DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16686 BrowserJavaVersion: 10.21.2
Run by Beata at 13:37:49 on 2013-10-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.48.1045.18.3548.2348 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\windows\system32\taskhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\lpksetup.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://
www.google.pl/
uDefault_Page_URL = hxxp://samsung.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxp://
www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.200.0.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A93EFB65-B55A-4BE2-BC7E-AF2B3629A448} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{A93EFB65-B55A-4BE2-BC7E-AF2B3629A448}\3456C6C605960756F583246323 : DHCPNameServer = 194.204.152.34 194.204.159.1
TCP: Interfaces\{A93EFB65-B55A-4BE2-BC7E-AF2B3629A448}\E2A3A305279667164756A3A3E2 : DHCPNameServer = 192.168.1.1
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Beata\AppData\Roaming\Mozilla\Firefox\Profiles\6s23pvng.default\
FF - prefs.js: browser.search.selectedEngine - Allegro
FF - prefs.js: browser.startup.homepage -
www.onet.pl
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2012-5-4 82048]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2012-5-4 42624]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\windows\System32\drivers\amdkmpfd.sys [2012-5-8 32896]
R0 aswRvrt;aswRvrt;C:\windows\System32\drivers\aswRvrt.sys [2013-3-27 65336]
R0 aswVmm;aswVmm;C:\windows\System32\drivers\aswVmm.sys [2013-3-27 189936]
R1 aswKbd;aswKbd;C:\windows\System32\drivers\aswKbd.sys [2013-4-29 22600]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2013-3-27 1030952]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2013-3-27 378944]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2012-6-14 13824]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-5-4 235520]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2013-3-27 33400]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-3-27 80816]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-3-9 107648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-19 46808]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-5 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-5 701512]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-6-14 31624]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\windows\System32\drivers\amdhub30.sys [2012-5-4 102528]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\windows\System32\drivers\amdxhc.sys [2012-5-4 219776]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\windows\System32\drivers\btath_flt.sys [2012-3-9 36480]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\windows\System32\drivers\AtihdW76.sys [2012-2-10 95248]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\drivers\btath_a2dp.sys [2012-3-9 340096]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\windows\System32\drivers\btath_avdt.sys [2012-3-9 111232]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\windows\System32\drivers\btath_bus.sys [2012-3-9 30848]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\drivers\btath_hcrp.sys [2012-3-9 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\drivers\btath_lwflt.sys [2012-3-9 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\drivers\btath_rcp.sys [2012-3-9 281472]
R3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2012-3-9 551552]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-8-17 31216]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2012-3-30 242512]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-10-5 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-6-14 648808]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 usbfilter;AMD USB Filter Driver;C:\windows\System32\drivers\usbfilter.sys [2012-6-14 56448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S3 ggflt;SEMC USB Flash Driver Filter;C:\windows\System32\drivers\ggflt.sys [2013-3-16 14448]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-5-26 19456]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-5-26 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-5-26 30208]
S3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;C:\windows\System32\Wat\WatAdminSvc.exe [2012-11-17 1255736]
S3 zte_cdc_acm;ZTE All CDC-ACM driver;C:\windows\System32\drivers\zte_cdc_acm.sys [2012-11-12 79872]
S3 zte_cpo;ZTE All Install;C:\windows\System32\drivers\zte_cpo.sys [2012-11-12 14336]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-10-05 11:19:5525928----a-w-C:\windows\System32\drivers\mbam.sys
2013-10-05 11:19:55--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-04 16:59:329694160----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0D781A51-BE75-4C6C-B89B-8C4B5BB84202}\mpengine.dll
2013-10-02 18:09:17--------d-----w-C:\Users\Beata\TMOP2BackUp_Z
2013-09-26 20:05:06--------d-----w-C:\Autosave
2013-09-26 20:04:47--------d-----w-C:\LibFillBmp
2013-09-26 20:02:3453248----a-w-C:\windows\SysWow64\mfc42loc.dll
2013-09-26 20:02:34--------d-----w-C:\Rysunki
2013-09-26 20:02:25151552----a-w-C:\ExpDxf.dll
2013-09-26 20:02:25118784----a-w-C:\impdxf.dll
2013-09-26 20:02:25--------d-----w-C:\LibObj
2013-09-26 20:02:25--------d-----w-C:\LibFillObj
2013-09-26 20:02:25--------d-----w-C:\LibFillLine
2013-09-26 20:02:2490112----a-w-C:\md5gen32.dll
2013-09-26 20:02:24310272----a-w-C:\czytajto.exe
2013-09-26 20:02:241511424----a-w-C:\rysgrid.dll
2013-09-26 20:02:241507328----a-w-C:\Rysunek.exe
2013-09-26 20:02:241331200----a-w-C:\rysgridas.dll
2013-09-26 20:01:2995484----a-w-C:\windows\SysWow64\drivers\KMM4XNT.SYS
2013-09-26 20:01:2924576----a-w-C:\windows\SysWow64\KMM4XNTD.DLL
2013-09-26 20:01:29225280------w-C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-09-26 20:01:2877824----a-w-C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-09-26 20:01:2832768------w-C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-09-26 20:01:28176128------w-C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-09-26 20:01:26614532----a-w-C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-09-25 13:50:32--------d-----w-C:\Program Files (x86)\VS Revo Group
2013-09-25 13:04:41--------d-----w-C:\AdwCleaner
2013-09-25 12:27:20--------d-----w-C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-09-25 12:11:12--------d-----w-C:\Users\Beata\AppData\Local\{2DFF2F05-4930-4B76-B480-C6FB3C6B8EB8}
2013-09-21 17:51:57148992----a-w-C:\Program Files\Internet Explorer\jsdebuggeride.dll
2013-09-17 16:28:50155584----a-w-C:\windows\System32\drivers\ataport.sys
.
==================== Find3M ====================
.
2013-09-20 17:35:3671048----a-w-C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-20 17:35:36692616----a-w-C:\windows\SysWow64\FlashPlayerApp.exe
2013-08-10 05:22:182241024----a-w-C:\windows\System32\wininet.dll
2013-08-10 05:20:593959296----a-w-C:\windows\System32\jscript9.dll
2013-08-10 05:20:5567072----a-w-C:\windows\System32\iesetup.dll
2013-08-10 05:20:55136704----a-w-C:\windows\System32\iesysprep.dll
2013-08-10 03:59:101767936----a-w-C:\windows\SysWow64\wininet.dll
2013-08-10 03:58:092876928----a-w-C:\windows\SysWow64\jscript9.dll
2013-08-10 03:58:0661440----a-w-C:\windows\SysWow64\iesetup.dll
2013-08-10 03:58:06109056----a-w-C:\windows\SysWow64\iesysprep.dll
2013-08-10 03:17:382706432----a-w-C:\windows\System32\mshtml.tlb
2013-08-10 03:07:502706432----a-w-C:\windows\SysWow64\mshtml.tlb
2013-08-10 02:27:5989600----a-w-C:\windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:1971680----a-w-C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-08-08 01:20:433155456----a-w-C:\windows\System32\win32k.sys
2013-08-07 02:22:02278800------w-C:\windows\System32\MpSigStub.exe
2013-08-02 02:23:535550528----a-w-C:\windows\System32\ntoskrnl.exe
2013-08-02 02:15:441732032----a-w-C:\windows\System32\ntdll.dll
2013-08-02 02:15:03362496----a-w-C:\windows\System32\wow64win.dll
2013-08-02 02:15:03243712----a-w-C:\windows\System32\wow64.dll
2013-08-02 02:15:0313312----a-w-C:\windows\System32\wow64cpu.dll
2013-08-02 02:14:57215040----a-w-C:\windows\System32\winsrv.dll
2013-08-02 02:14:1116384----a-w-C:\windows\System32\ntvdm64.dll
2013-08-02 02:13:34424448----a-w-C:\windows\System32\KernelBase.dll
2013-08-02 01:59:303968960----a-w-C:\windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:303913664----a-w-C:\windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:231292192----a-w-C:\windows\SysWow64\ntdll.dll
2013-08-02 01:50:425120----a-w-C:\windows\SysWow64\wow32.dll
2013-08-02 01:50:42274944----a-w-C:\windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17338432----a-w-C:\windows\System32\conhost.exe
2013-08-02 00:59:09112640----a-w-C:\windows\System32\smss.exe
2013-08-02 00:45:3725600----a-w-C:\windows\SysWow64\setup16.exe
2013-08-02 00:45:3614336----a-w-C:\windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:357680----a-w-C:\windows\SysWow64\instnm.exe
2013-08-02 00:45:342048----a-w-C:\windows\SysWow64\user.exe
2013-08-02 00:43:056144---ha-w-C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:054608---ha-w-C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:053584---ha-w-C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:053072---ha-w-C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-25 09:25:541888768----a-w-C:\windows\System32\WMVDECOD.DLL
2013-07-25 08:57:271620992----a-w-C:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:422048----a-w-C:\windows\System32\tzres.dll
2013-07-19 01:41:012048----a-w-C:\windows\SysWow64\tzres.dll
2013-07-09 05:52:52224256----a-w-C:\windows\System32\wintrust.dll
2013-07-09 05:51:161217024----a-w-C:\windows\System32\rpcrt4.dll
2013-07-09 05:46:20184320----a-w-C:\windows\System32\cryptsvc.dll
2013-07-09 05:46:201472512----a-w-C:\windows\System32\crypt32.dll
2013-07-09 05:46:20139776----a-w-C:\windows\System32\cryptnet.dll
2013-07-09 04:52:33663552----a-w-C:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10175104----a-w-C:\windows\SysWow64\wintrust.dll
2013-07-09 04:46:31140288----a-w-C:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:311166848----a-w-C:\windows\SysWow64\crypt32.dll
2013-07-09 04:46:31103936----a-w-C:\windows\SysWow64\cryptnet.dll
.
============= FINISH: 13:39:03,51 ===============