Provjera racunara (pred praznike)

Provjera racunara (pred praznike)

offline
  • Pridružio: 02 Maj 2012
  • Poruke: 368

Nikakav problem se ne ispoljava na racunaru (mozda jednom mi je nesto komp bio usporio). Samo sam htio da budem siguran da je moj komp clean (da za praznike ne moram brinuti Wink - tek sad vidim smajlije, sto su dobre kapice). Unaprijed zahvaljujem Ziveli
______________________________________________________________________________
OTL logfile created on: 22.12.2012 23:11:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\User\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000081a | Country: Srbija i Crna Gora (Prethodno) | Language: SRL | Date Format: d.M.yyyy

3,68 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 52,70% Memory free
7,36 Gb Paging File | 5,39 Gb Available in Paging File | 73,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 71,55 Gb Free Space | 73,27% Space Free | Partition Type: NTFS
Drive D: | 174,80 Gb Total Space | 92,28 Gb Free Space | 52,79% Space Free | Partition Type: NTFS
Drive E: | 175,20 Gb Total Space | 174,92 Gb Free Space | 99,84% Space Free | Partition Type: NTFS
Drive F: | 17,35 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: ORGANIZATION | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.12.22 23:08:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\User\Downloads\OTL.exe
PRC - [2012.12.19 15:03:44 | 001,868,432 | ---- | M] () -- C:\Program Files\COMODO\Dragon browser\dragon_updater.exe
PRC - [2012.12.19 15:03:44 | 001,758,864 | ---- | M] (Comodo) -- C:\Program Files\COMODO\Dragon browser\dragon.exe
PRC - [2012.12.16 10:38:44 | 000,605,184 | ---- | M] (MyCity) -- C:\Program Files (x86)\MCShield\MCShieldRTM.exe
PRC - [2012.11.27 20:48:45 | 001,687,496 | ---- | M] (AIMP DevTeam) -- C:\Program Files (x86)\AIMP3\AIMP3.exe
PRC - [2012.11.01 02:35:20 | 000,357,016 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2012.11.01 02:34:52 | 000,435,864 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2012.11.01 00:48:42 | 000,079,872 | ---- | M] (VMware, Inc.) -- E:\VMware\VMware setup\vmware-authd.exe
PRC - [2012.08.01 00:08:36 | 000,081,536 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver\Ath_WlanAgent.exe
PRC - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2011.03.31 20:38:38 | 000,416,848 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011.03.31 20:38:36 | 000,352,848 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011.03.31 20:38:36 | 000,334,416 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011.03.31 20:38:34 | 001,092,688 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.12.22 10:41:18 | 009,543,680 | ---- | M] (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) -- C:\Program Files (x86)\Vip Komandni Centar\VipKomandniCentar.exe
PRC - [2010.04.13 09:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.04.13 09:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.03.17 14:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.03.17 14:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2012.12.19 15:03:44 | 001,407,136 | ---- | M] () -- C:\Program Files\COMODO\Dragon browser\avcodec-54.dll
MOD - [2012.12.19 15:03:44 | 000,723,088 | ---- | M] () -- C:\Program Files\COMODO\Dragon browser\libGLESv2.dll
MOD - [2012.12.19 15:03:44 | 000,229,024 | ---- | M] () -- C:\Program Files\COMODO\Dragon browser\avformat-54.dll
MOD - [2012.12.19 15:03:44 | 000,157,344 | ---- | M] () -- C:\Program Files\COMODO\Dragon browser\avutil-51.dll
MOD - [2012.12.19 15:03:44 | 000,136,336 | ---- | M] () -- C:\Program Files\COMODO\Dragon browser\libEGL.dll
MOD - [2012.12.03 15:02:31 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\87cabb0fdab32b869f1b180d10336ee0\IAStorUtil.ni.dll
MOD - [2012.12.03 14:48:18 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012.12.03 14:47:50 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012.12.03 14:47:44 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012.12.03 14:47:38 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012.12.03 14:47:35 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012.12.03 14:47:23 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012.12.03 14:47:20 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012.12.03 14:47:14 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012.11.27 20:48:45 | 001,733,120 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Modules\aimp_libvorbis.dll
MOD - [2012.11.27 20:48:45 | 000,475,136 | ---- | M] () -- C:\Program Files (x86)\AIMP3\sqlite3.dll
MOD - [2012.11.27 20:48:45 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\OptimFROG.dll
MOD - [2012.11.27 20:48:45 | 000,220,672 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Modules\MACDll.dll
MOD - [2012.11.27 20:48:45 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Modules\libFLAC.dll
MOD - [2012.11.27 20:48:45 | 000,131,016 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\PandemicAnalogMeter.dll
MOD - [2012.11.27 20:48:45 | 000,058,824 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\aimp_lastfm.dll
MOD - [2012.11.27 20:48:45 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Aorta.svp
MOD - [2010.10.29 12:39:53 | 001,421,824 | ---- | M] () -- C:\Program Files (x86)\Vip Komandni Centar\Skins\Vipmobile\VipMobile.dbskin
MOD - [2010.08.19 18:32:30 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Vip Komandni Centar\resetregistry.dll
MOD - [2010.03.24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV:64bit: - [2012.12.19 15:03:44 | 001,868,432 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\Dragon browser\dragon_updater.exe -- (DragonUpdater)
SRV:64bit: - [2012.11.08 00:37:39 | 002,828,408 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2012.07.27 17:57:52 | 002,721,656 | ---- | M] (Condusiv Technologies) [Auto | Stopped] -- C:\Program Files\Diskeeper\Diskeeper\DkService.exe -- (Diskeeper)
SRV:64bit: - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009.11.02 12:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.12.11 21:58:05 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.01 02:35:20 | 000,357,016 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2012.11.01 02:34:52 | 000,435,864 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2012.11.01 00:48:42 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- E:\VMware\VMware setup\vmware-authd.exe -- (VMAuthdService)
SRV - [2012.10.19 16:33:26 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.11 17:15:30 | 000,918,680 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2012.08.01 00:08:36 | 000,081,536 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2012.07.14 08:02:16 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011.03.31 20:38:36 | 000,352,848 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.04.13 09:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.03.17 14:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.03.17 14:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.01.12 13:15:52 | 000,071,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Blaze Media Pro\Blaze Media Pro\NMSAccess32.exe -- (NMSAccess)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.11.27 22:32:49 | 000,009,216 | ---- | M] (SpeedJet Technology INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SjtWinIo.sys -- (SjtWinIo)
DRV:64bit: - [2012.11.01 02:34:54 | 000,067,224 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2012.11.01 02:34:32 | 000,030,360 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2012.11.01 02:34:10 | 000,045,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2012.11.01 02:34:08 | 000,020,120 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2012.11.01 02:34:04 | 000,032,920 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2012.10.24 14:17:14 | 000,070,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:64bit: - [2012.10.24 14:17:10 | 000,085,104 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2012.10.11 17:15:32 | 000,052,376 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2012.10.05 17:23:20 | 000,328,592 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012.09.13 17:12:06 | 000,448,312 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.08.23 15:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.24 08:03:48 | 003,718,144 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012.07.09 14:54:58 | 000,106,832 | ---- | M] (Condusiv Technologies) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DKTLFSMF.sys -- (DKTLFSMF)
DRV:64bit: - [2012.07.06 02:18:06 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2012.06.18 19:14:34 | 000,052,048 | ---- | M] (Condusiv Technologies) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\DKRtWrt.sys -- (DKRtWrt)
DRV:64bit: - [2012.04.05 02:32:54 | 000,040,752 | ---- | M] (Condusiv Technologies) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DKDFM.sys -- (DKDFM)
DRV:64bit: - [2012.03.14 08:40:04 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012.03.14 08:40:02 | 000,209,768 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012.03.14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.10 22:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.01.17 15:56:14 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010.11.21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.07.01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010.04.13 09:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2010.02.27 07:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.02.22 09:09:10 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2009.11.02 12:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.09.17 13:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
IE - HKCU\..\SearchScopes,DefaultScope = {8EEAC88A-079B-4b2c-80C1-7836F79EB40A}
IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2012.11.27 21:08:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.11.27 21:08:11 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [AutoRun Antivirus Pro] C:\Program Files (x86)\AutoRun Antivirus Pro\AutoRun Antivirus.exe (Josh Cell Softwares)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files (x86)\MCShield\MCShieldRTM.exe (MyCity)
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\SysWow64\grpconv.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CC45CB2-DB8B-406A-89AA-8244EA753C6C}: NameServer = 10.85.64.173 10.85.64.174
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2BF9BEAA-6ED8-4735-A74F-5598DB532077}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A4CCE7C-F4F3-496B-837C-3CD046FD15F3}: NameServer = 8.26.56.26,156.154.70.22
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.11.28 02:25:13 | 000,000,000 | RHSD | M] - C:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2012.11.28 02:25:23 | 000,000,000 | RHSD | M] - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2010.11.05 15:45:46 | 000,000,476 | R--- | M] () - F:\AutoRun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.08.11 18:15:32 | 000,342,864 | R--- | M] () - F:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.05.19 13:56:57 | 000,000,044 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{06e5a5c5-49d4-11e2-88f5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{06e5a5c5-49d4-11e2-88f5-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
O33 - MountPoints2\{88d46402-38c7-11e2-83a9-8f432d403ad5}\Shell - "" = AutoRun
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.12.22 16:55:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blaze Media Pro
[2012.12.22 16:55:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Blaze Media Pro
[2012.12.22 16:55:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\{784E3329-1B2A-421E-9427-596088B766F6}
[2012.12.21 23:28:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Programs
[2012.12.21 20:11:41 | 000,000,000 | R--D | C] -- D:\Users\User\Desktop\CCleaner
[2012.12.19 16:05:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2012.12.19 16:05:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\GRETECH
[2012.12.19 13:04:56 | 000,135,168 | ---- | C] (ZTE Corporation) -- C:\Windows\SysNative\drivers\ZTEusbnet.sys
[2012.12.19 13:04:56 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys
[2012.12.19 13:04:56 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys
[2012.12.19 13:04:56 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys
[2012.12.19 13:04:56 | 000,011,776 | ---- | C] (MBB Incorporated) -- C:\Windows\SysNative\drivers\massfilter.sys
[2012.12.19 13:04:53 | 000,246,224 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys
[2012.12.19 13:04:53 | 000,117,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2012.12.19 13:04:53 | 000,114,304 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbdev.sys
[2012.12.19 13:04:53 | 000,029,696 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2012.12.19 13:04:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2B56DE65-39C5-483B-B8BC-2CB3750BB1EF}
[2012.12.19 13:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vip Komandni Centar
[2012.12.19 13:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vip Komandni Centar
[2012.12.18 16:47:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\VMware
[2012.12.18 16:46:57 | 000,070,296 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vsock.sys
[2012.12.18 16:46:57 | 000,067,224 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vsocklib.dll
[2012.12.18 16:46:57 | 000,063,128 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vsocklib.dll
[2012.12.18 16:46:52 | 000,067,224 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2012.12.18 16:46:51 | 000,032,920 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\VMkbd.sys
[2012.12.18 16:46:23 | 000,357,016 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2012.12.18 16:46:19 | 000,435,864 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2012.12.18 16:46:19 | 000,030,360 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2012.12.18 16:46:17 | 000,933,528 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2012.12.18 16:46:02 | 000,052,376 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2012.12.18 16:45:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2012.12.18 16:44:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2012.12.18 01:32:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Process Hacker 2
[2012.12.18 01:29:54 | 000,000,000 | R--D | C] -- D:\Users\User\Desktop\Process Hacker
[2012.12.17 22:39:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\addpcs
[2012.12.17 22:37:54 | 000,000,000 | R--D | C] -- D:\Users\User\Desktop\Temp File Cleaner
[2012.12.16 13:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\RFA_Backups
[2012.12.16 13:55:29 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 8
[2012.12.16 13:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\RFA 8
[2012.12.16 13:55:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Registry First Aid
[2012.12.16 13:54:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\CrashDumps
[2012.12.16 12:08:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Condusiv_Technologies
[2012.12.16 12:08:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Condusiv_Technologies
[2012.12.16 12:04:45 | 000,106,832 | ---- | C] (Condusiv Technologies) -- C:\Windows\SysNative\drivers\DKTLFSMF.sys
[2012.12.16 12:04:42 | 000,040,752 | ---- | C] (Condusiv Technologies) -- C:\Windows\SysNative\drivers\DKDFM.sys
[2012.12.16 12:04:41 | 000,052,048 | ---- | C] (Condusiv Technologies) -- C:\Windows\SysNative\drivers\DKRtWrt.sys
[2012.12.16 12:04:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.12.16 12:04:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Condusiv Technologies
[2012.12.16 12:04:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Diskeeper Corporation
[2012.12.16 12:04:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Condusiv Technologies
[2012.12.16 12:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\Diskeeper
[2012.12.16 12:02:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diskeeper Setup Files
[2012.12.15 11:18:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012.12.14 01:09:42 | 000,000,000 | R--D | C] -- D:\Users\User\Desktop\Defraggler portable
[2012.12.14 01:04:46 | 000,050,952 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2012.12.14 01:04:46 | 000,042,760 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2012.12.14 00:26:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Raxco
[2012.12.13 00:38:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\VMware
[2012.12.13 00:34:42 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2012.12.12 00:23:23 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2012.12.12 00:21:02 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncobjapi.dll
[2012.12.12 00:21:02 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncobjapi.dll
[2012.12.12 00:20:55 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Register-CimProvider.exe
[2012.12.12 00:20:55 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Register-CimProvider.exe
[2012.12.12 00:20:54 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrshost.exe
[2012.12.12 00:20:54 | 000,001,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrsmgr.dll
[2012.12.12 00:20:54 | 000,001,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrsmgr.dll
[2012.12.12 00:20:52 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrs.exe
[2012.12.12 00:20:52 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrshost.exe
[2012.12.12 00:20:51 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtfwd.dll
[2012.12.12 00:20:51 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecutil.exe
[2012.12.12 00:20:51 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtfwd.dll
[2012.12.12 00:20:51 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecapi.dll
[2012.12.12 00:20:51 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecutil.exe
[2012.12.12 00:20:51 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecapi.dll
[2012.12.12 00:20:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrs.exe
[2012.12.12 00:20:51 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmplpxy.dll
[2012.12.12 00:20:51 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrssrv.dll
[2012.12.12 00:20:49 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrscmd.dll
[2012.12.12 00:20:46 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmRes.dll
[2012.12.12 00:20:45 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prvdmofcomp.dll
[2012.12.12 00:20:45 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmRes.dll
[2012.12.12 00:20:45 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prvdmofcomp.dll
[2012.12.12 00:20:45 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PSModuleDiscoveryProvider.dll
[2012.12.12 00:20:45 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PSModuleDiscoveryProvider.dll
[2012.12.12 00:20:45 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAgent.dll
[2012.12.12 00:20:45 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAgent.dll
[2012.12.12 00:20:45 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmplpxy.dll
[2012.12.12 00:20:45 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrssrv.dll
[2012.12.12 00:20:43 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrscmd.dll
[2012.12.12 00:20:43 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmprovhost.exe
[2012.12.12 00:20:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmprovhost.exe
[2012.12.12 00:20:43 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2012.12.12 00:20:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2012.12.12 00:20:42 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mi.dll
[2012.12.12 00:20:42 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mi.dll
[2012.12.12 00:20:42 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pwrshplugin.dll
[2012.12.12 00:20:41 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pwrshplugin.dll
[2012.12.12 00:20:35 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\miutils.dll
[2012.12.12 00:20:35 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmidcom.dll
[2012.12.12 00:20:35 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmitomi.dll
[2012.12.12 00:20:35 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmidcom.dll
[2012.12.12 00:20:34 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll
[2012.12.12 00:20:34 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll
[2012.12.12 00:20:34 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\miutils.dll
[2012.12.12 00:20:34 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmitomi.dll
[2012.12.12 00:20:34 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll
[2012.12.12 00:20:34 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll
[2012.12.12 00:20:34 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2012.12.12 00:20:34 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2012.12.12 00:20:33 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2012.12.12 00:20:32 | 000,309,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2012.12.12 00:20:31 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmGCDeps.dll
[2012.12.12 00:20:31 | 000,494,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wbemcomn2.dll
[2012.12.12 00:20:31 | 000,382,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wbemcomn2.dll
[2012.12.12 00:20:31 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll
[2012.12.12 00:20:31 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2012.12.12 00:20:30 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmGCDeps.dll
[2012.12.12 00:19:04 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2012.12.12 00:19:04 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2012.12.12 00:19:03 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2012.12.12 00:19:02 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2012.12.12 00:19:02 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2012.12.12 00:19:02 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\terminpt.sys
[2012.12.12 00:19:02 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2012.12.12 00:19:01 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2012.12.12 00:19:01 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2012.12.12 00:19:01 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2012.12.12 00:19:01 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2012.12.12 00:19:01 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2012.12.12 00:19:01 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2012.12.12 00:19:01 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2012.12.12 00:19:01 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2012.12.12 00:19:01 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2012.12.12 00:19:01 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2012.12.12 00:19:00 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012.12.12 00:19:00 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012.12.12 00:19:00 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2012.12.12 00:19:00 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2012.12.12 00:19:00 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2012.12.12 00:19:00 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2012.12.12 00:18:59 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.12.12 00:18:58 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012.12.12 00:18:58 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012.12.12 00:17:08 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.12.12 00:17:07 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.12.12 00:17:07 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.12.12 00:17:07 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.12.12 00:17:06 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.12.12 00:17:06 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.12.12 00:17:06 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.12.12 00:17:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.12.12 00:17:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.12.12 00:17:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.12.12 00:17:06 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.12.12 00:17:06 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.12.12 00:17:06 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.12.12 00:17:06 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.12.12 00:17:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.12.12 00:17:06 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.12 00:17:06 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.12 00:17:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.12 00:17:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.12 00:17:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.12.12 00:17:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.12 00:17:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.12.12 00:17:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.12 00:17:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.12.12 00:17:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.12.12 00:17:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.12 00:17:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.12.12 00:17:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.12.12 00:17:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.12.12 00:17:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.12 00:17:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.12 00:17:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.12 00:17:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.12.12 00:17:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.12.12 00:17:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.12.12 00:17:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.12.12 00:17:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.12.12 00:16:40 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.12.12 00:16:34 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012.12.12 00:16:34 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012.12.12 00:16:33 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.12 00:16:33 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.12 00:16:33 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.12 00:16:33 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.12 00:16:32 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012.12.12 00:16:31 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012.12.12 00:16:31 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012.12.12 00:16:31 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012.12.12 00:16:31 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012.12.12 00:16:30 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012.12.12 00:16:30 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012.12.12 00:16:30 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012.12.12 00:16:30 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012.12.12 00:16:29 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012.12.12 00:16:29 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012.12.12 00:16:29 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012.12.12 00:16:29 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012.12.12 00:16:27 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012.12.12 00:16:27 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012.12.12 00:16:21 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.12.10 22:16:02 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes
[2012.12.10 22:15:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.10 22:15:49 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.12.10 22:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.12.10 22:01:32 | 000,000,000 | ---D | C] -- C:\Users\User\Doctor Web
[2012.12.10 20:35:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Foxit Software
[2012.12.08 17:02:44 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS
[2012.12.07 23:20:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012.12.07 23:20:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.12.07 23:20:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012.12.07 23:19:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2012.12.07 23:19:16 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.12.07 23:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2012.12.07 23:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012.12.07 23:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012.12.07 23:17:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012.12.07 23:17:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012.12.07 23:17:13 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Microsoft Help
[2012.12.07 23:17:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.12.07 23:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.12.07 23:17:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012.12.07 23:16:51 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.12.07 20:21:53 | 000,000,000 | R--D | C] -- D:\Users\User\Desktop\Opera portable
[2012.12.06 23:39:00 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.12.06 23:38:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.12.06 23:37:59 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.12.06 23:37:57 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.12.06 23:37:57 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.12.06 23:37:57 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.12.06 23:37:12 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012.12.06 23:37:12 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012.12.06 23:37:11 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.12.06 23:36:27 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.12.06 23:36:27 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.12.06 23:35:19 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012.12.06 23:35:19 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012.12.06 23:35:14 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012.12.06 23:33:26 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.12.06 23:33:25 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012.12.06 23:33:19 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.12.06 23:33:19 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.12.06 23:31:40 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.12.06 23:31:37 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.12.06 23:31:37 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.12.06 23:31:37 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.12.06 23:31:36 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.12.06 23:31:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.12.06 23:31:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.12.06 23:31:23 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012.12.06 23:31:23 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.12.06 23:30:54 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012.12.06 23:30:54 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012.12.06 23:30:35 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.12.06 23:30:32 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.12.06 23:30:32 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.12.06 23:30:32 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.12.06 23:30:18 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012.12.06 23:30:17 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012.12.06 23:30:17 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012.12.06 23:30:15 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.12.06 23:30:15 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.12.06 23:30:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.12.06 23:30:04 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012.12.06 15:28:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\TeamViewer
[2012.12.06 15:27:17 | 005,835,512 | ---- | C] (TeamViewer GmbH) -- D:\Users\User\Desktop\TeamViewer.exe
[2012.12.03 14:39:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\ESET
[2012.12.03 14:13:57 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.12.03 14:06:21 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.12.03 14:06:21 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.12.03 14:06:20 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012.12.03 14:06:19 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012.12.03 14:06:19 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012.12.03 14:06:19 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012.12.03 14:06:19 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012.12.03 14:06:19 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012.12.03 14:06:19 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012.12.03 14:06:12 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.12.03 14:06:11 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.12.03 14:05:49 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012.12.03 14:05:49 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012.12.02 14:38:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\ToolwizCareFree
[2012.12.02 14:30:02 | 007,606,592 | ---- | C] (ToolWiz) -- D:\Users\User\Desktop\ToolWiz Care portable.exe
[2012.12.01 00:32:14 | 000,000,000 | R--D | C] -- D:\Users\User\Desktop\Matrix ShutDown
[2012.11.30 21:50:16 | 000,000,000 | R--D | C] -- D:\Users\User\Desktop\File Blender
[2012.11.30 21:12:03 | 000,000,000 | R--D | C] -- D:\Users\User\Desktop\FlicFlac
[2012.11.30 14:09:35 | 000,000,000 | R--D | C] -- D:\Users\User\Desktop\Eraser portable
[2012.11.30 00:05:35 | 000,000,000 | R--D | C] -- D:\Users\User\Desktop\DShutdownPortable
[2012.11.29 22:01:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GomPlayer
[2012.11.29 20:11:34 | 000,000,000 | R--D | C] -- D:\Users\User\Desktop\System Explorer portable
[2012.11.28 15:07:16 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.11.28 15:07:16 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.11.28 15:05:01 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.11.28 15:05:00 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.11.28 15:04:59 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.11.28 15:04:54 | 000,911,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.11.28 15:04:53 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.11.28 15:04:53 | 000,609,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.11.28 15:03:50 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.11.28 15:02:56 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012.11.28 15:02:55 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012.11.28 15:02:55 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012.11.28 15:02:55 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012.11.28 14:59:57 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012.11.28 14:59:57 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012.11.28 14:58:00 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.11.28 14:58:00 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.11.28 14:58:00 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.11.28 14:56:42 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012.11.28 14:56:00 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012.11.28 14:56:00 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012.11.28 14:56:00 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012.11.28 14:56:00 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012.11.28 14:55:59 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012.11.28 14:55:59 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012.11.28 14:55:45 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012.11.28 14:55:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012.11.28 14:55:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012.11.28 14:55:44 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012.11.28 14:55:44 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012.11.28 14:55:44 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012.11.28 14:55:44 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012.11.28 14:55:24 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.11.28 14:55:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.11.28 14:55:00 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.11.28 14:55:00 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012.11.28 14:55:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012.11.28 14:54:59 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.11.28 14:54:10 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.11.28 14:54:10 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.11.28 14:53:04 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012.11.28 14:53:02 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.11.28 14:53:02 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.11.28 14:53:02 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.11.28 14:52:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.11.28 14:52:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.11.28 14:52:54 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012.11.28 14:52:54 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012.11.28 14:52:54 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012.11.28 14:52:54 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012.11.28 14:52:54 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012.11.28 14:52:54 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012.11.28 14:52:54 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012.11.28 14:52:54 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012.11.28 14:52:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012.11.28 14:52:53 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.11.28 14:51:52 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.11.28 14:51:51 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.11.28 14:50:26 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.11.28 14:50:18 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.11.28 14:49:59 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.11.28 14:49:58 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.11.28 14:49:55 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.11.28 14:49:55 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.11.28 14:49:54 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012.11.28 14:49:54 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012.11.28 14:49:53 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012.11.28 14:49:53 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012.11.28 14:49:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.11.28 14:49:45 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.11.28 14:49:45 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.11.28 14:01:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Macromedia
[2012.11.28 14:01:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Adobe
[2012.11.28 13:52:26 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.11.28 13:52:26 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.11.28 13:52:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.11.28 13:52:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.11.28 13:39:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.11.28 13:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.11.28 13:34:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012.11.28 05:15:58 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.11.28 05:15:43 | 000,000,000 | -HSD | C] -- C:\Boot
[2012.11.28 02:33:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2012.11.28 02:33:58 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2012.11.28 02:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
[2012.11.28 02:27:04 | 000,000,000 | ---D | C] -- C:\ProgramData\MCShield
[2012.11.28 02:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MCShield
[2012.11.28 02:25:13 | 000,000,000 | RHSD | C] -- C:\AUTORUN.INF
[2012.11.28 02:25:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoRun Antivirus Pro
[2012.11.28 02:25:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoRun Antivirus Pro
[2012.11.28 02:24:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2012.11.28 02:24:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2012.11.28 01:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012.11.28 01:29:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\uTorrent
[2012.11.28 00:20:00 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.11.28 00:19:57 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.11.28 00:19:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.11.28 00:19:57 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.11.28 00:19:57 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.11.28 00:19:57 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.11.28 00:19:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.11.28 00:01:30 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.11.28 00:01:30 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.11.28 00:01:30 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.11.28 00:00:39 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.11.28 00:00:39 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.11.28 00:00:39 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.11.28 00:00:13 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.11.28 00:00:13 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.11.27 23:30:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Comodo
[2012.11.27 23:16:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\CyberLink
[2012.11.27 23:16:01 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012.11.27 22:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
[2012.11.27 22:49:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.11.27 22:49:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.11.27 22:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2012.11.27 22:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2012.11.27 22:49:06 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2012.11.27 22:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012.11.27 22:48:58 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
[2012.11.27 22:48:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer
[2012.11.27 22:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012.11.27 22:44:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Skype
[2012.11.27 22:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.11.27 22:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.11.27 22:44:21 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.11.27 22:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.11.27 22:43:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\WinRAR
[2012.11.27 22:42:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRar
[2012.11.27 22:37:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Intel Corporation
[2012.11.27 22:34:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Synaptics
[2012.11.27 22:32:49 | 000,009,216 | ---- | C] (SpeedJet Technology INC.) -- C:\Windows\SysNative\drivers\SjtWinIo.sys
[2012.11.27 22:30:09 | 001,142,376 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\SysNative\drivers\rtl8192ce.sys
[2012.11.27 22:30:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver
[2012.11.27 22:29:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012.11.27 22:27:42 | 003,718,144 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012.11.27 22:25:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver
[2012.11.27 22:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2012.11.27 22:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012.11.27 22:24:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012.11.27 22:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.11.27 22:21:08 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012.11.27 22:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2012.11.27 22:17:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launch Manager
[2012.11.27 22:16:40 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012.11.27 22:15:16 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.11.27 22:14:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2012.11.27 22:13:46 | 009,888,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsUStoricon.dll
[2012.11.27 22:13:46 | 000,422,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtsUStor.dll
[2012.11.27 22:13:46 | 000,252,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys
[2012.11.27 22:11:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.11.27 22:11:09 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.11.27 22:11:08 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012.11.27 22:11:08 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012.11.27 22:11:08 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll
[2012.11.27 22:11:08 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012.11.27 22:11:08 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012.11.27 22:11:08 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012.11.27 22:11:08 | 000,121,744 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2012.11.27 22:11:07 | 002,839,656 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012.11.27 22:11:07 | 002,369,128 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012.11.27 22:11:07 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012.11.27 22:11:07 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012.11.27 22:11:07 | 000,820,224 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012.11.27 22:11:07 | 000,648,296 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012.11.27 22:11:07 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012.11.27 22:11:07 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012.11.27 22:11:07 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.11.27 22:11:07 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.11.27 22:11:07 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012.11.27 22:11:07 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012.11.27 22:11:07 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012.11.27 22:11:07 | 000,084,072 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2012.11.27 22:11:07 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll
[2012.11.27 22:11:07 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012.11.27 22:11:07 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll
[2012.11.27 22:11:07 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012.11.27 22:11:06 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012.11.27 22:11:06 | 001,868,944 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012.11.27 22:11:06 | 001,718,616 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012.11.27 22:11:06 | 000,421,720 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012.11.27 22:11:06 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012.11.27 22:11:06 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012.11.27 22:11:06 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012.11.27 22:11:06 | 000,127,832 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012.11.27 22:11:06 | 000,108,888 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012.11.27 22:11:06 | 000,074,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012.11.27 22:11:05 | 002,075,712 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012.11.27 22:11:05 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012.11.27 22:11:05 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012.11.27 22:11:05 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012.11.27 22:11:05 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012.11.27 22:11:05 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012.11.27 22:11:05 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012.11.27 22:11:05 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012.11.27 22:11:05 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012.11.27 22:11:05 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012.11.27 22:11:05 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012.11.27 22:11:05 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012.11.27 22:11:05 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012.11.27 22:11:05 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012.11.27 22:11:05 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012.11.27 22:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012.11.27 22:10:59 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012.11.27 22:10:58 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012.11.27 22:10:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.11.27 22:09:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012.11.27 22:08:39 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012.11.27 22:08:12 | 000,540,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2012.11.27 22:04:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.11.27 21:08:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012.11.27 21:08:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012.11.27 21:08:05 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.11.27 20:48:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
[2012.11.27 20:48:46 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\AIMP3
[2012.11.27 20:48:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIMP3
[2012.11.27 20:34:35 | 000,000,000 | ---D | C] -- C:\Intel
[2012.11.27 20:34:34 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.11.27 20:34:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.11.27 20:34:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\InstallShield
[2012.11.27 20:25:42 | 000,000,000 | ---D | C] -- C:\ProgramData\mquadr.at
[2012.11.27 20:25:17 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.11.27 20:25:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\PackageAware
[2012.11.27 20:23:04 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.11.27 20:23:04 | 000,000,000 | R--D | C] -- C:\Users\User\Searches
[2012.11.27 20:23:04 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.11.27 20:23:04 | 000,000,000 | -H-D | C] -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012.11.27 20:22:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Identities
[2012.11.27 20:22:53 | 000,000,000 | R--D | C] -- C:\Users\User\Contacts
[2012.11.27 20:22:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\VirtualStore
[2012.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\User\Templates
[2012.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\User\Start Menu
[2012.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\User\SendTo
[2012.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\User\Recent
[2012.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\User\PrintHood
[2012.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\User\NetHood
[2012.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\My Videos
[2012.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\My Pictures
[2012.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\My Music
[2012.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\User\My Documents
[2012.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\User\Local Settings
[2012.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\User\Cookies
[2012.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\User\Application Data
[2012.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\Application Data
[2012.11.27 20:22:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Temporary Internet Files
[2012.11.27 20:22:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Temp
[2012.11.27 20:22:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Microsoft
[2012.11.27 20:22:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Media Center Programs
[2012.11.27 20:22:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\History
[2012.11.27 20:22:36 | 000,000,000 | --SD | C] -- C:\Users\User\AppData\Roaming\Microsoft
[2012.11.27 20:22:36 | 000,000,000 | R--D | C] -- C:\Users\User\Videos
[2012.11.27 20:22:36 | 000,000,000 | R--D | C] -- C:\Users\User\Saved Games
[2012.11.27 20:22:36 | 000,000,000 | R--D | C] -- C:\Users\User\Pictures
[2012.11.27 20:22:36 | 000,000,000 | R--D | C] -- C:\Users\User\Music
[2012.11.27 20:22:36 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.11.27 20:22:36 | 000,000,000 | R--D | C] -- C:\Users\User\Links
[2012.11.27 20:22:36 | 000,000,000 | R--D | C] -- C:\Users\User\Favorites
[2012.11.27 20:22:36 | 000,000,000 | R--D | C] -- C:\Users\User\Documents
[2012.11.27 20:22:36 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.11.27 20:22:36 | 000,000,000 | -H-D | C] -- C:\Users\User\AppData
[2012.11.27 20:22:30 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.11.27 20:19:33 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.11.27 20:17:22 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.11.27 20:16:35 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012.12.22 22:59:29 | 000,785,446 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.22 22:59:29 | 000,656,408 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.22 22:59:29 | 000,122,806 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.22 22:57:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.22 20:57:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.22 16:55:38 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\Blaze Media Pro.lnk
[2012.12.22 09:17:01 | 000,025,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.22 09:17:01 | 000,025,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.22 09:10:59 | 2962,255,872 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.21 19:53:19 | 000,050,952 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2012.12.21 19:53:19 | 000,042,760 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2012.12.21 10:06:27 | 000,000,008 | RHS- | M] () -- C:\Users\User\ntuser.pol
[2012.12.19 16:05:15 | 000,001,225 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2012.12.19 16:05:15 | 000,001,201 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2012.12.18 16:47:00 | 000,000,619 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Player.lnk
[2012.12.18 16:45:19 | 000,790,212 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.18 16:45:18 | 000,001,672 | ---- | M] () -- C:\Users\Public\Desktop\VMware Player.lnk
[2012.12.16 16:23:51 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
[2012.12.16 14:07:30 | 000,000,946 | ---- | M] () -- C:\Users\Public\Desktop\Registry First Aid.lnk
[2012.12.16 12:04:38 | 000,002,091 | ---- | M] () -- C:\Users\Public\Desktop\Diskeeper 12.lnk
[2012.12.12 14:32:59 | 000,416,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.11 21:58:04 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.12.11 21:58:04 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.12.10 22:15:51 | 000,001,370 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.06 15:31:46 | 005,835,512 | ---- | M] (TeamViewer GmbH) -- D:\Users\User\Desktop\TeamViewer.exe
[2012.12.03 11:19:21 | 105,196,104 | ---- | M] () -- D:\Users\User\Desktop\Dr.Web.exe
[2012.12.02 14:36:04 | 007,606,592 | ---- | M] (ToolWiz) -- D:\Users\User\Desktop\ToolWiz Care portable.exe
[2012.11.28 05:15:46 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012.11.28 02:24:22 | 000,001,154 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2012.11.28 01:31:11 | 000,000,971 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012.11.27 23:30:36 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012.11.27 23:19:10 | 000,001,467 | ---- | M] () -- D:\Users\User\Desktop\ESET Antivirus 5.lnk
[2012.11.27 22:49:17 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012.11.27 22:49:06 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2012.11.27 22:44:31 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.27 22:35:32 | 000,015,722 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2012.11.27 22:32:49 | 000,009,216 | ---- | M] (SpeedJet Technology INC.) -- C:\Windows\SysNative\drivers\SjtWinIo.sys
[2012.11.27 22:28:36 | 000,006,656 | ---- | M] () -- C:\Windows\SysNative\bcmwlrc.dll
[2012.11.27 22:21:22 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012.11.27 22:17:57 | 000,000,184 | ---- | M] () -- C:\Windows\LMv4.UNI
[2012.11.27 20:20:01 | 000,116,385 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.11.27 20:20:01 | 000,116,385 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.11.27 20:18:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

========== Files Created - No Company Name ==========

[2012.12.22 16:55:38 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\Blaze Media Pro.lnk
[2012.12.21 10:02:19 | 000,000,008 | RHS- | C] () -- C:\Users\User\ntuser.pol
[2012.12.19 16:05:15 | 000,001,225 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2012.12.19 16:05:15 | 000,001,201 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2012.12.18 16:47:00 | 000,000,619 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Player.lnk
[2012.12.18 16:45:18 | 000,001,672 | ---- | C] () -- C:\Users\Public\Desktop\VMware Player.lnk
[2012.12.16 13:55:32 | 000,000,946 | ---- | C] () -- C:\Users\Public\Desktop\Registry First Aid.lnk
[2012.12.16 12:04:52 | 000,002,091 | ---- | C] () -- C:\Users\Public\Desktop\Diskeeper 12.lnk
[2012.12.16 03:19:04 | 2962,255,872 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.12 00:20:54 | 000,204,105 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2012.12.12 00:20:53 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml
[2012.12.12 00:20:49 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2012.12.12 00:20:46 | 000,004,148 | ---- | C] () -- C:\Windows\SysNative\psmodulediscoveryprovider.mof
[2012.12.12 00:20:35 | 000,204,105 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs
[2012.12.10 22:15:51 | 000,001,370 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.06 23:39:02 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.12.06 23:37:56 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.02 18:31:25 | 105,196,104 | ---- | C] () -- D:\Users\User\Desktop\Dr.Web.exe
[2012.11.28 13:52:27 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.28 05:15:46 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012.11.28 05:15:44 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2012.11.28 02:27:13 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
[2012.11.28 02:24:22 | 000,001,154 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2012.11.28 01:31:11 | 000,000,971 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012.11.27 23:30:36 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012.11.27 23:19:10 | 000,001,467 | ---- | C] () -- D:\Users\User\Desktop\ESET Antivirus 5.lnk
[2012.11.27 22:49:17 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012.11.27 22:44:31 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.27 22:35:32 | 000,015,722 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2012.11.27 22:30:09 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012.11.27 22:28:47 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\bcmwlrc.dll
[2012.11.27 22:21:22 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012.11.27 22:17:57 | 000,000,184 | ---- | C] () -- C:\Windows\LMv4.UNI
[2012.11.27 22:11:09 | 000,247,560 | ---- | C] () -- C:\Windows\SysNative\drivers\RTConvEQ.dat
[2012.11.27 22:11:09 | 000,039,672 | ---- | C] () -- C:\Windows\SysNative\drivers\RtPCEE3.DAT
[2012.11.27 22:11:09 | 000,029,494 | ---- | C] () -- C:\Windows\SysNative\drivers\RtPCEE4.DAT
[2012.11.27 22:11:09 | 000,001,448 | ---- | C] () -- C:\Windows\SysNative\drivers\RtHdatEx.dat
[2012.11.27 22:11:09 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX3.dat
[2012.11.27 22:11:09 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX2.dat
[2012.11.27 22:11:09 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX1.dat
[2012.11.27 22:11:09 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat
[2012.11.27 22:11:09 | 000,000,176 | ---- | C] () -- C:\Windows\SysNative\drivers\RTHDAEQ1.dat
[2012.11.27 22:11:09 | 000,000,024 | ---- | C] () -- C:\Windows\SysNative\drivers\rtkhdaud.dat
[2012.11.27 22:05:55 | 000,790,212 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.27 20:22:37 | 000,000,290 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012.11.27 20:22:37 | 000,000,272 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012.11.27 20:19:52 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.11.27 20:19:36 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.11.27 20:18:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.01.10 22:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012.01.10 22:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012.01.10 22:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012.01.10 21:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.08.21 14:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.08.21 14:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.08.21 14:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
_______________

https://www.mycity.rs/must-login.png

offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3896
  • Gde živiš: Novi Sad,Klisa

Pozdrav,g[h]ost

Praznike možeš proslaviti bez brige o malwareu, posto ti je računar čist.

Jedino što bih ti savetovao jeste da deinstaliraš AutoRun Antivirus Pro. Pošto je on potpuno nepotreban pored MCShielda.

Uživaj u praznicima! Smile
NIx Car (AMF Tim)

offline
  • Pridružio: 02 Maj 2012
  • Poruke: 368

@NIx Car bas ti hvala Mr. Green Zagrljaj
Poslusacu tvoj savjet i deinstaliracu AutoRun AV Pro.
I ti se lijepo provedi Ziveli

Ko je trenutno na forumu
 

Ukupno su 532 korisnika na forumu :: 3 registrovanih, 2 sakrivenih i 527 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: branko7, LUDI, Simon simonović