92B2C 32768 ------w- C:\WINDOWS\System32\ativtmxx.dll
2013-06-26 16:49:21 96FF2C80DC7962D1B5016B85558109B4 9728 ------w- C:\WINDOWS\System32\ativdaxx.ax
2013-06-26 16:49:21 481A805B5ABC92363CF901CFCF1EE68D 23040 ------w- C:\WINDOWS\System32\ativmvxx.ax
2013-06-26 16:49:21 2C15B4A5E8AB5BB8CFBEB375750AC05C 377984 ------w- C:\WINDOWS\System32\ati2dvaa.dll
2013-06-26 16:49:21 1B874ADE4C19D65D6557527189B8A968 870784 ------w- C:\WINDOWS\System32\ati3d1ag.dll
2013-06-26 16:49:20 F69189EB97B118B690ACCA93760AD738 39936 ------w- C:\WINDOWS\System32\dot3gpclnt.dll
2013-06-26 16:49:20 F21A712EB2B656CD86FCC057446F9C34 650752 ------w- C:\WINDOWS\System32\dot3ui.dll
2013-06-26 16:49:20 EA39DA293C8BBAA0F89419BA64734CC7 56320 ------w- C:\WINDOWS\System32\dot3msm.dll
2013-06-26 16:49:20 E85FD6ABA80BD637AA2AA9D93308D355 57856 ------w- C:\WINDOWS\System32\dot3cfg.dll
2013-06-26 16:49:20 E6EF7BC927D9F8F9BA1584BFC39E0C6F 30720 ------w- C:\WINDOWS\System32\eapolqec.dll
2013-06-26 16:49:20 E2092F0A1D7ABC243F9C2362483D150D 19456 ------w- C:\WINDOWS\System32\dimsntfy.dll
2013-06-26 16:49:20 ABC4206543450C0666D152F4B65833B8 40960 ------w- C:\WINDOWS\System32\eappprxy.dll
2013-06-26 16:49:20 97AE3A4180CAB360F44F7F03E5E0F409 7168 ------w- C:\WINDOWS\System32\bitsprx4.dll
2013-06-26 16:49:20 8E2CC37BA87D8F681066E0E9C8A19F73 26112 ------w- C:\WINDOWS\System32\dot3api.dll
2013-06-26 16:49:20 8E20D83D04076A3682706A2BE1BBA80E 12800 ------w- C:\WINDOWS\System32\credssp.dll
2013-06-26 16:49:20 7954A8B0657676E947403F0AC0F21755 184832 ------w- C:\WINDOWS\System32\eapp3hst.dll
2013-06-26 16:49:20 5DB625E7D095604010CF84DE2D8ACFA6 126976 ------w- C:\WINDOWS\System32\eappcfg.dll
2013-06-26 16:49:20 5B6EDB1DD780D8256CB301E58B4BC690 32285 ------w- C:\WINDOWS\System32\hsfcisp2.dll
2013-06-26 16:49:20 5B6245518D71A6108BC385C4A8348218 233472 ------w- C:\WINDOWS\System32\azroles.dll
2013-06-26 16:49:20 4E8F3230BAC8C1CAADF01A8C728E1C5C 9216 ------w- C:\WINDOWS\System32\dot3dlg.dll
2013-06-26 16:49:20 3B06CDD1A41618944A906589C052F2B3 59392 ------w- C:\WINDOWS\System32\eapqec.dll
2013-06-26 16:49:20 395FD41D69C1AB8CE91FEABD2168097E 94208 ------w- C:\WINDOWS\System32\eappgnui.dll
2013-06-26 16:49:20 2187855A7703ADEF0CEF9EE4285182CC 33792 ------w- C:\WINDOWS\System32\eapsvc.dll
2013-06-26 16:49:20 11F4A22796CB652BD574D8CB03B9874C 39936 ------w- C:\WINDOWS\System32\dimsroam.dll
2013-06-26 16:49:20 11A9E0581F6441876FFBF331D294C10A 48640 ------w- C:\WINDOWS\System32\dhcpqec.dll
2013-06-26 16:49:20 0F0F6E687E5E15579EF4DA8DD6945814 132096 ------w- C:\WINDOWS\System32\dot3svc.dll
2013-06-26 16:49:20 0BCB0EBC1B08FA384EC68F253C7253EF 180224 ------w- C:\WINDOWS\System32\eapphost.dll
2013-06-26 16:49:19 F7BBAA9485F04E46A053E147CDFAD079 155136 ------w- C:\WINDOWS\System32\mssha.dll
2013-06-26 16:49:19 F0874563D668EEC633AC52F8B6167ACD 6144 ------w- C:\WINDOWS\System32\kbdbhc.dll
2013-06-26 16:49:19 A445F7BE8100EFB90161E4868A643E34 6144 ------w- C:\WINDOWS\System32\kbdnepr.dll
2013-06-26 16:49:19 9FE65E81B4C27D967DB6646271AB242F 6144 ------w- C:\WINDOWS\System32\kbdpash.dll
2013-06-26 16:49:19 9AF037DF48AE21B6E30177DFE1481C45 86016 ------w- C:\WINDOWS\System32\mdmxsdk.dll
2013-06-26 16:49:19 9A425D4F1C1ED0DA1A35B25DE5632378 184320 ------w- C:\WINDOWS\System32\microsoft.managementconsole.dll
2013-06-26 16:49:19 8878BD685E490239777BFE51320B88E9 61440 ------w- C:\WINDOWS\System32\kmsvc.dll
2013-06-26 16:49:19 87906187B3AF89582380D156DA601F68 30208 ------w- C:\WINDOWS\System32\napipsec.dll
2013-06-26 16:49:19 82FDD74B54E27D9BB2A486B1181EC7A9 6144 ------w- C:\WINDOWS\System32\kbdiultn.dll
2013-06-26 16:49:19 568B07313D95BD82BF7C9089FBAB1118 76800 ------w- C:\WINDOWS\System32\msshavmsg.dll
2013-06-26 16:49:19 5099188F965E8C3DA76281E9CBCB0E7F 193024 ------w- C:\WINDOWS\System32\napmontr.dll
2013-06-26 16:49:19 4BD42056A26567FF609902DC2840BFEC 106496 ------w- C:\WINDOWS\System32\mmcfxcommon.dll
2013-06-26 16:49:19 3F8C2784BD466834FA87F973D0FBB120 33792 ------w- C:\WINDOWS\System32\mmcperf.exe
2013-06-26 16:49:19 3EF3363283E118A9F460E31BB17A702A 1737856 ------w- C:\WINDOWS\System32\mtxparhd.dll
2013-06-26 16:49:19 3AF52290B3C5F21E25F1C582A60CEBF2 176640 ------w- C:\WINDOWS\System32\napstat.exe
2013-06-26 16:49:19 3879D931FBB110292A16C8A3A11D7ED4 37376 ------w- C:\WINDOWS\System32\l2gpstore.dll
2013-06-26 16:49:19 308EC3363A4784EDF02100D597111F2D 397312 ------w- C:\WINDOWS\System32\mmcex.dll
2013-06-26 16:49:18 FB8E05CEDB3EF65C80FEBD2698C80998 150528 ------w- C:\WINDOWS\System32\qagent.dll
2013-06-26 16:49:18 F41358AD08C811F6B28FBC45600D1F49 286792 ------w- C:\WINDOWS\System32\slextspk.dll
2013-06-26 16:49:18 EF3EC9DCFEECE43A1F69C8A95505E47A 276992 ------w- C:\WINDOWS\System32\wmphoto.dll
2013-06-26 16:49:18 EB2D2E05E471208CD651DDCDF77904BF 346112 ------w- C:\WINDOWS\System32\windowscodecsext.dll
2013-06-26 16:49:18 E23C2933A53B4459482E84BB56D24681 50688 ------w- C:\WINDOWS\System32\tspkg.dll
2013-06-26 16:49:18 D8DBD3FF60BDAC98ACD115F8F0A3B161 73832 ------w- C:\WINDOWS\System32\slcoinst.dll
2013-06-26 16:49:18 CA04959077AFE36369D37B3504740C87 144384 ------w- C:\WINDOWS\System32\onex.dll
2013-06-26 16:49:18 BA71647BD0BF68A3A127E061FA816E9B 412160 ------w- C:\WINDOWS\System32\photometadatahandler.dll
2013-06-26 16:49:18 B726ACE88025433615F2918B0FD07F9C 32768 ------w- C:\WINDOWS\System32\setupn.exe
2013-06-26 16:49:18 A655C88AA555BB8EF8957BD29408827F 61952 ------w- C:\WINDOWS\System32\rasqec.dll
2013-06-26 16:49:18 9EEFE69139FDBB4A3C327630F8EB993A 69120 ------w- C:\WINDOWS\System32\wlanapi.dll
2013-06-26 16:49:18 94BA90C6AF5C50FF5F7A6392514C4642 28672 ----a-w- C:\WINDOWS\System32\vidcap.ax
2013-06-26 16:49:18 91790D6749EBED90E2C40479C0A91879 28672 ------w- C:\WINDOWS\System32\verclsid.exe
2013-06-26 16:49:18 8AE93AACC648921BAACB8602991AC4B3 76800 ------w- C:\WINDOWS\System32\qutil.dll
2013-06-26 16:49:18 66C217ADC165BE397788EBC24BF21D2C 4274816 ------w- C:\WINDOWS\System32\nv4_disp.dll
2013-06-26 16:49:18 5F63E2B2A72E1E6448123E0920D31530 712704 ------w- C:\WINDOWS\System32\windowscodecs.dll
2013-06-26 16:49:18 492D127C533F328380F0BD1C2C59B44B 62464 ------w- C:\WINDOWS\System32\qcliprov.dll
2013-06-26 16:49:18 28D9646A6B8DE72980B683AF06D9D981 290304 ------w- C:\WINDOWS\System32\rhttpaa.dll
2013-06-26 16:49:18 224A97EA5029845D2F5D1A6D85BBC798 32866 ------w- C:\WINDOWS\System32\slrundll.exe
2013-06-26 16:49:18 2248F303CCFF449FC5DEA712C92D4B2E 60416 ------w- C:\WINDOWS\System32\tzchange.exe
2013-06-26 16:49:18 1396F781364754123E5180074FC3CB85 53248 ------w- C:\WINDOWS\System32\tsgqec.dll
2013-06-26 16:49:18 1144070C67CC7F3E673EBB124F1B06AA 397056 ------w- C:\WINDOWS\System32\s3gnb.dll
2013-06-26 16:49:18 10485BD94D0C8B0C9DE0A4A05D19EBA0 188508 ------w- C:\WINDOWS\System32\slgen.dll
2013-06-26 16:49:18 054177EFA4EA208003DD88637B02BA2B 73796 ------w- C:\WINDOWS\System32\slserv.exe
2013-06-26 16:49:18 0102140028FAD045756796E1C685D695 291328 ------w- C:\WINDOWS\System32\qagentrt.dll
2013-06-26 16:49:17 BEA4AEE74FEF171EB61DE1BAD8FAF427 121856 ------w- C:\WINDOWS\System32\xmllite.dll
2013-06-26 16:49:17 1B3B381E1AAB46F7B321A46150D890CB 689152 ------w- C:\WINDOWS\System32\xpsp3res.dll
2013-06-26 16:44:58 96C9A439DCDA7643DCB20D88F6DB66F3 17272 ------w- C:\WINDOWS\System32\spmsg.dll
2013-06-26 16:32:25 C148BD421F063443FE628F08099A1E48 520192 ------w- C:\WINDOWS\System32\ati2sgag.exe
2013-06-26 16:32:12 0E0A65522C79A6AE101DD53DBAE2D8DE 307200 ----a-r- C:\WINDOWS\System32\atiiiexx.dll
2013-06-26 16:32:10 64C98CAB60AD11D3E74CC2B533A3E9C8 339968 ----a-r- C:\WINDOWS\System32\ATIDEMGX.dll
2013-06-26 16:32:10 48E4EC7A0CDF011CE643A92B5147AC0C 7069 ----a-r- C:\WINDOWS\System32\atifglpf.xml
2013-06-26 16:32:08 56A70F26B71B81AD32789A0C589D6109 972072 ----a-r- C:\WINDOWS\System32\ativva6x.dat
2013-06-26 16:32:06 31B434EDEC919137787CABF10E76266B 3107788 ----a-r- C:\WINDOWS\System32\ativva5x.dat
2013-06-26 16:32:02 A7CDA83DEA4791B4B3FC52AE2A09DD98 144357 ----a-r- C:\WINDOWS\System32\atiicdxx.dat
2013-06-26 16:32:02 31B434EDEC919137787CABF10E76266B 3107788 ----a-r- C:\WINDOWS\System32\ativvaxx.dat
2013-06-26 16:29:15 E2FA75ADE398C9A44815B11CC141105C 940794 ----a-w- C:\WINDOWS\System32\LoopyMusic.wav
2013-06-26 16:29:15 6D0634CEBBFF7F428DD816706F5AA1FB 146650 ----a-w- C:\WINDOWS\System32\BuzzingBee.wav
2013-06-26 16:28:07 43C3571EADA5BC1EDEAD7CA22AD66F30 49152 ------r- C:\WINDOWS\System32\ChCfg.exe
2013-06-26 16:27:47 F1941197A42F9F373CC70042FC82C950 129536 ----a-w- C:\WINDOWS\System32\ksproxy.ax
2013-06-26 16:27:47 9B9F1C38D559047B8AC0DBA2D5FEBDE9 4096 ----a-w- C:\WINDOWS\System32\ksuser.dll
2013-06-26 16:27:19 5329079D8726DE34A58C2EF0BD2AC8B9 26488 ----a-w- C:\WINDOWS\System32\spupdsvc.exe
2013-06-26 16:27:13 F64D1364B1332E8E5B9B96AFFC9EE118 282624 ------r- C:\WINDOWS\System32\RTSndMgr.cpl
2013-06-26 16:26:58 C76445E155590D42F47EA86F9C2D7C2B 299008 ------r- C:\WINDOWS\System32\ALSndMgr.cpl
2013-06-26 16:14:02 01C47C2ECED034EF6F8C1552A97CFF00 2577 ----a-w- C:\WINDOWS\System32\CONFIG.NT
2013-06-26 16:14:00 6D6F4B1886E91EB37ABCCAD19C561EE0 16832 ----a-w- C:\WINDOWS\System32\amcompat.tlb
2013-06-26 16:13:59 A32B14BE5EDAE794FCE1A9E970827509 23392 ----a-w- C:\WINDOWS\System32\nscompat.tlb
2013-06-26 16:13:50 E81BBE78A8EF85ACD490B3E64EF63A7C 112128 ----a-w- C:\WINDOWS\System32\mapi32.dll
2013-06-26 16:13:04 5A5CFF37F1BD0F86B9BDAAD7A9445882 749 ---ha-r- C:\WINDOWS\System32\wuaucpl.cpl.manifest
2013-06-26 16:13:04 5A5CFF37F1BD0F86B9BDAAD7A9445882 749 ---ha-r- C:\WINDOWS\System32\sapi.cpl.manifest
2013-06-26 16:13:04 5A5CFF37F1BD0F86B9BDAAD7A9445882 749 ---ha-r- C:\WINDOWS\System32\nwc.cpl.manifest
2013-06-26 16:13:04 5A5CFF37F1BD0F86B9BDAAD7A9445882 749 ---ha-r- C:\WINDOWS\System32\ncpa.cpl.manifest
2013-06-26 16:13:04 5A5CFF37F1BD0F86B9BDAAD7A9445882 749 ---ha-r- C:\WINDOWS\System32\cdplayer.exe.manifest
2013-06-26 16:12:28 1204FA2AB2A5F321125F777E8D061B22 11264 ----a-w- C:\WINDOWS\System32\atrace.dll
2013-06-26 16:12:26 81051BCC2CF1BEDF378224B0A93E2877 2 ----a-w- C:\WINDOWS\System32\desktop.ini
2013-06-26 16:12:20 B87F759738C52E8D6FBCDAAA84C6486F 118784 ----a-w- C:\WINDOWS\System32\msg723.acm
2013-06-26 16:12:20 3C891D38FF07120FD926F51A37568646 12288 ----a-w- C:\WINDOWS\System32\nmevtmsg.dll
2013-06-26 16:12:19 441086F355F0DEA94621984C9A3BE765 64512 ----a-w- C:\WINDOWS\System32\acctres.dll
2013-06-26 16:12:17 BE085C746EA903B38204053FF709C634 16384 ----a-w- C:\WINDOWS\System32\icfgnt5.dll
2013-06-26 16:12:10 CAD35C78C72E1D2154CB55A49FB4E1CC 183296 ----a-w- C:\WINDOWS\System32\wuaueng1.dll
2013-06-26 16:12:10 7EF35DB257F647A73DB396AA9760D011 165888 ----a-w- C:\WINDOWS\System32\wuauclt1.exe
2013-06-26 16:12:10 6298277B73C77FA99106B271A7525163 1929952 ----a-w- C:\WINDOWS\System32\wuaueng.dll
2013-06-26 16:12:10 39AA47A1ACBB6A92BF875B535EEAF911 327896 ----a-w- C:\WINDOWS\System32\wucltui.dll
2013-06-26 16:12:10 37BF196917FA0C591BAFCD7949524FF3 217816 ----a-w- C:\WINDOWS\System32\wuaucpl.cpl
2013-06-26 16:12:10 35321FB577CDC98CE3EB3A3EB9E4610A 6656 ----a-w- C:\WINDOWS\System32\wuauserv.dll
2013-06-26 16:12:10 1D326842006C4BE77ECD848CF89F01AB 35552 ----a-w- C:\WINDOWS\System32\wups.dll
2013-06-26 16:12:10 033AF4CE25B6D871F0DE2C982658E049 209632 ----a-w- C:\WINDOWS\System32\wuweb.dll
2013-06-26 16:12:09 62BB79160F86CD962F312C68C6239BFD 53472 ----a-w- C:\WINDOWS\System32\wuauclt.exe
2013-06-26 16:12:09 009758CC06B7F55B4A4D16A66E243C24 575704 ----a-w- C:\WINDOWS\System32\wuapi.dll
2013-06-26 16:12:08 F1DAC7969C1337AF790BD1D981AA780C 18944 ----a-w- C:\WINDOWS\System32\qmgrprxy.dll
2013-06-26 16:12:08 9B2E14F4D66A59306584566A705F8CDD 8192 ----a-w- C:\WINDOWS\System32\bitsprx2.dll
2013-06-26 16:12:08 574738F61FCA2935F5265DC4E5691314 409088 ----a-w- C:\WINDOWS\System32\qmgr.dll
2013-06-26 16:12:08 08763C1AE79D88D122207D0471E834DB 7168 ----a-w- C:\WINDOWS\System32\bitsprx3.dll
2013-06-26 16:11:57 CC8E648AE54B18037F7D0A91D196FE91 43520 ----a-w- C:\WINDOWS\System32\safrcdlg.dll
2013-06-26 16:11:57 62A9B35C335A85311DC1280568CE9D89 45568 ----a-w- C:\WINDOWS\System32\safrslv.dll
2013-06-26 16:11:57 482A0A0E3AE3F6A2564F8BE32767DCDB 29696 ----a-w- C:\WINDOWS\System32\safrdm.dll
2013-06-26 16:11:56 59AD4CEDBFCD1EEFCAC19E25BA15E2F3 43520 ----a-w- C:\WINDOWS\System32\racpldlg.dll
2013-06-26 16:11:51 5D43C9A33F18C707BA169AFDA88BDF30 16896 ----a-w- C:\WINDOWS\System32\fltlib.dll
2013-06-26 16:11:51 1DE61BAEDE3FD349B7AE86F428C25482 23040 ----a-w- C:\WINDOWS\System32\fltmc.exe
2013-06-26 16:11:50 92E2A2574186BCBB7027A6048E1B8B1B 239104 ----a-w- C:\WINDOWS\System32\srrstr.dll
2013-06-26 16:11:50 3805DF0AC4296A34BA4BF93B346CC378 171008 ----a-w- C:\WINDOWS\System32\srsvc.dll
2013-06-26 16:11:49 77A54BDFBAD4604E6131AE68E3CF76D6 67584 ----a-w- C:\WINDOWS\System32\srclient.dll
2013-06-26 16:11:48 D18F1F0C101D06A1C1ADF26EED16FCDD 32768 ----a-w- C:\WINDOWS\System32\mnmsrvc.exe
2013-06-26 16:11:48 C6FD300A6100AC89BC4CB944C19FA2A9 188416 ----a-w- C:\WINDOWS\System32\msh261.drv
2013-06-26 16:11:48 BBF115327F043F0BD46C58393261E6DD 69632 ----a-w- C:\WINDOWS\System32\msconf.dll
2013-06-26 16:11:48 A1E481512C1602C36D3384FEB7DDEC12 81920 ----a-w- C:\WINDOWS\System32\ils.dll
2013-06-26 16:11:48 621822F2F2BDE521D3FC687B62659B76 34560 ----a-w- C:\WINDOWS\System32\mnmdd.dll
2013-06-26 16:11:48 14E333392A7C41AF18F21849AEE1741E 28672 ----a-w- C:\WINDOWS\System32\nmmkcert.dll
2013-06-26 16:11:48 0C56AFBBDFA19694CA03F159A5724EA6 32768 ----a-w- C:\WINDOWS\System32\isrdbg32.dll
2013-06-26 16:11:44 871888B4AA0CA343E73C81E94AD4ED93 252928 ----a-w- C:\WINDOWS\System32\msoeacct.dll
2013-06-26 16:11:44 0485AB01B862FB91C21D39BD60BDF2AC 105984 ----a-w- C:\WINDOWS\System32\msoert2.dll
2013-06-26 16:11:42 A6F6923B46802785B9A47A03AE3CD8BF 48128 ----a-w- C:\WINDOWS\System32\inetres.dll
2013-06-26 16:11:41 9DD302F647227DE5133E2B5E09A5E63F 691712 ----a-w- C:\WINDOWS\System32\inetcomm.dll
2013-06-26 16:11:38 D5788A5243D1DD160E0F97AA4808B2BE 12288 ----a-w- C:\WINDOWS\System32\mstinit.exe
2013-06-26 16:11:38 4044E880593FE1AC9942190FCE414BE7 274944 ----a-w- C:\WINDOWS\System32\mstask.dll
2013-06-26 16:11:38 0A9A7365A1CA4319AA7C1D6CD8E4EAFA 192512 ----a-w- C:\WINDOWS\System32\schedsvc.dll
2013-06-26 16:11:37 F15BDF85AA23961FB61338D34B988B1C 81920 ----a-w- C:\WINDOWS\System32\isign32.dll
2013-06-26 16:11:37 922ED2C991F4D05107467C854D38BB71 65536 ----a-w- C:\WINDOWS\System32\icwphbk.dll
2013-06-26 16:11:37 474EABDCA846408BB854EE6542888D29 274432 ----a-w- C:\WINDOWS\System32\inetcfg.dll
2013-06-26 16:11:37 009F0BE67B62150904D266A1D5BDC95B 73728 ----a-w- C:\WINDOWS\System32\icwdial.dll
2013-06-26 16:11:08 1BA5E0C1DF01CFD4CEB6AC67270FD5D3 21640 ----a-w- C:\WINDOWS\System32\emptyregdb.dat
2013-06-26 16:10:38 BB75ED2CEA65D2DE97E88FDE1B1A0BF8 5632 ----a-w- C:\WINDOWS\System32\write.exe
2013-06-26 16:10:31 F759A6E14403BC3D7A55CCAD1B8F7B4A 44544 ----a-w- C:\WINDOWS\System32\hticons.dll
2013-06-26 16:10:31 F415ACC27107AA6DADABE339949EE670 73216 ----a-w- C:\WINDOWS\System32\avwav.dll
2013-06-26 16:10:31 B82C4535E430DDC631FEC10D63390ECA 227840 ----a-w- C:\WINDOWS\System32\avtapi.dll
2013-06-26 16:10:31 7DF33946B5911E75320CCA9AC1A3492B 138752 ----a-w- C:\WINDOWS\System32\sndvol32.exe
2013-06-26 16:10:31 399495998BCEEA80F23E57CCAB074508 16384 ----a-w- C:\WINDOWS\System32\avmeter.dll
2013-06-26 16:10:30 FEFC52216D2787EA1DE42BABA01AF9BF 35328 ----a-w- C:\WINDOWS\System32\winchat.exe
2013-06-26 16:10:25 8CA32E9D986FA76F60EFBCFCD9D80A58 16740 ----a-w- C:\WINDOWS\System32\shiftjis.uce
2013-06-26 16:10:25 7C0C25F4BA1084C4ABBEEA2C74194C5F 6948 ----a-w- C:\WINDOWS\System32\kanji_1.uce
2013-06-26 16:10:25 7A7A04370A6030B9B0E8178DAD4A6E41 12876 ----a-w- C:\WINDOWS\System32\korean.uce
2013-06-26 16:10:25 60B9959D333C3D11255D8695D2685430 605696 ----a-w- C:\WINDOWS\System32\getuname.dll
2013-06-26 16:10:25 529BBD63519BBD654EF328454019693F 8484 ----a-w- C:\WINDOWS\System32\kanji_2.uce
2013-06-26 16:10:25 4FDED87068052EEB9B72A97FDBC141DB 24006 ----a-w- C:\WINDOWS\System32\gb2312.uce
2013-06-26 16:10:25 30F5568679A54042F99CA9EC1102EBCD 93702 ----a-w- C:\WINDOWS\System32\subrange.uce
2013-06-26 16:10:25 038F6AD6CEE43585D814CDBC7CDFD3EC 60458 ----a-w- C:\WINDOWS\System32\ideograf.uce
2013-06-26 16:10:24 BE1B85306352E0AC901EC08506792B6B 126976 ----a-w- C:\WINDOWS\System32\mshearts.exe
2013-06-26 16:10:24 AC9FA2BA34225342A8897930503AE12F 80384 ----a-w- C:\WINDOWS\System32\charmap.exe
2013-06-26 16:10:24 9C45D38B74634C9DED60BEC640C5C3CA 119808 ----a-w- C:\WINDOWS\System32\winmine.exe
2013-06-26 16:10:24 829E4805B0E12B383EE09ABDC9E2DC3C 114688 ----a-w- C:\WINDOWS\System32\calc.exe
2013-06-26 16:10:24 405E1EF8E3C88E9BCD2853382BB12430 22984 ----a-w- C:\WINDOWS\System32\bopomofo.uce
2013-06-26 16:10:24 373E7A863A1A345C60EDB9E20EC32311 56832 ----a-w- C:\WINDOWS\System32\sol.exe
2013-06-26 16:10:23 F5FE756927FEF0F4A069DE0A832B5F0F 16384 ----a-w- C:\WINDOWS\System32\tskill.exe
2013-06-26 16:10:23 DC8AAE44CDB63F178BC7B993B43C3318 14848 ----a-w- C:\WINDOWS\System32\tsdiscon.exe
2013-06-26 16:10:23 A72C27CE68318023981A4E034F85131C 14848 ----a-w- C:\WINDOWS\System32\shadow.exe
2013-06-26 16:10:23 900D05DAB18DA23083358D0839DC1134 14848 ----a-w- C:\WINDOWS\System32\tscon.exe
2013-06-26 16:10:23 88F105251EE261ACF11AD88E7567258C 9728 ----a-w- C:\WINDOWS\System32\reset.exe
2013-06-26 16:10:23 725902D25A3B8F234F729CA057052C41 16896 ----a-w- C:\WINDOWS\System32\tsshutdn.exe
2013-06-26 16:10:23 4ED862390A8986E2423122FC6A326EC4 15872 ----a-w- C:\WINDOWS\System32\rwinsta.exe
2013-06-26 16:10:23 4D9B5E540158BF8E9B1BCAC1AEDD8C60 55296 ----a-w- C:\WINDOWS\System32\freecell.exe
2013-06-26 16:10:23 4A547D74B435E78418BE06406250C1D3 3286 ----a-w- C:\WINDOWS\System32\tslabels.h
2013-06-26 16:10:23 4114B8D04AEE5FF6700A5CE1130D64FA 33792 ----a-w- C:\WINDOWS\System32\regini.exe
2013-06-26 16:10:23 1556473E920CA676702516DA38DCAC86 16896 ----a-w- C:\WINDOWS\System32\qappsrv.exe
2013-06-26 16:10:23 1317CB79629C34B5FF8260C297B09A1C 22016 ----a-w- C:\WINDOWS\System32\qwinsta.exe
2013-06-26 16:10:23 092D468C0BDF67EC129C28692276AC88 4096 ----a-w- C:\WINDOWS\System32\rdpcfgex.dll
2013-06-26 16:10:23 03C361FAB5AD67924C5150A384C62BE6 13223 ----a-w- C:\WINDOWS\System32\tslabels.ini
2013-06-26 16:10:22 DE60FA13A37BEA1EE44228DCB60F44BF 20992 ----a-w- C:\WINDOWS\System32\msg.exe
2013-06-26 16:10:22 CDD932EDCB756FB5F7CE5E2F090BA838 768 ----a-w- C:\WINDOWS\System32\msdtcprf.h
2013-06-26 16:10:22 28E3647CBB608139AFB076103208552B 1931 ----a-w- C:\WINDOWS\System32\msdtcprf.ini
2013-06-26 16:10:22 238BDCE83AF21A6C2C0FCF216D3260E3 6144 ----a-w- C:\WINDOWS\System32\dcomcnfg.exe
2013-06-26 16:10:22 0D72D44A333628B15288C69738583A2E 15872 ----a-w- C:\WINDOWS\System32\cdmodem.dll
2013-06-26 16:10:21 E7427B6BD2F2B32403C23A4FE15DF3B3 97792 ----a-w- C:\WINDOWS\System32\comrepl.dll
2013-06-26 16:10:21 BC958016A1F7A23A1A9282C82D73D074 4096 ----a-w- C:\WINDOWS\System32\mtxex.dll
2013-06-26 16:10:21 9089B700986B7A441F79FE68F96E5149 59392 ----a-w- C:\WINDOWS\System32\stclient.dll
2013-06-26 16:10:21 85A335171B8D56B09276D1C6DF2A63B2 167424 ----a-w- C:\WINDOWS\System32\comsnap.dll
2013-06-26 16:10:21 7827FB784D9B3029F3DAF73D3331A9CC 30720 ----a-w- C:\WINDOWS\System32\mtxdm.dll
2013-06-26 16:10:21 2A516AC024EA9E34AE0F0297293EABAB 34304 ----a-w- C:\WINDOWS\System32\mtxlegih.dll
2013-06-26 16:10:21 035FECD913735E843E95510D7CC89A4E 28160 ----a-w- C:\WINDOWS\System32\comaddin.dll
2013-06-26 16:10:17 2CE7B1EEB99C14032C0E2201B004F80E 63488 ----a-w- C:\WINDOWS\System32\wmimgmt.msc
2013-06-26 16:10:04 D4B13D675DEC600C5A0ED2BB0EB301E6 184320 ----a-w- C:\WINDOWS\System32\accwiz.exe
2013-06-26 16:10:04 B22332758A8293C14DB318748A928CC4 131584 ----a-w- C:\WINDOWS\System32\sndrec32.exe
2013-06-26 16:10:04 841FB340ABC439B4557FBDD32B7BA11D 68608 ----a-w- C:\WINDOWS\System32\access.cpl
2013-06-26 16:10:03 954BD0D7C3CB90D23C136FEC90999377 123392 ----a-w- C:\WINDOWS\System32\mplay32.exe
2013-06-26 16:10:03 277BDF16A94BE0D063988D692541650B 347136 ----a-w- C:\WINDOWS\System32\hypertrm.dll
2013-06-26 16:10:02 949BC05CEF66BCD68EB23F08EB4C2DFF 343040 ----a-w- C:\WINDOWS\System32\mspaint.exe
2013-06-26 16:10:02 7A526169AC958E6602023A39734C8684 102912 ----a-w- C:\WINDOWS\System32\clipbrd.exe
2013-06-26 16:10:01 8D1492DBE9A856EE306EDC5A103E0BF2 538624 ----a-w- C:\WINDOWS\System32\spider.exe
2013-06-26 16:10:00 ACD3B2A1BC785A8B9FBC70280E1D8663 2061824 ----a-w- C:\WINDOWS\System32\mstscax.dll
2013-06-26 16:10:00 A125CBFE55C05735417786DD15A5BE76 93696 ----a-w- C:\WINDOWS\System32\tscfgwmi.dll
2013-06-26 16:10:00 8DD5CF6D82BD78433E95D86EFA117D67 677888 ----a-w- C:\WINDOWS\System32\mstsc.exe
2013-06-26 16:09:59 C29AB058E20C56E8D1ECB44FEDEBC69F 13824 ----a-w- C:\WINDOWS\System32\rdsaddin.exe
2013-06-26 16:09:59 B84AA6E863DE4A3BD9A0A39AEC207ECC 147968 ----a-w- C:\WINDOWS\System32\rdchost.dll
2013-06-26 16:09:59 B30637E52CB169F89335119978BDBD3E 60416 ----a-w- C:\WINDOWS\System32\remotepg.dll
2013-06-26 16:09:59 57E036885A222D1A8EF237C7399BE98B 67072 ----a-w- C:\WINDOWS\System32\rdshost.exe
2013-06-26 16:09:59 3C37BF86641BDA977C3BF8A840F3B7FA 141312 ----a-w- C:\WINDOWS\System32\sessmgr.exe
2013-06-26 16:09:59 20EE93BBAFD755E7889A1B27CAC6B8D3 44544 ----a-w- C:\WINDOWS\System32\tscupgrd.exe
2013-06-26 16:09:58 FF3477C03BE7201C294C35F684B3479F 295424 ----a-w- C:\WINDOWS\System32\termsrv.dll
2013-06-26 16:09:58 DF6551E4C4C46655A0C76194F1FCEA5D 11264 ----a-w- C:\WINDOWS\System32\icaapi.dll
2013-06-26 16:09:58 DCCF6ED915BC05C244801B550AD12B17 62976 ----a-w- C:\WINDOWS\System32\rdpclip.exe
2013-06-26 16:09:58 C7C84DF7233F4834CD190F3DCCAF50CA 87176 ----a-w- C:\WINDOWS\System32\rdpwsx.dll
2013-06-26 16:09:58 AA4A015E2ACAE6127FDF833F301C1FE4 38912 ----a-w- C:\WINDOWS\System32\cfgbkend.dll
2013-06-26 16:09:58 5AD00EED5722CAABDDAAC1CB92F68E57 19968 ----a-w- C:\WINDOWS\System32\qprocess.exe
2013-06-26 16:09:58 31DD1EF4149B0F22AFB12A2DD360B34D 19968 ----a-w- C:\WINDOWS\System32\rdpsnd.dll
2013-06-26 16:09:57 98A70D16C400CF422962247B238283DC 91648 ----a-w- C:\WINDOWS\System32\mtxoci.dll
2013-06-26 16:09:57 801BA87302E1621B7752EDE603C66E17 161792 ----a-w- C:\WINDOWS\System32\msdtcuiu.dll
2013-06-26 16:09:57 3FE4E646DBF75864EA5ECC73402F3EBE 427008 ----a-w- C:\WINDOWS\System32\msdtcprx.dll
2013-06-26 16:09:56 FB48946E4DC87309A05F3694970703BA 956928 ----a-w- C:\WINDOWS\System32\msdtctm.dll
2013-06-26 16:09:56 AE3470D2BF8F16FD93FA54167B87172D 11776 ----a-w- C:\WINDOWS\System32\xolehlp.dll
2013-06-26 16:09:56 A137F1470499A205ABBB9AAFB3B6F2B1 6144 ----a-w- C:\WINDOWS\System32\msdtc.exe
2013-06-26 16:09:54 846300110A32ACDEE7CB60E54C7F693A 625664 ----a-w- C:\WINDOWS\System32\catsrvut.dll
2013-06-26 16:09:54 690D97864735E8ECD87F55777E266690 60416 ----a-w- C:\WINDOWS\System32\colbact.dll
2013-06-26 16:09:54 5F5E83E18E9344BCD680704101CEA78A 85504 ----a-w- C:\WINDOWS\System32\catsrvps.dll
2013-06-26 16:09:54 33B37BB0C69F2DBD19277220435590BE 110592 ----a-w- C:\WINDOWS\System32\clbcatex.dll
2013-06-26 16:09:53 ED0C0DF222209E43AD9AFBF3FE87DDE0 1267200 ----a-w- C:\WINDOWS\System32\comsvcs.dll
2013-06-26 16:09:53 28CDB50D882D3BAD993D25BE596307EA 226304 ----a-w- C:\WINDOWS\System32\catsrv.dll
2013-06-26 16:09:52 F137A0CA70003DB20448D540651FA003 498688 ----a-w- C:\WINDOWS\System32\clbcatq.dll
2013-06-26 16:09:52 E0950A5B73350A26AB063EF6772FDCA4 539648 ----a-w- C:\WINDOWS\System32\comuid.dll
2013-06-26 16:09:43 8E7C1B8BBA4070615D6E2F704F272255 56320 ----a-w- C:\WINDOWS\System32\servdeps.dll
2013-06-26 16:09:43 6895427873D6C37A6D6DA7C3DB37DA14 58880 ----a-w- C:\WINDOWS\System32\licwmi.dll
2013-06-26 16:09:43 56C0F2EF981F235AB011FBFE26D92088 17408 ----a-w- C:\WINDOWS\System32\mmfutil.dll
2013-06-26 16:09:43 1C2C0143333F9651F088E29344D3BD0F 185344 ----a-w- C:\WINDOWS\System32\cmprops.dll
====== C:\WINDOWS\system32\drivers =====
2013-07-02 06:22:28 FAF091AA45A6A6CF3CF94FE065950956 175 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
2013-07-02 06:22:28 3FFBEE694566CADB0A64D8A1ACD7DBCE 175 ----a-w- C:\WINDOWS\System32\drivers\aswSP.sys.sum
2013-07-02 06:22:28 22EA82FFE8CA4965C1994F24C35DC202 175 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
2013-07-02 06:15:00 937300BC7C4CDF7576BCCE44E19BBB9D 369584 ----a-w- C:\WINDOWS\System32\drivers\aswSP.sys
2013-07-02 06:15:00 4AF5F360BA1E8794D32B366E45A64A0A 29816 ----a-w- C:\WINDOWS\System32\drivers\aswFsBlk.sys
2013-07-02 06:14:59 7B43265F92257A21CBFD88E7A651044C 49760 ----a-w- C:\WINDOWS\System32\drivers\aswRdr.sys
2013-07-02 06:14:58 CCD565A8A72AF7D45F9A242013870926 770344 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys
2013-07-02 06:14:58 B680134BA1813B78B47FDD1DFF223CA5 49376 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
2013-07-02 06:14:58 8CFAA2B965773A653F48F1207A9CB9C4 175176 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys
2013-07-02 06:14:58 1F71F170D90E42EFDE9633D81D5E12DC 56080 ----a-w- C:\WINDOWS\System32\drivers\aswTdi.sys
2013-07-02 06:14:57 1F7094D4268D46F718C51286DC189791 66336 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
2013-06-30 07:21:07 72472B9CE5D02E443CFF49A40355455D 23624 ----a-w- C:\WINDOWS\System32\drivers\hitmanpro35.sys
2013-06-29 06:59:59 A0B8CF9DEB1184FBDD20784A58FA75D4 15104 ----a-w- C:\WINDOWS\System32\drivers\usbscan.sys
2013-06-26 20:00:03 9714B7C918C6543D69074EC101F86AC4 9072 ------w- C:\WINDOWS\System32\drivers\cdr4_xp.sys
2013-06-26 20:00:03 153D02480A0A2F45785522E814C634B6 44944 ------w- C:\WINDOWS\System32\drivers\PxHelp20.sys
2013-06-26 20:00:03 0D856D16C08440BFB566D6CDD9948D4E 9200 ------w- C:\WINDOWS\System32\drivers\cdralw2k.sys
2013-06-26 18:35:37 E53736A9E30C45FA9E7B5EAC55056D1D 5504 ----a-w- C:\WINDOWS\System32\drivers\MSTEE.sys
2013-06-26 18:35:34 7FF1F1FD8609C149AA432F95A8163D97 10880 ----a-w- C:\WINDOWS\System32\drivers\NdisIP.sys
2013-06-26 18:35:32 77813007BA6265C4B6098187E6ED79D2 15232 ----a-w- C:\WINDOWS\System32\drivers\StreamIP.sys
2013-06-26 18:35:31 866D538EBE33709A5C9F5C62B73B7D14 11136 ----a-w- C:\WINDOWS\System32\drivers\SLIP.sys
2013-06-26 18:35:29 C98B39829C2BBD34E454150633C62C78 19200 ----a-w- C:\WINDOWS\System32\drivers\WSTCODEC.SYS
2013-06-26 18:35:27 5B50F1B2A2ED47D560577B221DA734DB 85248 ----a-w- C:\WINDOWS\System32\drivers\NABTSFEC.sys
2013-06-26 18:35:25 0BE5AEF125BE881C4F854C554F2B025C 17024 ----a-w- C:\WINDOWS\System32\drivers\CCDECODE.sys
2013-06-26 18:34:54 3DE80BAA4AF21883CF938197D508B848 392122 ----a-w- C:\WINDOWS\System32\drivers\usbVM303.sys
2013-06-26 18:34:54 233509E1AD024A3E451D8DF6795EEED5 428160 ----a-w- C:\WINDOWS\System32\drivers\vmfilter303.sys
2013-06-26 18:00:11 D9F724AA26C010A217C97606B160ED68 3072 ----a-w- C:\WINDOWS\System32\drivers\audstub.sys
2013-06-26 17:59:49 F828DD7E1419B6653894A8F97A0094C5 57600 ----a-w- C:\WINDOWS\System32\drivers\redbook.sys
2013-06-26 17:57:55 C93C9FF7B04D772627A3646D89F7BF89 11264 ----a-w- C:\WINDOWS\System32\drivers\irenum.sys
2013-06-26 16:49:22 B43B36B382AEA10861F7C7A37F9D4AE2 46592 ------w- C:\WINDOWS\System32\drivers\irbus.sys
2013-06-26 16:46:06 E2FB83E16D003E973C0A6F25CA39A281 3615 ------w- C:\WINDOWS\System32\drivers\adv05nt5.dll
2013-06-26 16:46:06 DB6D4CBF4DEBFA810A83035952EEC707 3775 ------w- C:\WINDOWS\System32\drivers\adv11nt5.dll
2013-06-26 16:46:06 9FD9797D7E74AEA57915C726D82697F4 3135 ------w- C:\WINDOWS\System32\drivers\adv08nt5.dll
2013-06-26 16:46:06 9A193E5B5416E800B1FEDD7A4C5425C9 3967 ------w- C:\WINDOWS\System32\drivers\adv02nt5.dll
2013-06-26 16:46:06 76DEC026845C0C7679C194BF3FAD81F0 3711 ------w- C:\WINDOWS\System32\drivers\adv09nt5.dll
2013-06-26 16:46:06 23C8D06EBE70CA5D8364818AD6342BDA 3647 ------w- C:\WINDOWS\System32\drivers\adv07nt5.dll
2013-06-26 16:46:06 1A7DDD37DEB481A9C25BBE705D63966B 4255 ------w- C:\WINDOWS\System32\drivers\adv01nt5.dll
2013-06-26 16:46:06 08FD04AA961BDC77FB983F328334E3D7 42368 ------w- C:\WINDOWS\System32\drivers\agp440.sys
2013-06-26 16:46:06 03A7E0922ACFE1B07D5DB2EEB0773063 44928 ------w- C:\WINDOWS\System32\drivers\agpcpq.sys
2013-06-26 16:46:05 F7706DAE7D101F1B19CE552D772EBFCE 21343 ------w- C:\WINDOWS\System32\drivers\ati1ttxx.sys
2013-06-26 16:46:05 EDD66332608D27F4FD5069BCD0BC5164 73216 ------w- C:\WINDOWS\System32\drivers\atintuxx.sys
2013-06-26 16:46:05 ED4C2BF8403F4437987C0BA09CF48716 13824 ------w- C:\WINDOWS\System32\drivers\atinmdxx.sys
2013-06-26 16:46:05 E90AC2B14E98F1A4372E5891B4278784 14336 ------w- C:\WINDOWS\System32\drivers\atinpdxx.sys
2013-06-26 16:46:05 DAC7D785CF62F5BD41441E9D6F5A6EFE 26367 ------w- C:\WINDOWS\System32\drivers\ati1snxx.sys
2013-06-26 16:46:05 DA36687D701C833430605A298731410B 52224 ------w- C:\WINDOWS\System32\drivers\atinraxx.sys
2013-06-26 16:46:05 D80A8F6C0A717446496C3A06D33B0D9C 13824 ------w- C:\WINDOWS\System32\drivers\atinttxx.sys
2013-06-26 16:46:05 D649C57DA6FA762C64013747E5D7D2D6 56623 ------w- C:\WINDOWS\System32\drivers\ati1btxx.sys
2013-06-26 16:46:05 CEDDEE2E0591894D19654D458FD3B9BE 28672 ------w- C:\WINDOWS\System32\drivers\atinsnxx.sys
2013-06-26 16:46:05 CB08AED0DE2DD889A8A820CD8082D83C 42752 ------w- C:\WINDOWS\System32\drivers\alim1541.sys
2013-06-26 16:46:05 BCAF267B10620F8C93F6E87AB726E145 63663 ------w- C:\WINDOWS\System32\drivers\ati1rvxx.sys
2013-06-26 16:46:05 AA4F39968C3C48F44AC93C19C74531AC 17279 ------w- C:\WINDOWS\System32\drivers\atv10nt5.dll
2013-06-26 16:46:05 A7A01B907DB63898D40B0A14248FF9A2 104960 ------w- C:\WINDOWS\System32\drivers\atinrvxx.sys
2013-06-26 16:46:05 9D318099BF3876A4AF4BC75966D27603 30671 ------w- C:\WINDOWS\System32\drivers\ati1raxx.sys
2013-06-26 16:46:05 993E7BD6438FE989E328C6B4BCA246A9 57856 ------w- C:\WINDOWS\System32\drivers\atinbtxx.sys
2013-06-26 16:46:05 99265584139E0361156AF8AAFB9F05FD 11359 ------w- C:\WINDOWS\System32\drivers\atv02nt5.dll
2013-06-26 16:46:05 95B4FB835E28AA1336CEEB07FD5B9398 43008 ------w- C:\WINDOWS\System32\drivers\amdagp.sys
2013-06-26 16:46:05 8E59F9BE251C8AE32A1CEB068B3F96B1 64352 ------w- C:\WINDOWS\System32\drivers\ativmc20.cod
2013-06-26 16:46:05 77B575D7AAB35D5908AE6CE681608D62 63488 ------w- C:\WINDOWS\System32\drivers\atinxsxx.sys
2013-06-26 16:46:05 6FDC61E8E8E17F6ECC2D9A10FA8DF347 12047 ------w- C:\WINDOWS\System32\drivers\ati1pdxx.sys
2013-06-26 16:46:05 6F714B4720DD80FFA9F8D2731594EA4C 36463 ------w- C:\WINDOWS\System32\drivers\ati1tuxx.sys
2013-06-26 16:46:05 67FFBC158DD4D27BA3FC92C6ACD87F73 29455 ------w- C:\WINDOWS\System32\drivers\ati1xbxx.sys
2013-06-26 16:46:05 60B6AA2DC1521DA343F781B70EB7895A 11615 ------w- C:\WINDOWS\System32\drivers\ati1mdxx.sys
2013-06-26 16:46:05 4CCDEF76BC20B56037C24D39E5C0E4EA 14143 ------w- C:\WINDOWS\System32\drivers\atv06nt5.dll
2013-06-26 16:46:05 3E7D485CBD0B0D9F6EA2AD9442411831 31744 ------w- C:\WINDOWS\System32\drivers\atinxbxx.sys
2013-06-26 16:46:05 379F31C68379519C15A2B7BF66F8A80E 25471 ------w- C:\WINDOWS\System32\drivers\atv04nt5.dll
2013-06-26 16:46:05 2D030C2F6B036CA0BC243E1B16D924D1 327040 ------w- C:\WINDOWS\System32\drivers\ati2mtaa.sys
2013-06-26 16:46:05 1532382086A0B61982E69FEFFBA77469 21183 ------w- C:\WINDOWS\System32\drivers\atv01nt5.dll
2013-06-26 16:46:05 0D8CAB1F08F7D3C4DE228B49E12E596A 34735 ------w- C:\WINDOWS\System32\drivers\ati1xsxx.sys
2013-06-26 16:46:04 FCA6F069597B62D42495191ACE3FC6C1 37888 ------w- C:\WINDOWS\System32\drivers\bthmodem.sys
2013-06-26 16:46:04 EBB354438A4C5A3327FB97306260714A 1041536 ------w- C:\WINDOWS\System32\drivers\hsfdpsp2.sys
2013-06-26 16:46:04 C53775780148884AC87C455489A0C070 126686 ------w- C:\WINDOWS\System32\drivers\mtlmnt5.sys
2013-06-26 16:46:04 BB68CEBFFD181E18A26112D1B9F90F3D 36480 ------w- C:\WINDOWS\System32\drivers\bthprint.sys
2013-06-26 16:46:04 BB1A6FB7D35A91E599973FA74A619056 19200 ------w- C:\WINDOWS\System32\drivers\hidir.sys
2013-06-26 16:46:04 B279426E3C0C344893ED78A613A73BDE 17024 ------w- C:\WINDOWS\System32\drivers\bthenum.sys
2013-06-26 16:46:04 970178E8E003EB1481293830069624B9 220032 ------w- C:\WINDOWS\System32\drivers\hsfbs2s2.sys
2013-06-26 16:46:04 80602B8746D3738F5886CE3D67EF06B6 101120 ------w- C:\WINDOWS\System32\drivers\bthpan.sys
2013-06-26 16:46:04 7BD2DE4C85EB4241EED57672B16A7D8D 25600 ------w- C:\WINDOWS\System32\drivers\hidbth.sys
2013-06-26 16:46:04 61ED91FDC8BDC432C9E51DDCB3D66FEE 15423 ------w- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
2013-06-26 16:46:04 61364CD71EF63B0F038B7E9DF00F1EFA 18944 ------w- C:\WINDOWS\System32\drivers\bthusb.sys
2013-06-26 16:46:04 3A74C423CF6BCCA6982715878F450A3B 46464 ------w- C:\WINDOWS\System32\drivers\gagp30kx.sys
2013-06-26 16:46:04 3194C32E8A2403073B812183355E25C6 129045 ------w- C:\WINDOWS\System32\drivers\cxthsfs2.cty
2013-06-26 16:46:04 195741AEE20369980796B557358CD774 11868 ------w- C:\WINDOWS\System32\drivers\mdmxsdk.sys
2013-06-26 16:46:04 1225EBEA76AAC3C84DF6C54FE5E5D8BE 685056 ------w- C:\WINDOWS\System32\drivers\hsfcxts2.sys
2013-06-26 16:46:04 10B85171B90C449F8DA71C2640B797E9 273024 ------w- C:\WINDOWS\System32\drivers\bthport.sys
2013-06-26 16:46:03 F9B8E30E82EE95CF3E1D3E495599B99C 95424 ------w- C:\WINDOWS\System32\drivers\slnthal.sys
2013-06-26 16:46:03 E9AAA0092D74A9D371659C4C38882E12 13776 ------w- C:\WINDOWS\System32\drivers\recagent.sys
2013-06-26 16:46:03 DB56BB2C55723815CF549D7FC50CFCEB 13240 ------w- C:\WINDOWS\System32\drivers\slwdmsup.sys
2013-06-26 16:46:03 D9673011648A71ED1E1F77B831BC85E6 129535 ------w- C:\WINDOWS\System32\drivers\slnt7554.sys
2013-06-26 16:46:03 D66D22D76878BF3483A6BE30183FB648 10240 ------w- C:\WINDOWS\System32\drivers\sffp_mmc.sys
2013-06-26 16:46:03 B538DCD9816EA35FA4F637CFC261AAA8 12672 ------w- C:\WINDOWS\System32\drivers\mutohpen.sys
2013-06-26 16:46:03 905CB655E93D39C97E078A3C4C884F31 67866 ------w- C:\WINDOWS\System32\drivers\netwlan5.img
2013-06-26 16:46:03 895BE38A993B9BD5ABBE570D63D88A2E 5888 ------w- C:\WINDOWS\System32\drivers\smbali.sys
2013-06-26 16:46:03 851C30DF2807FCFA21E4C681A7D6440E 59136 ------w- C:\WINDOWS\System32\drivers\rfcomm.sys
2013-06-26 16:46:03 726548542AFECA56257FF01EB13BB6D7 30592 ------w- C:\WINDOWS\System32\drivers\rndismpx.sys
2013-06-26 16:46:03 6DDA78A0BE692B61B668FAB860F276CF 452736 ------w- C:\WINDOWS\System32\drivers\mtxparhm.sys
2013-06-26 16:46:03 6B910A4F9FD45CAE6579564DA22D69AE 3901 ------w- C:\WINDOWS\System32\drivers\siint5.dll
2013-06-26 16:46:03 6B33D0EBD30DB32E27D1D78FE946A754 40960 ------w- C:\WINDOWS\System32\drivers\sisagp.sys
2013-06-26 16:46:03 576B34CEAE5B7E5D9FD2775E93B3DB53 180360 ------w- C:\WINDOWS\System32\drivers\ntmtlfax.sys
2013-06-26 16:46:03 54886A652BF5685192141DF304E923FD 1309184 ------w- C:\WINDOWS\System32\drivers\mtlstrm.sys
2013-06-26 16:46:03 2C1779C0FEB1F4A6033600305EBA623A 404990 ------w- C:\WINDOWS\System32\drivers\slntamr.sys
2013-06-26 16:46:03 2B298519EDBFCF451D43E0F1E8F1006D 1897408 ------w- C:\WINDOWS\System32\drivers\nv4_mini.sys
2013-06-26 16:46:03 0DBCC071A268E0340A2BA6BDD98BACE4 166912 ------w- C:\WINDOWS\System32\drivers\s3gnbm.sys
2013-06-26 16:46:02 D85938F272D1BCF3DB3A31FC0A048928 44672 ------w- C:\WINDOWS\System32\drivers\uagp35.sys
2013-06-26 16:46:02 B6CC50279D6CD28E090A5D33244ADC9A 12800 ------w- C:\WINDOWS\System32\drivers\usb8023x.sys
2013-06-26 16:46:02 ACED8C149B30F8496C237BCBA3727B48 14208 ------w- C:\WINDOWS\System32\drivers\wacompen.sys
2013-06-26 16:46:02 7BB3AA595E4507A788DE1CDC63F4C8C4 11871 ------w- C:\WINDOWS\System32\drivers\wadv09nt.sys
2013-06-26 16:46:02 754292CE5848B3738281B4F3607EAEF4 42240 ------w- C:\WINDOWS\System32\drivers\viaagp.sys
2013-06-26 16:46:02 714038A8AA5DE08E12062202CD7EAEB5 11295 ------w- C:\WINDOWS\System32\drivers\wadv08nt.sys
2013-06-26 16:46:02 63BBFCA7F390F4C49ED4B96BFB1633E0 121984 ------w- C:\WINDOWS\System32\drivers\usbvideo.sys
2013-06-26 16:46:02 5E9313B8BFB6025E7C38E9A0BF185303 11325 ------w- C:\WINDOWS\System32\drivers\vchnt5.dll
2013-06-26 16:46:02 36E6C405B6143D09687F4056FD9A0D10 11935 ------w- C:\WINDOWS\System32\drivers\wadv11nt.sys
2013-06-26 16:46:02 0308AEF61941E4AF478FA1A0F83812F5 11807 ------w- C:\WINDOWS\System32\drivers\wadv07nt.sys
2013-06-26 16:46:01 791CC45DE6E50445BE72E8AD6401FF45 25471 ------w- C:\WINDOWS\System32\drivers\watv10nt.sys
2013-06-26 16:46:01 352FA0E98BC461CE1CE5D41F64DB558D 22271 ------w- C:\WINDOWS\System32\drivers\watv06nt.sys
2013-06-26 16:31:57 28E860FB66A500412E0E0ABE74AE4C28 2096 ----a-r- C:\WINDOWS\System32\drivers\ativdkxx.vp
2013-06-26 16:31:56 302C658113F5D8D6782A9D4E802E501A 929 ----a-r- C:\WINDOWS\System32\drivers\ativcaxx.vp
2013-06-26 16:31:56 2406E91EF0352F157BB06504530F9A95 1311202 ----a-r- C:\WINDOWS\System32\drivers\ativcaxx.cpa
2013-06-26 16:31:55 A7D6B652A58F1006F17A608ABD0A5733 2096 ----a-r- C:\WINDOWS\System32\drivers\ativckxx.vp
2013-06-26 16:31:55 180D6B56F99C8276322C16BB7CBF09C7 43152 ----a-r- C:\WINDOWS\System32\drivers\ativvpxx.vp
2013-06-26 16:28:06 AB8B92451ECB048A4D1DE7C3FFCB4A9F 6272 ----a-w- C:\WINDOWS\System32\drivers\splitter.sys
2013-06-26 16:28:05 6768ACF64B18196494413695F0C3A00F 83072 ----a-w- C:\WINDOWS\System32\drivers\wdmaud.sys
2013-06-26 16:28:04 8A208DFCF89792A484E76C40E5F50B45 52864 ----a-w- C:\WINDOWS\System32\drivers\dmusic.sys
2013-06-26 16:28:00 8CE882BCC6CF8A62F2B2323D95CB3D01 56576 ----a-w- C:\WINDOWS\System32\drivers\swmidi.sys
2013-06-26 16:27:59 8BED39E3C35D6A489438B8141717A557 142592 ----a-w- C:\WINDOWS\System32\drivers\aec.sys
2013-06-26 16:27:58 692BCF44383D056AED41B045A323D378 172416 ----a-w- C:\WINDOWS\System32\drivers\kmixer.sys
2013-06-26 16:27:57 8F5FCFF8E8848AFAC920905FBD9D33C8 2944 ----a-w- C:\WINDOWS\System32\drivers\drmkaud.sys
2013-06-26 16:27:56 8B83F3ED0F1688B4958F77CD6D2BF290 60800 ----a-w- C:\WINDOWS\System32\drivers\sysaudio.sys
2013-06-26 16:27:54 D1575E71568F4D9E14CA56B7B0453BF1 7552 ----a-w- C:\WINDOWS\System32\drivers\mskssrv.sys
2013-06-26 16:27:53 BAD59648BA099DA4A17680B39730CB3D 4992 ----a-w- C:\WINDOWS\System32\drivers\mspqm.sys
2013-06-26 16:27:52 325BB26842FC7CCC1FCCE2C457317F3E 5376 ----a-w- C:\WINDOWS\System32\drivers\mspclock.sys
2013-06-26 16:27:47 6CB08593487F5701D2D2254E693EAFCE 60160 ----a-w- C:\WINDOWS\System32\drivers\drmk.sys
2013-06-26 16:27:10 B1A809E7FE19BECD5ACA61F0E7088C8C 4609024 ------r- C:\WINDOWS\System32\drivers\RtkHDAud.sys
2013-06-26 16:25:12 1E11171C0B9989E1BDAA59E96B2E81C4 85120 ----a-r- C:\WINDOWS\System32\drivers\Rtnicxp.sys
2013-06-26 16:11:50 B2CF4B0786F8212CB92ED2B50C6DB6B0 129792 ----a-w- C:\WINDOWS\System32\drivers\fltmgr.sys
2013-06-26 16:11:49 76BB022C2FB6902FD5BDD4F78FC13A5D 73472 ----a-w- C:\WINDOWS\System32\drivers\sr.sys
2013-06-26 16:10:01 C56B6D0402371CF3700EB322EF3AAF61 21896 ----a-w- C:\WINDOWS\System32\drivers\tdtcp.sys
2013-06-26 16:10:01 6728E45B66F93C08F11DE2E316FC70DD 139656 ----a-w- C:\WINDOWS\System32\drivers\rdpwd.sys
2013-06-26 16:10:01 6471A66807F5E104E4885F5B67349397 12040 ----a-w- C:\WINDOWS\System32\drivers\tdpipe.sys
2013-06-26 16:09:41 15CABD0F7C00C47C70124907916AF3F1 196224 ----a-w- C:\WINDOWS\System32\drivers\rdpdr.sys
2013-06-26 16:09:40 88155247177638048422893737429D9E 40840 ----a-w- C:\WINDOWS\System32\drivers\termdd.sys
====== C:\WINDOWS\Tasks ======
2013-07-02 14:27:52 5E22E0793DF7747B3A7BD2A2874D9B3C 290 ----a-w- C:\WINDOWS\Tasks\Express FilesUpdate.job
2013-07-02 06:14:57 A5165FD47A7BC2B887A03AD4915CDD1C 312 ---ha-w- C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-06-26 18:22:23 904D902D884F171A3987452C479A1B57 830 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-06-26 18:11:28 3576336F875FF9466C359B057D3F19AD 1016 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1454471165-725345543-1003UA.job
2013-06-26 18:11:27 64FC8D783F7C277584713B749BDE3CF6 964 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1454471165-725345543-1003Core.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2013-07-05 12:27:16 -------- d-----w- C:\Program Files\IObit
2013-07-04 11:44:51 -------- d-----w- C:\Program Files\K-Lite Codec Pack
2013-07-03 09:26:13 -------- d-----w- C:\Program Files\CoreAAC
2013-07-02 11:39:09 -------- d-----w- C:\Program Files\Vtools
2013-07-02 11:38:24 -------- d-----w- C:\Program Files\Instair
2013-07-02 11:38:18 -------- d-----w- C:\Program Files\Instair Speed Dial
2013-06-30 07:21:06 -------- d-----w- C:\Program Files\Hitman Pro 3.5
2013-06-27 09:13:50 -------- d-----w- C:\Program Files\MCShield
2013-06-26 20:01:12 -------- d-----w- C:\Program Files\Winamp Detect
2013-06-26 20:00:00 -------- d-----w- C:\Program Files\Winamp
2013-06-26 19:50:36 -------- d-----w- C:\Program Files\Common Files\ACD Systems
2013-06-26 19:50:36 -------- d-----w- C:\Program Files\ACD Systems
2013-06-26 19:42:24 -------- d-----w- C:\Program Files\Unlocker
2013-06-26 19:27:20 -------- d-----w- C:\Program Files\Google
2013-06-26 19:17:32 -------- d-----w- C:\Program Files\Mozilla Maintenance Service
2013-06-26 18:59:14 -------- d-----w- C:\Program Files\Maxthon3
2013-06-26 18:42:31 -------- d-----w- C:\Program Files\Defraggler
2013-06-26 18:40:20 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-06-26 18:38:33 -------- d-----w- C:\Program Files\Yahoo!
2013-06-26 18:37:48 -------- d-----w- C:\Program Files\SpeedFan
2013-06-26 18:34:46 -------- d-----w- C:\Program Files\A4 tech
2013-06-26 18:32:01 -------- d-----w- C:\Program Files\Common Files\Skype
2013-06-26 18:32:00 -------- d-----r- C:\Program Files\Skype
2013-06-26 18:28:06 -------- d-----w- C:\Program Files\WinRAR
2013-06-26 18:25:15 -------- d-----w- C:\Program Files\Common Files\Adobe
2013-06-26 18:25:15 -------- d-----w- C:\Program Files\Adobe
2013-06-26 17:58:09 -------- d-----w- C:\Program Files\Common Files\SpeechEngines
2013-06-26 17:58:09 -------- d-----w- C:\Program Files\Common Files\Microsoft Shared
2013-06-26 17:58:09 -------- d-----w- C:\Program Files\Common Files
2013-06-26 16:26:57 -------- d-----w- C:\Program Files\Realtek
2013-06-26 16:26:54 -------- d--h--w- C:\Program Files\InstallShield Installation Information
2013-06-26 16:26:43 -------- d-----w- C:\Program Files\Common Files\InstallShield
2013-06-26 16:23:03 -------- d-----w- C:\Program Files\Intel
2013-06-26 16:18:24 -------- d--h--w- C:\Program Files\Uninstall Information
2013-06-26 16:14:16 -------- d-----w- C:\Program Files\xerox
2013-06-26 16:14:16 -------- d-----w- C:\Program Files\microsoft frontpage
2013-06-26 16:13:00 -------- d--h--w- C:\Program Files\WindowsUpdate
2013-06-26 16:12:19 -------- d-----w- C:\Program Files\Common Files\Services
2013-06-26 16:12:16 -------- d-----w- C:\Program Files\Common Files\MSSoap
2013-06-26 16:12:02 -------- d-----w- C:\Program Files\Movie Maker
2013-06-26 16:11:44 -------- d-----w- C:\Program Files\NetMeeting
2013-06-26 16:11:38 -------- d-----w- C:\Program Files\Outlook Express
2013-06-26 16:11:28 -------- d-----w- C:\Program Files\Common Files\System
2013-06-26 16:11:27 -------- d-----w- C:\Program Files\Internet Explorer
2013-06-26 16:10:48 -------- d-----w- C:\Program Files\Online Services
2013-06-26 16:10:47 -------- d-----w- C:\Program Files\Windows Media Player
2013-06-26 16:10:41 -------- d-----w- C:\Program Files\Messenger
2013-06-26 16:10:38 -------- d-----w- C:\Program Files\MSN Gaming Zone
2013-06-26 16:10:05 -------- d-----w- C:\Program Files\MSN
2013-06-26 16:10:02 -------- d-----w- C:\Program Files\Windows NT
======= C: =====
2013-06-26 17:56:14 FA579938B0733B87066546AFE951082C 211 --sh--w- C:\boot.ini
2013-06-26 16:14:02 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\MSDOS.SYS
2013-06-26 16:14:02 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\IO.SYS
2013-06-26 16:14:02 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\CONFIG.SYS
2013-06-26 16:14:02 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\AUTOEXEC.BAT
====== C:\Documents and Settings\MICA\Application Data ======
2013-07-06 07:23:56 7E87C3301ED85E468ABF1204B85B335C 30894 ----a-w- C:\Documents and Settings\MICA\Application Data\speedanalysis.ico
2013-07-06 06:50:03 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\WMTools Downloaded Files
2013-07-05 12:55:01 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter
2013-07-05 12:27:39 -------- d-----w- C:\Documents and Settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-05 12:27:36 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Apple Computer
2013-07-05 12:27:35 -------- d-----w- C:\Documents and Settings\All Users\Application Data\IObit
2013-07-05 11:34:27 -------- d-----w- C:\Documents and Settings\All Users\Application Data\VS Revo Group
2013-07-04 11:48:06 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Media Player Classic
2013-07-04 11:45:06 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack\Uninstall
2013-07-04 11:45:06 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack\Tools
2013-07-04 11:45:06 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack\Help
2013-07-04 11:45:05 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack\Configuration
2013-07-04 11:45:05 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
2013-07-04 11:39:59 -------- d-----r- C:\Documents and Settings\MICA\Start Menu\Programs\Administrative Tools
2013-07-03 09:26:15 -------- d---a-w- C:\Documents and Settings\All Users\Application Data\TEMP
2013-07-02 14:23:06 B00F1D142611D136D80E7953B2C46D53 10752 ----a-w- C:\Documents and Settings\MICA\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-02 11:38:15 -------- d-----w- C:\Documents and Settings\MICA\Application Data\IObit
2013-07-02 11:30:55 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\VS Revo Group
2013-07-02 10:49:14 -------- d-----w- C:\Documents and Settings\MICA\Application Data\uTorrent
2013-07-02 06:15:00 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
2013-06-30 07:21:06 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Hitman Pro 3.5
2013-06-30 07:20:44 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Hitman Pro
2013-06-27 09:13:51 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\MCShield\Uninstall
2013-06-27 09:13:51 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\MCShield
2013-06-27 09:13:50 -------- d-----w- C:\Documents and Settings\All Users\Application Data\MCShield
2013-06-26 20:10:52 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Pokki
2013-06-26 20:09:38 -------- d-----w- C:\Documents and Settings\MICA\Application Data\CyberLink
2013-06-26 20:01:12 -------- d-----w- C:\Documents and Settings\MICA\Start Menu\Programs\Winamp Detector Plug-in
2013-06-26 20:00:00 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Winamp
2013-06-26 19:50:56 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\ACD Systems
2013-06-26 19:50:56 -------- d-----w- C:\Documents and Settings\MICA\Application Data\ACD Systems
2013-06-26 19:50:41 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\ACD Systems
2013-06-26 19:50:37 -------- d-----w- C:\Documents and Settings\All Users\Application Data\ACD Systems
2013-06-26 19:46:59 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Downloaded Installations
2013-06-26 19:42:24 -------- d-----w- C:\Documents and Settings\MICA\Start Menu\Programs\Unlocker
2013-06-26 19:28:09 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Picasa 3
2013-06-26 19:17:36 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Mozilla
2013-06-26 19:17:35 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Mozilla
2013-06-26 19:17:32 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Mozilla
2013-06-26 18:59:20 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Maxthon3
2013-06-26 18:56:06 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Sun
2013-06-26 18:40:59 -------- d-----w- C:\Documents and Settings\MICA\Application Data\SUPERAntiSpyware.com
2013-06-26 18:40:24 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
2013-06-26 18:40:20 -------- d-----w- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2013-06-26 18:40:17 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Adobe
2013-06-26 18:38:36 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Yahoo
2013-06-26 18:38:36 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Widgets
2013-06-26 18:37:48 -------- d-----w- C:\Documents and Settings\MICA\Start Menu\Programs\SpeedFan
2013-06-26 18:35:17 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\A4 TECH PC Camera H
2013-06-26 18:34:40 -------- d-----w- C:\Documents and Settings\MICA\Application Data\InstallShield
2013-06-26 18:32:09 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Skype
2013-06-26 18:32:01 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2013-06-26 18:31:56 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Skype
2013-06-26 18:28:08 -------- d-----w- C:\Documents and Settings\MICA\Start Menu\Programs\WinRAR
2013-06-26 18:28:08 -------- d-----w- C:\Documents and Settings\MICA\Application Data\WinRAR
2013-06-26 18:28:08 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
2013-06-26 18:25:00 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Adobe
2013-06-26 18:21:25 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Adobe
2013-06-26 18:19:29 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Sun
2013-06-26 18:17:48 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Sun
2013-06-26 18:12:54 -------- d-----w- C:\Documents and Settings\MICA\Start Menu\Programs\Google Chrome
2013-06-26 18:11:26 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Google
2013-06-26 18:07:43 -------- d-----w- C:\Documents and Settings\MICA\Application Data\CallingID
2013-06-26 18:03:53 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Avira
2013-06-26 17:57:47 88CF0FF92A4A9FA7BD9B7513B2E9E22B 62 --sha-w- C:\Documents and Settings\Default User\Application Data\desktop.ini
2013-06-26 17:57:47 88CF0FF92A4A9FA7BD9B7513B2E9E22B 62 --sha-w- C:\Documents and Settings\All Users\Application Data\desktop.ini
2013-06-26 17:57:47 -------- d-----r- C:\Documents and Settings\Default User\Start Menu\Programs\Startup
2013-06-26 17:57:47 -------- d-----r- C:\Documents and Settings\Default User\Start Menu\Programs
2013-06-26 17:57:47 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
2013-06-26 17:57:47 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs
2013-06-26 17:57:32 -------- d-s---w- C:\Documents and Settings\Default User\Application Data\Microsoft
2013-06-26 17:57:32 -------- d-s---w- C:\Documents and Settings\All Users\Application Data\Microsoft
2013-06-26 16:38:30 CC6390AD9641C7A96587AF54C85C8F17 13560 ----a-w- C:\Documents and Settings\MICA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-06-26 16:38:15 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\ATI
2013-06-26 16:38:15 -------- d-----w- C:\Documents and Settings\MICA\Application Data\ATI
2013-06-26 16:36:15 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Control Center
2013-06-26 16:18:26 -------- d-----w- C:\Documents and Settings\MICA\Application Data\Identities
2013-06-26 16:18:19 -------- d-s---w- C:\Documents and Settings\MICA\Application Data\Microsoft
2013-06-26 16:18:19 -------- d-----w- C:\Documents and Settings\MICA\Local Settings\Application Data\Microsoft
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\Start Menu\Programs\Startup
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\Start Menu\Programs\Accessories\Entertainment
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\Start Menu\Programs\Accessories\Accessibility
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\Start Menu\Programs\Accessories
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\Start Menu\Programs
2013-06-26 16:17:19 -------- d-s---w- C:\Documents and Settings\LocalService\Application Data\Microsoft
2013-06-26 16:17:19 -------- d-----w- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
2013-06-26 16:16:57 -------- d-----w- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
2013-06-26 16:16:56 -------- d-s---w- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2013-06-26 16:14:07 -------- d-----r- C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility
2013-06-26 16:14:02 -------- d-----r- C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Entertainment
2013-06-26 16:13:58 -------- d-----w- C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft
2013-06-26 16:12:57 -------- d-----r- C:\Documents and Settings\Default User\Start Menu\Programs\Accessories
2013-06-26 16:11:10 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Games
2013-06-26 16:11:10 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Entertainment
2013-06-26 16:11:10 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Accessibility
2013-06-26 16:11:09 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools
2013-06-26 16:10:54 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
2013-06-26 16:09:21 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Communications
2013-06-26 16:09:21 -------- d-----r- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
====== C:\Documents and Settings\MICA ======
2013-07-06 15:48:07 -------- d-----w- C:\Documents and Settings\All Users\Favorites
2013-07-06 08:07:56 -------- d--h--r- C:\Documents and Settings\MICA\Recent
2013-07-05 12:27:36 -------- d-----w- C:\Documents and Settings\MICA\AppData
2013-07-02 11:38:19 -------- d-----w- C:\Documents and Settings\MICA\LocalLow
2013-06-26 18:05:31 -------- d-----r- C:\Documents and Settings\LocalService\Favorites
2013-06-26 17:57:47 -------- d-s---w- C:\Documents and Settings\Default User\Cookies
2013-06-26 17:57:47 -------- d--h--w- C:\Documents and Settings\Default User\Templates
2013-06-26 17:57:47 -------- d--h--w- C:\Documents and Settings\Default User\Recent
2013-06-26 17:57:47 -------- d--h--w- C:\Documents and Settings\Default User\PrintHood
2013-06-26 17:57:47 -------- d--h--w- C:\Documents and Settings\Default User\NetHood
2013-06-26 17:57:47 -------- d--h--w- C:\Documents and Settings\All Users\Templates
2013-06-26 17:57:47 -------- d--h--r- C:\Documents and Settings\Default User\SendTo
2013-06-26 17:57:47 -------- d--h--r- C:\Documents and Settings\Default User\Local Settings
2013-06-26 17:57:47 -------- d-----w- C:\Documents and Settings\Default User\My Documents
2013-06-26 17:57:47 -------- d-----w- C:\Documents and Settings\Default User\Favorites
2013-06-26 17:57:47 -------- d-----w- C:\Documents and Settings\Default User\Desktop
2013-06-26 17:57:47 -------- d-----w- C:\Documents and Settings\All Users\Desktop
2013-06-26 17:57:47 -------- d-----r- C:\Documents and Settings\Default User\Start Menu
2013-06-26 17:57:47 -------- d-----r- C:\Documents and Settings\All Users\Start Menu
2013-06-26 17:57:47 -------- d-----r- C:\Documents and Settings\All Users\Documents
2013-06-26 17:57:33 -------- d-s---w- C:\Documents and Settings\MICA\UserData
2013-06-26 17:57:32 -------- d--h--r- C:\Documents and Settings\Default User\Application Data
2013-06-26 17:57:32 -------- d--h--r- C:\Documents and Settings\All Users\Application Data
2013-06-26 16:18:20 CBDA6984D2ECC537AEF07205AE001013 178 --sh--w- C:\Documents and Settings\MICA\ntuser.ini
2013-06-26 16:18:19 -------- d-s---w- C:\Documents and Settings\MICA\Cookies
2013-06-26 16:18:19 -------- d--h--w- C:\Documents and Settings\MICA\Templates
2013-06-26 16:18:19 -------- d--h--w- C:\Documents and Settings\MICA\PrintHood
2013-06-26 16:18:19 -------- d--h--w- C:\Documents and Settings\MICA\NetHood
2013-06-26 16:18:19 -------- d--h--w- C:\Documents and Settings\MICA\Local Settings
2013-06-26 16:18:19 -------- d--h--r- C:\Documents and Settings\MICA\SendTo
2013-06-26 16:18:19 -------- d--h--r- C:\Documents and Settings\MICA\Application Data
2013-06-26 16:18:19 -------- d-----w- C:\Documents and Settings\MICA\Desktop
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\Start Menu
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\My Documents
2013-06-26 16:18:19 -------- d-----r- C:\Documents and Settings\MICA\Favorites
2013-06-26 16:17:19 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Documents and Settings\LocalService\ntuser.ini
2013-06-26 16:17:19 -------- d-s---w- C:\Documents and Settings\LocalService\Cookies
2013-06-26 16:17:19 -------- d--h--w- C:\Documents and Settings\LocalService\Local Settings
2013-06-26 16:17:19 -------- d-----w- C:\Documents and Settings\LocalService\Application Data
2013-06-26 16:16:57 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Documents and Settings\NetworkService\ntuser.ini
2013-06-26 16:16:56 -------- d-s---w- C:\Documents and Settings\NetworkService\Cookies
2013-06-26 16:16:56 -------- d--h--w- C:\Documents and Settings\NetworkService\Local Settings
2013-06-26 16:16:56 -------- d-----w- C:\Documents and Settings\NetworkService\Application Data
2013-06-26 16:13:17 -------- d-sh--w- C:\Documents and Settings\All Users\DRM

====== C: exe-files ==
2013-07-06 08:03:13 069F1BB782EF1A4D2A1A1A035B9D8FC6 2972992 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Sun12_SystemControl.exe
2013-07-06 08:01:46 BBA43ED23437F233FAAD0B56EB502F74 857408 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Sua13_EmptyFolderScanner.exe
2013-07-06 07:58:20 7175E0F1D9F142562F957E0822FC6EA3 978752 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Sus12_DriverManager.exe
2013-07-06 07:46:46 78185A1C861FA7AD6BE016D54D050119 491840 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
2013-07-06 07:46:44 9BEE8532FAAEEC2D9F4887A7F7459B02 4042560 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\ASC.exe
2013-07-06 07:46:27 D7DC2A7824F6910903EDE353761E22C0 4710160 ----a-w- C:\Documents and Settings\All Users\Application Data\IObit\ASCDownloader\Smart Defrag.exe
2013-07-05 12:59:13 B557EE752636B3B47323B0F495E79062 389440 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Suc13_FileShredder.exe
2013-07-05 12:58:46 E4C3EC8D01B108581FBEB0F5D971CA4D 505152 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Sur10_Undelete.exe
2013-07-05 12:54:55 DF551690EEB462238A09BE3AB6D43ECE 547672 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\TaskSchedule.exe
2013-07-05 12:54:55 AA2736A07219D66D1FBD670F14859E0C 2133824 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\UninstallPromote.exe
2013-07-05 12:54:55 3CE56A6001B630F8BD44E4E72C615261 1094464 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\IMF_ActionCenterDownloader.exe
2013-07-05 12:54:54 C0227B33BAB59AE7BDF36FF7D4EFDD9A 50640 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe
2013-07-05 12:54:53 8CAEC53A5597AAA5383A416F85ACC71E 63296 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\SendBugReport.exe
2013-07-05 12:54:53 3802C657EC39998BCFA54BC9820837FD 1515328 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
2013-07-05 12:54:53 24EA4E2F76E216CE70353736E3556585 335168 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
2013-07-05 12:54:52 D9A3A088C517B8C94EE12184A389F4D5 128832 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\BlueBirdInit.exe
2013-07-05 12:54:52 341D01D2CB848E096A4F4C6D09CF1957 1178432 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\unins000.exe
2013-07-05 12:53:41 31FA2B82DD28BF077ABA18083C2B8050 20185568 ----a-w- C:\Documents and Settings\All Users\Application Data\IObit\ASCDownloader\IObit Malware Fighter.exe
2013-07-05 12:40:57 3C30C649895A8F02F46DBC72805AAC70 23360 ----a-w- C:\WINDOWS\system32\RegistryDefragBootTime.exe
2013-07-05 12:40:46 E6182F782C0DB9DA7CCCED9467D8F078 422208 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Suo13_RegistryDefrag.exe
2013-07-05 12:37:55 E68727BE58B10E8DDF64BA1B720E3C09 948544 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Sur13_WinFix.exe
2013-07-05 12:36:51 6805C6BC04E7F6F10C79653F47EE8F81 766272 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Sur12_DiskDoctor.exe
2013-07-05 12:35:49 781473B1320FE797BCB0312D69773734 585536 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\Suc12_DiskCleaner.exe
2013-07-05 12:35:30 AE9F6DD240764F6AF28380704C09116D 18110448 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\imf-setup.exe
2013-07-05 12:28:19 D4A740E814C8DA2D60821259D3AB4F9F 321344 ----a-w- C:\Program Files\IObit\Advanced SystemCare 6\newyear.exe
2013-07-04 11:45:05 08170EA8211B667ED378AABBA247D094 2627072 ----a-w- C:\Program Files\K-Lite Codec Pack\Tools\GraphStudioNext.exe
2013-07-04 11:45:04 AD937F57725167E2D5D7BE534FEED706 1048576 ----a-w- C:\Program Files\K-Lite Codec Pack\Tools\mediainfo.exe
2013-07-04 11:45:02 32C67CE61370B21A539786A3A2E674CA 2636448 ----a-w- C:\Program Files\K-Lite Codec Pack\Filters\madVR\madHcCtrl.exe
2013-07-04 11:44:52 150A123EE610E812B7555CB7F056FE4C 5893120 ----a-w- C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
2013-07-04 11:44:51 8EB5CB60390C1FEAD4EE674D466BBDAD 1324115 ----a-w- C:\Program Files\K-Lite Codec Pack\unins000.exe
2013-07-04 11:44:51 29CD1D8A7ABBC8EEB424758E357450C0 1163776 ----a-w- C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe
2013-07-03 19:21:36 C3190BA6ED6220369EEEED081A14DDFC 59784 ----atw- C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleUpdateOnDemand.exe
2013-07-03 19:21:36 1017788353D8349BF6086B9CDDC8CB7B 59784 ----atw- C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleUpdateBroker.exe
2013-07-03 19:21:35 CA35155F6B4C4DB2513AAAA868BAFF47 324488 ----atw- C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleCrashHandler64.exe
2013-07-03 19:21:35 09C87F376507122A5FE1CBE06E015512 239496 ----atw- C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleCrashHandler.exe
2013-07-03 19:21:34 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleUpdate.exe
2013-07-03 19:21:26 5F42FBCE3A8D9ED552E9852A23CA382F 800024 ----a-w- C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.149\GoogleUpdateSetup.exe
2013-07-03 09:26:13 02257E7FB8220C0D1B061AEEF486C252 46764 ----a-w- C:\Program Files\CoreAAC\Uninstall.exe
2013-07-03 06:56:55 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\WINDOWS\system32\bootdelete.exe
2013-07-02 11:39:10 30D739B11AD749BE476E4841C1D954F2 394576 ----a-w- C:\Program Files\Vtools\Windows Cleaner\UninstallPromote.exe
2013-07-02 10:50:10 307EED07597789770F1EE9DD941E1BDF 1126480 ----a-w- C:\Documents and Settings\MICA\Application Data\uTorrent\updates\3.3.1_29812.exe
2013-07-02 10:49:55 307EED07597789770F1EE9DD941E1BDF 1126480 ----a-w- C:\Documents and Settings\MICA\Application Data\uTorrent\uTorrent.exe
2013-07-02 06:14:57 CFE4114B963AB0AB22F6EBEF89564194 229648 ----a-w- C:\WINDOWS\system32\aswBoot.exe
2013-06-30 07:21:06 39332AD13D6EAF9CF1A144495396AB4D 6355002 ----a-w- C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe
=== C: other files ==
2013-07-05 12:54:57 FB3C60FDF9CAF7183080E91BC8D923CF 35848 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_ia64\UrlFilter.sys
2013-07-05 12:54:57 CAAEF0A4B5AE343918AE6287D5A4843D 17360 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys
2013-07-05 12:54:57 BA5148E2DA9AB2B786EE239510BE819A 31520 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys
2013-07-05 12:54:57 9B9E80E64DC0212CA8B38ED0763B1CCE 64080 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_ia64\RegFilter.sys
2013-07-05 12:54:57 9840396B26E424046AD335C98B3F16C3 247968 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
2013-07-05 12:54:57 443440BCF3074CC76B38BD648DB56CB3 18384 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_x86\UrlFilter.sys
2013-07-05 12:54:56 F5DBCF84176C62B4BEDF22DB56444CBD 21480 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
2013-07-05 12:54:56 EDFC44468C59A19FB810AFC85320536B 36896 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\FileMonitor.sys
2013-07-05 12:54:56 D409D4A4517865131999FAC96D366CBF 23048 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
2013-07-05 12:54:56 C87830B9FAADAFAA621E31478B4BA256 41504 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\UrlFilter.sys
2013-07-05 12:54:56 C2C5672B001A471FCE195CC15910AED9 23016 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys
2013-07-05 12:54:56 C1D42E31D249BD553EF494D5D9DFD28C 35848 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\UrlFilter.sys
2013-07-05 12:54:56 BB26BDE6308A46A8497AA7C4AB569B77 34336 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys
2013-07-05 12:54:56 B56C68DB46DF55A657C5C4A4DF16E082 31752 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys
2013-07-05 12:54:56 B1AD8087079D7C0AF40EB5A38BD2201F 65616 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_ia64\RegFilter.sys
2013-07-05 12:54:56 AC9471B4829936360459C246162DD3FA 31752 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_x86\RegFilter.sys
2013-07-05 12:54:56 AA1639ED5610A85C95CEAB38978CED5A 23048 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\FileMonitor.sys
2013-07-05 12:54:56 9584DF93F59EAA5975F4F5663653E26B 34336 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\RegFilter.sys
2013-07-05 12:54:56 8C340DFCB074E0CEEE070DD12CFB36C9 65616 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\RegFilter.sys
2013-07-05 12:54:56 7EBAB88FEE6E97397C183ED3B71F0797 21480 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys
2013-07-05 12:54:56 795BE722AACDDAE782F495C7FDAE6BA0 20944 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys
2013-07-05 12:54:56 6BB17E7A108A5D5B21ECD95C6297B4AE 21480 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_x86\FileMonitor.sys
2013-07-05 12:54:56 6A084811121D652B11A98617B68E1434 23016 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\UrlFilter.sys
2013-07-05 12:54:56 4A03296A4F482D877FEF95FB7488216D 36384 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\FileMonitor.sys
2013-07-05 12:54:56 488F6A96E03A5A61B7F1FA6A6AB75457 31752 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys
2013-07-05 12:54:56 432F066B591A4DB93C848A503F959CA6 41504 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_ia64\UrlFilter.sys
2013-07-05 12:54:56 3C7682F5BC9E65A0AB6CA980009D5631 39992 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_ia64\FileMonitor.sys
2013-07-05 12:54:56 2D7B25CF753589EC6FD26CA8D082E2CA 64080 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\RegFilter.sys
2013-07-05 12:54:56 2AC63E2EBD94A7788B6D91A15DDC2D41 23048 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\FileMonitor.sys
2013-07-05 12:54:56 1DDB7F0EC75BBCC358DA4508D9A42295 34336 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\RegFilter.sys
2013-07-05 12:54:56 1A05A2CBE90B0080B27543B77E94330C 20432 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\UrlFilter.sys
2013-07-05 12:54:56 085C7D657B6594D73A473EE55079810B 20944 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys
2013-07-04 11:45:04 A147DA4D88A5B0AA9D5F145FF0422AB0 13922 ----a-w- C:\Program Files\K-Lite Codec Pack\Tools\Xvid_Quant_Matrices.zip
2013-07-02 11:38:25 B305986F21F246EC0194A4471B0BECFE 19143 ----a-w- C:\Program Files\Instair\Instair_SpeedDial_1.1.0.xpi
2013-07-02 11:38:24 5CBA37429E04F733DF3AD29132FB0B0F 135407 ----a-w- C:\Program Files\Instair\SpeedDial_1.1.0\kikeacjcceacohckgiajooneiabebfjj.zip
2013-07-02 06:15:00 937300BC7C4CDF7576BCCE44E19BBB9D 369584 ----a-w- C:\WINDOWS\system32\drivers\aswSP.sys
2013-07-02 06:15:00 4AF5F360BA1E8794D32B366E45A64A0A 29816 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2013-07-02 06:14:59 7B43265F92257A21CBFD88E7A651044C 49760 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys
2013-07-02 06:14:58 CCD565A8A72AF7D45F9A242013870926 770344 ----a-w- C:\WINDOWS\system32\drivers\aswSnx.sys
2013-07-02 06:14:58 B680134BA1813B78B47FDD1DFF223CA5 49376 ----a-w- C:\WINDOWS\system32\drivers\aswRvrt.sys
2013-07-02 06:14:58 8CFAA2B965773A653F48F1207A9CB9C4 175176 ----a-w- C:\WINDOWS\system32\drivers\aswVmm.sys
2013-07-02 06:14:58 1F71F170D90E42EFDE9633D81D5E12DC 56080 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys
2013-07-02 06:14:57 1F7094D4268D46F718C51286DC189791 66336 ----a-w- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2013-06-30 08:44:04 7FB43797F5579B3C572248AD65D80BCE 239491 ----a-w- C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\trtv3@trtv.com.xpi
2013-06-30 07:21:07 72472B9CE5D02E443CFF49A40355455D 23624 ----a-w- C:\WINDOWS\system32\drivers\hitmanpro35.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-1645522239-1454471165-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
"MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE"
"Alcmtr"="ALCMTR.EXE"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"VMSnap3"="C:\WINDOWS\VMSnap3.EXE"
"Domino"="C:\WINDOWS\Domino.EXE"
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
"IObit Malware Fighter"="C:\Program Files\IObit\IObit Malware Fighter\IMF.exe /autostart"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
"MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 6]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Advanced SystemCare 6"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\IObit\\Advanced SystemCare 6\\ASCTray.exe\" /AutoStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BigDog303]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BigDog303"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Documents and Settings\\MICA\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_1F3DE4F751417FC1AA6C815FB8696022]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleChromeAutoLaunch_1F3DE4F751417FC1AA6C815FB8696022"
"hkey"="HKCU"
"command"="\"C:\\Documents and Settings\\MICA\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HitmanPro35]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HitmanPro35"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Hitman Pro 3.5\\HitmanPro35.exe\" /scan:boot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StartCCC"
"hkey"="HKLM"
"command"="C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SUPERAntiSpyware"
"hkey"="HKCU"
"command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UnlockerAssistant]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UnlockerAssistant"
"hkey"="HKLM"
"command"="C:\\Program Files\\Unlocker\\UnlockerAssistant.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
"item"="McAfee Security Scan Plus"
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk"
"backup"="C:\\WINDOWS\\pss\\McAfee Security Scan Plus.lnkCommon Startup"
"command"="C:\\PROGRA~1\\MCAFEE~1\\30D80A~1.285\\SSSCHE~1.EXE"


==== Startup Folders ======================


==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:@C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe []
C:\WINDOWS\tasks\avast\Undetermined Task.exe []
C:\WINDOWS\tasks\Express FilesUpdate.job --a------ C:\Program Files\ExpressFiles\EFUpdater.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1454471165-725345543-1003Core.job --a------ [Undetermined Task]
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1454471165-725345543-1003UA.job --a------ [Undetermined Task]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default
- Undetermined - C:\Program Files\IObit Apps Toolbar\FF
- Torntv 3 - %ProfilePath%\extensions\trtv3@trtv.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default
02C317A415A91112EDEF07AAC78AF6D5 - C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\1.3.21.149\npGoogleUpdate3.dll - Google Update
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash
ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U25
D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
3A523765D795DB006C010B915C3A840A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
42A9B216A7A288512CE2F9A6BCCE96BC - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
6B171450E38C8569DA7258FEE21E7D17 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
68A131335A20B343923A2957EB1E413D - C:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System


==== EOF on sub 06.07.2013 at 21:54:38,15 ======================

Poslao: 06 Jul 2013 22:04
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

U redu ovo izgleda dobro.

Arrow Ponovo pokreni Zoek.exe preko ove skripte:


trtv3@trtv.com.xpi;ff
emptytemp;


Postavi mi svez kreiran zoek log.




Arrow Potom dodatna provera:



Preuzmi TDSSKiller sa sljedeće adrese na Desktop:

TDSSKiller


Kad preuzimanje bude završeno:

Preimenuj TDSSKiller.exe u MyCity.exe

Pokreni MyCity.exe i klikni na Change parametres.

U dijelu Additional options štrikliraj opcije Verify driver signatures i Detect TDLFS file system, a zatim klikni na OK.

Klikni na Start scan.

Kad završi prikazaće ti rezultate skeniranja.

Za sve ponađene objekte odaberi akciju Skip.

Klikni na Continue.

Prikači uz poruku izvještaj koji se nalazi na sljedećoj lokaciji:
C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt
(DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vrijeme kada je log napravljen)

Poslao: 07 Jul 2013 08:38
Idi na vrh
offline
  • Dalibor
  • Pridružio: 03 Feb 2011
  • Poruke: 447
  • Gde živiš: Nemačka

Zoek.exe Version 4.0.0.3 Updated 05-July-2013
Tool run by MICA on ned 07.07.2013 at 8:28:09,35.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected

==== System Restore Info ======================

7/7/2013 8:28:21 AM Zoek.exe System Restore Point Created Succesfully.

==== FireFox Fix ======================

ProfilePath: C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default

user.js not found
---- Lines [Link mogu videti samo ulogovani korisnici] removed from prefs.js ----


---- Lines [Link mogu videti samo ulogovani korisnici] modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":1372745688312,\"rdfTime\":1368089726000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1372274251453,\"rdfTime\":1371557658000}}},{\"name\":\"app-profile\",\"addons\":{\"trtv3@trtv.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\MICA\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gv3y8h66.default\\\\extensions\\\\trtv3@trtv.com.xpi\",\"mtime\":1372581844000}}}]");

---- FireFox user.js and prefs.js backups ----

prefs_06.07.2013_2139_.backup
prefs_07.07.2013_0828_.backup

==== Deleting Files \ Folders ======================

"C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default\extensions\trtv3@trtv.com.xpi" deleted

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\MICA\Application Data\Mozilla\Firefox\Profiles\gv3y8h66.default
02C317A415A91112EDEF07AAC78AF6D5 - C:\Documents and Settings\MICA\Local Settings\Application Data\Google\Update\1.3.21.149\npGoogleUpdate3.dll - Google Update
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash
ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U25
D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
3A523765D795DB006C010B915C3A840A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
42A9B216A7A288512CE2F9A6BCCE96BC - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
6B171450E38C8569DA7258FEE21E7D17 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
68A131335A20B343923A2957EB1E413D - C:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System


==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\MICA\LOCALS~1\Temp successfully emptied

==== EOF on ned 07.07.2013 at 8:29:09,14 ======================





08:32:58.0484 1320 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
08:32:58.0812 1320 ============================================================
08:32:58.0812 1320 Current date / time: 2013/07/07 08:32:58.0812
08:32:58.0812 1320 SystemInfo:
08:32:58.0812 1320
08:32:58.0812 1320 OS Version: 5.1.2600 ServicePack: 3.0
08:32:58.0812 1320 Product type: Workstation
08:32:58.0812 1320 ComputerName: MICA-DA6B9CA22E
08:32:58.0812 1320 UserName: MICA
08:32:58.0812 1320 Windows directory: C:\WINDOWS
08:32:58.0812 1320 System windows directory: C:\WINDOWS
08:32:58.0812 1320 Processor architecture: Intel x86
08:32:58.0812 1320 Number of processors: 2
08:32:58.0812 1320 Page size: 0x1000
08:32:58.0812 1320 Boot type: Normal boot
08:32:58.0812 1320 ============================================================
08:32:59.0828 1320 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x11EE4, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000054
08:32:59.0828 1320 ============================================================
08:32:59.0828 1320 \Device\Harddisk0\DR0:
08:32:59.0828 1320 MBR partitions:
08:32:59.0828 1320 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13, BlocksNum 0x14007ED
08:32:59.0843 1320 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A97E93, BlocksNum 0xEF7BCCD
08:32:59.0843 1320 ============================================================
08:32:59.0859 1320 D: <-> \Device\Harddisk0\DR0\Partition2
08:32:59.0890 1320 C: <-> \Device\Harddisk0\DR0\Partition1
08:32:59.0890 1320 ============================================================
08:32:59.0890 1320 Initialize success
08:32:59.0890 1320 ============================================================
08:34:50.0265 3388 ============================================================
08:34:50.0265 3388 Scan started
08:34:50.0265 3388 Mode: Manual; SigCheck; TDLFS;
08:34:50.0265 3388 ============================================================
08:34:50.0484 3388 ================ Scan system memory ========================
08:34:50.0484 3388 System memory - ok
08:34:50.0484 3388 ================ Scan services =============================
08:34:50.0546 3388 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
08:34:51.0203 3388 !SASCORE ( UnsignedFile.Multi.Generic ) - warning
08:34:51.0203 3388 !SASCORE - detected UnsignedFile.Multi.Generic (1)
08:34:51.0281 3388 Abiosdsk - ok
08:34:51.0281 3388 abp480n5 - ok
08:34:51.0312 3388 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:34:51.0484 3388 ACPI - ok
08:34:51.0515 3388 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
08:34:51.0625 3388 ACPIEC - ok
08:34:51.0687 3388 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:34:51.0703 3388 AdobeFlashPlayerUpdateSvc - ok
08:34:51.0703 3388 adpu160m - ok
08:34:51.0718 3388 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
08:34:51.0843 3388 aec - ok
08:34:51.0875 3388 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD C:\WINDOWS\System32\drivers\afd.sys
08:34:51.0968 3388 AFD - ok
08:34:51.0984 3388 Aha154x - ok
08:34:51.0984 3388 aic78u2 - ok
08:34:52.0000 3388 aic78xx - ok
08:34:52.0015 3388 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
08:34:52.0125 3388 Alerter - ok
08:34:52.0156 3388 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
08:34:52.0281 3388 ALG - ok
08:34:52.0281 3388 AliIde - ok
08:34:52.0296 3388 amsint - ok
08:34:52.0328 3388 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
08:34:52.0437 3388 AppMgmt - ok
08:34:52.0453 3388 asc - ok
08:34:52.0453 3388 asc3350p - ok
08:34:52.0453 3388 asc3550 - ok
08:34:52.0515 3388 [ D33C507942299753868204CC7642FA27 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
08:34:52.0531 3388 aspnet_state - ok
08:34:52.0546 3388 [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
08:34:52.0656 3388 aswFsBlk - ok
08:34:52.0671 3388 [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
08:34:52.0671 3388 aswMonFlt - ok
08:34:52.0687 3388 [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
08:34:52.0703 3388 AswRdr - ok
08:34:52.0703 3388 [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
08:34:52.0718 3388 aswRvrt - ok
08:34:52.0750 3388 [ CCD565A8A72AF7D45F9A242013870926 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
08:34:52.0781 3388 aswSnx - ok
08:34:52.0796 3388 [ 937300BC7C4CDF7576BCCE44E19BBB9D ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
08:34:52.0812 3388 aswSP - ok
08:34:52.0843 3388 [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
08:34:52.0843 3388 aswTdi - ok
08:34:52.0859 3388 [ 8CFAA2B965773A653F48F1207A9CB9C4 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
08:34:52.0875 3388 aswVmm - ok
08:34:52.0890 3388 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:34:53.0000 3388 AsyncMac - ok
08:34:53.0015 3388 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
08:34:53.0125 3388 atapi - ok
08:34:53.0140 3388 Atdisk - ok
08:34:53.0171 3388 [ AEB33A68E2476A4FB48EA99BE4526206 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
08:34:53.0203 3388 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
08:34:53.0203 3388 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
08:34:53.0234 3388 [ C148BD421F063443FE628F08099A1E48 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
08:34:53.0250 3388 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
08:34:53.0250 3388 ATI Smart - detected UnsignedFile.Multi.Generic (1)
08:34:53.0328 3388 [ 7BABF1346886B8F08C1FD5424359583A ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
08:34:53.0406 3388 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
08:34:53.0406 3388 ati2mtag - detected UnsignedFile.Multi.Generic (1)
08:34:53.0421 3388 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:34:53.0531 3388 Atmarpc - ok
08:34:53.0546 3388 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
08:34:53.0671 3388 AudioSrv - ok
08:34:53.0687 3388 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
08:34:53.0812 3388 audstub - ok
08:34:53.0859 3388 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
08:34:53.0859 3388 avast! Antivirus - ok
08:34:53.0890 3388 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
08:34:54.0015 3388 Beep - ok
08:34:54.0046 3388 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
08:34:54.0203 3388 BITS - ok
08:34:54.0203 3388 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
08:34:54.0312 3388 Browser - ok
08:34:54.0328 3388 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
08:34:54.0437 3388 cbidf2k - ok
08:34:54.0484 3388 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
08:34:54.0578 3388 CCDECODE - ok
08:34:54.0593 3388 cd20xrnt - ok
08:34:54.0609 3388 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
08:34:54.0718 3388 Cdaudio - ok
08:34:54.0734 3388 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
08:34:54.0843 3388 Cdfs - ok
08:34:54.0843 3388 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:34:54.0953 3388 Cdrom - ok
08:34:54.0953 3388 Changer - ok
08:34:54.0968 3388 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
08:34:55.0078 3388 CiSvc - ok
08:34:55.0093 3388 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
08:34:55.0203 3388 ClipSrv - ok
08:34:55.0203 3388 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:34:55.0250 3388 clr_optimization_v2.0.50727_32 - ok
08:34:55.0250 3388 CmdIde - ok
08:34:55.0265 3388 COMSysApp - ok
08:34:55.0281 3388 Cpqarray - ok
08:34:55.0296 3388 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
08:34:55.0390 3388 CryptSvc - ok
08:34:55.0406 3388 dac2w2k - ok
08:34:55.0406 3388 dac960nt - ok
08:34:55.0453 3388 [ 2589FE6015A316C0F5D5112B4DA7B509 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
08:34:55.0578 3388 DcomLaunch - ok
08:34:55.0609 3388 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
08:34:55.0718 3388 Dhcp - ok
08:34:55.0734 3388 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
08:34:55.0843 3388 Disk - ok
08:34:55.0843 3388 dmadmin - ok
08:34:55.0875 3388 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
08:34:56.0015 3388 dmboot - ok
08:34:56.0031 3388 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
08:34:56.0140 3388 dmio - ok
08:34:56.0140 3388 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
08:34:56.0265 3388 dmload - ok
08:34:56.0281 3388 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
08:34:56.0390 3388 dmserver - ok
08:34:56.0406 3388 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
08:34:56.0531 3388 DMusic - ok
08:34:56.0546 3388 [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
08:34:56.0656 3388 Dnscache - ok
08:34:56.0687 3388 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
08:34:56.0796 3388 Dot3svc - ok
08:34:56.0796 3388 dpti2o - ok
08:34:56.0812 3388 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
08:34:56.0906 3388 drmkaud - ok
08:34:56.0921 3388 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
08:34:57.0031 3388 EapHost - ok
08:34:57.0046 3388 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
08:34:57.0156 3388 ERSvc - ok
08:34:57.0171 3388 [ 0E776ED5F7CC9F94299E70461B7B8185 ] Eventlog C:\WINDOWS\system32\services.exe
08:34:57.0281 3388 Eventlog - ok
08:34:57.0312 3388 [ 19A799805B24990867B00C120D300C3A ] EventSystem C:\WINDOWS\system32\es.dll
08:34:57.0421 3388 EventSystem - ok
08:34:57.0453 3388 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
08:34:57.0562 3388 Fastfat - ok
08:34:57.0578 3388 [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
08:34:57.0703 3388 FastUserSwitchingCompatibility - ok
08:34:57.0718 3388 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
08:34:57.0812 3388 Fdc - ok
08:34:57.0890 3388 [ 9840396B26E424046AD335C98B3F16C3 ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
08:34:57.0906 3388 FileMonitor - ok
08:34:57.0921 3388 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
08:34:58.0031 3388 Fips - ok
08:34:58.0046 3388 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
08:34:58.0140 3388 Flpydisk - ok
08:34:58.0171 3388 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
08:34:58.0281 3388 FltMgr - ok
08:34:58.0281 3388 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:34:58.0406 3388 Fs_Rec - ok
08:34:58.0421 3388 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:34:58.0531 3388 Ftdisk - ok
08:34:58.0546 3388 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\WINDOWS\system32\giveio.sys
08:34:58.0578 3388 giveio ( UnsignedFile.Multi.Generic ) - warning
08:34:58.0578 3388 giveio - detected UnsignedFile.Multi.Generic (1)
08:34:58.0578 3388 GMSIPCI - ok
08:34:58.0593 3388 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:34:58.0703 3388 Gpc - ok
08:34:58.0734 3388 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
08:34:58.0750 3388 gusvc - ok
08:34:58.0765 3388 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:34:58.0890 3388 HDAudBus - ok
08:34:58.0921 3388 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:34:59.0031 3388 helpsvc - ok
08:34:59.0046 3388 HidServ - ok
08:34:59.0078 3388 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
08:34:59.0187 3388 hkmsvc - ok
08:34:59.0187 3388 hpn - ok
08:34:59.0218 3388 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
08:34:59.0328 3388 HTTP - ok
08:34:59.0343 3388 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
08:34:59.0468 3388 HTTPFilter - ok
08:34:59.0468 3388 i2omgmt - ok
08:34:59.0468 3388 i2omp - ok
08:34:59.0500 3388 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:34:59.0609 3388 i8042prt - ok
08:34:59.0609 3388 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
08:34:59.0718 3388 Imapi - ok
08:34:59.0734 3388 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
08:34:59.0843 3388 ImapiService - ok
08:34:59.0859 3388 [ 24EA4E2F76E216CE70353736E3556585 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
08:34:59.0890 3388 IMFservice - ok
08:34:59.0890 3388 ini910u - ok
08:35:00.0015 3388 [ B1A809E7FE19BECD5ACA61F0E7088C8C ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
08:35:00.0171 3388 IntcAzAudAddService - ok
08:35:00.0171 3388 IntelIde - ok
08:35:00.0187 3388 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:35:00.0296 3388 intelppm - ok
08:35:00.0312 3388 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
08:35:00.0421 3388 Ip6Fw - ok
08:35:00.0437 3388 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:35:00.0546 3388 IpFilterDriver - ok
08:35:00.0578 3388 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:35:00.0671 3388 IpInIp - ok
08:35:00.0687 3388 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:35:00.0796 3388 IpNat - ok
08:35:00.0812 3388 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:35:00.0921 3388 IPSec - ok
08:35:00.0937 3388 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
08:35:01.0046 3388 IRENUM - ok
08:35:01.0062 3388 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:35:01.0171 3388 isapnp - ok
08:35:01.0234 3388 [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
08:35:01.0250 3388 JavaQuickStarterService - ok
08:35:01.0250 3388 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:35:01.0359 3388 Kbdclass - ok
08:35:01.0375 3388 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
08:35:01.0484 3388 kmixer - ok
08:35:01.0500 3388 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
08:35:01.0593 3388 KSecDD - ok
08:35:01.0640 3388 [ F385F4B02C535BFFE1D70CAB80838123 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
08:35:01.0765 3388 lanmanserver - ok
08:35:01.0781 3388 [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
08:35:01.0890 3388 lanmanworkstation - ok
08:35:01.0890 3388 lbrtfdc - ok
08:35:01.0921 3388 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
08:35:02.0031 3388 LmHosts - ok
08:35:02.0046 3388 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
08:35:02.0171 3388 Messenger - ok
08:35:02.0203 3388 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
08:35:02.0312 3388 mnmdd - ok
08:35:02.0343 3388 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
08:35:02.0453 3388 mnmsrvc - ok
08:35:02.0453 3388 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
08:35:02.0562 3388 Modem - ok
08:35:02.0578 3388 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:35:02.0687 3388 Mouclass - ok
08:35:02.0718 3388 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
08:35:02.0828 3388 MountMgr - ok
08:35:02.0859 3388 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
08:35:02.0875 3388 MozillaMaintenance - ok
08:35:02.0875 3388 mraid35x - ok
08:35:02.0890 3388 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:35:03.0000 3388 MRxDAV - ok
08:35:03.0031 3388 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:35:03.0156 3388 MRxSmb - ok
08:35:03.0187 3388 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
08:35:03.0281 3388 MSDTC - ok
08:35:03.0296 3388 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
08:35:03.0406 3388 Msfs - ok
08:35:03.0406 3388 MSIServer - ok
08:35:03.0421 3388 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:35:03.0531 3388 MSKSSRV - ok
08:35:03.0546 3388 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:35:03.0640 3388 MSPCLOCK - ok
08:35:03.0656 3388 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
08:35:03.0765 3388 MSPQM - ok
08:35:03.0781 3388 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:35:03.0890 3388 mssmbios - ok
08:35:03.0906 3388 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
08:35:04.0015 3388 MSTEE - ok
08:35:04.0031 3388 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
08:35:04.0140 3388 Mup - ok
08:35:04.0156 3388 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
08:35:04.0265 3388 NABTSFEC - ok
08:35:04.0296 3388 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
08:35:04.0421 3388 napagent - ok
08:35:04.0421 3388 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
08:35:04.0531 3388 NDIS - ok
08:35:04.0546 3388 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
08:35:04.0656 3388 NdisIP - ok
08:35:04.0671 3388 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:35:04.0781 3388 NdisTapi - ok
08:35:04.0781 3388 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:35:04.0890 3388 Ndisuio - ok
08:35:04.0906 3388 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:35:05.0015 3388 NdisWan - ok
08:35:05.0031 3388 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
08:35:05.0140 3388 NDProxy - ok
08:35:05.0156 3388 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
08:35:05.0265 3388 NetBIOS - ok
08:35:05.0296 3388 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
08:35:05.0406 3388 NetBT - ok
08:35:05.0421 3388 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
08:35:05.0515 3388 NetDDE - ok
08:35:05.0531 3388 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
08:35:05.0625 3388 NetDDEdsdm - ok
08:35:05.0656 3388 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
08:35:05.0765 3388 Netlogon - ok
08:35:05.0781 3388 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
08:35:05.0890 3388 Netman - ok
08:35:05.0921 3388 [ B4138E99236F0F57D4CF49BAE98A0746 ] Nla C:\WINDOWS\System32\mswsock.dll
08:35:06.0031 3388 Nla - ok
08:35:06.0062 3388 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
08:35:06.0171 3388 Npfs - ok
08:35:06.0171 3388 NTACCESS - ok
08:35:06.0203 3388 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
08:35:06.0312 3388 Ntfs - ok
08:35:06.0328 3388 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
08:35:06.0421 3388 NtLmSsp - ok
08:35:06.0453 3388 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
08:35:06.0562 3388 NtmsSvc - ok
08:35:06.0593 3388 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
08:35:06.0703 3388 Null - ok
08:35:06.0718 3388 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:35:06.0843 3388 NwlnkFlt - ok
08:35:06.0859 3388 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:35:06.0984 3388 NwlnkFwd - ok
08:35:07.0000 3388 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
08:35:07.0093 3388 Parport - ok
08:35:07.0109 3388 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
08:35:07.0218 3388 PartMgr - ok
08:35:07.0234 3388 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
08:35:07.0359 3388 ParVdm - ok
08:35:07.0359 3388 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
08:35:07.0453 3388 PCI - ok
08:35:07.0468 3388 PCIDump - ok
08:35:07.0468 3388 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
08:35:07.0578 3388 PCIIde - ok
08:35:07.0593 3388 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
08:35:07.0703 3388 Pcmcia - ok
08:35:07.0703 3388 PDCOMP - ok
08:35:07.0718 3388 PDFRAME - ok
08:35:07.0734 3388 PDRELI - ok
08:35:07.0734 3388 PDRFRAME - ok
08:35:07.0750 3388 perc2 - ok
08:35:07.0750 3388 perc2hib - ok
08:35:07.0781 3388 [ 0E776ED5F7CC9F94299E70461B7B8185 ] PlugPlay C:\WINDOWS\system32\services.exe
08:35:07.0890 3388 PlugPlay - ok
08:35:07.0906 3388 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
08:35:08.0000 3388 PolicyAgent - ok
08:35:08.0015 3388 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:35:08.0109 3388 PptpMiniport - ok
08:35:08.0109 3388 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
08:35:08.0203 3388 ProtectedStorage - ok
08:35:08.0218 3388 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
08:35:08.0328 3388 PSched - ok
08:35:08.0328 3388 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:35:08.0453 3388 Ptilink - ok
08:35:08.0453 3388 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:35:08.0468 3388 PxHelp20 - ok
08:35:08.0468 3388 ql1080 - ok
08:35:08.0484 3388 Ql10wnt - ok
08:35:08.0484 3388 ql12160 - ok
08:35:08.0500 3388 ql1240 - ok
08:35:08.0500 3388 ql1280 - ok
08:35:08.0515 3388 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:35:08.0640 3388 RasAcd - ok
08:35:08.0656 3388 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
08:35:08.0750 3388 RasAuto - ok
08:35:08.0781 3388 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:35:08.0875 3388 Rasl2tp - ok
08:35:08.0890 3388 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
08:35:09.0000 3388 RasMan - ok
08:35:09.0015 3388 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:35:09.0109 3388 RasPppoe - ok
08:35:09.0109 3388 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
08:35:09.0218 3388 Raspti - ok
08:35:09.0250 3388 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:35:09.0359 3388 Rdbss - ok
08:35:09.0375 3388 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:35:09.0500 3388 RDPCDD - ok
08:35:09.0500 3388 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:35:09.0609 3388 rdpdr - ok
08:35:09.0625 3388 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
08:35:09.0718 3388 RDPWD - ok
08:35:09.0750 3388 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
08:35:09.0859 3388 RDSessMgr - ok
08:35:09.0875 3388 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
08:35:09.0984 3388 redbook - ok
08:35:09.0984 3388 [ BA5148E2DA9AB2B786EE239510BE819A ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys
08:35:10.0000 3388 RegFilter - ok
08:35:10.0031 3388 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
08:35:10.0125 3388 RemoteAccess - ok
08:35:10.0156 3388 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
08:35:10.0265 3388 RemoteRegistry - ok
08:35:10.0281 3388 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
08:35:10.0390 3388 RpcLocator - ok
08:35:10.0406 3388 [ 2589FE6015A316C0F5D5112B4DA7B509 ] RpcSs C:\WINDOWS\system32\rpcss.dll
08:35:10.0531 3388 RpcSs - ok
08:35:10.0562 3388 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
08:35:10.0687 3388 RSVP - ok
08:35:10.0718 3388 [ 1E11171C0B9989E1BDAA59E96B2E81C4 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
08:35:10.0750 3388 RTL8023xp - ok
08:35:10.0765 3388 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
08:35:10.0875 3388 SamSs - ok
08:35:10.0875 3388 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
08:35:10.0890 3388 SASDIFSV - ok
08:35:10.0890 3388 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
08:35:10.0890 3388 SASKUTIL - ok
08:35:10.0921 3388 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
08:35:11.0031 3388 SCardSvr - ok
08:35:11.0062 3388 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
08:35:11.0171 3388 Schedule - ok
08:35:11.0203 3388 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:35:11.0296 3388 Secdrv - ok
08:35:11.0312 3388 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
08:35:11.0421 3388 seclogon - ok
08:35:11.0437 3388 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
08:35:11.0546 3388 SENS - ok
08:35:11.0562 3388 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
08:35:11.0671 3388 serenum - ok
08:35:11.0687 3388 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
08:35:11.0796 3388 Serial - ok
08:35:11.0812 3388 SetupNTGLM7X - ok
08:35:11.0828 3388 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
08:35:11.0937 3388 Sfloppy - ok
08:35:11.0953 3388 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
08:35:12.0078 3388 SharedAccess - ok
08:35:12.0109 3388 [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
08:35:12.0218 3388 ShellHWDetection - ok
08:35:12.0218 3388 Simbad - ok
08:35:12.0265 3388 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
08:35:12.0265 3388 SkypeUpdate - ok
08:35:12.0296 3388 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
08:35:12.0406 3388 SLIP - ok
08:35:12.0406 3388 Sparrow - ok
08:35:12.0421 3388 [ 3FA2E254BFBCE52B3C6F1BF23AAB6911 ] speedfan C:\WINDOWS\system32\speedfan.sys
08:35:12.0437 3388 speedfan - ok
08:35:12.0468 3388 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
08:35:12.0562 3388 splitter - ok
08:35:12.0578 3388 [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] Spooler C:\WINDOWS\system32\spoolsv.exe
08:35:12.0687 3388 Spooler - ok
08:35:12.0703 3388 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
08:35:12.0812 3388 sr - ok
08:35:12.0828 3388 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
08:35:12.0953 3388 srservice - ok
08:35:12.0968 3388 [ 5252605079810904E31C332E241CD59B ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
08:35:13.0062 3388 Srv - ok
08:35:13.0078 3388 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
08:35:13.0187 3388 SSDPSRV - ok
08:35:13.0218 3388 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
08:35:13.0343 3388 stisvc - ok
08:35:13.0359 3388 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
08:35:13.0453 3388 streamip - ok
08:35:13.0484 3388 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
08:35:13.0593 3388 swenum - ok
08:35:13.0609 3388 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
08:35:13.0718 3388 swmidi - ok
08:35:13.0718 3388 SwPrv - ok
08:35:13.0734 3388 symc810 - ok
08:35:13.0734 3388 symc8xx - ok
08:35:13.0750 3388 sym_hi - ok
08:35:13.0750 3388 sym_u3 - ok
08:35:13.0765 3388 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
08:35:13.0875 3388 sysaudio - ok
08:35:13.0906 3388 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
08:35:14.0015 3388 SysmonLog - ok
08:35:14.0031 3388 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
08:35:14.0140 3388 TapiSrv - ok
08:35:14.0171 3388 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:35:14.0281 3388 Tcpip - ok
08:35:14.0296 3388 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
08:35:14.0390 3388 TDPIPE - ok
08:35:14.0421 3388 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
08:35:14.0515 3388 TDTCP - ok
08:35:14.0546 3388 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
08:35:14.0640 3388 TermDD - ok
08:35:14.0671 3388 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
08:35:14.0781 3388 TermService - ok
08:35:14.0796 3388 [ 1926899BF9FFE2602B63074971700412 ] Themes C:\WINDOWS\System32\shsvcs.dll
08:35:14.0890 3388 Themes - ok
08:35:14.0921 3388 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
08:35:15.0046 3388 TlntSvr - ok
08:35:15.0046 3388 TosIde - ok
08:35:15.0062 3388 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
08:35:15.0171 3388 TrkWks - ok
08:35:15.0203 3388 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
08:35:15.0296 3388 Udfs - ok
08:35:15.0312 3388 ultra - ok
08:35:15.0328 3388 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
08:35:15.0359 3388 UMWdf - ok
08:35:15.0390 3388 [ BB879DCFD22926EFBEB3298129898CBB ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
08:35:15.0406 3388 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
08:35:15.0406 3388 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
08:35:15.0437 3388 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
08:35:15.0562 3388 Update - ok
08:35:15.0593 3388 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
08:35:15.0734 3388 upnphost - ok
08:35:15.0750 3388 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
08:35:15.0859 3388 UPS - ok
08:35:15.0875 3388 [ CAAEF0A4B5AE343918AE6287D5A4843D ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys
08:35:15.0890 3388 UrlFilter - ok
08:35:15.0906 3388 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:35:16.0015 3388 usbehci - ok
08:35:16.0031 3388 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:35:16.0125 3388 usbhub - ok
08:35:16.0156 3388 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:35:16.0265 3388 usbscan - ok
08:35:16.0281 3388 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:35:16.0390 3388 usbuhci - ok
08:35:16.0390 3388 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
08:35:16.0484 3388 VgaSave - ok
08:35:16.0500 3388 ViaIde - ok
08:35:16.0531 3388 [ 233509E1AD024A3E451D8DF6795EEED5 ] vmfilter303 C:\WINDOWS\system32\drivers\vmfilter303.sys
08:35:16.0562 3388 vmfilter303 - ok
08:35:16.0578 3388 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
08:35:16.0671 3388 VolSnap - ok
08:35:16.0703 3388 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
08:35:16.0828 3388 VSS - ok
08:35:16.0859 3388 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
08:35:16.0968 3388 W32Time - ok
08:35:16.0984 3388 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:35:17.0093 3388 Wanarp - ok
08:35:17.0093 3388 WDICA - ok
08:35:17.0125 3388 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
08:35:17.0234 3388 wdmaud - ok
08:35:17.0250 3388 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
08:35:17.0359 3388 WebClient - ok
08:35:17.0406 3388 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
08:35:17.0515 3388 winmgmt - ok
08:35:17.0562 3388 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
08:35:17.0578 3388 WmdmPmSN - ok
08:35:17.0609 3388 [ BAB489A5FE26F2D0C910CF7AF7E4CF92 ] Wmi C:\WINDOWS\System32\advapi32.dll
08:35:17.0734 3388 Wmi - ok
08:35:17.0750 3388 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:35:17.0859 3388 WmiApSrv - ok
08:35:17.0890 3388 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
08:35:18.0000 3388 wscsvc - ok
08:35:18.0015 3388 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
08:35:18.0125 3388 WSTCODEC - ok
08:35:18.0156 3388 WsysSvc - ok
08:35:18.0171 3388 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
08:35:18.0265 3388 wuauserv - ok
08:35:18.0312 3388 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
08:35:18.0437 3388 WZCSVC - ok
08:35:18.0453 3388 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
08:35:18.0562 3388 xmlprov - ok
08:35:18.0593 3388 [ 3DE80BAA4AF21883CF938197D508B848 ] ZSMC303 C:\WINDOWS\system32\Drivers\usbVM303.sys
08:35:18.0656 3388 ZSMC303 - ok
08:35:18.0656 3388 ================ Scan global ===============================
08:35:18.0703 3388 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
08:35:18.0718 3388 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
08:35:18.0750 3388 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
08:35:18.0781 3388 [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe
08:35:18.0781 3388 [Global] - ok
08:35:18.0781 3388 ================ Scan MBR ==================================
08:35:18.0796 3388 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
08:35:19.0093 3388 \Device\Harddisk0\DR0 - ok
08:35:19.0093 3388 ================ Scan VBR ==================================
08:35:19.0093 3388 [ D33E27D1B97ACFD30A3253316446853A ] \Device\Harddisk0\DR0\Partition1
08:35:19.0093 3388 \Device\Harddisk0\DR0\Partition1 - ok
08:35:19.0093 3388 [ 345F97E2F5A44A8EB8237960CC0ED9D7 ] \Device\Harddisk0\DR0\Partition2
08:35:19.0093 3388 \Device\Harddisk0\DR0\Partition2 - ok
08:35:19.0093 3388 ============================================================
08:35:19.0093 3388 Scan finished
08:35:19.0093 3388 ============================================================
08:35:19.0218 3376 Detected object count: 6
08:35:19.0218 3376 Actual detected object count: 6
08:35:51.0484 3376 !SASCORE ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:51.0484 3376 !SASCORE ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:51.0484 3376 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:51.0484 3376 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:51.0484 3376 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:51.0484 3376 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:51.0484 3376 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:51.0484 3376 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:51.0484 3376 giveio ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:51.0484 3376 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:51.0500 3376 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:51.0500 3376 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:36:20.0343 2728 Deinitialize success

Poslao: 07 Jul 2013 12:06
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Kako ti sad radi racunar?

MyCity » Ambulanta -> Arhiva Ambulante » Vec par dana pojavljuje mi se neki trojanac

Ko je trenutno na forumu
 

Ukupno su 1761 korisnika na forumu :: 73 registrovanih, 7 sakrivenih i 1681 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 6018 - dana 19 Dec 2025 13:41

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Akiro, Apok, B61, bbrasnjo3, bojan313, C-Gun, cavatina, CikaKURE, Colt D, cyprus, Dejan_vw, dejno, DejvTroter, Demi87, dendrit86, Df410, Dioniss, Džekson, FileFinder, Futog 74, GH69, kaisarevic1, Kajzer Soze, Kajzer_Soze, Kamov, kmnmada, Koser, Kubovac, ladro, Levi, Lucije Kvint, luka35, m94j, marera, Markan90, MB120mm, mercedesamg, Mickey91, Miki281, miodrag, Mićko, mnn2, Mrav Obrad, nebidrag, novator, Paraglajder, PMsnow, Povratak1912, prasinar, proka89, Sančo, Savantije, Semberija, Sevetar, skok, Smd, Srle993, SRMk24, Srna, stefanmpurtic, stegonosa, strelac07, strn, tomigun, troki1971, vaci, vidra boy, Vlada78, x011, XBMC, Zandar, zeka013, ZlatniRez