Neustálé hlášení Avast!u

Zpráva

Petan999 · #1 Příspěvek od **Petan999** » 27 kvě 2014 15:06

Zdravím..nejsem žádný pc maniak takže nevím o co jde. Od včerejška mě Avast! hlásí asi každých 10 minut upozornění že zablokoval infikovaný soubor... URL: hxxp://picapicanet.net/ke/ ... na této stránce jsem v životě nebyl..Infekce: URL:Mal a infekce by měla byt v: C-Windows-SysWOW64-taskmgr.exe ... vůbec nevím co to je zač ale když projedu tento soubor nebo celou složku SysWOW64 Avastem tak nic nenajde...zkoušel jsem projet pc i SpyHunterem 4 a nic..budu rád za každou radu

Petan999 · #2 Příspěvek od **Petan999** » 27 kvě 2014 15:29

Nevím jestli to k něčemu je ale hážu to sem... a dokonce to upozornění skáče každých 5 minut :/

#3 Příspěvek od **motji** » 27 kvě 2014 18:06

Hezký večer

Stáhněte Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
-Uložte program na plochu a spusťte . Pak se zobrazí se licenční podminky - potvrďte start libovolnou klávesou.
- vytvoří se záloha a proběhne skenování.
Po skončení skenování na Vás vyběhne log (bude uložen v c:\JRT jako JRT.txt) - zkopírujte jej sem

Stáhněte AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/
-Uložte program na plochu a ukončete všechny spuštěné programy .
-spusťte AdwCleaner, klikněte na Scan a po dokončení skenu na Clean
- provede se oprava, restartuje se pc - (případně restartujte) a objeví se log C:\AdwCleaner\AdwCleaner.txt , obsah logu zkopírujte zde.

Petan999 · #4 Příspěvek od **Petan999** » 27 kvě 2014 18:47

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Krkinho on Łt 27.05.2014 at 19:23:30.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\hotspotshield
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ftdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softwareupdater_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softwareupdater_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\ProgramData\hotspot shield"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\Krkinho\AppData\Roaming\etype"
Successfully deleted: [Folder] "C:\Users\Krkinho\AppData\Roaming\getrighttogo"
Failed to delete: [Folder] "\hotspot shield"
Failed to delete: [Folder] "C:\Program Files (x86)\hotspot shield"
Successfully deleted: [Folder] "C:\Users\Krkinho\AppData\Roaming\microsoft\windows\start menu\programs\etype"
Successfully deleted: [Folder] "C:\ProgramData\ask"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 27.05.2014 at 19:33:18.54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
a

# AdwCleaner v3.211 - Report created 27/05/2014 at 19:36:35
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Krkinho - KRKINHO-PC
# Running from : C:\Users\Krkinho\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : HssSrv
[#] Service Deleted : hsstrayservice
Service Deleted : hsswd

***** [ Files / Folders ] *****

Folder Deleted : C:\hotspot shield
Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\hotspot shield
Folder Deleted : C:\Users\Krkinho\AppData\Local\OpenCandy

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lgnbhdnimikkoodkogjlcllngimhlapp
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Key Deleted : HKLM\SOFTWARE\Classes\HssIE.HssIEApp
Key Deleted : HKLM\SOFTWARE\Classes\HssIE.HssIEApp.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ftdownloader v4_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ftdownloader v4_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FD5CD67F-DA82-6C3B-A049-4E82BBB6B6E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SoftwareUpdater
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\Vittalia
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16476

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page Restore]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v

*************************

AdwCleaner[R0].txt - [4830 octets] - [27/05/2014 19:35:05]
AdwCleaner[S0].txt - [4344 octets] - [27/05/2014 19:36:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4404 octets] ##########

Zatím žádné hlášení Avastu

#5 Příspěvek od **motji** » 27 kvě 2014 20:32

Ještě poprosím o log z Frstu
http://forum.viry.cz/viewtopic.php?f=13&t=133100

Stahněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=115222
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Petan999 · #6 Příspěvek od **Petan999** » 28 kvě 2014 20:12

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.05.23.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Krkinho :: KRKINHO-PC [administrátor]

28.5.2014 16:16:42
ffffffffffffffffff.txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 609917
Uplynulý čas: 2 hodin, 13 minut, 58 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Users\Krkinho\Desktop\Nová složka (2)\aTube_Catcher_Setup.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

(konec)

FRST se mi nepodařilo stahnout a ani navštívit jejich stránky protože je avast hned zablokoval..

#7 Příspěvek od **motji** » 28 kvě 2014 20:46

V mbamu vše smažte. avast na chvilku vypněte

Petan999 · #8 Příspěvek od **Petan999** » 29 kvě 2014 14:28

FRST nejde ani spustit

#9 Příspěvek od **motji** » 29 kvě 2014 18:02

Zkuste Rsit a dát ho na C.

Petan999 · #10 Příspěvek od **Petan999** » 29 kvě 2014 18:19

info.txt logfile of random's system information tool 1.10 2014-05-29 19:17:33

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A22B3C4F700008020210007DF130C000800000020030000DF140C07FEFFFF0028030000D0AA2400FEFFFF07FEFFFF00F8AD240080D7250000000000000000000000000000000055AA

======Uninstall list======

Adobe Flash Player 13 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_ActiveX.exe -maintain activex
Adobe Flash Player 13 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe -maintain plugin
Adobe Reader X (10.1.10) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
Assassin's Creed Brotherhood-->"C:\Program Files (x86)\InstallShield Installation Information\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}\setup.exe" -runfromtemp -l0x0005 -removeonly
Assassin's Creed III 1.01-->"C:\Program Files (x86)\InstallShield Installation Information\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}\setup.exe" -runfromtemp -l0x0019 -removeonly
Assassin's Creed-->C:\Program Files (x86)\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x0005 -removeonly
Atheros Driver Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\Setup.exe" -runfromtemp -l0x0405
aTube Catcher-->C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\uninstall.exe
Audacity 1.2.6-->"C:\Program Files (x86)\Audacity\unins000.exe"
AutoCAD 2009 - český-->C:\Program Files\AutoCAD 2009\Setup\Setup.exe /P {5783F2D7-7001-0405-0102-0060B0CE6BBA} /M ACAD
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
Bandicam-->"C:\Program Files (x86)\Bandicam\uninstall.exe"
Battlefield 1942-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}\setup.exe" -l0x9
Call of Duty Modern Warfare 2-->"C:\Program Files (x86)\Activision\Modern Warfare 2\unins000.exe"
Call of Duty(R) - World at War(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0405
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Canon Inkjet Printer/Scanner/Fax Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R
Canon MP Navigator EX 3.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 3.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 3.0\uninst.ini
Canon MP550 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series\DelDrv64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll
Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
Canon Utilities Solution Menu-->C:\Program Files (x86)\Canon\SolutionMenu\uninst.exe uninst.ini uinstrsc.dll
Catalyst Control Center - Branding-->MsiExec.exe /I{737DCE46-824C-40BA-8776-81D9D1DB04AB}
CDBurnerXP-->"C:\Program Files (x86)\CDBurnerXP\unins000.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
Classic Menu 1.51 for Office-->"C:\Program Files (x86)\Classic Menu for Office\unins000.exe"
Company of Heroes-->MsiExec.exe /X{BA801B94-C28D-46EE-B806-E1E021A3D519}
Counter-Strike 1.6 Non-Steam 1.0-->C:\Program Files (x86)\Counter-Strike 1.6 Non-Steam\Uninstall.exe
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
DiRT 3-->MsiExec.exe /I{434D0FA0-1558-4D8E-AC3D-BD1000008200}
DiRT 3-->MsiExec.exe /I{434D0FA0-1558-4D8E-AC3D-BD1000008400}
DiRT 3-->MsiExec.exe /X{434D0FA0-1558-4D8E-AC3D-BD1000008200}
DiRT 3-->MsiExec.exe /X{434D0FA0-1558-4D8E-AC3D-BD1000008400}
DiRT2-->MsiExec.exe /I{434D0820-3AA6-493A-80B9-301000028501}
Empire Earth - The Art of Conquest-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A10D72B9-9B20-47F8-AE4D-365BCC89F324}
Empire Earth-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{65B09E79-0187-4813-8258-03991132E5A5}
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Glary Utilities 4.8-->C:\Program Files (x86)\Glary Utilities 4\uninst.exe
Google Earth-->MsiExec.exe /X{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
Governor of Poker 2 Premium Edition v1.0 Multi-->"C:\Program Files (x86)\Governor of Poker 2 Premium Edition\unins000.exe"
GRID 2 (c) Codemasters version 1-->"C:\Program Files (x86)\GRID 2\unins000.exe"
Hitman 2: Silent Assassin-->C:\PROGRA~2\EIDOSI~1\HITMAN~1\uninstall.exe
HP HotKey Support-->MsiExec.exe /X{16ACD69E-77D9-4FB4-86C0-9A0EE393ABD4}
HP Webcam Driver-->C:\Program Files (x86)\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x0005 -removeonly
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly
Intel(R) Display Audio Driver-->C:\Program Files (x86)\Intel\Intel(R) Display Audio Driver\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Java(TM) 6 Update 27-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216027FF}
Java(TM) 7 Update 5 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86417005FF}
JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg
Malwarebytes Anti-Malware verze 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Antimalware Service CS-CZ Language Pack-->MsiExec.exe /X{17CA32D1-73BD-4990-B8F6-369D8D34B05D}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Security Client CS-CZ Language Pack-->MsiExec.exe /I{DC911ADF-7B60-40F2-A112-FB1EB6402D07}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Minecraft 1.4.5-->C:\Users\Krkinho\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe
Minecraft1.6.2-->C:\Users\Krkinho\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe
Minecraft1.7.2-->C:\Users\Krkinho\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe
Movie Maker 6.0 for Windows 7 (64-bit)-->MsiExec.exe /X{A7395F20-2B22-4CB8-8510-B452C0F47E02}
MX vs ATV Reflex-->"C:\Program Files (x86)\THQ\MX vs ATV Reflex\unins000.exe"
Need for Speed(TM) Hot Pursuit-->MsiExec.exe /X{83A606F5-BF6F-42ED-9F33-B9F74297CDED}
Nokia Connectivity Cable Driver-->RUNDLL32.EXE ccdcmbwux64.dll,WuUninstall
OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U
OpenGL Extensions Viewer 3.0-->"C:\Program Files (x86)\realtech VR\OpenGL Extensions Viewer 3.0\uninst.exe"
OpenOffice.org 3.4.1-->MsiExec.exe /I{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}
Opera 12.16-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Realtek Ethernet Controller All-In-One Windows Driver-->C:\Program Files (x86)\InstallShield Installation Information\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}\setup.exe -runfromtemp -removeonly
Registrace uživatele zařízení Canon MP550 series-->C:\Program Files (x86)\Canon\IJEREG\MP550 series\UNINST.EXE
Rockstar Games Social Club-->"C:\Program Files (x86)\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition -->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A4A50F66-DD0F-4150-A19F-0F35531D6E21}
Skype Click to Call-->MsiExec.exe /X{BB285C9F-C821-4770-8970-56C4AB52C87E}
Skype™ 6.16-->MsiExec.exe /X{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
SlimDrivers-->MsiExec.exe /X{751F6A0B-FDEC-47B6-B45D-7A1AE742A87A}
Sniper Elite V2-->"C:\Program Files (x86)\Rebellion\SniperEliteV2\unins000.exe"
SpyHunter-->MsiExec.exe /X{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Stronghold Crusader-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{8C3727F2-8E37-49E4-820C-03B1677F53B6}\Setup.exe" -l0x9
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2720451F-5D04-43EC-AB1F-26D948FD971B}
Uplay-->C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
Visual Studio 2010 x64 Redistributables-->MsiExec.exe /I{21B133D6-5979-47F0-BE1C-F6A6B304693F}
VLC media player 1.1.4-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
WinRAR 4.01 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
WMV9/VC-1 Video Playback-->MsiExec.exe /X{FB06FBC7-3CE3-50D9-1803-CC28E5ADF780}
World of Tanks-->"C:\Games\World_of_Tanks\unins000.exe"

======System event log======

Computer Name: Krkinho-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Windows PowerShell.
Record Number: 2631037
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140527173258.562491-000
Event Type: Informace
User: Krkinho-PC\Krkinho

Computer Name: Krkinho-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Media Center.
Record Number: 2631036
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140527173258.515691-000
Event Type: Informace
User: Krkinho-PC\Krkinho

Computer Name: Krkinho-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Key Management Service.
Record Number: 2631035
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140527173258.468891-000
Event Type: Informace
User: Krkinho-PC\Krkinho

Computer Name: Krkinho-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Internet Explorer.
Record Number: 2631034
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140527173258.437691-000
Event Type: Informace
User: Krkinho-PC\Krkinho

Computer Name: Krkinho-PC
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 2631033
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140527173258.219291-000
Event Type: Informace
User: Krkinho-PC\Krkinho

=====Application event log=====

Computer Name: Krkinho-PC
Event Code: 16398
Message: ATI EEU failed to post message to CCC
Record Number: 123252
Source Name: ATIeRecord
Time Written: 20140527173636.000000-000
Event Type: Chyba
User:

Computer Name: Krkinho-PC
Event Code: 16398
Message: ATI EEU failed to post message to CCC
Record Number: 123251
Source Name: ATIeRecord
Time Written: 20140527173636.000000-000
Event Type: Chyba
User:

Computer Name: Krkinho-PC
Event Code: 16398
Message: ATI EEU failed to post message to CCC
Record Number: 123250
Source Name: ATIeRecord
Time Written: 20140527173636.000000-000
Event Type: Chyba
User:

Computer Name: Krkinho-PC
Event Code: 16398
Message: ATI EEU failed to post message to CCC
Record Number: 123249
Source Name: ATIeRecord
Time Written: 20140527173636.000000-000
Event Type: Chyba
User:

Computer Name: Krkinho-PC
Event Code: 16398
Message: ATI EEU failed to post message to CCC
Record Number: 123248
Source Name: ATIeRecord
Time Written: 20140527173636.000000-000
Event Type: Chyba
User:

=====Security event log=====

Computer Name: Krkinho-PC
Event Code: 4634
Message: Účet byl odhlášen.

Předmět:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0xc5df8de

Typ přihlášení: 3

Tato událost je generována, pokud je zničena relace přihlášení. Může být spojena s událostí přihlášení pomocí hodnoty ID přihlášení. Hodnoty ID přihlášení jsou jednoznačné pouze v rámci jednotlivých restartů stejného počítače.
Record Number: 61090
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140527173335.752957-000
Event Type: Úspěšný audit
User:

Computer Name: Krkinho-PC
Event Code: 4634
Message: Účet byl odhlášen.

Předmět:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0xc5df8f0

Typ přihlášení: 3

Tato událost je generována, pokud je zničena relace přihlášení. Může být spojena s událostí přihlášení pomocí hodnoty ID přihlášení. Hodnoty ID přihlášení jsou jednoznačné pouze v rámci jednotlivých restartů stejného počítače.
Record Number: 61089
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140527173335.752957-000
Event Type: Úspěšný audit
User:

Computer Name: Krkinho-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 3

Nové přihlášení:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0xc5df8f0
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x0
Název procesu: -

Informace o síti:
Název pracovní stanice: KRKINHO
Adresa zdrojové sítě 192.168.1.157
Zdrojový port: 59496

Podrobné informace o ověření:
Proces přihlášení: NtLmSsp
Balíček ověření: NTLM
Přenosové služby: -
Název balíčku (pouze NTLM): NTLM V1
Délka klíče: 128

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 61088
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140527173325.160538-000
Event Type: Úspěšný audit
User:

Computer Name: Krkinho-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 3

Nové přihlášení:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0xc5df8de
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x0
Název procesu: -

Informace o síti:
Název pracovní stanice: KRKINHO
Adresa zdrojové sítě 192.168.1.157
Zdrojový port: 59495

Podrobné informace o ověření:
Proces přihlášení: NtLmSsp
Balíček ověření: NTLM
Přenosové služby: -
Název balíčku (pouze NTLM): NTLM V1
Délka klíče: 128

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 61087
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140527173325.066938-000
Event Type: Úspěšný audit
User:

Computer Name: Krkinho-PC
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-2314731586-3620304416-1096410446-1000
Název účtu: Krkinho
Název domény: Krkinho-PC
ID přihlášení: 0x46f1c
Record Number: 61086
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140527173257.860490-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%PROGRAMFILES%\Internet Explorer
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\
"RGSCLauncher"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\1_0_0_0

-----------------EOF-----------------

#11 Příspěvek od **motji** » 29 kvě 2014 18:25

A ještě ten druhý s názvem log.txt

Petan999 · #12 Příspěvek od **Petan999** » 29 kvě 2014 18:47

Logfile of random's system information tool 1.10 (written by random/random)
Run by Krkinho at 2014-05-29 19:17:20
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 71 GB (24%) free of 300 GB
Total RAM: 4030 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:17:28, on 29.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\trend micro\Krkinho.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=C:\PROGRA~3\ocbiwa.bat
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IAStorIcon] "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
O4 - HKLM\..\Run: [QLBController] "C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe"/start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MCM] C:\Program Files (x86)\Mp3 Convert Master\Mp3ConvertMaster.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [wfirewall] C:\Users\Krkinho\AppData\Roaming\wfirewall\alg.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11061 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 26111536
\??\C:\Windows\system32\conhost.exe "-779547270-589322647-1499179979369810395-209224663016266302272122484989891347432
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2556
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><ProgressBar><Percentage>6</Percentage><LeftIconPath>C:\Users\Krkinho\AppData\Local\Temp\VolumeLow.ico</LeftIconPath><RightIconPath>C:\Users\Krkinho\AppData\Local\Temp\VolumeHigh.ico</RightIconPath></ProgressBar></hpNotification>"
"taskhost.exe"

"C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe"
"C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Krkinho\Desktop\How to make a Kawasaki Rose (Phu Tran Variation)[1].mp4"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe44_ Global\UsGthrCtrlFltPipeMssGthrPipe44 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Krkinho\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GlaryInitialize 4.job - C:\Program Files (x86)\Glary Utilities 4\Initialize.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-01 545264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-18 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-01 193520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-18 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-09-07 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-01-27 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-01-27 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-01-27 418328]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-18 2710824]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-05-27 1128448]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"wfirewall"=C:\Users\Krkinho\AppData\Roaming\wfirewall\alg.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-05-26 3888648]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-07-06 323128]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-28 336384]
"MCM"=C:\Program Files (x86)\Mp3 Convert Master\Mp3ConvertMaster.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-01-27 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"HideSCAHealth"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-05-29 19:17:20 ----D---- C:\rsit
2014-05-29 19:17:20 ----D---- C:\Program Files\trend micro
2014-05-27 19:34:46 ----D---- C:\AdwCleaner
2014-05-27 19:23:17 ----D---- C:\Windows\ERUNT
2014-05-26 18:13:50 ----D---- C:\Users\Krkinho\AppData\Roaming\wfirewall
2014-05-19 13:28:02 ----D---- C:\Windows\system32\SPReview
2014-05-19 13:19:50 ----D---- C:\Windows\system32\EventProviders
2014-05-19 07:25:58 ----A---- C:\Windows\system32\netfxperf.dll
2014-05-19 07:25:58 ----A---- C:\Windows\system32\dfshim.dll
2014-05-19 07:25:51 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-05-19 07:25:47 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-05-19 07:25:47 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-05-19 07:25:46 ----A---- C:\Windows\system32\d3d10warp.dll
2014-05-19 07:25:38 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-05-19 07:25:37 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2014-05-19 07:25:37 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2014-05-19 07:25:37 ----A---- C:\Windows\system32\tssrvlic.dll
2014-05-19 07:25:37 ----A---- C:\Windows\system32\sysmain.dll
2014-05-19 07:25:37 ----A---- C:\Windows\system32\RDVGHelper.exe
2014-05-19 07:25:35 ----A---- C:\Windows\SYSWOW64\pmcsnap.dll
2014-05-19 07:25:35 ----A---- C:\Windows\system32\MSVidCtl.dll
2014-05-19 07:25:33 ----A---- C:\Windows\system32\wmp.dll
2014-05-19 07:25:30 ----A---- C:\Windows\system32\mscoree.dll
2014-05-19 07:25:30 ----A---- C:\Windows\system32\mmcndmgr.dll
2014-05-19 07:25:29 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-05-19 07:25:29 ----A---- C:\Windows\system32\secproc_isv.dll
2014-05-19 07:25:29 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-05-19 07:25:29 ----A---- C:\Windows\system32\mf.dll
2014-05-19 07:25:28 ----A---- C:\Windows\system32\xpsservices.dll
2014-05-19 07:25:28 ----A---- C:\Windows\system32\secproc.dll
2014-05-19 07:25:28 ----A---- C:\Windows\system32\RMActivate.exe
2014-05-19 07:25:27 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-05-19 07:25:27 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-05-19 07:25:26 ----A---- C:\Windows\system32\rpcrt4.dll
2014-05-19 07:25:25 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-05-19 07:25:25 ----A---- C:\Windows\SYSWOW64\PushPrinterConnections.exe
2014-05-19 07:25:25 ----A---- C:\Windows\SYSWOW64\ppcsnap.dll
2014-05-19 07:25:24 ----A---- C:\Windows\system32\schedsvc.dll
2014-05-19 07:25:24 ----A---- C:\Windows\system32\ole32.dll
2014-05-19 07:25:23 ----A---- C:\Windows\system32\spwizui.dll
2014-05-19 07:25:22 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2014-05-19 07:25:22 ----A---- C:\Windows\system32\taskschd.dll
2014-05-19 07:25:21 ----A---- C:\Windows\system32\wevtsvc.dll
2014-05-19 07:25:21 ----A---- C:\Windows\system32\RacEngn.dll
2014-05-19 07:25:21 ----A---- C:\Windows\system32\diagperf.dll
2014-05-19 07:25:20 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-05-19 07:25:20 ----A---- C:\Windows\system32\vssapi.dll
2014-05-19 07:25:20 ----A---- C:\Windows\system32\ExplorerFrame.dll
2014-05-19 07:25:19 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-05-19 07:25:18 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2014-05-19 07:25:18 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2014-05-19 07:25:17 ----A---- C:\Windows\system32\UIRibbon.dll
2014-05-19 07:25:17 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-05-19 07:25:16 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-05-19 07:25:14 ----A---- C:\Windows\system32\WsmSvc.dll
2014-05-19 07:25:13 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2014-05-19 07:25:13 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2014-05-19 07:25:13 ----A---- C:\Windows\system32\WMVCORE.DLL
2014-05-19 07:25:13 ----A---- C:\Windows\system32\rdpdd.dll
2014-05-19 07:25:13 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-05-19 07:25:13 ----A---- C:\Windows\system32\PresentationHost.exe
2014-05-19 07:25:12 ----A---- C:\Windows\system32\spreview.exe
2014-05-19 07:25:12 ----A---- C:\Windows\system32\spinstall.exe
2014-05-19 07:25:12 ----A---- C:\Windows\system32\MPSSVC.dll
2014-05-19 07:25:12 ----A---- C:\Windows\system32\CertEnroll.dll
2014-05-19 07:25:11 ----A---- C:\Windows\system32\WinSAT.exe
2014-05-19 07:25:10 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-05-19 07:25:10 ----A---- C:\Windows\system32\d3d9.dll
2014-05-19 07:25:09 ----A---- C:\Windows\SYSWOW64\RacEngn.dll
2014-05-19 07:25:09 ----A---- C:\Windows\system32\SearchFolder.dll
2014-05-19 07:25:09 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-05-19 07:25:08 ----A---- C:\Windows\SYSWOW64\AuthFWSnapin.dll
2014-05-19 07:25:08 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2014-05-19 07:25:07 ----A---- C:\Windows\system32\gpsvc.dll
2014-05-19 07:25:06 ----A---- C:\Windows\system32\VSSVC.exe
2014-05-19 07:25:06 ----A---- C:\Windows\system32\dwmcore.dll
2014-05-19 07:25:06 ----A---- C:\Windows\system32\dbgeng.dll
2014-05-19 07:25:05 ----A---- C:\Windows\system32\drivers\http.sys
2014-05-19 07:25:04 ----A---- C:\Windows\SYSWOW64\rdvgumd32.dll
2014-05-19 07:25:04 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-05-19 07:25:03 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2014-05-19 07:25:02 ----A---- C:\Windows\SYSWOW64\ole32.dll
2014-05-19 07:25:02 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-05-19 07:25:02 ----A---- C:\Windows\system32\audiosrv.dll
2014-05-19 07:25:02 ----A---- C:\Windows\system32\actxprxy.dll
2014-05-19 07:25:01 ----A---- C:\Windows\system32\termsrv.dll
2014-05-19 07:25:01 ----A---- C:\Windows\system32\qmgr.dll
2014-05-19 07:25:01 ----A---- C:\Windows\system32\gpprefcl.dll
2014-05-19 07:25:00 ----A---- C:\Windows\system32\mstsc.exe
2014-05-19 07:24:59 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2014-05-19 07:24:59 ----A---- C:\Windows\system32\winhttp.dll
2014-05-19 07:24:59 ----A---- C:\Windows\system32\netlogon.dll
2014-05-19 07:24:59 ----A---- C:\Windows\system32\imapi2fs.dll
2014-05-19 07:24:59 ----A---- C:\Windows\system32\d3d11.dll
2014-05-19 07:24:58 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2014-05-19 07:24:58 ----A---- C:\Windows\SYSWOW64\d3d9.dll
2014-05-19 07:24:56 ----A---- C:\Windows\system32\QAGENTRT.DLL
2014-05-19 07:24:56 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-19 07:24:55 ----A---- C:\Windows\system32\propsys.dll
2014-05-19 07:24:54 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2014-05-19 07:24:54 ----A---- C:\Windows\system32\setupapi.dll
2014-05-19 07:24:54 ----A---- C:\Windows\system32\rpcss.dll
2014-05-19 07:24:53 ----A---- C:\Windows\system32\werconcpl.dll
2014-05-19 07:24:53 ----A---- C:\Windows\system32\wbengine.exe
2014-05-19 07:24:53 ----A---- C:\Windows\system32\taskeng.exe
2014-05-19 07:24:53 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2014-05-19 07:24:53 ----A---- C:\Windows\system32\odbc32.dll
2014-05-19 07:24:53 ----A---- C:\Windows\system32\authui.dll
2014-05-19 07:24:51 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-05-19 07:24:51 ----A---- C:\Windows\system32\user32.dll
2014-05-19 07:24:50 ----A---- C:\Windows\system32\WSDApi.dll
2014-05-19 07:24:50 ----A---- C:\Windows\system32\umrdp.dll
2014-05-19 07:24:50 ----A---- C:\Windows\system32\LSCSHostPolicy.dll
2014-05-19 07:24:50 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-05-19 07:24:50 ----A---- C:\Windows\system32\dhcpcore.dll
2014-05-19 07:24:50 ----A---- C:\Windows\system32\certmgr.dll
2014-05-19 07:24:49 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-05-19 07:24:49 ----A---- C:\Windows\system32\scavengeui.dll
2014-05-19 07:24:49 ----A---- C:\Windows\system32\drivers\netbt.sys
2014-05-19 07:24:48 ----A---- C:\Windows\SYSWOW64\certcli.dll
2014-05-19 07:24:48 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2014-05-19 07:24:47 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2014-05-19 07:24:47 ----A---- C:\Windows\system32\tsmf.dll
2014-05-19 07:24:47 ----A---- C:\Windows\system32\shlwapi.dll
2014-05-19 07:24:47 ----A---- C:\Windows\system32\netshell.dll
2014-05-19 07:24:47 ----A---- C:\Windows\system32\ncsi.dll
2014-05-19 07:24:47 ----A---- C:\Windows\system32\msdtctm.dll
2014-05-19 07:24:47 ----A---- C:\Windows\system32\msdrm.dll
2014-05-19 07:24:47 ----A---- C:\Windows\system32\framedynos.dll
2014-05-19 07:24:46 ----A---- C:\Windows\SYSWOW64\tcpmonui.dll
2014-05-19 07:24:46 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2014-05-19 07:24:46 ----A---- C:\Windows\system32\wmicmiplugin.dll
2014-05-19 07:24:46 ----A---- C:\Windows\system32\rdpshell.exe
2014-05-19 07:24:45 ----A---- C:\Windows\system32\ws2_32.dll
2014-05-19 07:24:45 ----A---- C:\Windows\system32\winlogon.exe
2014-05-19 07:24:45 ----A---- C:\Windows\system32\nlasvc.dll
2014-05-19 07:24:45 ----A---- C:\Windows\system32\netcfgx.dll
2014-05-19 07:24:45 ----A---- C:\Windows\system32\lsm.exe
2014-05-19 07:24:45 ----A---- C:\Windows\system32\dxgi.dll
2014-05-19 07:24:45 ----A---- C:\Windows\system32\drivers\csc.sys
2014-05-19 07:24:45 ----A---- C:\Windows\system32\comdlg32.dll
2014-05-19 07:24:45 ----A---- C:\Windows\system32\appmgr.dll
2014-05-19 07:24:44 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-05-19 07:24:44 ----A---- C:\Windows\system32\wmpps.dll
2014-05-19 07:24:44 ----A---- C:\Windows\system32\Query.dll
2014-05-19 07:24:44 ----A---- C:\Windows\system32\mswsock.dll
2014-05-19 07:24:44 ----A---- C:\Windows\system32\drvstore.dll
2014-05-19 07:24:44 ----A---- C:\Windows\system32\apphelp.dll
2014-05-19 07:24:43 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2014-05-19 07:24:43 ----A---- C:\Windows\SYSWOW64\tsmf.dll
2014-05-19 07:24:43 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2014-05-19 07:24:43 ----A---- C:\Windows\SYSWOW64\dot3api.dll
2014-05-19 07:24:43 ----A---- C:\Windows\system32\wpdshext.dll
2014-05-19 07:24:43 ----A---- C:\Windows\system32\QAGENT.DLL
2014-05-19 07:24:43 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-05-19 07:24:43 ----A---- C:\Windows\system32\BFE.DLL
2014-05-19 07:24:43 ----A---- C:\Windows\system32\azroles.dll
2014-05-19 07:24:42 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2014-05-19 07:24:42 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2014-05-19 07:24:42 ----A---- C:\Windows\system32\Vault.dll
2014-05-19 07:24:42 ----A---- C:\Windows\system32\samsrv.dll
2014-05-19 07:24:42 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2014-05-19 07:24:42 ----A---- C:\Windows\system32\cmd.exe
2014-05-19 07:24:41 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2014-05-19 07:24:41 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2014-05-19 07:24:41 ----A---- C:\Windows\system32\lpksetup.exe
2014-05-19 07:24:41 ----A---- C:\Windows\system32\cscsvc.dll
2014-05-19 07:24:40 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-05-19 07:24:40 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2014-05-19 07:24:40 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2014-05-19 07:24:40 ----A---- C:\Windows\system32\rdpclip.exe
2014-05-19 07:24:39 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-05-19 07:24:39 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-05-19 07:24:39 ----A---- C:\Windows\system32\WebClnt.dll
2014-05-19 07:24:39 ----A---- C:\Windows\system32\sxs.dll
2014-05-19 07:24:39 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2014-05-19 07:24:38 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-05-19 07:24:38 ----A---- C:\Windows\SYSWOW64\Query.dll
2014-05-19 07:24:38 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2014-05-19 07:24:38 ----A---- C:\Windows\system32\Wldap32.dll
2014-05-19 07:24:38 ----A---- C:\Windows\system32\taskcomp.dll
2014-05-19 07:24:38 ----A---- C:\Windows\system32\mfds.dll
2014-05-19 07:24:38 ----A---- C:\Windows\system32\mcbuilder.exe
2014-05-19 07:24:38 ----A---- C:\Windows\system32\cscobj.dll
2014-05-19 07:24:37 ----A---- C:\Windows\SYSWOW64\upnp.dll
2014-05-19 07:24:37 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2014-05-19 07:24:36 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2014-05-19 07:24:36 ----A---- C:\Windows\SYSWOW64\DShowRdpFilter.dll
2014-05-19 07:24:36 ----A---- C:\Windows\system32\pnidui.dll
2014-05-19 07:24:36 ----A---- C:\Windows\system32\ipsmsnap.dll
2014-05-19 07:24:36 ----A---- C:\Windows\system32\hgprint.dll
2014-05-19 07:24:35 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2014-05-19 07:24:35 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-19 07:24:35 ----A---- C:\Windows\system32\webservices.dll
2014-05-19 07:24:35 ----A---- C:\Windows\system32\SessEnv.dll
2014-05-19 07:24:35 ----A---- C:\Windows\system32\rdpendp.dll
2014-05-19 07:24:34 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-05-19 07:24:34 ----A---- C:\Windows\SYSWOW64\imapi2fs.dll
2014-05-19 07:24:34 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-05-19 07:24:34 ----A---- C:\Windows\system32\winsta.dll
2014-05-19 07:24:33 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2014-05-19 07:24:33 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2014-05-19 07:24:33 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2014-05-19 07:24:33 ----A---- C:\Windows\system32\sqlsrv32.dll
2014-05-19 07:24:33 ----A---- C:\Windows\system32\gdi32.dll
2014-05-19 07:24:33 ----A---- C:\Windows\system32\fveapi.dll
2014-05-19 07:24:33 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-05-19 07:24:33 ----A---- C:\Windows\system32\drivers\msrpc.sys
2014-05-19 07:24:33 ----A---- C:\Windows\system32\dot3api.dll
2014-05-19 07:24:32 ----A---- C:\Windows\SYSWOW64\mcbuilder.exe
2014-05-19 07:24:32 ----A---- C:\Windows\system32\prncache.dll
2014-05-19 07:24:32 ----A---- C:\Windows\system32\mcmde.dll
2014-05-19 07:24:31 ----A---- C:\Windows\SYSWOW64\userenv.dll
2014-05-19 07:24:31 ----A---- C:\Windows\SYSWOW64\certmgr.dll
2014-05-19 07:24:31 ----A---- C:\Windows\system32\WMNetMgr.dll
2014-05-19 07:24:31 ----A---- C:\Windows\system32\wlanpref.dll
2014-05-19 07:24:31 ----A---- C:\Windows\system32\schtasks.exe
2014-05-19 07:24:30 ----A---- C:\Windows\SYSWOW64\xpsservices.dll
2014-05-19 07:24:30 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-05-19 07:24:30 ----A---- C:\Windows\SYSWOW64\drvstore.dll
2014-05-19 07:24:30 ----A---- C:\Windows\system32\vpnike.dll
2014-05-19 07:24:30 ----A---- C:\Windows\system32\userenv.dll
2014-05-19 07:24:30 ----A---- C:\Windows\system32\tspubwmi.dll
2014-05-19 07:24:30 ----A---- C:\Windows\system32\drivers\rdbss.sys
2014-05-19 07:24:29 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2014-05-19 07:24:29 ----A---- C:\Windows\system32\photowiz.dll
2014-05-19 07:24:29 ----A---- C:\Windows\system32\evr.dll
2014-05-19 07:24:29 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2014-05-19 07:24:28 ----A---- C:\Windows\system32\wmpmde.dll
2014-05-19 07:24:28 ----A---- C:\Windows\system32\IPSECSVC.DLL
2014-05-19 07:24:28 ----A---- C:\Windows\system32\FXSSVC.exe
2014-05-19 07:24:28 ----A---- C:\Windows\system32\framedyn.dll
2014-05-19 07:24:28 ----A---- C:\Windows\system32\AudioSes.dll
2014-05-19 07:24:27 ----A---- C:\Windows\SYSWOW64\cmd.exe
2014-05-19 07:24:27 ----A---- C:\Windows\system32\WMPEncEn.dll
2014-05-19 07:24:27 ----A---- C:\Windows\system32\wmpeffects.dll
2014-05-19 07:24:27 ----A---- C:\Windows\system32\tscfgwmi.dll
2014-05-19 07:24:27 ----A---- C:\Windows\system32\SyncCenter.dll
2014-05-19 07:24:27 ----A---- C:\Windows\system32\srvsvc.dll
2014-05-19 07:24:27 ----A---- C:\Windows\system32\sppobjs.dll
2014-05-19 07:24:27 ----A---- C:\Windows\system32\mfreadwrite.dll
2014-05-19 07:24:27 ----A---- C:\Windows\system32\aepdu.dll
2014-05-19 07:24:26 ----A---- C:\Windows\system32\shsvcs.dll
2014-05-19 07:24:26 ----A---- C:\Windows\system32\rdpinit.exe
2014-05-19 07:24:26 ----A---- C:\Windows\system32\aeinv.dll
2014-05-19 07:24:25 ----A---- C:\Windows\SYSWOW64\propsys.dll
2014-05-19 07:24:25 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2014-05-19 07:24:25 ----A---- C:\Windows\system32\vmicsvc.exe
2014-05-19 07:24:25 ----A---- C:\Windows\system32\fde.dll
2014-05-19 07:24:24 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2014-05-19 07:24:24 ----A---- C:\Windows\SYSWOW64\mfds.dll
2014-05-19 07:24:24 ----A---- C:\Windows\system32\WinSATAPI.dll
2014-05-19 07:24:24 ----A---- C:\Windows\system32\stobject.dll
2014-05-19 07:24:24 ----A---- C:\Windows\system32\netdiagfx.dll
2014-05-19 07:24:24 ----A---- C:\Windows\system32\localsec.dll
2014-05-19 07:24:24 ----A---- C:\Windows\system32\imapi2.dll
2014-05-19 07:24:24 ----A---- C:\Windows\system32\credui.dll
2014-05-19 07:24:23 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-05-19 07:24:23 ----A---- C:\Windows\SYSWOW64\rdpendp.dll
2014-05-19 07:24:23 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-05-19 07:24:23 ----A---- C:\Windows\system32\drivers\vmbus.sys
2014-05-19 07:24:23 ----A---- C:\Windows\system32\drivers\udfs.sys
2014-05-19 07:24:23 ----A---- C:\Windows\system32\cdd.dll
2014-05-19 07:24:23 ----A---- C:\Windows\system32\bcryptprimitives.dll
2014-05-19 07:24:22 ----A---- C:\Windows\system32\netid.dll
2014-05-19 07:24:22 ----A---- C:\Windows\system32\inetpp.dll
2014-05-19 07:24:22 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2014-05-19 07:24:20 ----A---- C:\Windows\system32\QSHVHOST.DLL
2014-05-19 07:24:19 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2014-05-19 07:24:19 ----A---- C:\Windows\SYSWOW64\azroles.dll
2014-05-19 07:24:19 ----A---- C:\Windows\system32\tcpipcfg.dll
2014-05-19 07:24:19 ----A---- C:\Windows\system32\spp.dll
2014-05-19 07:24:19 ----A---- C:\Windows\system32\davclnt.dll
2014-05-19 07:24:19 ----A---- C:\Windows\system32\cscui.dll
2014-05-19 07:24:19 ----A---- C:\Windows\system32\biocpl.dll
2014-05-19 07:24:18 ----A---- C:\Windows\SYSWOW64\appmgr.dll
2014-05-19 07:24:18 ----A---- C:\Windows\system32\msinfo32.exe
2014-05-19 07:24:17 ----A---- C:\Windows\SYSWOW64\themeui.dll
2014-05-19 07:24:17 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2014-05-19 07:24:17 ----A---- C:\Windows\SYSWOW64\spp.dll
2014-05-19 07:24:17 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2014-05-19 07:24:17 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2014-05-19 07:24:17 ----A---- C:\Windows\SYSWOW64\credui.dll
2014-05-19 07:24:17 ----A---- C:\Windows\system32\scansetting.dll
2014-05-19 07:24:17 ----A---- C:\Windows\system32\printui.dll
2014-05-19 07:24:17 ----A---- C:\Windows\system32\pla.dll
2014-05-19 07:24:17 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2014-05-19 07:24:17 ----A---- C:\Windows\system32\mspbda.dll
2014-05-19 07:24:16 ----A---- C:\Windows\system32\wusa.exe
2014-05-19 07:24:16 ----A---- C:\Windows\system32\wiaservc.dll
2014-05-19 07:24:16 ----A---- C:\Windows\system32\vds.exe
2014-05-19 07:24:16 ----A---- C:\Windows\system32\msdri.dll
2014-05-19 07:24:16 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2014-05-19 07:24:16 ----A---- C:\Windows\system32\drivers\pci.sys
2014-05-19 07:24:16 ----A---- C:\Windows\system32\aitagent.exe
2014-05-19 07:24:15 ----A---- C:\Windows\SYSWOW64\NaturalLanguage6.dll
2014-05-19 07:24:15 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2014-05-19 07:24:15 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2014-05-19 07:24:15 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2014-05-19 07:24:15 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2014-05-19 07:24:15 ----A---- C:\Windows\system32\rpchttp.dll
2014-05-19 07:24:15 ----A---- C:\Windows\system32\PkgMgr.exe
2014-05-19 07:24:15 ----A---- C:\Windows\system32\mscms.dll
2014-05-19 07:24:15 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2014-05-19 07:24:15 ----A---- C:\Windows\system32\AdmTmpl.dll
2014-05-19 07:24:14 ----A---- C:\Windows\system32\XpsRasterService.dll
2014-05-19 07:24:14 ----A---- C:\Windows\system32\wisptis.exe
2014-05-19 07:24:14 ----A---- C:\Windows\system32\ocsetup.exe
2014-05-19 07:24:14 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2014-05-19 07:24:13 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2014-05-19 07:24:12 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-05-19 07:24:12 ----A---- C:\Windows\system32\sppwinob.dll
2014-05-19 07:24:12 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2014-05-19 07:24:11 ----A---- C:\Windows\SYSWOW64\WinSATAPI.dll
2014-05-19 07:24:11 ----A---- C:\Windows\SYSWOW64\calc.exe
2014-05-19 07:24:11 ----A---- C:\Windows\system32\ocsetapi.dll
2014-05-19 07:24:11 ----A---- C:\Windows\system32\DXP.dll
2014-05-19 07:24:11 ----A---- C:\Windows\system32\drivers\volmgr.sys
2014-05-19 07:24:10 ----A---- C:\Windows\system32\wpdbusenum.dll
2014-05-19 07:24:10 ----A---- C:\Windows\system32\eapp3hst.dll
2014-05-19 07:24:10 ----A---- C:\Windows\system32\ci.dll
2014-05-19 07:24:09 ----A---- C:\Windows\SYSWOW64\sqlsrv32.dll
2014-05-19 07:24:09 ----A---- C:\Windows\system32\wcncsvc.dll
2014-05-19 07:24:09 ----A---- C:\Windows\system32\upnp.dll
2014-05-19 07:24:09 ----A---- C:\Windows\system32\mprapi.dll
2014-05-19 07:24:09 ----A---- C:\Windows\system32\eapphost.dll
2014-05-19 07:24:09 ----A---- C:\Windows\system32\drivers\msdsm.sys
2014-05-19 07:24:08 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2014-05-19 07:24:08 ----A---- C:\Windows\SYSWOW64\sxs.dll
2014-05-19 07:24:08 ----A---- C:\Windows\system32\thumbcache.dll
2014-05-19 07:24:08 ----A---- C:\Windows\system32\t2embed.dll
2014-05-19 07:24:08 ----A---- C:\Windows\system32\Robocopy.exe
2014-05-19 07:24:08 ----A---- C:\Windows\system32\drivers\HpSAMD.sys
2014-05-19 07:24:07 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2014-05-19 07:24:07 ----A---- C:\Windows\SYSWOW64\stobject.dll
2014-05-19 07:24:07 ----A---- C:\Windows\SYSWOW64\netshell.dll
2014-05-19 07:24:07 ----A---- C:\Windows\system32\hal.dll
2014-05-19 07:24:06 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2014-05-19 07:24:06 ----A---- C:\Windows\system32\DxpTaskSync.dll
2014-05-19 07:24:05 ----A---- C:\Windows\system32\scecli.dll
2014-05-19 07:24:05 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2014-05-19 07:24:04 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-05-19 07:24:04 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2014-05-19 07:24:04 ----A---- C:\Windows\system32\puiobj.dll
2014-05-19 07:24:04 ----A---- C:\Windows\system32\msasn1.dll
2014-05-19 07:24:04 ----A---- C:\Windows\system32\dwmredir.dll
2014-05-19 07:24:04 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-05-19 07:24:03 ----A---- C:\Windows\SYSWOW64\prncache.dll
2014-05-19 07:24:03 ----A---- C:\Windows\system32\themeui.dll
2014-05-19 07:24:03 ----A---- C:\Windows\system32\nlaapi.dll
2014-05-19 07:24:03 ----A---- C:\Windows\system32\iasrad.dll
2014-05-19 07:24:03 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys
2014-05-19 07:24:02 ----A---- C:\Windows\SYSWOW64\printui.dll
2014-05-19 07:24:02 ----A---- C:\Windows\system32\scrptadm.dll
2014-05-19 07:24:02 ----A---- C:\Windows\system32\onex.dll
2014-05-19 07:24:02 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2014-05-19 07:24:01 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2014-05-19 07:24:01 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2014-05-19 07:24:01 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-05-19 07:24:01 ----A---- C:\Windows\SYSWOW64\net1.exe
2014-05-19 07:24:00 ----A---- C:\Windows\system32\wdc.dll
2014-05-19 07:23:59 ----A---- C:\Windows\SYSWOW64\scansetting.dll
2014-05-19 07:23:59 ----A---- C:\Windows\system32\wlangpui.dll
2014-05-19 07:23:59 ----A---- C:\Windows\system32\scesrv.dll
2014-05-19 07:23:59 ----A---- C:\Windows\system32\rasmans.dll
2014-05-19 07:23:59 ----A---- C:\Windows\system32\msftedit.dll
2014-05-19 07:23:58 ----A---- C:\Windows\system32\wiadefui.dll
2014-05-19 07:23:58 ----A---- C:\Windows\system32\VAN.dll
2014-05-19 07:23:58 ----A---- C:\Windows\system32\StructuredQuery.dll
2014-05-19 07:23:58 ----A---- C:\Windows\system32\sdengin2.dll
2014-05-19 07:23:57 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2014-05-19 07:23:57 ----A---- C:\Windows\SYSWOW64\wlangpui.dll
2014-05-19 07:23:57 ----A---- C:\Windows\SYSWOW64\MMDevAPI.dll
2014-05-19 07:23:57 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2014-05-19 07:23:57 ----A---- C:\Windows\system32\wscapi.dll
2014-05-19 07:23:57 ----A---- C:\Windows\system32\SndVol.exe
2014-05-19 07:23:57 ----A---- C:\Windows\system32\samcli.dll
2014-05-19 07:23:57 ----A---- C:\Windows\system32\regapi.dll
2014-05-19 07:23:57 ----A---- C:\Windows\system32\netcenter.dll
2014-05-19 07:23:57 ----A---- C:\Windows\system32\iasacct.dll
2014-05-19 07:23:57 ----A---- C:\Windows\system32\dskquoui.dll
2014-05-19 07:23:57 ----A---- C:\Windows\system32\drivers\termdd.sys
2014-05-19 07:23:57 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2014-05-19 07:23:56 ----A---- C:\Windows\SYSWOW64\QSHVHOST.DLL
2014-05-19 07:23:56 ----A---- C:\Windows\system32\srchadmin.dll
2014-05-19 07:23:56 ----A---- C:\Windows\system32\QUTIL.DLL
2014-05-19 07:23:56 ----A---- C:\Windows\system32\consent.exe
2014-05-19 07:23:55 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2014-05-19 07:23:55 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2014-05-19 07:23:55 ----A---- C:\Windows\SYSWOW64\pnidui.dll
2014-05-19 07:23:55 ----A---- C:\Windows\system32\TabSvc.dll
2014-05-19 07:23:54 ----A---- C:\Windows\SYSWOW64\webservices.dll
2014-05-19 07:23:54 ----A---- C:\Windows\SYSWOW64\scrptadm.dll
2014-05-19 07:23:54 ----A---- C:\Windows\SYSWOW64\fde.dll
2014-05-19 07:23:54 ----A---- C:\Windows\system32\setupcl.exe
2014-05-19 07:23:54 ----A---- C:\Windows\system32\drivers\msahci.sys
2014-05-19 07:23:53 ----A---- C:\Windows\SYSWOW64\SyncCenter.dll
2014-05-19 07:23:53 ----A---- C:\Windows\SYSWOW64\netdiagfx.dll
2014-05-19 07:23:53 ----A---- C:\Windows\system32\wksprt.exe
2014-05-19 07:23:53 ----A---- C:\Windows\system32\taskhost.exe
2014-05-19 07:23:53 ----A---- C:\Windows\system32\rastls.dll
2014-05-19 07:23:52 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-05-19 07:23:52 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2014-05-19 07:23:51 ----A---- C:\Windows\SYSWOW64\cscobj.dll
2014-05-19 07:23:51 ----A---- C:\Windows\system32\tapisrv.dll
2014-05-19 07:23:51 ----A---- C:\Windows\system32\netiohlp.dll
2014-05-19 07:23:51 ----A---- C:\Windows\system32\mimefilt.dll
2014-05-19 07:23:51 ----A---- C:\Windows\system32\drivers\acpi.sys
2014-05-19 07:23:50 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2014-05-19 07:23:50 ----A---- C:\Windows\SYSWOW64\pla.dll
2014-05-19 07:23:50 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2014-05-19 07:23:50 ----A---- C:\Windows\system32\msconfig.exe
2014-05-19 07:23:50 ----A---- C:\Windows\system32\ListSvc.dll
2014-05-19 07:23:50 ----A---- C:\Windows\system32\hgcpl.dll
2014-05-19 07:23:50 ----A---- C:\Windows\system32\drivers\raspptp.sys
2014-05-19 07:23:49 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2014-05-19 07:23:49 ----A---- C:\Windows\system32\lsmproxy.dll
2014-05-19 07:23:49 ----A---- C:\Windows\system32\fdeploy.dll
2014-05-19 07:23:49 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2014-05-19 07:23:49 ----A---- C:\Windows\system32\drivers\ks.sys
2014-05-19 07:23:49 ----A---- C:\Windows\system32\clusapi.dll
2014-05-19 07:23:49 ----A---- C:\Windows\system32\basecsp.dll
2014-05-19 07:23:48 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-05-19 07:23:48 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-05-19 07:23:48 ----A---- C:\Windows\system32\mtxclu.dll
2014-05-19 07:23:48 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2014-05-19 07:23:47 ----A---- C:\Windows\SYSWOW64\imapi2.dll
2014-05-19 07:23:47 ----A---- C:\Windows\system32\riched20.dll
2014-05-19 07:23:46 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2014-05-19 07:23:46 ----A---- C:\Windows\system32\dnscmmc.dll
2014-05-19 07:23:45 ----A---- C:\Windows\SYSWOW64\WMPEncEn.dll
2014-05-19 07:23:45 ----A---- C:\Windows\SYSWOW64\shsvcs.dll
2014-05-19 07:23:45 ----A---- C:\Windows\SYSWOW64\onex.dll
2014-05-19 07:23:45 ----A---- C:\Windows\system32\sharemediacpl.dll
2014-05-19 07:23:45 ----A---- C:\Windows\system32\RpcRtRemote.dll
2014-05-19 07:23:45 ----A---- C:\Windows\system32\powercpl.dll
2014-05-19 07:23:45 ----A---- C:\Windows\system32\logoncli.dll
2014-05-19 07:23:44 ----A---- C:\Windows\SYSWOW64\winmm.dll
2014-05-19 07:23:44 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2014-05-19 07:23:44 ----A---- C:\Windows\SYSWOW64\autofmt.exe
2014-05-19 07:23:44 ----A---- C:\Windows\system32\themecpl.dll
2014-05-19 07:23:44 ----A---- C:\Windows\system32\SensorsCpl.dll
2014-05-19 07:23:44 ----A---- C:\Windows\system32\netjoin.dll
2014-05-19 07:23:44 ----A---- C:\Windows\system32\nci.dll
2014-05-19 07:23:44 ----A---- C:\Windows\system32\Narrator.exe
2014-05-19 07:23:44 ----A---- C:\Windows\system32\Faultrep.dll
2014-05-19 07:23:44 ----A---- C:\Windows\system32\eudcedit.exe
2014-05-19 07:23:43 ----A---- C:\Windows\SYSWOW64\netiohlp.dll
2014-05-19 07:23:43 ----A---- C:\Windows\SYSWOW64\autochk.exe
2014-05-19 07:23:42 ----A---- C:\Windows\SYSWOW64\samcli.dll
2014-05-19 07:23:42 ----A---- C:\Windows\SYSWOW64\proquota.exe
2014-05-19 07:23:42 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2014-05-19 07:23:42 ----A---- C:\Windows\system32\wkssvc.dll
2014-05-19 07:23:42 ----A---- C:\Windows\system32\vpnikeapi.dll
2014-05-19 07:23:42 ----A---- C:\Windows\system32\sppcomapi.dll
2014-05-19 07:23:42 ----A---- C:\Windows\system32\comctl32.dll
2014-05-19 07:23:41 ----A---- C:\Windows\SYSWOW64\thumbcache.dll
2014-05-19 07:23:41 ----A---- C:\Windows\SYSWOW64\regapi.dll
2014-05-19 07:23:41 ----A---- C:\Windows\SYSWOW64\msutb.dll
2014-05-19 07:23:41 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2014-05-19 07:23:41 ----A---- C:\Windows\SYSWOW64\mimefilt.dll
2014-05-19 07:23:41 ----A---- C:\Windows\SYSWOW64\ipsmsnap.dll
2014-05-19 07:23:41 ----A---- C:\Windows\SYSWOW64\autoconv.exe
2014-05-19 07:23:41 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-05-19 07:23:41 ----A---- C:\Windows\system32\cabview.dll
2014-05-19 07:23:41 ----A---- C:\Windows\system32\autochk.exe
2014-05-19 07:23:41 ----A---- C:\Windows\system32\autofmt.exe
2014-05-19 07:23:40 ----A---- C:\Windows\SYSWOW64\tcpipcfg.dll
2014-05-19 07:23:40 ----A---- C:\Windows\SYSWOW64\srchadmin.dll
2014-05-19 07:23:40 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2014-05-19 07:23:40 ----A---- C:\Windows\SYSWOW64\powercpl.dll
2014-05-19 07:23:40 ----A---- C:\Windows\system32\wpd_ci.dll
2014-05-19 07:23:40 ----A---- C:\Windows\system32\shsetup.dll
2014-05-19 07:23:40 ----A---- C:\Windows\system32\nshipsec.dll
2014-05-19 07:23:40 ----A---- C:\Windows\system32\fms.dll
2014-05-19 07:23:40 ----A---- C:\Windows\system32\autoconv.exe
2014-05-19 07:23:40 ----A---- C:\Windows\system32\audiodg.exe
2014-05-19 07:23:39 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2014-05-19 07:23:39 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2014-05-19 07:23:39 ----A---- C:\Windows\system32\bcdsrv.dll
2014-05-19 07:23:38 ----A---- C:\Windows\system32\sdclt.exe
2014-05-19 07:23:37 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2014-05-19 07:23:37 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-05-19 07:23:37 ----A---- C:\Windows\system32\prntvpt.dll
2014-05-19 07:23:37 ----A---- C:\Windows\system32\drivers\wanarp.sys
2014-05-19 07:23:36 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-05-19 07:23:36 ----A---- C:\Windows\SYSWOW64\AuxiliaryDisplayCpl.dll
2014-05-19 07:23:36 ----A---- C:\Windows\system32\wwanconn.dll
2014-05-19 07:23:36 ----A---- C:\Windows\system32\wlanui.dll
2014-05-19 07:23:36 ----A---- C:\Windows\system32\mscorier.dll
2014-05-19 07:23:36 ----A---- C:\Windows\system32\drivers\winusb.sys
2014-05-19 07:23:36 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2014-05-19 07:23:36 ----A---- C:\Windows\system32\drivers\scsiport.sys
2014-05-19 07:23:35 ----A---- C:\Windows\SYSWOW64\QAGENT.DLL
2014-05-19 07:23:35 ----A---- C:\Windows\SYSWOW64\netid.dll
2014-05-19 07:23:35 ----A---- C:\Windows\system32\SmiEngine.dll
2014-05-19 07:23:35 ----A---- C:\Windows\system32\rdpsign.exe
2014-05-19 07:23:35 ----A---- C:\Windows\system32\mprddm.dll
2014-05-19 07:23:35 ----A---- C:\Windows\system32\fontext.dll
2014-05-19 07:23:35 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2014-05-19 07:23:35 ----A---- C:\Windows\system32\dps.dll
2014-05-19 07:23:35 ----A---- C:\Windows\system32\Display.dll
2014-05-19 07:23:35 ----A---- C:\Windows\system32\AxInstSv.dll
2014-05-19 07:23:34 ----A---- C:\Windows\SYSWOW64\wdc.dll

Petan999 · #13 Příspěvek od **Petan999** » 29 kvě 2014 18:47

A JEŠTĚ DRUHÁ ČÁST

2014-05-19 07:23:34 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-05-19 07:23:34 ----A---- C:\Windows\system32\qedit.dll
2014-05-19 07:23:34 ----A---- C:\Windows\system32\mblctr.exe
2014-05-19 07:23:34 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-05-19 07:23:34 ----A---- C:\Windows\system32\credssp.dll
2014-05-19 07:23:34 ----A---- C:\Windows\system32\batmeter.dll
2014-05-19 07:23:33 ----A---- C:\Windows\SYSWOW64\Vault.dll
2014-05-19 07:23:33 ----A---- C:\Windows\SYSWOW64\untfs.dll
2014-05-19 07:23:33 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2014-05-19 07:23:33 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2014-05-19 07:23:33 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-05-19 07:23:33 ----A---- C:\Windows\SYSWOW64\nci.dll
2014-05-19 07:23:33 ----A---- C:\Windows\system32\wmpsrcwp.dll
2014-05-19 07:23:32 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2014-05-19 07:23:32 ----A---- C:\Windows\SYSWOW64\wlanpref.dll
2014-05-19 07:23:32 ----A---- C:\Windows\SYSWOW64\RpcRtRemote.dll
2014-05-19 07:23:32 ----A---- C:\Windows\SYSWOW64\Robocopy.exe
2014-05-19 07:23:32 ----A---- C:\Windows\system32\usercpl.dll
2014-05-19 07:23:32 ----A---- C:\Windows\system32\rtutils.dll
2014-05-19 07:23:32 ----A---- C:\Windows\system32\DiagCpl.dll
2014-05-19 07:23:31 ----A---- C:\Windows\system32\wpccpl.dll
2014-05-19 07:23:31 ----A---- C:\Windows\system32\provsvc.dll
2014-05-19 07:23:31 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2014-05-19 07:23:31 ----A---- C:\Windows\system32\bootres.dll
2014-05-19 07:23:30 ----A---- C:\Windows\SYSWOW64\taskmgr.exe
2014-05-19 07:23:30 ----A---- C:\Windows\SYSWOW64\DxpTaskSync.dll
2014-05-19 07:23:30 ----A---- C:\Windows\system32\sppsvc.exe
2014-05-19 07:23:30 ----A---- C:\Windows\system32\SndVolSSO.dll
2014-05-19 07:23:30 ----A---- C:\Windows\system32\rasppp.dll
2014-05-19 07:23:30 ----A---- C:\Windows\system32\drivers\winhv.sys
2014-05-19 07:23:29 ----A---- C:\Windows\SYSWOW64\mtxclu.dll
2014-05-19 07:23:29 ----A---- C:\Windows\SYSWOW64\Display.dll
2014-05-19 07:23:29 ----A---- C:\Windows\system32\dxdiagn.dll
2014-05-19 07:23:29 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2014-05-19 07:23:29 ----A---- C:\Windows\system32\dot3cfg.dll
2014-05-19 07:23:28 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2014-05-19 07:23:28 ----A---- C:\Windows\SYSWOW64\userinit.exe
2014-05-19 07:23:28 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2014-05-19 07:23:28 ----A---- C:\Windows\system32\shdocvw.dll
2014-05-19 07:23:28 ----A---- C:\Windows\system32\hbaapi.dll
2014-05-19 07:23:27 ----A---- C:\Windows\SYSWOW64\termmgr.dll
2014-05-19 07:23:27 ----A---- C:\Windows\SYSWOW64\eudcedit.exe
2014-05-19 07:23:27 ----A---- C:\Windows\system32\taskmgr.exe
2014-05-19 07:23:27 ----A---- C:\Windows\system32\proquota.exe
2014-05-19 07:23:27 ----A---- C:\Windows\system32\prnfldr.dll
2014-05-19 07:23:27 ----A---- C:\Windows\system32\pdh.dll
2014-05-19 07:23:27 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2014-05-19 07:23:27 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2014-05-19 07:23:26 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2014-05-19 07:23:26 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2014-05-19 07:23:26 ----A---- C:\Windows\system32\drivers\ataport.sys
2014-05-19 07:23:25 ----A---- C:\Windows\SYSWOW64\wiadefui.dll
2014-05-19 07:23:25 ----A---- C:\Windows\SYSWOW64\sppcomapi.dll
2014-05-19 07:23:25 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2014-05-19 07:23:25 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2014-05-19 07:23:25 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2014-05-19 07:23:25 ----A---- C:\Windows\SYSWOW64\FirewallControlPanel.dll
2014-05-19 07:23:25 ----A---- C:\Windows\SYSWOW64\cabview.dll
2014-05-19 07:23:25 ----A---- C:\Windows\system32\userinit.exe
2014-05-19 07:23:25 ----A---- C:\Windows\system32\untfs.dll
2014-05-19 07:23:25 ----A---- C:\Windows\system32\accessibilitycpl.dll
2014-05-19 07:23:24 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2014-05-19 07:23:24 ----A---- C:\Windows\SYSWOW64\SensorsCpl.dll
2014-05-19 07:23:23 ----A---- C:\Windows\SYSWOW64\PhotoScreensaver.scr
2014-05-19 07:23:23 ----A---- C:\Windows\SYSWOW64\hgcpl.dll
2014-05-19 07:23:23 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2014-05-19 07:23:23 ----A---- C:\Windows\SYSWOW64\dnscmmc.dll
2014-05-19 07:23:23 ----A---- C:\Windows\system32\zipfldr.dll
2014-05-19 07:23:23 ----A---- C:\Windows\system32\slui.exe
2014-05-19 07:23:23 ----A---- C:\Windows\system32\msieftp.dll
2014-05-19 07:23:23 ----A---- C:\Windows\system32\drivers\storvsc.sys
2014-05-19 07:23:23 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2014-05-19 07:23:22 ----A---- C:\Windows\SYSWOW64\scecli.dll
2014-05-19 07:23:22 ----A---- C:\Windows\system32\sud.dll
2014-05-19 07:23:22 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-05-19 07:23:21 ----A---- C:\Windows\SYSWOW64\tapisrv.dll
2014-05-19 07:23:21 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-05-19 07:23:21 ----A---- C:\Windows\SYSWOW64\mscms.dll
2014-05-19 07:23:21 ----A---- C:\Windows\SYSWOW64\localsec.dll
2014-05-19 07:23:21 ----A---- C:\Windows\SYSWOW64\fontext.dll
2014-05-19 07:23:21 ----A---- C:\Windows\system32\DeviceCenter.dll
2014-05-19 07:23:20 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2014-05-19 07:23:20 ----A---- C:\Windows\SYSWOW64\iasacct.dll
2014-05-19 07:23:20 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2014-05-19 07:23:20 ----A---- C:\Windows\system32\networkmap.dll
2014-05-19 07:23:20 ----A---- C:\Windows\system32\dot3svc.dll
2014-05-19 07:23:20 ----A---- C:\Windows\system32\cryptui.dll
2014-05-19 07:23:19 ----A---- C:\Windows\SYSWOW64\wlanui.dll
2014-05-19 07:23:19 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2014-05-19 07:23:19 ----A---- C:\Windows\SYSWOW64\SndVolSSO.dll
2014-05-19 07:23:19 ----A---- C:\Windows\SYSWOW64\PerfCenterCPL.dll
2014-05-19 07:23:19 ----A---- C:\Windows\system32\twext.dll
2014-05-19 07:23:19 ----A---- C:\Windows\system32\taskbarcpl.dll
2014-05-19 07:23:19 ----A---- C:\Windows\system32\ActionCenter.dll
2014-05-19 07:23:18 ----A---- C:\Windows\SYSWOW64\VAN.dll
2014-05-19 07:23:18 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-05-19 07:23:18 ----A---- C:\Windows\SYSWOW64\prntvpt.dll
2014-05-19 07:23:18 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2014-05-19 07:23:18 ----A---- C:\Windows\SYSWOW64\batmeter.dll
2014-05-19 07:23:17 ----A---- C:\Windows\SYSWOW64\w32tm.exe
2014-05-19 07:23:17 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2014-05-19 07:23:17 ----A---- C:\Windows\system32\uxlib.dll
2014-05-19 07:23:17 ----A---- C:\Windows\system32\recovery.dll
2014-05-19 07:23:17 ----A---- C:\Windows\system32\OobeFldr.dll
2014-05-19 07:23:17 ----A---- C:\Windows\system32\bcdedit.exe
2014-05-19 07:23:17 ----A---- C:\Windows\system32\azroleui.dll
2014-05-19 07:23:16 ----A---- C:\Windows\system32\sisbkup.dll
2014-05-19 07:23:16 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2014-05-19 07:23:16 ----A---- C:\Windows\system32\isoburn.exe
2014-05-19 07:23:16 ----A---- C:\Windows\system32\dsuiext.dll
2014-05-19 07:23:16 ----A---- C:\Windows\system32\cca.dll
2014-05-19 07:23:16 ----A---- C:\Windows\system32\asycfilt.dll
2014-05-19 07:23:15 ----A---- C:\Windows\SYSWOW64\spwizeng.dll
2014-05-19 07:23:15 ----A---- C:\Windows\SYSWOW64\azroleui.dll
2014-05-19 07:23:15 ----A---- C:\Windows\SYSWOW64\accessibilitycpl.dll
2014-05-19 07:23:15 ----A---- C:\Windows\system32\tzutil.exe
2014-05-19 07:23:15 ----A---- C:\Windows\system32\efscore.dll
2014-05-19 07:23:14 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2014-05-19 07:23:14 ----A---- C:\Windows\SYSWOW64\fdeploy.dll
2014-05-19 07:23:14 ----A---- C:\Windows\system32\systemcpl.dll
2014-05-19 07:23:14 ----A---- C:\Windows\system32\syncui.dll
2014-05-19 07:23:14 ----A---- C:\Windows\system32\sdcpl.dll
2014-05-19 07:23:14 ----A---- C:\Windows\system32\recdisc.exe
2014-05-19 07:23:14 ----A---- C:\Windows\system32\netplwiz.dll
2014-05-19 07:23:14 ----A---- C:\Windows\system32\httpapi.dll
2014-05-19 07:23:14 ----A---- C:\Windows\system32\drivers\sdbus.sys
2014-05-19 07:23:13 ----A---- C:\Windows\SYSWOW64\networkmap.dll
2014-05-19 07:23:13 ----A---- C:\Windows\SYSWOW64\netjoin.dll
2014-05-19 07:23:13 ----A---- C:\Windows\SYSWOW64\MSAC3ENC.DLL
2014-05-19 07:23:13 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-05-19 07:23:13 ----A---- C:\Windows\SYSWOW64\adsldp.dll
2014-05-19 07:23:13 ----A---- C:\Windows\system32\sysclass.dll
2014-05-19 07:23:13 ----A---- C:\Windows\system32\shwebsvc.dll
2014-05-19 07:23:13 ----A---- C:\Windows\system32\ncryptui.dll
2014-05-19 07:23:13 ----A---- C:\Windows\system32\fvecpl.dll
2014-05-19 07:23:13 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2014-05-19 07:23:13 ----A---- C:\Windows\system32\drivers\mpio.sys
2014-05-19 07:23:13 ----A---- C:\Windows\system32\certcli.dll
2014-05-19 07:23:13 ----A---- C:\Windows\system32\autoplay.dll
2014-05-19 07:23:13 ----A---- C:\Windows\system32\appinfo.dll
2014-05-19 07:23:12 ----A---- C:\Windows\SYSWOW64\wusa.exe
2014-05-19 07:23:12 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2014-05-19 07:23:12 ----A---- C:\Windows\system32\wlanmsm.dll
2014-05-19 07:23:12 ----A---- C:\Windows\system32\sdrsvc.dll
2014-05-19 07:23:12 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2014-05-19 07:23:11 ----A---- C:\Windows\SYSWOW64\prnfldr.dll
2014-05-19 07:23:11 ----A---- C:\Windows\SYSWOW64\OnLineIDCpl.dll
2014-05-19 07:23:11 ----A---- C:\Windows\SYSWOW64\MCEWMDRMNDBootstrap.dll
2014-05-19 07:23:11 ----A---- C:\Windows\system32\spwizeng.dll
2014-05-19 07:23:11 ----A---- C:\Windows\system32\msvidc32.dll
2014-05-19 07:23:11 ----A---- C:\Windows\system32\MFPlay.dll
2014-05-19 07:23:11 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2014-05-19 07:23:10 ----A---- C:\Windows\SYSWOW64\sud.dll
2014-05-19 07:23:10 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2014-05-19 07:23:10 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2014-05-19 07:23:10 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2014-05-19 07:23:10 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-19 07:23:10 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2014-05-19 07:23:10 ----A---- C:\Windows\system32\vdsutil.dll
2014-05-19 07:23:10 ----A---- C:\Windows\system32\termmgr.dll
2014-05-19 07:23:09 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2014-05-19 07:23:09 ----A---- C:\Windows\SYSWOW64\iasrad.dll
2014-05-19 07:23:09 ----A---- C:\Windows\SYSWOW64\ftp.exe
2014-05-19 07:23:09 ----A---- C:\Windows\SYSWOW64\dot3cfg.dll
2014-05-19 07:23:09 ----A---- C:\Windows\SYSWOW64\defaultlocationcpl.dll
2014-05-19 07:23:09 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2014-05-19 07:23:09 ----A---- C:\Windows\system32\sethc.exe
2014-05-19 07:23:09 ----A---- C:\Windows\system32\ReAgent.dll
2014-05-19 07:23:09 ----A---- C:\Windows\system32\ntlanman.dll
2014-05-19 07:23:09 ----A---- C:\Windows\system32\msscp.dll
2014-05-19 07:23:08 ----A---- C:\Windows\SYSWOW64\sisbkup.dll
2014-05-19 07:23:08 ----A---- C:\Windows\SYSWOW64\shwebsvc.dll
2014-05-19 07:23:08 ----A---- C:\Windows\SYSWOW64\ifsutil.dll
2014-05-19 07:23:08 ----A---- C:\Windows\system32\sqlcese30.dll
2014-05-19 07:23:08 ----A---- C:\Windows\system32\iprtrmgr.dll
2014-05-19 07:23:08 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2014-05-19 07:23:07 ----A---- C:\Windows\SYSWOW64\efscore.dll
2014-05-19 07:23:07 ----A---- C:\Windows\SYSWOW64\ActionCenterCPL.dll
2014-05-19 07:23:07 ----A---- C:\Windows\system32\wwanprotdim.dll
2014-05-19 07:23:07 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2014-05-19 07:23:07 ----A---- C:\Windows\system32\ssText3d.scr
2014-05-19 07:23:07 ----A---- C:\Windows\system32\rdpd3d.dll
2014-05-19 07:23:07 ----A---- C:\Windows\system32\iTVData.dll
2014-05-19 07:23:07 ----A---- C:\Windows\system32\drivers\vmstorfl.sys
2014-05-19 07:23:06 ----A---- C:\Windows\SYSWOW64\syncui.dll
2014-05-19 07:23:06 ----A---- C:\Windows\SYSWOW64\autoplay.dll
2014-05-19 07:23:06 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-05-19 07:23:06 ----A---- C:\Windows\system32\slwga.dll
2014-05-19 07:23:06 ----A---- C:\Windows\system32\iyuv_32.dll
2014-05-19 07:23:05 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2014-05-19 07:23:05 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2014-05-19 07:23:05 ----A---- C:\Windows\SYSWOW64\ntlanman.dll
2014-05-19 07:23:05 ----A---- C:\Windows\SYSWOW64\dskquoui.dll
2014-05-19 07:23:05 ----A---- C:\Windows\SYSWOW64\DeviceCenter.dll
2014-05-19 07:23:05 ----A---- C:\Windows\system32\srvcli.dll
2014-05-19 07:23:05 ----A---- C:\Windows\system32\nslookup.exe
2014-05-19 07:23:05 ----A---- C:\Windows\system32\msiexec.exe
2014-05-19 07:23:05 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-05-19 07:23:04 ----A---- C:\Windows\SYSWOW64\OobeFldr.dll
2014-05-19 07:23:04 ----A---- C:\Windows\system32\wavemsp.dll
2014-05-19 07:23:04 ----A---- C:\Windows\system32\ntprint.dll
2014-05-19 07:23:04 ----A---- C:\Windows\system32\NAPHLPR.DLL
2014-05-19 07:23:04 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2014-05-19 07:23:04 ----A---- C:\Windows\system32\acppage.dll
2014-05-19 07:23:03 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2014-05-19 07:23:02 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2014-05-19 07:23:02 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2014-05-19 07:23:02 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2014-05-19 07:23:01 ----A---- C:\Windows\SYSWOW64\sethc.exe
2014-05-19 07:23:01 ----A---- C:\Windows\SYSWOW64\riched20.dll
2014-05-19 07:23:01 ----A---- C:\Windows\system32\srrstr.dll
2014-05-19 07:23:01 ----A---- C:\Windows\system32\bcdboot.exe
2014-05-19 07:23:00 ----A---- C:\Windows\SYSWOW64\wmpsrcwp.dll
2014-05-19 07:23:00 ----A---- C:\Windows\SYSWOW64\netplwiz.dll
2014-05-19 07:23:00 ----A---- C:\Windows\SYSWOW64\NAPHLPR.DLL
2014-05-19 07:23:00 ----A---- C:\Windows\SYSWOW64\migisol.dll
2014-05-19 07:23:00 ----A---- C:\Windows\SYSWOW64\fms.dll
2014-05-19 07:23:00 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-05-19 07:23:00 ----A---- C:\Windows\SYSWOW64\activeds.dll
2014-05-19 07:23:00 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-19 07:23:00 ----A---- C:\Windows\system32\sppnp.dll
2014-05-19 07:23:00 ----A---- C:\Windows\system32\certprop.dll
2014-05-19 07:22:59 ----A---- C:\Windows\SYSWOW64\nshipsec.dll
2014-05-19 07:22:59 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2014-05-19 07:22:59 ----A---- C:\Windows\SYSWOW64\httpapi.dll
2014-05-19 07:22:59 ----A---- C:\Windows\SYSWOW64\dpx.dll
2014-05-19 07:22:59 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2014-05-19 07:22:59 ----A---- C:\Windows\system32\wkscli.dll
2014-05-19 07:22:59 ----A---- C:\Windows\system32\remotepg.dll
2014-05-19 07:22:59 ----A---- C:\Windows\system32\PresentationSettings.exe
2014-05-19 07:22:59 ----A---- C:\Windows\system32\networkexplorer.dll
2014-05-19 07:22:59 ----A---- C:\Windows\system32\cabinet.dll
2014-05-19 07:22:58 ----A---- C:\Windows\SYSWOW64\wavemsp.dll
2014-05-19 07:22:58 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2014-05-19 07:22:58 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2014-05-19 07:22:58 ----A---- C:\Windows\SYSWOW64\isoburn.exe
2014-05-19 07:22:58 ----A---- C:\Windows\system32\WinSCard.dll
2014-05-19 07:22:58 ----A---- C:\Windows\system32\ftp.exe
2014-05-19 07:22:58 ----A---- C:\Windows\system32\dfrgui.exe
2014-05-19 07:22:57 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-05-19 07:22:57 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2014-05-19 07:22:57 ----A---- C:\Windows\SYSWOW64\provsvc.dll
2014-05-19 07:22:57 ----A---- C:\Windows\SYSWOW64\dsuiext.dll
2014-05-19 07:22:57 ----A---- C:\Windows\SYSWOW64\dot3ui.dll
2014-05-19 07:22:57 ----A---- C:\Windows\SYSWOW64\dfrgui.exe
2014-05-19 07:22:57 ----A---- C:\Windows\system32\wvc.dll
2014-05-19 07:22:57 ----A---- C:\Windows\system32\wsnmp32.dll
2014-05-19 07:22:57 ----A---- C:\Windows\system32\wmpdxm.dll
2014-05-19 07:22:57 ----A---- C:\Windows\system32\net1.exe
2014-05-19 07:22:56 ----A---- C:\Windows\SYSWOW64\wvc.dll
2014-05-19 07:22:56 ----A---- C:\Windows\SYSWOW64\wtsapi32.dll
2014-05-19 07:22:56 ----A---- C:\Windows\SYSWOW64\wimgapi.dll
2014-05-19 07:22:56 ----A---- C:\Windows\SYSWOW64\tzutil.exe
2014-05-19 07:22:56 ----A---- C:\Windows\SYSWOW64\ocsetup.exe
2014-05-19 07:22:56 ----A---- C:\Windows\system32\wsqmcons.exe
2014-05-19 07:22:56 ----A---- C:\Windows\system32\wmdrmdev.dll
2014-05-19 07:22:56 ----A---- C:\Windows\system32\WerFaultSecure.exe
2014-05-19 07:22:56 ----A---- C:\Windows\system32\blackbox.dll
2014-05-19 07:22:55 ----A---- C:\Windows\SYSWOW64\twext.dll
2014-05-19 07:22:55 ----A---- C:\Windows\SYSWOW64\PkgMgr.exe
2014-05-19 07:22:55 ----A---- C:\Windows\SYSWOW64\mstask.dll
2014-05-19 07:22:55 ----A---- C:\Windows\SYSWOW64\AdmTmpl.dll
2014-05-19 07:22:55 ----A---- C:\Windows\system32\msyuv.dll
2014-05-19 07:22:55 ----A---- C:\Windows\system32\mfps.dll
2014-05-19 07:22:55 ----A---- C:\Windows\system32\mapistub.dll
2014-05-19 07:22:55 ----A---- C:\Windows\system32\mapi32.dll
2014-05-19 07:22:55 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-05-19 07:22:54 ----A---- C:\Windows\twain_32.dll
2014-05-19 07:22:54 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2014-05-19 07:22:54 ----A---- C:\Windows\SYSWOW64\setupugc.exe
2014-05-19 07:22:54 ----A---- C:\Windows\SYSWOW64\qcap.dll
2014-05-19 07:22:54 ----A---- C:\Windows\system32\unimdmat.dll
2014-05-19 07:22:54 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-05-19 07:22:54 ----A---- C:\Windows\system32\OpcServices.dll
2014-05-19 07:22:54 ----A---- C:\Windows\system32\msrle32.dll
2014-05-19 07:22:54 ----A---- C:\Windows\system32\Bubbles.scr
2014-05-19 07:22:53 ----A---- C:\Windows\SYSWOW64\uxlib.dll
2014-05-19 07:22:53 ----A---- C:\Windows\SYSWOW64\slwga.dll
2014-05-19 07:22:53 ----A---- C:\Windows\SYSWOW64\qasf.dll
2014-05-19 07:22:53 ----A---- C:\Windows\system32\tsbyuv.dll
2014-05-19 07:22:53 ----A---- C:\Windows\system32\seclogon.dll
2014-05-19 07:22:53 ----A---- C:\Windows\system32\Ribbons.scr
2014-05-19 07:22:53 ----A---- C:\Windows\system32\iscsium.dll
2014-05-19 07:22:53 ----A---- C:\Windows\system32\ifsutil.dll
2014-05-19 07:22:53 ----A---- C:\Windows\system32\diskraid.exe
2014-05-19 07:22:52 ----A---- C:\Windows\SYSWOW64\ssText3d.scr
2014-05-19 07:22:52 ----A---- C:\Windows\SYSWOW64\msvfw32.dll
2014-05-19 07:22:52 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2014-05-19 07:22:52 ----A---- C:\Windows\system32\Mystify.scr
2014-05-19 07:22:52 ----A---- C:\Windows\system32\drivers\umbus.sys
2014-05-19 07:22:51 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2014-05-19 07:22:51 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-05-19 07:22:51 ----A---- C:\Windows\SYSWOW64\nslookup.exe
2014-05-19 07:22:51 ----A---- C:\Windows\SYSWOW64\DevicePairingFolder.dll
2014-05-19 07:22:51 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2014-05-19 07:22:51 ----A---- C:\Windows\SYSWOW64\audiodev.dll
2014-05-19 07:22:51 ----A---- C:\Windows\system32\wmpshell.dll
2014-05-19 07:22:51 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-05-19 07:22:51 ----A---- C:\Windows\system32\rdpencom.dll
2014-05-19 07:22:51 ----A---- C:\Windows\system32\perfmon.exe
2014-05-19 07:22:51 ----A---- C:\Windows\system32\muifontsetup.dll
2014-05-19 07:22:50 ----A---- C:\Windows\SYSWOW64\wimserv.exe
2014-05-19 07:22:50 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-19 07:22:50 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-05-19 07:22:50 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-05-19 07:22:50 ----A---- C:\Windows\SYSWOW64\diskraid.exe
2014-05-19 07:22:50 ----A---- C:\Windows\system32\umb.dll
2014-05-19 07:22:50 ----A---- C:\Windows\system32\tlscsp.dll
2014-05-19 07:22:50 ----A---- C:\Windows\system32\qasf.dll
2014-05-19 07:22:50 ----A---- C:\Windows\system32\netutils.dll
2014-05-19 07:22:50 ----A---- C:\Windows\system32\AzSqlExt.dll
2014-05-19 07:22:49 ----A---- C:\Windows\SYSWOW64\rdpencom.dll
2014-05-19 07:22:49 ----A---- C:\Windows\SYSWOW64\acppage.dll
2014-05-19 07:22:49 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2014-05-19 07:22:49 ----A---- C:\Windows\system32\dbghelp.dll
2014-05-19 07:22:49 ----A---- C:\Windows\system32\ActionQueue.dll
2014-05-19 07:22:48 ----A---- C:\Windows\SYSWOW64\remotepg.dll
2014-05-19 07:22:48 ----A---- C:\Windows\SYSWOW64\raschap.dll
2014-05-19 07:22:48 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2014-05-19 07:22:48 ----A---- C:\Windows\system32\runonce.exe
2014-05-19 07:22:48 ----A---- C:\Windows\system32\FXSAPI.dll
2014-05-19 07:22:48 ----A---- C:\Windows\bfsvc.exe
2014-05-19 07:22:47 ----A---- C:\Windows\SYSWOW64\QUTIL.DLL
2014-05-19 07:22:47 ----A---- C:\Windows\SYSWOW64\NAPCRYPT.DLL
2014-05-19 07:22:47 ----A---- C:\Windows\SYSWOW64\input.dll
2014-05-19 07:22:47 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-05-19 07:22:47 ----A---- C:\Windows\system32\wpdwcn.dll
2014-05-19 07:22:47 ----A---- C:\Windows\system32\wiavideo.dll
2014-05-19 07:22:47 ----A---- C:\Windows\system32\syssetup.dll
2014-05-19 07:22:47 ----A---- C:\Windows\system32\raschap.dll
2014-05-19 07:22:46 ----A---- C:\Windows\SYSWOW64\vpnikeapi.dll
2014-05-19 07:22:46 ----A---- C:\Windows\SYSWOW64\UserAccountControlSettings.dll
2014-05-19 07:22:46 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2014-05-19 07:22:46 ----A---- C:\Windows\SYSWOW64\ocsetapi.dll
2014-05-19 07:22:46 ----A---- C:\Windows\SYSWOW64\networkexplorer.dll
2014-05-19 07:22:46 ----A---- C:\Windows\system32\WMADMOD.DLL
2014-05-19 07:22:46 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2014-05-19 07:22:46 ----A---- C:\Windows\system32\MdSched.exe
2014-05-19 07:22:45 ----A---- C:\Windows\SYSWOW64\wpdwcn.dll
2014-05-19 07:22:45 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2014-05-19 07:22:45 ----A---- C:\Windows\SYSWOW64\vdsbas.dll
2014-05-19 07:22:45 ----A---- C:\Windows\SYSWOW64\runonce.exe
2014-05-19 07:22:45 ----A---- C:\Windows\SYSWOW64\onexui.dll
2014-05-19 07:22:45 ----A---- C:\Windows\SYSWOW64\iTVData.dll
2014-05-19 07:22:45 ----A---- C:\Windows\SYSWOW64\dxdiagn.dll
2014-05-19 07:22:45 ----A---- C:\Windows\system32\WMVSDECD.DLL
2014-05-19 07:22:45 ----A---- C:\Windows\system32\vdsbas.dll
2014-05-19 07:22:45 ----A---- C:\Windows\system32\nltest.exe
2014-05-19 07:22:45 ----A---- C:\Windows\system32\mstask.dll
2014-05-19 07:22:45 ----A---- C:\Windows\system32\Mcx2Svc.dll
2014-05-19 07:22:45 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2014-05-19 07:22:45 ----A---- C:\Windows\system32\drivers\rmcast.sys
2014-05-19 07:22:44 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2014-05-19 07:22:44 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2014-05-19 07:22:44 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2014-05-19 07:22:44 ----A---- C:\Windows\SYSWOW64\logagent.exe
2014-05-19 07:22:44 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2014-05-19 07:22:44 ----A---- C:\Windows\system32\vss_ps.dll
2014-05-19 07:22:44 ----A---- C:\Windows\system32\shacct.dll
2014-05-19 07:22:44 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2014-05-19 07:22:44 ----A---- C:\Windows\system32\cscapi.dll
2014-05-19 07:22:44 ----A---- C:\Windows\system32\bitsadmin.exe
2014-05-19 07:22:43 ----A---- C:\Windows\SYSWOW64\wmpshell.dll
2014-05-19 07:22:43 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll
2014-05-19 07:22:43 ----A---- C:\Windows\SYSWOW64\shacct.dll
2014-05-19 07:22:43 ----A---- C:\Windows\SYSWOW64\lsmproxy.dll
2014-05-19 07:22:43 ----A---- C:\Windows\SYSWOW64\bitsadmin.exe
2014-05-19 07:22:43 ----A---- C:\Windows\system32\WPDSp.dll
2014-05-19 07:22:43 ----A---- C:\Windows\system32\wmdrmnet.dll
2014-05-19 07:22:43 ----A---- C:\Windows\system32\tabcal.exe
2014-05-19 07:22:43 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-05-19 07:22:43 ----A---- C:\Windows\system32\qcap.dll
2014-05-19 07:22:43 ----A---- C:\Windows\system32\logman.exe
2014-05-19 07:22:42 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-05-19 07:22:42 ----A---- C:\Windows\SYSWOW64\unimdmat.dll
2014-05-19 07:22:42 ----A---- C:\Windows\SYSWOW64\sqlcese30.dll
2014-05-19 07:22:42 ----A---- C:\Windows\SYSWOW64\rdpd3d.dll
2014-05-19 07:22:42 ----A---- C:\Windows\SYSWOW64\iscsium.dll
2014-05-19 07:22:42 ----A---- C:\Windows\SYSWOW64\Bubbles.scr
2014-05-19 07:22:42 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2014-05-19 07:22:42 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-05-19 07:22:42 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2014-05-19 07:22:42 ----A---- C:\Windows\system32\msnetobj.dll
2014-05-19 07:22:42 ----A---- C:\Windows\system32\CscMig.dll
2014-05-19 07:22:41 ----A---- C:\Windows\SYSWOW64\PortableDeviceSyncProvider.dll
2014-05-19 07:22:41 ----A---- C:\Windows\SYSWOW64\pdh.dll
2014-05-19 07:22:41 ----A---- C:\Windows\SYSWOW64\OpcServices.dll
2014-05-19 07:22:41 ----A---- C:\Windows\SYSWOW64\ncryptui.dll
2014-05-19 07:22:41 ----A---- C:\Windows\SYSWOW64\mprapi.dll
2014-05-19 07:22:41 ----A---- C:\Windows\SYSWOW64\logman.exe
2014-05-19 07:22:41 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2014-05-19 07:22:41 ----A---- C:\Windows\system32\vmictimeprovider.dll
2014-05-19 07:22:41 ----A---- C:\Windows\system32\spbcd.dll
2014-05-19 07:22:41 ----A---- C:\Windows\system32\qdv.dll
2014-05-19 07:22:41 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2014-05-19 07:22:40 ----A---- C:\Windows\SYSWOW64\WPDSp.dll
2014-05-19 07:22:40 ----A---- C:\Windows\SYSWOW64\srvcli.dll
2014-05-19 07:22:40 ----A---- C:\Windows\SYSWOW64\Ribbons.scr
2014-05-19 07:22:40 ----A---- C:\Windows\SYSWOW64\QSVRMGMT.DLL
2014-05-19 07:22:40 ----A---- C:\Windows\SYSWOW64\PortableDeviceStatus.dll
2014-05-19 07:22:40 ----A---- C:\Windows\SYSWOW64\olethk32.dll
2014-05-19 07:22:40 ----A---- C:\Windows\SYSWOW64\Mystify.scr
2014-05-19 07:22:40 ----A---- C:\Windows\system32\takeown.exe
2014-05-19 07:22:40 ----A---- C:\Windows\system32\PnPUnattend.exe
2014-05-19 07:22:40 ----A---- C:\Windows\system32\fphc.dll
2014-05-19 07:22:40 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2014-05-19 07:22:40 ----A---- C:\Windows\system32\dot3ui.dll
2014-05-19 07:22:39 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2014-05-19 07:22:39 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2014-05-19 07:22:39 ----A---- C:\Windows\SYSWOW64\wiavideo.dll
2014-05-19 07:22:39 ----A---- C:\Windows\SYSWOW64\utildll.dll
2014-05-19 07:22:39 ----A---- C:\Windows\SYSWOW64\takeown.exe
2014-05-19 07:22:39 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2014-05-19 07:22:39 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2014-05-19 07:22:39 ----A---- C:\Windows\SYSWOW64\fphc.dll
2014-05-19 07:22:39 ----A---- C:\Windows\SYSWOW64\dot3msm.dll
2014-05-19 07:22:39 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2014-05-19 07:22:39 ----A---- C:\Windows\system32\WMPhoto.dll
2014-05-19 07:22:39 ----A---- C:\Windows\system32\EhStorAPI.dll
2014-05-19 07:22:39 ----A---- C:\Windows\system32\amstream.dll
2014-05-19 07:22:38 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2014-05-19 07:22:38 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll
2014-05-19 07:22:38 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2014-05-19 07:22:38 ----A---- C:\Windows\system32\vfwwdm32.dll
2014-05-19 07:22:38 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2014-05-19 07:22:37 ----A---- C:\Windows\SYSWOW64\sppinst.dll
2014-05-19 07:22:37 ----A---- C:\Windows\SYSWOW64\qdv.dll
2014-05-19 07:22:37 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-05-19 07:22:37 ----A---- C:\Windows\SYSWOW64\EhStorAPI.dll
2014-05-19 07:22:37 ----A---- C:\Windows\system32\WavDest.dll
2014-05-19 07:22:37 ----A---- C:\Windows\system32\shimgvw.dll
2014-05-19 07:22:37 ----A---- C:\Windows\system32\QCLIPROV.DLL
2014-05-19 07:22:37 ----A---- C:\Windows\system32\nrpsrv.dll
2014-05-19 07:22:37 ----A---- C:\Windows\system32\iasrecst.dll
2014-05-19 07:22:37 ----A---- C:\Windows\system32\djoin.exe
2014-05-19 07:22:37 ----A---- C:\Windows\system32\cmstp.exe
2014-05-19 07:22:37 ----A---- C:\Windows\system32\CertPolEng.dll
2014-05-19 07:22:36 ----A---- C:\Windows\SYSWOW64\QCLIPROV.DLL
2014-05-19 07:22:36 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2014-05-19 07:22:36 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2014-05-19 07:22:36 ----A---- C:\Windows\SYSWOW64\cmstp.exe
2014-05-19 07:22:36 ----A---- C:\Windows\SYSWOW64\cca.dll
2014-05-19 07:22:36 ----A---- C:\Windows\system32\fdProxy.dll
2014-05-19 07:22:36 ----A---- C:\Windows\system32\drivers\usbser.sys
2014-05-19 07:22:35 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2014-05-19 07:22:35 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2014-05-19 07:22:35 ----A---- C:\Windows\SYSWOW64\vfwwdm32.dll
2014-05-19 07:22:35 ----A---- C:\Windows\SYSWOW64\setupcln.dll
2014-05-19 07:22:35 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2014-05-19 07:22:35 ----A---- C:\Windows\SYSWOW64\MuiUnattend.exe
2014-05-19 07:22:35 ----A---- C:\Windows\system32\sscore.dll
2014-05-19 07:22:35 ----A---- C:\Windows\system32\relog.exe
2014-05-19 07:22:35 ----A---- C:\Windows\system32\mydocs.dll
2014-05-19 07:22:35 ----A---- C:\Windows\system32\MultiDigiMon.exe
2014-05-19 07:22:35 ----A---- C:\Windows\system32\KMSVC.DLL
2014-05-19 07:22:35 ----A---- C:\Windows\system32\iscsicli.exe
2014-05-19 07:22:35 ----A---- C:\Windows\system32\drivers\pacer.sys
2014-05-19 07:22:34 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2014-05-19 07:22:34 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2014-05-19 07:22:34 ----A---- C:\Windows\SYSWOW64\iasrecst.dll
2014-05-19 07:22:34 ----A---- C:\Windows\SYSWOW64\AzSqlExt.dll
2014-05-19 07:22:34 ----A---- C:\Windows\system32\diskpart.exe
2014-05-19 07:22:33 ----A---- C:\Windows\system32\mobsync.exe
2014-05-19 07:22:32 ----A---- C:\Windows\SYSWOW64\relog.exe
2014-05-19 07:22:32 ----A---- C:\Windows\system32\BWUnpairElevated.dll
2014-05-19 07:22:31 ----A---- C:\Windows\SYSWOW64\wkscli.dll
2014-05-19 07:22:31 ----A---- C:\Windows\SYSWOW64\spbcd.dll
2014-05-19 07:22:31 ----A---- C:\Windows\SYSWOW64\netiougc.exe
2014-05-19 07:22:31 ----A---- C:\Windows\SYSWOW64\iscsicli.exe
2014-05-19 07:22:31 ----A---- C:\Windows\system32\BdeHdCfg.exe
2014-05-19 07:22:30 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2014-05-19 07:22:30 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2014-05-19 07:22:30 ----A---- C:\Windows\SYSWOW64\mydocs.dll
2014-05-19 07:22:30 ----A---- C:\Windows\SYSWOW64\diskpart.exe
2014-05-19 07:22:30 ----A---- C:\Windows\SYSWOW64\amstream.dll
2014-05-19 07:22:30 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-05-19 07:22:30 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-05-19 07:22:30 ----A---- C:\Windows\system32\msdmo.dll
2014-05-19 07:22:30 ----A---- C:\Windows\system32\itircl.dll
2014-05-19 07:22:30 ----A---- C:\Windows\system32\dot3msm.dll
2014-05-19 07:22:29 ----A---- C:\Windows\SYSWOW64\wmpps.dll
2014-05-19 07:22:29 ----A---- C:\Windows\SYSWOW64\syssetup.dll
2014-05-19 07:22:29 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-05-19 07:22:29 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-05-19 07:22:29 ----A---- C:\Windows\SYSWOW64\resutils.dll
2014-05-19 07:22:29 ----A---- C:\Windows\SYSWOW64\itircl.dll
2014-05-19 07:22:29 ----A---- C:\Windows\SYSWOW64\CertPolEng.dll
2014-05-19 07:22:29 ----A---- C:\Windows\system32\qprocess.exe
2014-05-19 07:22:29 ----A---- C:\Windows\system32\mciqtz32.dll
2014-05-19 07:22:29 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-05-19 07:22:29 ----A---- C:\Windows\system32\eappgnui.dll
2014-05-19 07:22:28 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-05-19 07:22:28 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2014-05-19 07:22:28 ----A---- C:\Windows\SYSWOW64\tlscsp.dll
2014-05-19 07:22:28 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-05-19 07:22:28 ----A---- C:\Windows\SYSWOW64\ReAgentc.exe
2014-05-19 07:22:28 ----A---- C:\Windows\SYSWOW64\findstr.exe
2014-05-19 07:22:28 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2014-05-19 07:22:28 ----A---- C:\Windows\system32\sppc.dll
2014-05-19 07:22:28 ----A---- C:\Windows\system32\luainstall.dll
2014-05-19 07:22:28 ----A---- C:\Windows\system32\choice.exe
2014-05-19 07:22:28 ----A---- C:\Windows\system32\findstr.exe
2014-05-19 07:22:28 ----A---- C:\Windows\system32\drivers\tunnel.sys
2014-05-19 07:22:27 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-05-19 07:22:27 ----A---- C:\Windows\SYSWOW64\netutils.dll
2014-05-19 07:22:27 ----A---- C:\Windows\SYSWOW64\mobsync.exe
2014-05-19 07:22:27 ----A---- C:\Windows\SYSWOW64\mciqtz32.dll
2014-05-19 07:22:27 ----A---- C:\Windows\system32\schedcli.dll
2014-05-19 07:22:27 ----A---- C:\Windows\system32\onexui.dll
2014-05-19 07:22:27 ----A---- C:\Windows\system32\chglogon.exe
2014-05-19 07:22:27 ----A---- C:\Windows\system32\drivers\dfsc.sys
2014-05-19 07:22:26 ----A---- C:\Windows\SYSWOW64\sppc.dll
2014-05-19 07:22:26 ----A---- C:\Windows\SYSWOW64\muifontsetup.dll
2014-05-19 07:22:26 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2014-05-19 07:22:26 ----A---- C:\Windows\SYSWOW64\cabinet.dll
2014-05-19 07:22:26 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2014-05-19 07:22:26 ----A---- C:\Windows\system32\spopk.dll
2014-05-19 07:22:26 ----A---- C:\Windows\system32\repair-bde.exe
2014-05-19 07:22:26 ----A---- C:\Windows\system32\qappsrv.exe
2014-05-19 07:22:26 ----A---- C:\Windows\system32\manage-bde.exe
2014-05-19 07:22:26 ----A---- C:\Windows\system32\inetmib1.dll
2014-05-19 07:22:25 ----A---- C:\Windows\SYSWOW64\unlodctr.exe
2014-05-19 07:22:25 ----A---- C:\Windows\SYSWOW64\spopk.dll
2014-05-19 07:22:25 ----A---- C:\Windows\SYSWOW64\shimgvw.dll
2014-05-19 07:22:25 ----A---- C:\Windows\SYSWOW64\rdprefdrvapi.dll
2014-05-19 07:22:25 ----A---- C:\Windows\SYSWOW64\msdmo.dll
2014-05-19 07:22:25 ----A---- C:\Windows\SYSWOW64\luainstall.dll
2014-05-19 07:22:25 ----A---- C:\Windows\system32\vmicres.dll
2014-05-19 07:22:25 ----A---- C:\Windows\system32\tscon.exe
2014-05-19 07:22:25 ----A---- C:\Windows\system32\RDPENCDD.dll
2014-05-19 07:22:25 ----A---- C:\Windows\system32\odbcconf.dll
2014-05-19 07:22:25 ----A---- C:\Windows\system32\chgport.exe
2014-05-19 07:22:25 ----A---- C:\Windows\system32\fixmapi.exe
2014-05-19 07:22:24 ----A---- C:\Windows\SYSWOW64\inetmib1.dll
2014-05-19 07:22:24 ----A---- C:\Windows\system32\vmstorfltres.dll
2014-05-19 07:22:24 ----A---- C:\Windows\system32\tskill.exe
2014-05-19 07:22:24 ----A---- C:\Windows\system32\tsdiscon.exe
2014-05-19 07:22:24 ----A---- C:\Windows\system32\shadow.exe
2014-05-19 07:22:24 ----A---- C:\Windows\system32\rwinsta.exe
2014-05-19 07:22:24 ----A---- C:\Windows\system32\logoff.exe
2014-05-19 07:22:24 ----A---- C:\Windows\system32\chgusr.exe
2014-05-19 07:22:24 ----A---- C:\Windows\system32\FXSMON.dll
2014-05-19 07:22:23 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-05-19 07:22:23 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2014-05-19 07:22:23 ----A---- C:\Windows\SYSWOW64\odbcconf.dll
2014-05-19 07:22:23 ----A---- C:\Windows\system32\vmbusres.dll
2014-05-19 07:22:23 ----A---- C:\Windows\system32\UIRibbonRes.dll
2014-05-19 07:22:23 ----A---- C:\Windows\system32\TRAPI.dll
2014-05-19 07:22:23 ----A---- C:\Windows\system32\elsTrans.dll
2014-05-19 07:22:23 ----A---- C:\Windows\system32\drivers\tdi.sys
2014-05-19 07:22:22 ----A---- C:\Windows\SYSWOW64\perfts.dll
2014-05-19 07:22:22 ----A---- C:\Windows\SYSWOW64\imm32.dll
2014-05-19 07:22:22 ----A---- C:\Windows\system32\wshbth.dll
2014-05-19 07:22:22 ----A---- C:\Windows\system32\LogonUI.exe
2014-05-19 07:22:21 ----A---- C:\Windows\SYSWOW64\elsTrans.dll
2014-05-19 07:22:21 ----A---- C:\Windows\system32\reset.exe
2014-05-19 07:22:21 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2014-05-19 07:22:21 ----A---- C:\Windows\system32\query.exe
2014-05-19 07:22:21 ----A---- C:\Windows\system32\napdsnap.dll
2014-05-19 07:22:21 ----A---- C:\Windows\system32\change.exe
2014-05-19 07:22:21 ----A---- C:\Windows\system32\FXSUNATD.exe
2014-05-19 07:22:21 ----A---- C:\Windows\system32\dsauth.dll
2014-05-19 07:22:20 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2014-05-19 07:22:20 ----A---- C:\Windows\SYSWOW64\TRAPI.dll
2014-05-19 07:22:20 ----A---- C:\Windows\SYSWOW64\schedcli.dll
2014-05-19 07:22:20 ----A---- C:\Windows\SYSWOW64\bitsperf.dll
2014-05-19 07:22:20 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2014-05-19 07:22:20 ----A---- C:\Windows\system32\cscdll.dll
2014-05-19 07:22:20 ----A---- C:\Windows\system32\bitsperf.dll
2014-05-19 07:22:19 ----A---- C:\Windows\SYSWOW64\napdsnap.dll
2014-05-19 07:22:19 ----A---- C:\Windows\SYSWOW64\dsauth.dll
2014-05-19 07:22:19 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2014-05-19 07:22:19 ----A---- C:\Windows\system32\wsdchngr.dll
2014-05-19 07:22:19 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2014-05-19 07:22:18 ----A---- C:\Windows\SYSWOW64\wsdchngr.dll
2014-05-19 07:22:18 ----A---- C:\Windows\SYSWOW64\sscore.dll
2014-05-19 07:22:18 ----A---- C:\Windows\SYSWOW64\shgina.dll
2014-05-19 07:22:18 ----A---- C:\Windows\SYSWOW64\riched32.dll
2014-05-19 07:22:18 ----A---- C:\Windows\system32\shgina.dll
2014-05-19 07:22:17 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2014-05-19 07:22:17 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2014-05-19 07:22:16 ----A---- C:\Windows\system32\wshirda.dll
2014-05-19 07:22:15 ----A---- C:\Windows\system32\drivers\hidusb.sys
2014-05-19 07:22:15 ----A---- C:\Windows\system32\drivers\appid.sys
2014-05-19 07:22:14 ----A---- C:\Windows\SYSWOW64\wshirda.dll
2014-05-19 07:22:14 ----A---- C:\Windows\system32\vmbuspipe.dll
2014-05-19 07:22:14 ----A---- C:\Windows\system32\riched32.dll
2014-05-19 07:22:14 ----A---- C:\Windows\system32\rdpcfgex.dll
2014-05-19 07:22:14 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2014-05-19 07:22:13 ----A---- C:\Windows\system32\spwmp.dll
2014-05-19 07:22:13 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2014-05-19 07:22:13 ----A---- C:\Windows\system32\browseui.dll
2014-05-19 07:22:12 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-05-19 07:22:12 ----A---- C:\Windows\SYSWOW64\browseui.dll
2014-05-19 07:22:12 ----A---- C:\Windows\system32\VmdCoinstall.dll
2014-05-19 07:22:12 ----A---- C:\Windows\system32\VmbusCoinstaller.dll
2014-05-19 07:22:12 ----A---- C:\Windows\system32\IcCoinstall.dll
2014-05-19 07:22:12 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2014-05-19 07:22:12 ----A---- C:\Windows\system32\C_ISCII.DLL
2014-05-19 07:22:11 ----AH---- C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2014-05-19 07:22:11 ----A---- C:\Windows\SYSWOW64\shunimpl.dll
2014-05-19 07:22:11 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-05-19 07:22:11 ----A---- C:\Windows\SYSWOW64\C_ISCII.DLL
2014-05-19 07:22:11 ----A---- C:\Windows\system32\shunimpl.dll
2014-05-19 07:22:11 ----A---- C:\Windows\system32\dxmasf.dll
2014-05-19 07:22:11 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2014-05-19 07:22:11 ----A---- C:\Windows\system32\drivers\scfilter.sys
2014-05-19 07:22:11 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2014-05-19 07:22:11 ----A---- C:\Windows\system32\drivers\cdrom.sys
2014-05-19 07:22:10 ----A---- C:\Windows\SYSWOW64\KBDTUQ.DLL
2014-05-19 07:22:10 ----A---- C:\Windows\SYSWOW64\KBDTUF.DLL
2014-05-19 07:22:10 ----A---- C:\Windows\SYSWOW64\KBDSG.DLL
2014-05-19 07:22:10 ----A---- C:\Windows\SYSWOW64\kbdlk41a.dll
2014-05-19 07:22:10 ----A---- C:\Windows\SYSWOW64\KBDGR1.DLL
2014-05-19 07:22:10 ----A---- C:\Windows\system32\KBDTUQ.DLL
2014-05-19 07:22:10 ----A---- C:\Windows\system32\KBDTUF.DLL
2014-05-19 07:22:10 ----A---- C:\Windows\system32\KBDSG.DLL
2014-05-19 07:22:10 ----A---- C:\Windows\system32\KBDSF.DLL
2014-05-19 07:22:10 ----A---- C:\Windows\system32\KBDPO.DLL
2014-05-19 07:22:10 ----A---- C:\Windows\system32\KBDINTAM.DLL
2014-05-19 07:22:10 ----A---- C:\Windows\system32\KBDINBEN.DLL
2014-05-19 07:22:09 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-05-19 07:22:09 ----A---- C:\Windows\SYSWOW64\KBDGKL.DLL
2014-05-19 07:22:09 ----A---- C:\Windows\system32\wmploc.DLL
2014-05-19 07:22:09 ----A---- C:\Windows\system32\KBDNEPR.DLL
2014-05-19 07:22:09 ----A---- C:\Windows\system32\kbdlk41a.dll
2014-05-19 07:22:09 ----A---- C:\Windows\system32\KBDGR1.DLL
2014-05-19 07:22:09 ----A---- C:\Windows\system32\KBDGKL.DLL
2014-05-19 07:22:08 ----A---- C:\Windows\SYSWOW64\KBDUS.DLL
2014-05-19 07:22:08 ----A---- C:\Windows\SYSWOW64\KBDTURME.DLL
2014-05-19 07:22:08 ----A---- C:\Windows\SYSWOW64\KBDTAJIK.DLL
2014-05-19 07:22:08 ----A---- C:\Windows\SYSWOW64\KBDMON.DLL
2014-05-19 07:22:08 ----A---- C:\Windows\SYSWOW64\KBDINTEL.DLL
2014-05-19 07:22:08 ----A---- C:\Windows\SYSWOW64\KBDGEO.DLL
2014-05-19 07:22:08 ----A---- C:\Windows\SYSWOW64\KBDBLR.DLL
2014-05-19 07:22:07 ----A---- C:\Windows\SYSWOW64\KBDINHIN.DLL
2014-05-19 07:22:07 ----A---- C:\Windows\SYSWOW64\KBDCZ1.DLL
2014-05-19 07:22:07 ----A---- C:\Windows\system32\KBDUS.DLL
2014-05-19 07:22:07 ----A---- C:\Windows\system32\KBDGEO.DLL
2014-05-19 07:22:07 ----A---- C:\Windows\system32\KBDCZ1.DLL
2014-05-19 07:22:07 ----A---- C:\Windows\system32\drivers\vms3cap.sys
2014-05-19 07:22:06 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2014-05-19 07:22:05 ----A---- C:\Windows\SYSWOW64\KBDUGHR1.DLL
2014-05-19 07:22:05 ----A---- C:\Windows\SYSWOW64\KBDMAORI.DLL
2014-05-19 07:22:05 ----A---- C:\Windows\SYSWOW64\KBDLT1.DLL
2014-05-19 07:22:05 ----A---- C:\Windows\SYSWOW64\KBDINTAM.DLL
2014-05-19 07:22:05 ----A---- C:\Windows\SYSWOW64\KBDINORI.DLL
2014-05-19 07:22:05 ----A---- C:\Windows\SYSWOW64\KBDINMAR.DLL
2014-05-19 07:22:05 ----A---- C:\Windows\SYSWOW64\KBDINKAN.DLL
2014-05-19 07:22:05 ----A---- C:\Windows\SYSWOW64\KBDINBEN.DLL
2014-05-19 07:22:05 ----A---- C:\Windows\SYSWOW64\KBDBULG.DLL
2014-05-19 07:22:05 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2014-05-19 07:22:05 ----A---- C:\Windows\system32\KBDMON.DLL
2014-05-19 07:22:05 ----A---- C:\Windows\system32\KBDLT1.DLL
2014-05-19 07:22:05 ----A---- C:\Windows\system32\KBDBULG.DLL
2014-05-19 07:22:05 ----A---- C:\Windows\system32\KBDBLR.DLL
2014-05-19 07:22:04 ----A---- C:\Windows\SYSWOW64\spwizres.dll
2014-05-19 07:22:04 ----A---- C:\Windows\SYSWOW64\pifmgr.dll
2014-05-19 07:22:04 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2014-05-19 07:22:04 ----A---- C:\Windows\SYSWOW64\KBDSF.DLL
2014-05-19 07:22:04 ----A---- C:\Windows\SYSWOW64\KBDPO.DLL
2014-05-19 07:22:04 ----A---- C:\Windows\SYSWOW64\KBDNEPR.DLL
2014-05-19 07:22:04 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-05-19 07:22:04 ----A---- C:\Windows\system32\spwizres.dll
2014-05-19 07:22:04 ----A---- C:\Windows\system32\pifmgr.dll
2014-05-19 07:22:04 ----A---- C:\Windows\system32\nlsbres.dll
2014-05-19 07:22:04 ----A---- C:\Windows\system32\KBDTURME.DLL
2014-05-19 07:22:04 ----A---- C:\Windows\system32\KBDMAORI.DLL
2014-05-19 07:22:04 ----A---- C:\Windows\system32\KBDINTEL.DLL
2014-05-19 07:22:04 ----A---- C:\Windows\system32\KBDINORI.DLL
2014-05-19 07:22:04 ----A---- C:\Windows\system32\KBDINMAR.DLL
2014-05-19 07:22:04 ----A---- C:\Windows\system32\KBDINKAN.DLL
2014-05-19 07:22:04 ----A---- C:\Windows\system32\KBDINHIN.DLL
2014-05-19 07:22:04 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-05-19 07:22:03 ----A---- C:\Windows\system32\drivers\VMBusHID.sys
2014-05-19 07:22:03 ----A---- C:\Windows\system32\BlbEvents.dll
2014-05-19 07:21:35 ----A---- C:\Windows\SYSWOW64\wdscore.dll
2014-05-19 07:21:32 ----A---- C:\Windows\system32\dpx.dll
2014-05-19 07:21:11 ----A---- C:\Windows\SYSWOW64\sqmapi.dll
2014-05-19 07:21:07 ----A---- C:\Windows\SYSWOW64\printmanagement.msc
2014-05-19 07:20:47 ----A---- C:\Windows\SYSWOW64\wbemcomn.dll
2014-05-19 07:17:52 ----A---- C:\Windows\system32\wbemcomn.dll
2014-05-19 07:17:39 ----A---- C:\Windows\system32\sqmapi.dll
2014-05-19 06:39:18 ----A---- C:\Windows\system32\Wdfres.dll
2014-05-19 06:39:18 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-05-19 06:39:18 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-05-19 06:25:10 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-19 06:25:10 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-19 06:25:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-05-19 06:25:08 ----A---- C:\Windows\SYSWOW64\url.dll
2014-05-19 06:25:08 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-05-19 06:25:08 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-05-19 06:25:08 ----A---- C:\Windows\system32\url.dll
2014-05-19 06:25:08 ----A---- C:\Windows\system32\ieUnatt.exe
2014-05-19 06:25:08 ----A---- C:\Windows\system32\ieui.dll
2014-05-19 06:25:07 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-05-19 06:25:07 ----A---- C:\Windows\system32\urlmon.dll
2014-05-19 06:25:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-05-19 06:25:06 ----A---- C:\Windows\system32\msfeeds.dll
2014-05-19 06:25:06 ----A---- C:\Windows\system32\jscript9.dll
2014-05-19 06:25:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-05-19 06:25:05 ----A---- C:\Windows\system32\wininet.dll
2014-05-19 06:25:05 ----A---- C:\Windows\system32\jsproxy.dll
2014-05-19 06:25:04 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-05-19 06:25:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-05-19 06:25:04 ----A---- C:\Windows\system32\vbscript.dll
2014-05-19 06:25:04 ----A---- C:\Windows\system32\jscript.dll
2014-05-19 06:25:04 ----A---- C:\Windows\system32\iertutil.dll
2014-05-19 06:25:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-05-19 06:25:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-05-19 06:25:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-19 06:25:00 ----A---- C:\Windows\system32\mshtml.dll
2014-05-19 06:24:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-05-19 06:24:58 ----A---- C:\Windows\system32\ieframe.dll
2014-05-19 06:23:55 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2014-05-19 06:23:55 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2014-05-19 06:23:55 ----A---- C:\Windows\system32\atmlib.dll
2014-05-19 06:23:55 ----A---- C:\Windows\system32\atmfd.dll
2014-05-19 06:23:22 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-05-19 06:23:22 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-05-19 06:23:21 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-05-19 06:23:21 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-05-19 06:23:20 ----A---- C:\Windows\system32\WUDFx.dll
2014-05-19 06:23:20 ----A---- C:\Windows\system32\WUDFHost.exe
2014-05-19 06:23:20 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-05-16 15:15:05 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2014-05-16 15:15:05 ----A---- C:\Windows\system32\d3d10level9.dll
2014-05-16 15:15:03 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-05-16 15:15:03 ----A---- C:\Windows\system32\usp10.dll
2014-05-16 15:14:51 ----A---- C:\Windows\system32\Wpc.dll
2014-05-16 15:14:51 ----A---- C:\Windows\system32\gameux.dll
2014-05-16 15:14:50 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2014-05-16 15:14:50 ----A---- C:\Windows\SYSWOW64\gameux.dll
2014-05-16 15:13:47 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-16 15:13:46 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-05-16 15:13:45 ----A---- C:\Windows\system32\kernel32.dll
2014-05-16 15:13:44 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-16 15:13:44 ----A---- C:\Windows\system32\conhost.exe
2014-05-16 15:13:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-05-16 15:13:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-16 15:13:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-16 15:13:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-05-16 15:13:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-16 15:13:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-05-16 15:13:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-16 15:13:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-16 15:13:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-16 15:13:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-16 15:13:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-05-16 15:13:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-05-16 15:13:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-16 15:13:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-16 15:13:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-05-16 15:13:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-05-16 15:13:38 ----A---- C:\Windows\system32\wow64win.dll
2014-05-16 15:13:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-05-16 15:13:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-05-16 15:13:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-05-16 15:13:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-05-16 15:13:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-05-16 15:13:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-05-16 15:13:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-16 15:13:35 ----A---- C:\Windows\system32\wow64.dll
2014-05-16 15:13:33 ----A---- C:\Windows\system32\wow64cpu.dll
2014-05-16 15:13:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-05-16 15:13:32 ----A---- C:\Windows\system32\ntvdm64.dll
2014-05-16 15:13:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-05-16 15:13:24 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-05-16 15:13:24 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-05-16 15:13:24 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-16 15:13:24 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-16 15:13:23 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-05-16 15:13:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-05-16 15:13:22 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-16 15:13:22 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-05-16 15:13:22 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-16 15:13:22 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-16 15:13:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-16 15:13:20 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-05-16 15:13:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-05-16 15:13:19 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-16 15:13:19 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-16 15:13:19 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-05-16 15:13:19 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-16 15:13:19 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-05-16 15:13:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-05-16 15:13:18 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-05-16 15:13:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-05-16 15:13:17 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-05-16 15:13:17 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-16 15:13:17 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-05-16 15:13:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-05-16 15:13:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-05-16 15:13:16 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-05-16 15:13:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-05-16 15:13:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-05-16 15:13:10 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-05-16 15:13:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-05-16 15:10:16 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-05-15 20:58:31 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2014-05-15 20:58:31 ----A---- C:\Windows\system32\win32spl.dll
2014-05-15 20:58:28 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-05-15 20:58:28 ----A---- C:\Windows\system32\mstscax.dll
2014-05-15 20:58:27 ----A---- C:\Windows\system32\aaclient.dll
2014-05-15 20:58:26 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-05-15 20:58:26 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-05-15 20:58:26 ----A---- C:\Windows\system32\tsgqec.dll
2014-05-15 20:58:03 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-05-15 20:58:03 ----A---- C:\Windows\system32\tzres.dll
2014-05-15 20:57:49 ----A---- C:\Windows\system32\win32k.sys
2014-05-15 20:56:57 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-05-15 20:56:46 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-05-15 20:56:44 ----A---- C:\Windows\system32\msxml6.dll
2014-05-15 20:56:44 ----A---- C:\Windows\system32\msxml3.dll
2014-05-15 20:56:43 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-05-15 20:56:43 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-05-15 20:55:46 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-05-15 20:55:46 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2014-05-15 20:55:46 ----A---- C:\Windows\SYSWOW64\dpnaddr.dll
2014-05-15 20:55:46 ----A---- C:\Windows\system32\ncrypt.dll
2014-05-15 20:55:46 ----A---- C:\Windows\system32\dpnet.dll
2014-05-15 20:55:46 ----A---- C:\Windows\system32\dpnaddr.dll
2014-05-15 20:55:43 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-05-15 20:55:43 ----A---- C:\Windows\system32\wintrust.dll
2014-05-15 20:55:41 ----A---- C:\Windows\system32\winsrv.dll
2014-05-15 20:55:40 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-05-15 20:55:40 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-05-15 20:55:39 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-05-15 20:55:39 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-05-15 20:55:37 ----A---- C:\Windows\SYSWOW64\user.exe
2014-05-15 20:55:00 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-05-15 20:54:59 ----A---- C:\Windows\system32\drivers\netio.sys
2014-05-15 20:54:59 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-05-15 20:54:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-15 20:54:23 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 20:54:20 ----A---- C:\Windows\SYSWOW64\synceng.dll
2014-05-15 20:54:20 ----A---- C:\Windows\system32\synceng.dll
2014-05-15 20:54:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 20:54:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-15 20:54:14 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-15 20:54:11 ----A---- C:\Windows\system32\smss.exe
2014-05-15 20:54:11 ----A---- C:\Windows\system32\csrsrv.dll
2014-05-15 20:54:10 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2014-05-15 20:53:40 ----A---- C:\Windows\system32\crypt32.dll
2014-05-15 20:53:39 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-05-15 20:53:39 ----A---- C:\Windows\system32\cryptsvc.dll
2014-05-15 20:53:39 ----A---- C:\Windows\system32\cryptnet.dll
2014-05-15 20:53:38 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-05-15 20:53:38 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2014-05-15 20:14:48 ----D---- C:\Program Files (x86)\GOTCHA!
2014-05-14 20:50:01 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2014-05-12 15:40:06 ----D---- C:\Users\Krkinho\AppData\Roaming\Opera Software
2014-05-11 21:51:59 ----D---- C:\Users\Krkinho\AppData\Roaming\Sony Creative Software
2014-05-11 21:11:31 ----D---- C:\ProgramData\Sony
2014-05-11 20:49:19 ----D---- C:\ProgramData\Pinnacle
2014-05-07 06:56:04 ----D---- C:\ProgramData\webcam 7

======List of files/folders modified in the last 1 month======

2014-05-29 19:17:25 ----D---- C:\Windows\Temp
2014-05-29 19:17:20 ----RD---- C:\Program Files
2014-05-29 19:13:42 ----AD---- C:\ProgramData\TEMP
2014-05-28 21:44:17 ----D---- C:\Program Files (x86)\Counter-Strike 1.6 Non-Steam
2014-05-27 19:38:32 ----D---- C:\Windows
2014-05-27 19:36:40 ----RD---- C:\Program Files (x86)
2014-05-27 19:32:57 ----D---- C:\ProgramData
2014-05-27 19:08:42 ----D---- C:\Users\Krkinho\AppData\Roaming\Skype
2014-05-27 15:20:07 ----D---- C:\ProgramData\CanonIJPLM
2014-05-27 15:19:00 ----D---- C:\Windows\System32
2014-05-27 15:19:00 ----D---- C:\Windows\inf
2014-05-27 15:19:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-27 14:18:20 ----D---- C:\Users\Krkinho\AppData\Roaming\uTorrent
2014-05-26 19:59:35 ----D---- C:\Windows\Prefetch
2014-05-25 15:12:33 ----D---- C:\Windows\system32\catroot2
2014-05-25 15:12:28 ----SHD---- C:\System Volume Information
2014-05-24 18:04:09 ----D---- C:\Windows\system32\config
2014-05-23 15:28:25 ----D---- C:\Program Files (x86)\Mp3 Convert Master
2014-05-23 15:28:24 ----D---- C:\Windows\SysWOW64
2014-05-23 14:33:02 ----D---- C:\Windows\Minidump
2014-05-23 14:29:26 ----D---- C:\Program Files (x86)\Glary Utilities 4
2014-05-21 18:03:23 ----SHD---- C:\Windows\Installer
2014-05-21 18:03:23 ----D---- C:\ProgramData\Skype
2014-05-21 18:03:20 ----RD---- C:\Program Files (x86)\Skype
2014-05-21 18:03:20 ----D---- C:\Program Files (x86)\Common Files
2014-05-20 15:48:23 ----RSD---- C:\Windows\assembly
2014-05-20 15:48:23 ----D---- C:\Windows\Microsoft.NET
2014-05-19 19:15:51 ----D---- C:\Users\Krkinho\AppData\Roaming\vlc
2014-05-19 14:22:33 ----D---- C:\Windows\system32\catroot
2014-05-19 14:08:18 ----D---- C:\Windows\winsxs
2014-05-19 14:06:44 ----D---- C:\Windows\system32\DriverStore
2014-05-19 13:57:29 ----D---- C:\Program Files (x86)\Windows Sidebar
2014-05-19 13:57:29 ----D---- C:\Program Files (x86)\Windows Portable Devices
2014-05-19 13:57:29 ----D---- C:\Program Files (x86)\Windows Mail
2014-05-19 13:57:28 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2014-05-19 13:57:28 ----D---- C:\Program Files (x86)\Windows Media Player
2014-05-19 13:57:16 ----D---- C:\Program Files\Windows Sidebar
2014-05-19 13:57:16 ----D---- C:\Program Files\Windows Mail
2014-05-19 13:57:15 ----D---- C:\Program Files\DVD Maker
2014-05-19 13:57:14 ----D---- C:\Program Files\Windows Portable Devices
2014-05-19 13:57:14 ----D---- C:\Program Files\Windows Media Player
2014-05-19 13:57:13 ----D---- C:\Program Files\Windows Photo Viewer
2014-05-19 13:57:12 ----D---- C:\Program Files\Windows Journal
2014-05-19 13:57:08 ----D---- C:\Program Files\Common Files\System
2014-05-19 13:57:01 ----D---- C:\Program Files\Windows Defender
2014-05-19 13:57:00 ----D---- C:\Windows\servicing
2014-05-19 13:56:59 ----D---- C:\Windows\ehome
2014-05-19 13:56:18 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2014-05-19 13:56:17 ----D---- C:\Windows\SYSWOW64\oobe
2014-05-19 13:56:17 ----D---- C:\Windows\SYSWOW64\da-DK
2014-05-19 13:56:16 ----D---- C:\Windows\SYSWOW64\migration
2014-05-19 13:56:14 ----D---- C:\Windows\SYSWOW64\Setup
2014-05-19 13:56:14 ----D---- C:\Windows\SYSWOW64\cs
2014-05-19 13:56:14 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2014-05-19 13:56:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-05-19 13:56:02 ----D---- C:\Windows\SYSWOW64\manifeststore
2014-05-19 13:56:01 ----D---- C:\Windows\SYSWOW64\sppui
2014-05-19 13:56:01 ----D---- C:\Windows\SYSWOW64\es-ES
2014-05-19 13:55:59 ----D---- C:\Windows\SYSWOW64\wbem
2014-05-19 13:55:57 ----D---- C:\Windows\SYSWOW64\migwiz
2014-05-19 13:55:56 ----D---- C:\Windows\SYSWOW64\Dism
2014-05-19 13:54:22 ----D---- C:\Windows\system32\da-DK
2014-05-19 13:54:22 ----D---- C:\Windows\PolicyDefinitions
2014-05-19 13:54:20 ----D---- C:\Windows\system32\oobe
2014-05-19 13:54:20 ----D---- C:\Windows\system32\en-US
2014-05-19 13:54:18 ----D---- C:\Windows\system32\migration
2014-05-19 13:54:17 ----D---- C:\Windows\system32\AdvancedInstallers
2014-05-19 13:54:16 ----D---- C:\Windows\system32\Setup
2014-05-19 13:54:16 ----D---- C:\Windows\system32\cs
2014-05-19 13:54:11 ----D---- C:\Windows\system32\cs-CZ
2014-05-19 13:53:58 ----D---- C:\Windows\system32\manifeststore
2014-05-19 13:53:58 ----D---- C:\Windows\system32\es-ES
2014-05-19 13:53:57 ----D---- C:\Windows\system32\sppui
2014-05-19 13:53:52 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-05-19 13:53:50 ----D---- C:\Windows\system32\drivers\UMDF
2014-05-19 13:53:50 ----D---- C:\Windows\system32\drivers
2014-05-19 13:53:47 ----D---- C:\Windows\system32\wbem
2014-05-19 13:53:41 ----D---- C:\Windows\system32\migwiz
2014-05-19 13:53:40 ----D---- C:\Windows\system32\Dism
2014-05-19 13:51:36 ----RSD---- C:\Windows\Fonts
2014-05-19 13:51:31 ----D---- C:\Windows\AppPatch
2014-05-19 13:50:41 ----D---- C:\Windows\system32\Boot
2014-05-19 13:43:21 ----D---- C:\ProgramData\Microsoft Help
2014-05-19 13:41:02 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2014-05-19 13:41:02 ----A---- C:\Windows\system32\msclmd.dll
2014-05-19 12:52:48 ----D---- C:\Program Files\Microsoft Silverlight
2014-05-19 12:52:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-05-19 12:50:18 ----D---- C:\Program Files (x86)\Internet Explorer
2014-05-19 12:50:14 ----D---- C:\Program Files\Internet Explorer
2014-05-19 06:19:29 ----D---- C:\Program Files (x86)\Microsoft Works
2014-05-19 06:16:06 ----A---- C:\Windows\win.ini
2014-05-19 06:15:38 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-05-17 15:59:22 ----D---- C:\Users\Krkinho\AppData\Roaming\.minecraft
2014-05-16 12:56:50 ----D---- C:\Program Files (x86)\Opera
2014-05-15 20:29:44 ----D---- C:\Windows\SoftwareDistribution
2014-05-14 20:50:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-12 15:43:10 ----D---- C:\Windows\system32\Tasks
2014-05-04 16:16:55 ----D---- C:\Program Files (x86)\Electronic Arts
2014-05-04 12:09:41 ----D---- C:\Program Files (x86)\Adobe
2014-05-04 12:01:48 ----D---- C:\Users\Krkinho\AppData\Roaming\Adobe
2014-05-04 12:01:13 ----D---- C:\ProgramData\Adobe
2014-05-04 11:46:40 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-04 11:39:58 ----D---- C:\Program Files (x86)\Ubisoft
2014-05-03 23:23:47 ----D---- C:\Program Files (x86)\DSPRobotics
2014-05-02 11:36:49 ----D---- C:\Windows\Downloaded Program Files
2014-05-02 11:18:36 ----D---- C:\Program Files (x86)\EA GAMES
2014-04-30 15:04:25 ----D---- C:\Program Files (x86)\Steam
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-18 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-18 208416]
R0 BootDefragDriver;BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [2014-03-17 17600]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-18 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-17 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-17 423240]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-06-09 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-04-18 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-18 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-17 85328]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-28 9319424]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-28 303616]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-04-21 2727424]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-06 25912]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-01-27 12273408]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2000-01-01 174680]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-10-26 406632]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2010-12-21 1826048]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-05-27 528384]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-04-18 1413168]
R3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-03-26 37888]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys []
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys []
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys []
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys []
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2013-11-20 44640]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys []
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys []
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys []
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys []
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys []
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [2010-01-27 5248]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-28 203264]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-18 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-07-05 227384]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-07-06 1698360]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 NMSAccessU;NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-12-27 76888]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2010-05-18 327064]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-05-27 301568]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-07-05 988216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-09-12 85096]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-09 1255736]

-----------------EOF-----------------

#14 Příspěvek od **motji** » 29 kvě 2014 21:52

Něco škaredého tam bylo, koukneme pořádně

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

Petan999 · #15 Příspěvek od **Petan999** » 30 kvě 2014 17:22

Je možné že tam bude něco z dřívějška...už jsem měl asi 2 ''horší'' viry v pc včetně policie ČR...jinak díky že tu semnou ztrácíte čas

ComboFix 14-05-29.01 - Krkinho 30.05.2014 17:48:34.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4030.2424 [GMT 2:00]
Spuštěný z: c:\users\Krkinho\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Downloaded Installers
c:\program files (x86)\Downloaded Installers\{751f6a0b-fdec-47b6-b45d-7a1ae742a87a}\setup.msi
c:\programdata\ocbiwa.pad
c:\programdata\t0eql.pad
c:\programdata\wgz63.pad
c:\users\Krkinho\AppData\Local\assembly\tmp
c:\users\Krkinho\AppData\Local\MSGBOX.EXE
c:\users\Krkinho\AppData\Roaming\25AF.exe
c:\users\Krkinho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
c:\windows\_detmp.2
c:\windows\_detmp.4
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\SysWow64\tmp31C5.tmp
c:\windows\SysWow64\tmp31C6.tmp
c:\windows\SysWow64\tmp8493.tmp
c:\windows\SysWow64\tmp84A3.tmp
c:\windows\SysWow64\tmpC60C.tmp
c:\windows\SysWow64\tmpC61D.tmp
c:\windows\SysWow64\tmpDE3E.tmp
c:\windows\SysWow64\tmpDE3F.tmp
c:\windows\Uninstall.cmd
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-28 do 2014-05-30 )))))))))))))))))))))))))))))))
.
.
2014-05-30 16:05 . 2014-05-30 16:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-29 17:17 . 2014-05-29 17:17 -------- d-----w- C:\rsit
2014-05-29 17:17 . 2014-05-29 17:17 -------- d-----w- c:\program files\trend micro
2014-05-27 17:34 . 2014-05-27 17:36 -------- d-----w- C:\AdwCleaner
2014-05-27 17:23 . 2014-05-27 17:23 -------- d-----w- c:\windows\ERUNT
2014-05-26 16:13 . 2014-05-26 18:35 -------- d-----w- c:\users\Krkinho\AppData\Roaming\wfirewall
2014-05-25 13:14 . 2014-05-29 13:31 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FB563255-3F71-447D-B4DE-BA7D57065487}\offreg.dll
2014-05-25 13:13 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FB563255-3F71-447D-B4DE-BA7D57065487}\mpengine.dll
2014-05-21 16:03 . 2014-05-21 16:03 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-05-19 11:28 . 2014-05-19 11:28 -------- d-----w- c:\windows\system32\SPReview
2014-05-19 11:19 . 2014-05-19 11:19 -------- d-----w- c:\windows\system32\EventProviders
2014-05-19 05:24 . 2010-11-20 13:27 444416 ----a-w- c:\windows\system32\winhttp.dll
2014-05-19 05:23 . 2010-11-20 13:27 475136 ----a-w- c:\windows\system32\wlangpui.dll
2014-05-19 05:22 . 2010-11-20 13:27 71680 ----a-w- c:\windows\system32\wkscli.dll
2014-05-19 05:21 . 2010-11-20 13:33 6656 ----a-w- c:\windows\system32\drivers\cs-CZ\rdvgkmd.sys.mui
2014-05-19 05:21 . 2010-11-20 13:25 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbhub.sys.mui
2014-05-19 05:21 . 2010-11-20 13:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2014-05-19 05:21 . 2010-11-20 13:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2014-05-19 05:21 . 2010-11-20 13:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2014-05-19 05:21 . 2010-11-20 13:31 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2014-05-19 05:21 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2014-05-19 05:21 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2014-05-19 05:21 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll
2014-05-19 05:20 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2014-05-19 05:20 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2014-05-19 05:20 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2014-05-19 05:17 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2014-05-19 05:17 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2014-05-19 05:17 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2014-05-19 04:39 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2014-05-19 04:39 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2014-05-19 04:39 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-05-19 04:39 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2014-05-19 04:24 . 2013-02-22 06:29 10925568 ----a-w- c:\windows\system32\ieframe.dll
2014-05-19 04:23 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2014-05-19 04:23 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2014-05-19 04:23 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2014-05-19 04:23 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2014-05-19 04:23 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-05-19 04:23 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-05-19 04:23 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-05-19 04:23 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-05-19 04:23 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-05-19 04:23 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-05-19 04:23 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-05-19 04:16 . 2014-05-19 04:16 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-05-16 13:15 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2014-05-16 13:15 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-05-16 13:15 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll
2014-05-16 13:15 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2014-05-16 13:13 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2014-05-16 13:10 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2014-05-15 18:58 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2014-05-15 18:58 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2014-05-15 18:58 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2014-05-15 18:58 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-05-15 18:58 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2014-05-15 18:58 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2014-05-15 18:58 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2014-05-15 18:58 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2014-05-15 18:58 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2014-05-15 18:58 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-05-15 18:57 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2014-05-15 18:56 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-05-15 18:56 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2014-05-15 18:56 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2014-05-15 18:56 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2014-05-15 18:56 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2014-05-15 18:56 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-05-15 18:54 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-05-15 18:54 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2014-05-15 18:54 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2014-05-15 18:54 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-05-15 18:54 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2014-05-15 18:54 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2014-05-15 18:54 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-05-15 18:54 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2014-05-15 18:54 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2014-05-15 18:54 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2014-05-15 18:54 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2014-05-15 18:54 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2014-05-15 18:53 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2014-05-15 18:53 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2014-05-15 18:53 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2014-05-15 18:53 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2014-05-15 18:53 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2014-05-15 18:53 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2014-05-15 18:14 . 2014-05-22 05:11 -------- d-----w- c:\program files (x86)\GOTCHA!
2014-05-14 18:50 . 2014-05-14 18:50 17938608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-05-12 13:40 . 2014-05-12 13:40 -------- d-----w- c:\users\Krkinho\AppData\Roaming\Opera Software
2014-05-12 13:40 . 2014-05-12 13:40 -------- d-----w- c:\users\Krkinho\AppData\Local\Opera Software
2014-05-11 19:51 . 2014-05-11 19:51 -------- d-----w- c:\users\Krkinho\AppData\Roaming\Sony Creative Software
2014-05-11 19:11 . 2014-05-11 19:11 -------- d-----w- c:\programdata\Sony
2014-05-11 18:49 . 2014-05-11 18:49 -------- d-----w- c:\programdata\Pinnacle
2014-05-11 18:49 . 2014-05-11 18:49 -------- d-----w- c:\users\Krkinho\AppData\Local\Downloaded Installations
2014-05-07 04:56 . 2014-05-07 04:56 -------- d-----w- c:\programdata\webcam 7
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-19 11:41 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-05-19 11:41 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-05-17 10:29 . 2013-12-20 17:02 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-05-17 10:29 . 2013-11-20 17:00 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-05-17 10:29 . 2013-11-20 17:00 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-05-14 18:50 . 2012-06-27 14:44 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-14 18:50 . 2011-09-07 15:16 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-18 10:28 . 2014-04-18 10:28 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-04-18 10:28 . 2013-11-20 17:01 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-18 10:28 . 2013-11-20 17:00 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-18 10:28 . 2013-11-20 17:00 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-18 10:28 . 2013-11-20 17:00 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-04-18 10:28 . 2013-11-20 17:00 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-18 10:28 . 2014-04-18 10:28 43152 ----a-w- c:\windows\avastSS.scr
2014-03-31 07:35 . 2011-09-07 15:25 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-18 22:18 . 2014-03-18 22:18 346112 ----a-w- c:\windows\SysWow64\LiveWrapRTSP.dll
2014-03-17 06:22 . 2013-12-17 06:16 118048 ----a-w- c:\windows\system32\BootDefrag.exe
2014-03-17 06:07 . 2014-03-28 13:20 17600 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe/start" [X]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-26 3888648]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-29 284440]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 336384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell"="c:\progra~3\ocbiwa.bat"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk * \0aswBoot.exe /M:3e2ce71353 /wow /dir:C:\Program
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE;c:\progra~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
R3 aswTap;avast! SecureLine TAP Adapter v3;c:\windows\system32\DRIVERS\aswTap.sys;c:\windows\SYSNATIVE\DRIVERS\aswTap.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys;c:\windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x]
R3 DFX11_1;DFX Audio Enhancer 11.1;c:\windows\system32\drivers\dfx11_1x64.sys;c:\windows\SYSNATIVE\drivers\dfx11_1x64.sys [x]
R3 esgiguard;esgiguard;c:\program files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys;c:\windows\SYSNATIVE\drivers\BootDefragDriver.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-27 18:50]
.
2014-05-27 c:\windows\Tasks\GlaryInitialize 4.job
- c:\program files (x86)\Glary Utilities 4\Initialize.exe [2014-03-17 06:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-18 10:28 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-wfirewall - c:\users\Krkinho\AppData\Roaming\wfirewall\alg.exe
Wow6432Node-HKLM-Run-MCM - c:\program files (x86)\Mp3 Convert Master\Mp3ConvertMaster.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2314731586-3620304416-1096410446-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:7c,81,44,6a,c8,c6,1c,02,43,13,b4,42,fd,d8,d9,9f,83,d7,8b,81,79,23,bb,
b7,41,75,53,26,ab,cc,82,99,10,49,66,15,72,dd,83,78,d5,71,e4,54,4b,a4,36,53,\
"??"=hex:d1,3e,58,9e,fe,73,c9,59,e2,ce,e0,d9,54,dc,c8,29
.
[HKEY_USERS\S-1-5-21-2314731586-3620304416-1096410446-1000\Software\SecuROM\License information*]
"datasecu"=hex:49,72,72,8d,d1,39,e2,9c,51,47,08,f2,ea,14,4c,27,6e,32,df,80,f9,
14,d2,2d,bd,06,20,c7,c8,79,e7,21,91,c2,7f,21,ec,7a,42,f4,41,6d,04,14,15,cc,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-05-30 18:18:05
ComboFix-quarantined-files.txt 2014-05-30 16:18
.
Před spuštěním: Volných bajtů: 74 406 502 400
Po spuštění: Volných bajtů: 73 818 025 984
.
- - End Of File - - B7713A2B1F98921E1235D4BCA50EF439

VIRY.CZ

Neustálé hlášení Avast!u

Neustálé hlášení Avast!u

Screen

Re: Neustálé hlášení Avast!u

Re: Neustálé hlášení Avast!u

Re: Neustálé hlášení Avast!u

Re: Neustálé hlášení Avast!u

Re: Neustálé hlášení Avast!u

Re: Neustálé hlášení Avast!u

Re: Neustálé hlášení Avast!u

Re: Neustálé hlášení Avast!u

Re: Neustálé hlášení Avast!u

Re: Neustálé hlášení Avast!u

Re: Neustálé hlášení Avast!u

Re: Neustálé hlášení Avast!u

Re: Neustálé hlášení Avast!u