OTL logfile created on: 2013-03-04 15:59:46 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\krzysiek\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,87 Gb Total Physical Memory | 0,68 Gb Available Physical Memory | 36,60% Memory free 3,74 Gb Paging File | 2,34 Gb Available in Paging File | 62,75% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 61,54 Gb Total Space | 40,75 Gb Free Space | 66,22% Space Free | Partition Type: NTFS Drive D: | 58,53 Gb Total Space | 24,27 Gb Free Space | 41,48% Space Free | Partition Type: NTFS Drive E: | 60,72 Gb Total Space | 28,09 Gb Free Space | 46,27% Space Free | Partition Type: NTFS Drive F: | 52,10 Gb Total Space | 6,76 Gb Free Space | 12,98% Space Free | Partition Type: NTFS Computer Name: SEVEN | User Name: krzysiek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-03-04 15:58:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\krzysiek\Desktop\OTL.exe PRC - [2013-02-25 22:21:38 | 000,595,144 | ---- | M] (Murray Hurps Software Pty Ltd) -- C:\Program Files (x86)\Ad Muncher\AdMunch.exe PRC - [2013-02-25 22:13:13 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe PRC - [2012-12-18 21:15:46 | 000,331,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe PRC - [2012-12-04 14:04:40 | 000,125,504 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe PRC - [2012-08-24 18:33:26 | 000,127,072 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe PRC - [2012-08-15 15:18:40 | 000,357,016 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe PRC - [2012-08-15 15:18:06 | 000,104,088 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe PRC - [2012-08-15 15:17:26 | 000,435,864 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe PRC - [2012-08-15 14:36:34 | 015,680,000 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe PRC - [2012-08-15 13:19:58 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe PRC - [2012-01-16 11:47:42 | 000,062,016 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe PRC - [2012-01-16 11:47:40 | 000,044,096 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe PRC - [2012-01-16 11:47:22 | 000,043,584 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe PRC - [2011-07-12 18:03:32 | 000,069,568 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe PRC - [2011-06-13 19:36:50 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exe PRC - [2010-11-21 04:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe PRC - [2005-07-15 22:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-02-26 07:52:11 | 014,717,808 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll MOD - [2010-01-30 02:41:12 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-12-18 12:30:54 | 000,127,120 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD) SRV:[b]64bit:[/b] - [2012-12-11 06:22:08 | 000,060,272 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC) SRV:[b]64bit:[/b] - [2012-12-04 14:04:40 | 000,125,504 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC) SRV:[b]64bit:[/b] - [2012-09-06 10:49:06 | 000,046,984 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC) SRV:[b]64bit:[/b] - [2012-08-24 18:33:26 | 000,127,072 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE) SRV:[b]64bit:[/b] - [2012-01-16 11:47:42 | 000,062,016 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC) SRV:[b]64bit:[/b] - [2012-01-16 11:47:22 | 000,043,584 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE) SRV:[b]64bit:[/b] - [2011-06-13 19:36:48 | 000,915,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013-02-16 01:34:06 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-02-04 10:26:30 | 000,022,376 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService) SRV - [2013-01-09 06:40:00 | 001,665,832 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service) SRV - [2013-01-09 06:40:00 | 001,664,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE -- (PwmEWSvc) SRV - [2012-11-14 12:43:01 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\krzysiek\AppData\Local\Temp\7zS652C\hpslpsvc64.dll -- (HPSLPSVC) SRV - [2012-08-15 15:18:40 | 000,357,016 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2012-08-15 15:17:26 | 000,435,864 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2012-08-15 14:36:34 | 015,680,000 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd) SRV - [2012-08-15 13:19:58 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService) SRV - [2012-08-01 17:10:32 | 000,917,656 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService) SRV - [2010-06-25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007-01-11 05:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2013-02-26 11:08:13 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt) DRV:[b]64bit:[/b] - [2013-01-09 06:40:00 | 000,020,328 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF) DRV:[b]64bit:[/b] - [2012-12-19 14:47:20 | 000,132,008 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:[b]64bit:[/b] - [2012-12-11 06:22:08 | 000,042,824 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV) DRV:[b]64bit:[/b] - [2012-10-17 23:19:24 | 000,460,600 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2012-10-17 23:19:22 | 000,044,344 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI) DRV:[b]64bit:[/b] - [2012-09-06 10:49:06 | 000,025,448 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN) DRV:[b]64bit:[/b] - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2012-08-23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2012-08-15 15:18:16 | 000,067,224 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:[b]64bit:[/b] - [2012-08-15 15:18:08 | 000,030,360 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:[b]64bit:[/b] - [2012-08-15 15:16:52 | 000,045,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge) DRV:[b]64bit:[/b] - [2012-08-15 15:16:50 | 000,020,120 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:[b]64bit:[/b] - [2012-08-01 17:10:36 | 000,052,376 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:[b]64bit:[/b] - [2012-08-01 17:10:24 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb) DRV:[b]64bit:[/b] - [2012-07-23 11:11:44 | 000,148,328 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf) DRV:[b]64bit:[/b] - [2012-07-06 12:29:52 | 000,085,104 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:[b]64bit:[/b] - [2012-07-06 12:29:52 | 000,070,256 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010-12-13 11:31:00 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-09-07 14:09:34 | 000,015,472 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smiifx64.sys -- (lenovo.smi) DRV:[b]64bit:[/b] - [2010-06-25 18:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:[b]64bit:[/b] - [2010-04-08 23:11:12 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:[b]64bit:[/b] - [2010-01-15 13:23:20 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2010-01-15 13:23:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2010-01-15 13:23:10 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2009-09-15 19:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) DRV:[b]64bit:[/b] - [2009-07-28 15:35:52 | 007,345,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-26 04:13:10 | 000,138,752 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) DRV:[b]64bit:[/b] - [2009-04-07 14:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2007-02-19 06:56:38 | 000,027,136 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-931704069-726066439-3094257101-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-931704069-726066439-3094257101-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-931704069-726066439-3094257101-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-02-26 11:02:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-02-26 14:11:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\krzysiek\AppData\Roaming\mozilla\Extensions [2013-02-26 11:02:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013-02-16 01:34:54 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013-02-16 05:27:09 | 000,002,980 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2013-02-16 05:27:09 | 000,001,619 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2013-02-16 05:27:09 | 000,001,130 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2013-02-16 05:27:09 | 000,001,071 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2013-02-16 05:27:09 | 000,001,396 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2013-02-16 05:27:09 | 000,001,896 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.) O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe (Google Inc.) O4 - HKLM..\Run: [Ad Muncher] C:\Program Files (x86)\Ad Muncher\AdMunch.exe (Murray Hurps Software Pty Ltd) O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found O4 - HKLM..\Run: [vmware-tray.exe] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-931704069-726066439-3094257101-1000..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE /FU "C:\Windows\TEMP\E_S8593.tmp" /EF "HKCU" File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm () O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F192DA63-4F2C-4DD1-B9BF-C2D1B1A3086F}: NameServer = 8.8.8.8,192.168.0.2 O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-02-08 16:54:01 | 000,000,000 | ---D | M] - D:\Automat do gier -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-03-04 15:58:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\krzysiek\Desktop\OTL.exe [2013-03-02 15:19:03 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Local\Adobe [2013-03-02 15:16:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2013-03-02 15:16:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2013-03-01 20:25:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NapiProjekt [2013-03-01 20:24:37 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Local\Programs [2013-02-28 20:13:57 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\Documents\SuperPuTTY [2013-02-28 11:03:59 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\GNS3 [2013-02-28 10:04:51 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\Cisco Packet Tracer 5.3 [2013-02-27 10:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual CertExam Suite [2013-02-27 10:17:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Visual CertExam Suite [2013-02-27 10:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Visual CertExam Suite [2013-02-27 09:51:47 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\calibre [2013-02-27 09:51:22 | 000,000,000 | ---D | C] -- C:\Program Files\Calibre2 [2013-02-27 09:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management [2013-02-27 08:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer [2013-02-27 08:37:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Packet Tracer 5.3 [2013-02-27 07:52:19 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Local\VMware [2013-02-27 07:52:17 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\VMware [2013-02-26 14:12:17 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Local\Macromedia [2013-02-26 14:11:02 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\Mozilla [2013-02-26 14:11:02 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Local\Mozilla [2013-02-26 12:55:24 | 000,067,224 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vsocklib.dll [2013-02-26 12:55:24 | 000,063,128 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vsocklib.dll [2013-02-26 12:55:23 | 000,070,256 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vsock.sys [2013-02-26 12:55:13 | 000,067,224 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys [2013-02-26 12:54:06 | 000,357,016 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe [2013-02-26 12:53:59 | 000,435,864 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe [2013-02-26 12:53:55 | 000,030,360 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys [2013-02-26 12:53:45 | 000,933,528 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll [2013-02-26 12:53:14 | 000,052,376 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys [2013-02-26 12:52:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware [2013-02-26 12:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware [2013-02-26 12:51:29 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware [2013-02-26 12:51:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware [2013-02-26 12:51:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware [2013-02-26 12:51:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Shared Virtual Machines [2013-02-26 12:43:07 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\DAEMON Tools Lite [2013-02-26 12:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2013-02-26 12:13:24 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\XnView [2013-02-26 12:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler [2013-02-26 12:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler [2013-02-26 11:11:49 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\.VirtualBox [2013-02-26 11:10:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox [2013-02-26 11:10:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2013-02-26 11:10:08 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2013-02-26 11:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt [2013-02-26 11:08:13 | 000,231,376 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys [2013-02-26 11:07:59 | 000,000,000 | ---D | C] -- C:\Program Files\TrueCrypt [2013-02-26 11:07:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP [2013-02-26 11:07:43 | 000,000,000 | -H-D | C] -- C:\Config.Msi [2013-02-26 11:06:11 | 001,010,816 | ---- | C] (Simon Tatham) -- C:\Program Files (x86)\putty.exe [2013-02-26 11:04:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Look@LAN [2013-02-26 11:04:02 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek [2013-02-26 11:04:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MetaGeek [2013-02-26 11:02:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013-02-26 11:02:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013-02-26 11:02:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013-02-26 10:43:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader [2013-02-26 10:43:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2013-02-26 10:36:18 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2013-02-26 10:34:09 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Local\ElevatedDiagnostics [2013-02-26 10:31:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite [2013-02-26 10:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON [2013-02-26 10:29:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [2013-02-26 10:18:38 | 000,008,704 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL [2013-02-26 10:18:37 | 000,129,536 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMCDE.DLL [2013-02-26 10:18:37 | 000,086,528 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBCDE.DLL [2013-02-26 10:18:33 | 000,000,000 | ---D | C] -- C:\Program Files\EPSON [2013-02-26 10:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan [2013-02-26 10:13:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson [2013-02-26 10:13:58 | 000,101,376 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxcwiad.dll [2013-02-26 10:04:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2013-02-26 10:04:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2013-02-26 09:16:59 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2013-02-26 09:16:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2013-02-26 09:11:21 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2013-02-26 09:11:21 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2013-02-26 09:11:21 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2013-02-26 09:11:20 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2013-02-26 09:11:20 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys [2013-02-26 09:11:20 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2013-02-26 09:11:19 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013-02-26 09:11:19 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll [2013-02-26 09:11:19 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2013-02-26 09:11:19 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013-02-26 09:11:19 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2013-02-26 09:11:19 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013-02-26 09:11:19 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2013-02-26 09:11:19 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2013-02-26 09:11:18 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2013-02-26 09:11:18 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2013-02-26 09:11:18 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2013-02-26 09:11:18 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2013-02-26 09:11:18 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013-02-26 09:11:18 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2013-02-26 09:11:18 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2013-02-26 09:11:18 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2013-02-26 09:11:18 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2013-02-26 09:11:17 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013-02-26 09:11:17 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013-02-26 09:04:02 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe [2013-02-26 09:01:19 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013-02-26 09:01:19 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013-02-26 09:01:19 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013-02-26 09:01:19 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013-02-26 09:01:19 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013-02-26 09:01:19 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013-02-26 09:01:18 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2013-02-26 09:01:18 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013-02-26 09:01:18 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013-02-26 09:01:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013-02-26 09:01:17 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013-02-26 09:01:17 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013-02-26 09:01:17 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013-02-26 09:01:17 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013-02-26 09:01:17 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013-02-26 09:01:17 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2013-02-26 09:01:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013-02-26 09:01:17 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2013-02-26 09:01:17 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013-02-26 09:01:17 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013-02-26 09:01:17 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013-02-26 09:01:17 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013-02-26 09:01:17 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2013-02-26 09:01:17 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013-02-26 09:01:17 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013-02-26 09:01:17 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2013-02-26 09:01:17 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013-02-26 09:01:17 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013-02-26 09:01:17 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013-02-26 09:01:17 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013-02-26 09:01:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013-02-26 09:01:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013-02-26 09:01:16 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013-02-26 09:01:16 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013-02-26 09:01:15 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013-02-26 09:01:15 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013-02-26 09:01:15 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013-02-26 09:01:15 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013-02-26 09:01:15 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013-02-26 09:01:15 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2013-02-26 09:01:15 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013-02-26 09:01:15 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013-02-26 09:01:15 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013-02-26 09:01:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2013-02-26 09:01:15 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2013-02-26 09:01:15 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013-02-26 09:01:15 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013-02-26 09:01:15 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013-02-26 09:01:15 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2013-02-26 09:01:15 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013-02-26 09:01:15 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013-02-26 09:01:15 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013-02-26 09:01:15 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013-02-26 09:01:15 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013-02-26 09:01:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013-02-26 09:01:15 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013-02-26 09:01:15 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013-02-26 09:01:14 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013-02-26 09:01:14 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013-02-26 09:01:14 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013-02-26 09:01:14 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013-02-26 09:01:14 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013-02-26 09:01:14 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013-02-26 09:01:14 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013-02-26 09:01:14 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013-02-26 09:01:14 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013-02-26 09:01:14 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013-02-26 09:01:14 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013-02-26 09:01:14 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013-02-26 09:01:14 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013-02-26 09:01:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013-02-26 09:01:14 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013-02-26 08:45:45 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2013-02-26 08:45:45 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2013-02-26 08:45:45 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2013-02-26 08:45:45 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2013-02-26 08:45:44 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2013-02-26 08:45:44 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2013-02-26 08:44:57 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2013-02-26 08:44:57 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2013-02-26 08:44:57 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2013-02-26 08:44:57 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2013-02-26 08:42:42 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2013-02-26 08:42:42 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2013-02-26 08:38:54 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2013-02-26 08:38:54 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2013-02-26 08:38:27 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2013-02-26 08:38:22 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013-02-26 08:37:49 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2013-02-26 08:37:49 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2013-02-26 08:37:49 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2013-02-26 08:37:49 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2013-02-26 08:37:49 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2013-02-26 08:37:49 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2013-02-26 08:37:49 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2013-02-26 08:37:48 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe [2013-02-26 08:37:45 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2013-02-26 08:37:45 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2013-02-26 08:37:42 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013-02-26 08:37:41 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013-02-26 08:37:41 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013-02-26 08:37:39 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2013-02-26 08:37:39 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2013-02-26 08:37:37 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2013-02-26 08:37:37 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2013-02-26 08:37:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2013-02-26 08:37:28 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013-02-26 08:37:27 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2013-02-26 08:37:27 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2013-02-26 08:37:25 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe [2013-02-26 08:37:25 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll [2013-02-26 08:36:53 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013-02-26 08:36:53 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013-02-26 08:36:53 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013-02-26 08:36:53 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013-02-26 08:36:53 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013-02-26 08:36:53 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013-02-26 08:36:53 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013-02-26 08:36:53 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013-02-26 08:36:53 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013-02-26 08:36:53 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013-02-26 08:36:53 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013-02-26 08:36:53 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013-02-26 08:36:53 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013-02-26 08:36:53 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013-02-26 08:36:53 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013-02-26 08:36:53 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013-02-26 08:36:53 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013-02-26 08:36:53 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013-02-26 08:36:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013-02-26 08:36:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013-02-26 08:36:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013-02-26 08:36:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013-02-26 08:36:53 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013-02-26 08:36:53 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013-02-26 08:36:52 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013-02-26 08:36:52 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013-02-26 08:36:52 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013-02-26 08:36:52 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013-02-26 08:36:52 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013-02-26 08:36:52 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013-02-26 08:36:52 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013-02-26 08:36:52 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013-02-26 08:36:42 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013-02-26 08:36:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013-02-26 08:36:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013-02-26 08:36:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013-02-26 08:36:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013-02-26 08:36:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013-02-26 08:36:37 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2013-02-26 08:36:37 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2013-02-26 08:36:22 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2013-02-26 08:36:22 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2013-02-26 08:36:21 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2013-02-26 08:36:21 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2013-02-26 08:36:21 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2013-02-26 08:36:21 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2013-02-26 08:36:21 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2013-02-26 08:36:21 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2013-02-26 08:36:21 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2013-02-26 08:36:21 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe [2013-02-26 08:36:21 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe [2013-02-26 08:36:21 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2013-02-26 08:36:21 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2013-02-26 08:36:08 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013-02-26 08:36:08 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013-02-26 08:36:08 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013-02-26 08:36:08 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013-02-26 08:36:07 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013-02-26 08:36:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013-02-26 08:36:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013-02-26 08:36:07 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013-02-26 08:36:07 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013-02-26 08:36:07 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013-02-26 08:36:07 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013-02-26 08:36:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013-02-26 08:36:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013-02-26 08:36:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013-02-26 08:36:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013-02-26 08:36:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013-02-26 08:36:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013-02-26 08:36:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013-02-26 08:36:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013-02-26 08:36:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013-02-26 08:36:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013-02-26 08:36:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013-02-26 08:36:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013-02-26 08:36:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013-02-26 08:36:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013-02-26 08:35:51 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2013-02-26 08:35:51 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2013-02-26 08:35:51 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2013-02-26 08:35:51 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2013-02-26 08:35:51 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2013-02-26 08:35:51 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2013-02-26 08:35:51 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2013-02-26 08:35:51 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2013-02-26 08:35:51 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2013-02-26 08:35:47 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2013-02-26 08:35:47 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2013-02-26 08:35:47 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2013-02-26 08:35:42 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2013-02-26 08:35:41 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2013-02-26 08:35:40 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2013-02-26 08:35:40 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2013-02-26 08:35:40 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2013-02-26 08:35:37 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2013-02-26 08:35:37 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2013-02-26 08:35:35 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2013-02-26 08:35:35 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2013-02-26 08:35:32 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2013-02-26 08:35:32 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013-02-26 08:35:30 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013-02-26 08:35:29 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013-02-26 08:35:29 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013-02-26 08:35:25 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2013-02-26 08:35:25 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2013-02-26 08:35:25 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2013-02-26 08:35:25 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2013-02-26 08:35:25 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2013-02-26 08:35:25 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2013-02-26 08:35:08 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013-02-26 08:35:04 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013-02-26 08:35:01 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2013-02-26 08:35:01 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2013-02-26 08:34:58 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013-02-26 08:34:58 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013-02-26 08:34:56 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2013-02-26 08:34:55 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2013-02-26 08:34:55 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2013-02-26 08:34:50 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2013-02-26 08:34:49 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2013-02-26 08:34:49 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2013-02-26 08:34:48 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2013-02-26 08:34:48 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2013-02-26 08:34:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013-02-26 08:34:41 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013-02-26 08:34:40 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2013-02-26 08:34:40 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2013-02-26 08:34:38 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013-02-26 08:34:37 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2013-02-26 08:33:39 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2013-02-26 08:33:39 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2013-02-26 08:33:39 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll [2013-02-26 08:33:39 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2013-02-26 08:33:39 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2013-02-26 08:33:39 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2013-02-26 08:33:35 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2013-02-26 08:33:35 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2013-02-26 08:33:35 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2013-02-26 08:33:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2013-02-26 08:33:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2013-02-26 08:33:08 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2013-02-26 08:33:08 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2013-02-26 08:32:34 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013-02-26 08:32:16 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2013-02-26 08:32:16 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2013-02-26 08:32:16 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2013-02-26 08:32:16 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2013-02-26 08:32:09 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013-02-26 08:32:09 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013-02-26 08:31:54 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2013-02-26 08:31:51 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2013-02-26 08:31:47 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2013-02-26 08:31:47 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2013-02-26 08:31:47 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2013-02-26 08:31:46 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2013-02-26 08:31:46 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2013-02-26 08:31:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2013-02-26 08:31:45 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys [2013-02-26 08:31:44 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2013-02-26 08:31:43 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2013-02-26 08:31:42 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2013-02-26 08:31:41 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2013-02-26 08:31:18 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Local\GHISLER [2013-02-26 07:52:50 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\Macromedia [2013-02-26 07:52:50 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\Adobe [2013-02-26 07:52:12 | 000,691,568 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-02-26 07:52:11 | 000,071,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-02-26 07:52:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2013-02-26 07:52:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2013-02-26 07:51:41 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013-02-26 07:51:40 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2013-02-26 07:51:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013-02-26 07:46:39 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2013-02-26 07:46:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2013-02-26 07:29:33 | 000,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys [2013-02-26 07:28:06 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Local\Broadcom [2013-02-26 07:28:06 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\Documents\Bluetooth Exchange Folder [2013-02-26 07:27:16 | 000,132,648 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys [2013-02-26 07:27:16 | 000,035,104 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys [2013-02-26 07:27:16 | 000,021,288 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys [2013-02-26 07:27:15 | 000,098,344 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys [2013-02-26 07:21:51 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2013-02-26 07:21:51 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2013-02-26 07:21:51 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2013-02-26 07:21:41 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2013-02-26 07:21:41 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2013-02-26 07:21:41 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2013-02-26 07:21:30 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2013-02-26 07:21:30 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2013-02-25 23:11:55 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\PwrMgr [2013-02-25 23:10:59 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Local\Lenovo [2013-02-25 22:53:33 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2013-02-25 22:53:33 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2013-02-25 22:52:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JMicron [2013-02-25 22:52:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SDA [2013-02-25 22:52:30 | 000,203,352 | ---- | C] (JMicron Technology Corporation) -- C:\Windows\SysWow64\jmcricon.dll [2013-02-25 22:52:30 | 000,203,352 | ---- | C] (JMicron Technology Corporation) -- C:\Windows\SysNative\jmcricon.dll [2013-02-25 22:52:30 | 000,174,168 | ---- | C] (JMicron Technology Corporation) -- C:\Windows\SysNative\drivers\jmcr.sys [2013-02-25 22:51:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\x64 [2013-02-25 22:51:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Lang [2013-02-25 22:51:11 | 000,997,912 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igxpun.exe [2013-02-25 22:51:11 | 000,000,000 | ---D | C] -- C:\Intel [2013-02-25 22:51:10 | 000,138,752 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcHdmi.sys [2013-02-25 22:51:10 | 000,059,392 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\oemdspif.dll [2013-02-25 22:51:09 | 001,306,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v1855.dll [2013-02-25 22:51:09 | 000,491,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe [2013-02-25 22:51:09 | 000,371,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll [2013-02-25 22:51:09 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc [2013-02-25 22:51:09 | 000,281,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc [2013-02-25 22:51:09 | 000,264,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc [2013-02-25 22:51:09 | 000,165,912 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe [2013-02-25 22:51:09 | 000,055,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll [2013-02-25 22:51:08 | 005,694,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll [2013-02-25 22:51:08 | 000,365,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe [2013-02-25 22:51:08 | 000,312,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc [2013-02-25 22:51:08 | 000,306,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc [2013-02-25 22:51:08 | 000,305,664 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc [2013-02-25 22:51:08 | 000,305,664 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc [2013-02-25 22:51:08 | 000,305,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresp.lrc [2013-02-25 22:51:08 | 000,301,568 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc [2013-02-25 22:51:08 | 000,296,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc [2013-02-25 22:51:08 | 000,293,376 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc [2013-02-25 22:51:08 | 000,291,328 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc [2013-02-25 22:51:08 | 000,290,304 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc [2013-02-25 22:51:08 | 000,289,792 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc [2013-02-25 22:51:08 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc [2013-02-25 22:51:08 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc [2013-02-25 22:51:08 | 000,283,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc [2013-02-25 22:51:08 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc [2013-02-25 22:51:08 | 000,282,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc [2013-02-25 22:51:08 | 000,279,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc [2013-02-25 22:51:08 | 000,278,016 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc [2013-02-25 22:51:08 | 000,258,560 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll [2013-02-25 22:51:08 | 000,254,464 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc [2013-02-25 22:51:08 | 000,251,904 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc [2013-02-25 22:51:08 | 000,246,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll [2013-02-25 22:51:08 | 000,216,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll [2013-02-25 22:51:08 | 000,215,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe [2013-02-25 22:51:08 | 000,208,896 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc [2013-02-25 22:51:08 | 000,207,360 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc [2013-02-25 22:51:08 | 000,181,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc [2013-02-25 22:51:08 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc [2013-02-25 22:51:08 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll [2013-02-25 22:51:08 | 000,125,952 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl [2013-02-25 22:51:08 | 000,027,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll [2013-02-25 22:51:07 | 005,616,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll [2013-02-25 22:51:07 | 000,845,848 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcfg.exe [2013-02-25 22:51:07 | 000,549,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll [2013-02-25 22:51:06 | 007,345,632 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys [2013-02-25 22:51:05 | 003,799,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll [2013-02-25 22:51:05 | 003,646,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll [2013-02-25 22:51:04 | 008,095,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll [2013-02-25 22:51:04 | 006,042,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll [2013-02-25 22:51:03 | 005,195,776 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4dev64.dll [2013-02-25 22:51:03 | 003,839,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4dev32.dll [2013-02-25 22:51:03 | 000,387,608 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe [2013-02-25 22:51:03 | 000,108,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll [2013-02-25 22:51:03 | 000,099,328 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe [2013-02-25 22:50:54 | 000,000,000 | ---D | C] -- C:\Program Files\ThinkPad [2013-02-25 22:50:09 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2013-02-25 22:49:42 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll [2013-02-25 22:49:41 | 000,460,600 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys [2013-02-25 22:49:41 | 000,229,176 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPAPI.dll [2013-02-25 22:49:41 | 000,177,976 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo14.dll [2013-02-25 22:49:41 | 000,113,976 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll [2013-02-25 22:49:40 | 001,048,376 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCOM.dll [2013-02-25 22:49:40 | 000,539,960 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll [2013-02-25 22:49:39 | 000,044,344 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys [2013-02-25 22:48:24 | 002,692,904 | ---- | C] (Lenovo Group Limited) -- C:\Windows\PWMBTHLV.EXE [2013-02-25 22:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ThinkPad [2013-02-25 22:48:12 | 002,811,688 | ---- | C] (Lenovo Group Limited) -- C:\Windows\SysNative\PWMCP64V.cpl [2013-02-25 22:48:12 | 000,020,328 | ---- | C] (Lenovo Group Limited) -- C:\Windows\SysNative\drivers\TPPWR64V.SYS [2013-02-25 22:47:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lenovo [2013-02-25 22:47:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Lenovo [2013-02-25 22:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\Lenovo [2013-02-25 22:47:03 | 000,015,472 | ---- | C] (Lenovo Group Limited) -- C:\Windows\SysNative\drivers\smiifx64.sys [2013-02-25 22:45:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2013-02-25 22:45:51 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2013-02-25 22:45:24 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2013-02-25 22:45:24 | 001,913,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2013-02-25 22:45:24 | 001,660,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2013-02-25 22:45:24 | 000,612,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2013-02-25 22:45:24 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2013-02-25 22:45:24 | 000,477,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2013-02-25 22:45:24 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2013-02-25 22:45:24 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2013-02-25 22:45:24 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2013-02-25 22:45:24 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2013-02-25 22:45:24 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2013-02-25 22:45:24 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2013-02-25 22:45:24 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2013-02-25 22:45:23 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2013-02-25 22:45:23 | 001,325,328 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2013-02-25 22:45:23 | 001,210,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2013-02-25 22:45:23 | 001,178,384 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2013-02-25 22:45:23 | 001,110,800 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2013-02-25 22:45:23 | 000,504,592 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2013-02-25 22:45:23 | 000,489,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2013-02-25 22:45:23 | 000,474,896 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2013-02-25 22:45:23 | 000,325,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2013-02-25 22:45:23 | 000,321,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2013-02-25 22:45:23 | 000,315,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2013-02-25 22:45:23 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2013-02-25 22:45:23 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2013-02-25 22:45:23 | 000,268,560 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2013-02-25 22:45:23 | 000,265,488 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2013-02-25 22:45:23 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2013-02-25 22:45:23 | 000,168,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2013-02-25 22:45:23 | 000,123,664 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2013-02-25 22:45:23 | 000,123,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2013-02-25 22:45:23 | 000,122,128 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2013-02-25 22:45:23 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2013-02-25 22:45:23 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2013-02-25 22:45:23 | 000,069,664 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll [2013-02-25 22:45:22 | 001,247,776 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2013-02-25 22:45:22 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2013-02-25 22:45:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2013-02-25 22:43:42 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll [2013-02-25 22:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2013-02-25 22:43:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2013-02-25 22:42:54 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2013-02-25 22:42:39 | 000,054,824 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btusbflt.sys [2013-02-25 22:42:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2013-02-25 22:42:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2013-02-25 22:41:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView [2013-02-25 22:41:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XnView [2013-02-25 22:40:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2013-02-25 22:40:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2013-02-25 22:40:18 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2013-02-25 22:40:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2013-02-25 22:40:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2013-02-25 22:40:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2013-02-25 22:38:16 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\Wireshark [2013-02-25 22:38:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2013-02-25 22:37:31 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer [2013-02-25 22:37:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The KMPlayer [2013-02-25 22:37:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013-02-25 22:36:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2013-02-25 22:36:31 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Local\Microsoft Help [2013-02-25 22:36:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013-02-25 22:36:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013-02-25 22:36:18 | 000,000,000 | RH-D | C] -- C:\MSOCache [2013-02-25 22:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GNS3 [2013-02-25 22:31:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wireshark [2013-02-25 22:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap [2013-02-25 22:31:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap [2013-02-25 22:31:29 | 000,000,000 | ---D | C] -- C:\Program Files\GNS3 [2013-02-25 22:30:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013-02-25 22:30:09 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gmail Notifier [2013-02-25 22:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gmail Notifier [2013-02-25 22:28:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools [2013-02-25 22:28:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Lenovo [2013-02-25 22:27:27 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\AIMP [2013-02-25 22:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP2 [2013-02-25 22:27:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIMP2 [2013-02-25 22:27:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander [2013-02-25 22:27:03 | 000,000,000 | ---D | C] -- C:\totalcmd [2013-02-25 22:27:03 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\GHISLER [2013-02-25 22:26:28 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\WinRAR [2013-02-25 22:26:28 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013-02-25 22:26:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013-02-25 22:25:50 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2013-02-25 22:25:36 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\uTorrent [2013-02-25 22:24:52 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2013-02-25 22:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad Muncher [2013-02-25 22:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad Muncher [2013-02-25 22:21:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad Muncher [2013-02-25 22:16:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lenovo [2013-02-25 22:16:30 | 000,027,136 | ---- | C] (Lenovo (United States) Inc.) -- C:\Windows\SysNative\drivers\psadd.sys [2013-02-25 22:15:39 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2013-02-25 22:14:30 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013-02-25 22:14:30 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\Searches [2013-02-25 22:14:30 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013-02-25 22:14:20 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\Identities [2013-02-25 22:14:17 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\Contacts [2013-02-25 22:14:14 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Local\VirtualStore [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\Ustawienia lokalne [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\AppData\Local\Temporary Internet Files [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\Szablony [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\SendTo [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\Recent [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\PrintHood [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\NetHood [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\Documents\Moje wideo [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\Documents\Moje obrazy [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\Moje dokumenty [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\Documents\Moja muzyka [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\Menu Start [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\AppData\Local\Historia [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\Dane aplikacji [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\AppData\Local\Dane aplikacji [2013-02-25 22:14:05 | 000,000,000 | -HSD | C] -- C:\Users\krzysiek\Cookies [2013-02-25 22:14:04 | 000,000,000 | --SD | C] -- C:\Users\krzysiek\AppData\Roaming\Microsoft [2013-02-25 22:14:04 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\Videos [2013-02-25 22:14:04 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\Saved Games [2013-02-25 22:14:04 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\Pictures [2013-02-25 22:14:04 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\Music [2013-02-25 22:14:04 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013-02-25 22:14:04 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\Links [2013-02-25 22:14:04 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\Favorites [2013-02-25 22:14:04 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\Downloads [2013-02-25 22:14:04 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\Documents [2013-02-25 22:14:04 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\Desktop [2013-02-25 22:14:04 | 000,000,000 | R--D | C] -- C:\Users\krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013-02-25 22:14:04 | 000,000,000 | -H-D | C] -- C:\Users\krzysiek\AppData [2013-02-25 22:14:04 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Local\Temp [2013-02-25 22:14:04 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Local\Microsoft [2013-02-25 22:14:04 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\Media Center Programs [2013-02-25 22:13:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2013-02-25 22:13:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2013-02-25 22:13:47 | 000,000,000 | -HSD | C] -- C:\Recovery [2013-02-25 22:13:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2013-02-25 22:13:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2013-02-25 22:13:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2013-02-25 22:13:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2013-02-25 22:13:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2013-02-25 22:13:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2013-02-25 22:13:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2013-02-25 22:13:16 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Roaming\Opera [2013-02-25 22:13:16 | 000,000,000 | ---D | C] -- C:\Users\krzysiek\AppData\Local\Opera [2013-02-25 22:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [2013-02-25 22:07:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013-02-25 22:05:14 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2013-02-25 22:04:19 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2013-02-25 22:03:31 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2013-02-25 22:03:25 | 000,000,000 | -HSD | C] -- C:\Boot [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-03-04 16:02:28 | 000,022,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-03-04 16:02:28 | 000,022,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-03-04 16:01:55 | 001,531,594 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-03-04 16:01:55 | 000,690,512 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-03-04 16:01:55 | 000,609,874 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-03-04 16:01:55 | 000,132,592 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-03-04 16:01:55 | 000,104,778 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-03-04 15:58:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\krzysiek\Desktop\OTL.exe [2013-03-04 15:53:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-03-04 15:53:16 | 1504,337,920 | -HS- | M] () -- C:\hiberfil.sys [2013-03-04 14:31:32 | 000,001,810 | ---- | M] () -- C:\Users\krzysiek\SuperPutty.settings [2013-02-28 10:04:51 | 000,000,186 | ---- | M] () -- C:\Users\krzysiek\.packettracer [2013-02-27 08:38:01 | 000,001,229 | ---- | M] () -- C:\Users\krzysiek\Desktop\Cisco Packet Tracer.lnk [2013-02-26 22:45:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013-02-26 12:52:52 | 000,001,024 | ---- | M] () -- C:\.rnd [2013-02-26 12:52:42 | 001,549,394 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013-02-26 12:52:37 | 000,002,127 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk [2013-02-26 11:10:44 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2013-02-26 11:08:18 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\TrueCrypt.lnk [2013-02-26 11:08:13 | 000,231,376 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys [2013-02-26 11:06:21 | 000,001,236 | ---- | M] () -- C:\Users\krzysiek\Desktop\putty.lnk [2013-02-26 11:04:02 | 000,003,059 | ---- | M] () -- C:\Users\krzysiek\Desktop\inSSIDer.lnk [2013-02-26 11:02:42 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013-02-26 10:13:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013-02-26 10:08:09 | 000,417,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-02-26 09:54:11 | 000,007,605 | ---- | M] () -- C:\Users\krzysiek\AppData\Local\Resmon.ResmonCfg [2013-02-26 09:01:19 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013-02-26 09:01:19 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013-02-26 09:01:19 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013-02-26 09:01:19 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013-02-26 09:01:19 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013-02-26 09:01:19 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013-02-26 09:01:18 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013-02-26 09:01:18 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2013-02-26 09:01:18 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013-02-26 09:01:18 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013-02-26 09:01:18 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013-02-26 09:01:17 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013-02-26 09:01:17 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013-02-26 09:01:17 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013-02-26 09:01:17 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013-02-26 09:01:17 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013-02-26 09:01:17 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2013-02-26 09:01:17 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2013-02-26 09:01:17 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013-02-26 09:01:17 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013-02-26 09:01:17 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013-02-26 09:01:17 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013-02-26 09:01:17 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2013-02-26 09:01:17 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013-02-26 09:01:17 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013-02-26 09:01:17 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2013-02-26 09:01:17 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013-02-26 09:01:17 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013-02-26 09:01:17 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013-02-26 09:01:17 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013-02-26 09:01:17 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013-02-26 09:01:17 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013-02-26 09:01:17 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013-02-26 09:01:16 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013-02-26 09:01:16 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013-02-26 09:01:16 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013-02-26 09:01:15 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013-02-26 09:01:15 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013-02-26 09:01:15 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013-02-26 09:01:15 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013-02-26 09:01:15 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013-02-26 09:01:15 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013-02-26 09:01:15 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2013-02-26 09:01:15 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013-02-26 09:01:15 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013-02-26 09:01:15 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2013-02-26 09:01:15 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2013-02-26 09:01:15 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013-02-26 09:01:15 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013-02-26 09:01:15 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013-02-26 09:01:15 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2013-02-26 09:01:15 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013-02-26 09:01:15 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013-02-26 09:01:15 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013-02-26 09:01:15 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013-02-26 09:01:15 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013-02-26 09:01:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013-02-26 09:01:15 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013-02-26 09:01:15 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013-02-26 09:01:14 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013-02-26 09:01:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013-02-26 09:01:14 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013-02-26 09:01:14 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013-02-26 09:01:14 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013-02-26 09:01:14 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013-02-26 09:01:14 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013-02-26 09:01:14 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013-02-26 09:01:14 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013-02-26 09:01:14 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013-02-26 09:01:14 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013-02-26 09:01:14 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013-02-26 09:01:14 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013-02-26 09:01:14 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013-02-26 09:01:14 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013-02-26 08:54:13 | 000,000,890 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-02-26 07:52:12 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-02-26 07:52:11 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-02-25 23:10:30 | 000,014,750 | ---- | M] () -- C:\Windows\SysNative\results.xml [2013-02-25 22:53:43 | 001,010,816 | ---- | M] (Simon Tatham) -- C:\Program Files (x86)\putty.exe [2013-02-25 22:50:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2013-02-25 22:50:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf [2013-02-25 22:32:30 | 000,001,616 | ---- | M] () -- C:\Users\krzysiek\Desktop\GNS3.lnk [2013-02-25 22:32:00 | 000,845,600 | ---- | M] () -- C:\Users\krzysiek\Desktop\Instrukcja_pl.pdf [2013-02-25 22:32:00 | 000,001,732 | ---- | M] () -- C:\Users\Public\Desktop\Wireshark.lnk [2013-02-25 22:27:05 | 000,000,646 | ---- | M] () -- C:\Users\Public\Desktop\Total Commander 64 bit.lnk [2013-02-25 22:25:01 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2013-02-25 22:13:14 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2013-02-25 22:08:54 | 000,185,589 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2013-02-25 22:08:54 | 000,185,589 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2013-02-25 22:03:27 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2013-02-13 03:51:51 | 000,365,568 | ---- | M] () -- C:\Users\krzysiek\Desktop\7ohtgt8p.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-03-04 15:23:10 | 000,365,568 | ---- | C] () -- C:\Users\krzysiek\Desktop\7ohtgt8p.exe [2013-02-28 20:14:47 | 000,001,810 | ---- | C] () -- C:\Users\krzysiek\SuperPutty.settings [2013-02-28 10:04:51 | 000,000,186 | ---- | C] () -- C:\Users\krzysiek\.packettracer [2013-02-27 08:38:01 | 000,001,229 | ---- | C] () -- C:\Users\krzysiek\Desktop\Cisco Packet Tracer.lnk [2013-02-27 08:36:39 | 068,549,920 | ---- | C] () -- C:\Users\krzysiek\Desktop\NetEncy2E.pdf [2013-02-27 08:36:38 | 011,093,003 | ---- | C] () -- C:\Users\krzysiek\Desktop\EncySecur.pdf [2013-02-27 08:36:38 | 000,045,749 | ---- | C] () -- C:\Users\krzysiek\Desktop\BinaryMath.pdf [2013-02-26 22:45:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013-02-26 12:52:52 | 000,001,024 | ---- | C] () -- C:\.rnd [2013-02-26 12:52:42 | 001,549,394 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013-02-26 12:52:37 | 000,002,127 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk [2013-02-26 11:10:44 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2013-02-26 11:08:18 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\TrueCrypt.lnk [2013-02-26 11:06:21 | 000,001,236 | ---- | C] () -- C:\Users\krzysiek\Desktop\putty.lnk [2013-02-26 11:04:02 | 000,003,059 | ---- | C] () -- C:\Users\krzysiek\Desktop\inSSIDer.lnk [2013-02-26 11:02:42 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013-02-26 11:02:42 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013-02-26 10:13:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013-02-26 09:54:11 | 000,007,605 | ---- | C] () -- C:\Users\krzysiek\AppData\Local\Resmon.ResmonCfg [2013-02-26 09:17:02 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013-02-26 09:01:17 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013-02-26 09:01:14 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013-02-26 08:44:56 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2013-02-26 08:30:20 | 000,155,977 | ---- | C] () -- C:\Users\krzysiek\Desktop\TC Color Presets v1.2 (b274) (03-11-23).rar [2013-02-26 07:26:28 | 000,000,890 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-02-25 23:10:30 | 000,014,750 | ---- | C] () -- C:\Windows\SysNative\results.xml [2013-02-25 22:51:10 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\HdmiCoin.dll [2013-02-25 22:51:09 | 002,805,511 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa [2013-02-25 22:51:09 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2013-02-25 22:51:09 | 000,982,220 | ---- | C] () -- C:\Windows\SysNative\igkrng500.bin [2013-02-25 22:51:09 | 000,059,442 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp [2013-02-25 22:51:09 | 000,059,330 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp [2013-02-25 22:51:09 | 000,058,839 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp [2013-02-25 22:51:09 | 000,004,436 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp [2013-02-25 22:51:09 | 000,001,073 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp [2013-02-25 22:51:07 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin [2013-02-25 22:51:07 | 000,134,592 | ---- | C] () -- C:\Windows\SysNative\igfcg500.bin [2013-02-25 22:51:07 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin [2013-02-25 22:51:07 | 000,092,216 | ---- | C] () -- C:\Windows\SysNative\igfcg500m.bin [2013-02-25 22:51:05 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2013-02-25 22:51:05 | 000,439,300 | ---- | C] () -- C:\Windows\SysNative\igcompkrng500.bin [2013-02-25 22:50:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2013-02-25 22:50:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf [2013-02-25 22:49:40 | 001,048,576 | ---- | C] () -- C:\Windows\SysNative\syndata.bin [2013-02-25 22:32:30 | 000,001,616 | ---- | C] () -- C:\Users\krzysiek\Desktop\GNS3.lnk [2013-02-25 22:32:00 | 000,845,600 | ---- | C] () -- C:\Users\krzysiek\Desktop\Instrukcja_pl.pdf [2013-02-25 22:32:00 | 000,001,744 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk [2013-02-25 22:32:00 | 000,001,732 | ---- | C] () -- C:\Users\Public\Desktop\Wireshark.lnk [2013-02-25 22:27:05 | 000,000,646 | ---- | C] () -- C:\Users\Public\Desktop\Total Commander 64 bit.lnk [2013-02-25 22:15:26 | 000,001,417 | ---- | C] () -- C:\Users\krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2013-02-25 22:15:18 | 000,001,451 | ---- | C] () -- C:\Users\krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013-02-25 22:13:14 | 000,001,841 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2013-02-25 22:13:14 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2013-02-25 22:08:39 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2013-02-25 22:08:29 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2013-02-25 22:04:19 | 1504,337,920 | -HS- | C] () -- C:\hiberfil.sys [2013-02-25 22:03:27 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2013-02-25 22:03:26 | 000,383,786 | RHS- | C] () -- C:\bootmgr [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2013-03-04 14:34:41 | 000,000,000 | ---D | M] -- C:\Users\krzysiek\AppData\Roaming\AIMP [2013-02-27 09:53:51 | 000,000,000 | ---D | M] -- C:\Users\krzysiek\AppData\Roaming\calibre [2013-02-27 08:44:30 | 000,000,000 | ---D | M] -- C:\Users\krzysiek\AppData\Roaming\DAEMON Tools Lite [2013-03-04 14:34:41 | 000,000,000 | ---D | M] -- C:\Users\krzysiek\AppData\Roaming\GHISLER [2013-02-25 22:13:16 | 000,000,000 | ---D | M] -- C:\Users\krzysiek\AppData\Roaming\Opera [2013-02-25 23:11:55 | 000,000,000 | ---D | M] -- C:\Users\krzysiek\AppData\Roaming\PwrMgr [2013-03-04 14:34:41 | 000,000,000 | ---D | M] -- C:\Users\krzysiek\AppData\Roaming\uTorrent [2013-02-25 22:38:16 | 000,000,000 | ---D | M] -- C:\Users\krzysiek\AppData\Roaming\Wireshark [2013-03-04 14:34:41 | 000,000,000 | ---D | M] -- C:\Users\krzysiek\AppData\Roaming\XnView [color=#E56717]========== Purity Check ==========[/color] < End of report >