Vir Policie ČR...

Zpráva

mr.paratko · #1 Příspěvek od **mr.paratko** » 23 čer 2014 12:15

Dobrý den,
byl jsem napaden tímto virem (policie ČR...). Počítač jsem nechal projet online scanem od ESETu. Normálně používám microsoft essential.
Momentálně se zdá, že vir nezpůsobil žádný problém, či byl odstraněn Esetem.
Raději bych Vás chtěl poprosit o kontrolu logu z RSITu:

Logfile of random's system information tool 1.08 (written by random/random)
Run by ondra at 2014-06-23 13:10:28
Microsoft Windows 7 Home Premium
System drive C: has 81 GB (25%) free of 322 GB
Total RAM: 3767 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:10:33, on 23.6.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16506)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\trend micro\ondra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\ondra\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ondra\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [577e5e12b9e77a0387ef7a94f09d0f46] "C:\Users\ondra\AppData\Local\Temp\sys.exe" ..
O4 - HKCU\..\Run: [CJYFKG~1] "C:\Users\ondra\AppData\Local\Temp\CJYFKG~1.VBS"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel Local License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lmadmin - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XMouseButton Launcher - Highresolution Enterprises - C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe

--
End of file - 13804 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 31460176
\??\C:\Windows\system32\conhost.exe "-572951713-14581049091700248630-147170797-19788539972147029799541879371-602639234
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
SCIA -T A03-0338B 11.10 -1 -c scia\SCIA_Software.lic -lmgrd_port 6978 -x lmremove --lmgrd_start 53a8097b -l logs/SCIA.log
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\QipGuard\QipGuard.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"taskhost.exe"
taskeng.exe {C2037140-2C28-44B6-A285-AD4BD3859F7F}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe"
WLIDSvcM.exe 2728
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
/notportable /svclaunch
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Windows\System32\GfxUI.exe" /startup:silent
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\ondra\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-05-21 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL [2014-01-22 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL [2014-05-14 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-05-21 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Users\ondra\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll [2012-11-26 50800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\ondra\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2012-11-26 143472]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2014-05-14 1730264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-11 2107176]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-22 10775072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-21 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-21 391192]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-21 413720]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"577e5e12b9e77a0387ef7a94f09d0f46"=C:\Users\ondra\AppData\Local\Temp\sys.exe .. []
"CJYFKG~1"=C:\Users\ondra\AppData\Local\Temp\CJYFKG~1.VBS []
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-01-30 21822128]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b]
C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [2004-06-23 729088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
C:\Program Files (x86)\QIP 2012\qip.exe [2012-11-26 8376944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf]
C:\Program Files (x86)\Overwolf\Overwolf.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\ondra\AppData\Roaming\QipGuard\QipGuard.exe [2013-12-05 436224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2010-03-26 1125152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ondra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^KN StrongDC.lnk]
C:\PROGRA~1\KN_STR~1\StrongDC.exe [2008-07-15 3361792]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-21 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-03-03 1300560]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-04-21 269824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2014-06-23 10:47:59 ----D---- C:\Program Files\trend micro
2014-06-23 10:47:56 ----D---- C:\rsit
2014-06-23 10:02:09 ----A---- C:\Windows\ntbtlog.txt
2014-06-07 17:19:41 ----D---- C:\Program Files\McAfee Security Scan
2014-06-04 16:40:57 ----D---- C:\Program Files (x86)\DOSBox-0.74

======List of files/folders modified in the last 1 months======

2014-06-23 13:10:33 ----D---- C:\Windows\Prefetch
2014-06-23 13:09:05 ----D---- C:\Windows\Temp
2014-06-23 13:09:02 ----D---- C:\Windows
2014-06-23 13:06:36 ----D---- C:\Windows\system32\config
2014-06-23 13:03:02 ----RD---- C:\Program Files (x86)
2014-06-23 10:47:59 ----RD---- C:\Program Files
2014-06-23 10:04:55 ----D---- C:\Windows\Downloaded Program Files
2014-06-20 15:23:17 ----D---- C:\Windows\System32
2014-06-20 15:23:17 ----D---- C:\Windows\inf
2014-06-20 15:23:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-20 11:50:45 ----D---- C:\Users\ondra\AppData\Roaming\vlc
2014-06-19 21:27:18 ----SHD---- C:\System Volume Information
2014-06-15 16:14:21 ----SHD---- C:\Windows\Installer
2014-06-15 16:14:21 ----D---- C:\ProgramData\Microsoft Help
2014-06-13 09:17:32 ----D---- C:\Windows\system32\MRT
2014-06-13 09:14:43 ----A---- C:\Windows\system32\MRT.exe
2014-06-13 09:11:08 ----RSD---- C:\Windows\assembly
2014-06-07 17:19:45 ----D---- C:\ProgramData\McAfee Security Scan
2014-06-05 21:47:50 ----D---- C:\Program Files (x86)\Steam
2014-05-29 13:19:02 ----D---- C:\Windows\system32\catroot2
2014-05-27 15:48:42 ----D---- C:\Windows\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-09-22 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2013-01-14 90056]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2013-02-19 141064]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2013-03-11 331144]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-04-21 6406144]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-21 188928]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2013-09-21 3060800]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-22 2356000]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2010-04-21 10322848]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-11 316464]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-07 124944]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-03-05 335400]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-02-14 102440]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-01-13 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-01 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-13 21544]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 57840]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-04-21 10322848]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-21 202752]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-03-26 920352]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
R2 hasplms;Sentinel Local License Manager; C:\Windows\system32\hasplms.exe [2013-01-11 4466120]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 lmadmin;lmadmin; C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe [2011-08-05 6587728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-12-06 75136]
R2 QipGuard;QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [2012-11-26 417904]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-09-12 5071712]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R2 XMouseButton Launcher;XMouseButton Launcher; C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe [2012-06-23 87040]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-03-08 1044816]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-21 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-09-26 1030600]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-21 116648]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-15 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-22 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **JaRon** » 23 čer 2014 13:14

ahoj,
spust C:\Program Files\trend micro\ondra.exe

a FIXni nasledovne riadky:
O4 - HKCU\..\Run: [577e5e12b9e77a0387ef7a94f09d0f46] "C:\Users\ondra\AppData\Local\Temp\sys.exe" ..
O4 - HKCU\..\Run: [CJYFKG~1] "C:\Users\ondra\AppData\Local\Temp\CJYFKG~1.VBS"

po restarte skontroluj PC s MBAM
a porozmyslaj, ci Ta AV typu MSE pred niecim ochrani

mr.paratko · #3 Příspěvek od **mr.paratko** » 23 čer 2014 14:36

Fixnuto + proveden scan MBAM, přikládám výsledek:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23.6.2014
Čas skenování: 15:08:50
Protokol: a.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.06.23.08
Databáze rootkitů: v2014.06.20.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Self-protection: Vypnuto

OS: Windows 7
CPU: x64
Souborový systém: NTFS
Uživatel: ondra

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 308845
Uplynulý čas: 25 min, 4 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 2
PUP.Optional.Conduit.A, C:\Users\ondra\AppData\Local\Temp\CT1750559, , [11d36714166572c40200c9c7a65cd42c],
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE, , [7b69cdae8eed2d09878ffc94956d07f9],

Soubory: 3
PUP.Optional.Conduit.A, C:\Users\ondra\AppData\Local\Temp\CT1750559\chromeid.txt, , [11d36714166572c40200c9c7a65cd42c],
PUP.Optional.Conduit.A, C:\Users\ondra\AppData\Local\Temp\CT1750559\ddt.csf, , [11d36714166572c40200c9c7a65cd42c],
PUP.Optional.Conduit.A, C:\Users\ondra\AppData\Local\Temp\CT1750559\setup.ini.txt, , [11d36714166572c40200c9c7a65cd42c],

Fyzické sektory: 0
(No malicious items detected)

(end)

mr.paratko · #4 Příspěvek od **mr.paratko** » 23 čer 2014 17:46

Přidávám ještě log po pročištění:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:43:18, on 23.6.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16506)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\trend micro\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\ondra\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ondra\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel Local License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lmadmin - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XMouseButton Launcher - Highresolution Enterprises - C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe

--
End of file - 13606 bytes

#5 Příspěvek od **JaRon** » 24 čer 2014 06:05

kedze tam bol Conduit, este vycisti PC s ADWCleanerom a ak nie su problemy, tak hotovo

mr.paratko · #6 Příspěvek od **mr.paratko** » 24 čer 2014 11:12

Pročištěno, přikládám log

# AdwCleaner v3.213 - Report created 24/06/2014 at 12:08:23
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : ondra - A03-0338B
# Running from : C:\Users\ondra\Downloads\adwcleaner_3.213.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\less2pay
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\less2pay
Folder Deleted : C:\Users\ondra\AppData\Local\Conduit
Folder Deleted : C:\Users\ondra\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\ondra\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\ondra\Documents\Optimizer Pro
File Deleted : C:\END
File Deleted : C:\Users\ondra\AppData\Local\Temp\Utils.dll
File Deleted : C:\Users\ondra\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\leess2peay.leess2peay
Key Deleted : HKLM\SOFTWARE\Classes\leess2peay.leess2peay.1.9
Key Deleted : HKCU\Software\577e5e12b9e77a0387ef7a94f09d0f46
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C361EA6A-6742-5D87-52E2-4F1E4D580F7E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C361EA6A-6742-5D87-52E2-4F1E4D580F7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{C361EA6A-6742-5D87-52E2-4F1E4D580F7E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16506

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\ondra\AppData\Roaming\Mozilla\Firefox\Profiles\0xyu2uyx.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\ondra\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [4843 octets] - [24/06/2014 11:51:26]
AdwCleaner[S0].txt - [4608 octets] - [24/06/2014 12:08:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4668 octets] ##########

mr.paratko · #7 Příspěvek od **mr.paratko** » 24 čer 2014 11:15

Ještě navíc tady mám nějakého neřáda v chromu, kterého neodstranil ani adw cleaner... vyskakuje mi tu nějaká reklama nebo co a je u toho napsáno "Ad by PPTChecker" poradíte ještě co s tímhle?

#8 Příspěvek od **JaRon** » 24 čer 2014 11:42

pouzi este JRT http://forum.viry.cz/viewtopic.php?f=13 ... e#p1328775

mr.paratko · #9 Příspěvek od **mr.paratko** » 24 čer 2014 12:31

zde je log, ale problem s PPTChecker v chromu zustal

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by ondra on Łt 24.06.2014 at 12:44:18,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C46C13D7-4077-40B9-A74A-F8B3D54FFCBC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 24.06.2014 at 12:50:49,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#10 Příspěvek od **JaRon** » 24 čer 2014 13:29

pozri toto: http://www.shouldiremoveit.com/PPTCheck ... ogram.aspx

mr.paratko · #11 Příspěvek od **mr.paratko** » 26 čer 2014 07:25

Tak se mi to s tim policejnim virem nejak nezda... pocitac je nejaky spomaleny, muzete prosim skouknout jeste jednou log?
Jinak ten problem s PPTChecker se mi ani podle navodu nepodarilo odstranit, jedine asi bod obnovy (nejaky navod na bod obnovy? pripadne i jake soubory budou ztraceny, kdyz udelam obnovu?)

Logfile of random's system information tool 1.08 (written by random/random)
Run by ondra at 2014-06-26 08:23:32
Microsoft Windows 7 Home Premium
System drive C: has 81 GB (25%) free of 322 GB
Total RAM: 3767 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:23:37, on 26.6.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16506)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\ondra.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\ondra\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel Local License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lmadmin - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XMouseButton Launcher - Highresolution Enterprises - C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe

--
End of file - 13221 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 37048768
\??\C:\Windows\system32\conhost.exe "176092692916438615142065415351426305351-710540259102823164467628308542410266
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
SCIA -T A03-0338B 11.10 -1 -c scia\SCIA_Software.lic -lmgrd_port 6978 -x lmremove --lmgrd_start 53abaca2 -l logs/SCIA.log
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\QipGuard\QipGuard.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2376
"C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
/notportable /svclaunch
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4004.0.356695987\1381123277" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --reduce-gpu-sandbox --gpu-vendor-id=0x1002 --gpu-device-id=0x68c1 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.713.3.3000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/ --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="4004.2.1646828130\1971105091" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/ --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="4004.3.1019542990\864990925" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/ --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="4004.4.1723304872\265077174" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4004.5.145989938\1465873341" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/ --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="4004.7.163665049\432861252" /prefetch:673131151
"C:\Users\ondra\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-05-21 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL [2014-01-22 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL [2014-05-14 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-05-21 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Users\ondra\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll [2012-11-26 50800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2014-05-14 1730264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-11 2107176]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-22 10775072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-21 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-21 391192]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-21 413720]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-01-30 21822128]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b]
C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [2004-06-23 729088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
C:\Program Files (x86)\QIP 2012\qip.exe [2012-11-26 8376944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf]
C:\Program Files (x86)\Overwolf\Overwolf.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\ondra\AppData\Roaming\QipGuard\QipGuard.exe [2013-12-05 436224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2010-03-26 1125152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ondra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^KN StrongDC.lnk]
C:\PROGRA~1\KN_STR~1\StrongDC.exe [2008-07-15 3361792]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-21 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-03-03 1300560]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-04-21 269824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2014-06-24 12:44:16 ----D---- C:\Windows\ERUNT
2014-06-24 11:51:52 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-06-24 11:51:23 ----D---- C:\AdwCleaner
2014-06-23 15:07:19 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-06-23 15:04:39 ----D---- C:\ProgramData\Malwarebytes
2014-06-23 15:04:39 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-23 15:04:39 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-06-23 15:04:39 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-06-23 15:04:39 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-06-23 10:47:59 ----D---- C:\Program Files\trend micro
2014-06-23 10:47:56 ----D---- C:\rsit
2014-06-23 10:02:09 ----A---- C:\Windows\ntbtlog.txt
2014-06-07 17:19:41 ----D---- C:\Program Files\McAfee Security Scan
2014-06-04 16:40:57 ----D---- C:\Program Files (x86)\DOSBox-0.74

======List of files/folders modified in the last 1 months======

2014-06-26 08:23:32 ----D---- C:\Windows\Prefetch
2014-06-26 08:18:41 ----D---- C:\Windows\system32\config
2014-06-26 08:08:54 ----D---- C:\Windows\Temp
2014-06-25 10:11:11 ----D---- C:\Windows\system32\catroot2
2014-06-25 00:04:54 ----D---- C:\Users\ondra\AppData\Roaming\vlc
2014-06-24 12:46:19 ----HD---- C:\ProgramData
2014-06-24 12:44:16 ----D---- C:\Windows
2014-06-24 12:08:24 ----RD---- C:\Program Files (x86)
2014-06-24 11:51:52 ----D---- C:\Windows\SysWOW64
2014-06-23 15:07:19 ----D---- C:\Windows\system32\drivers
2014-06-23 13:14:31 ----SHD---- C:\System Volume Information
2014-06-23 10:47:59 ----RD---- C:\Program Files
2014-06-23 10:04:55 ----D---- C:\Windows\Downloaded Program Files
2014-06-20 15:23:17 ----D---- C:\Windows\System32
2014-06-20 15:23:17 ----D---- C:\Windows\inf
2014-06-20 15:23:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-15 16:14:21 ----SHD---- C:\Windows\Installer
2014-06-15 16:14:21 ----D---- C:\ProgramData\Microsoft Help
2014-06-13 09:17:32 ----D---- C:\Windows\system32\MRT
2014-06-13 09:14:43 ----A---- C:\Windows\system32\MRT.exe
2014-06-13 09:11:08 ----RSD---- C:\Windows\assembly
2014-06-07 17:19:45 ----D---- C:\ProgramData\McAfee Security Scan
2014-06-05 21:47:50 ----D---- C:\Program Files (x86)\Steam
2014-05-27 15:48:42 ----D---- C:\Windows\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-09-22 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2013-01-14 90056]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2013-02-19 141064]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2013-03-11 331144]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-04-21 6406144]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-21 188928]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2013-09-21 3060800]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-22 2356000]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2010-04-21 10322848]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-11 316464]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-07 124944]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-03-05 335400]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-02-14 102440]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-01-13 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-01 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-13 21544]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 57840]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-04-21 10322848]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-21 202752]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-03-26 920352]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
R2 hasplms;Sentinel Local License Manager; C:\Windows\system32\hasplms.exe [2013-01-11 4466120]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 lmadmin;lmadmin; C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe [2011-08-05 6587728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-12-06 75136]
R2 QipGuard;QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [2012-11-26 417904]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-09-12 5071712]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R2 XMouseButton Launcher;XMouseButton Launcher; C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe [2012-06-23 87040]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-03-08 1044816]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-21 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-09-26 1030600]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-21 116648]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-15 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-22 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#12 Příspěvek od **JaRon** » 26 čer 2014 08:21

1. doinstaluj ServicePack1
2. doinstaluj vyssiu verziu MSIE
3. odinstaluj Chrome
4. vycisti PC s CCleanerom
5. nainstaluj novy Chrome

mr.paratko · #13 Příspěvek od **mr.paratko** » 26 čer 2014 18:36

Provedena zmena antiviru na ESET
Doinstalovan SP1
Doinstalovan MSIE
Odinstalovan Chrom
Procisteno s CCleanerem
Opetovne nainstalovan chrom...

Vypada to ze problem je vyresen, reklamy ani otravne hlasky se neobjevuji... jen pro jistotu pridavam jeste log z rsitu

Logfile of random's system information tool 1.10 (written by random/random)
Run by ondra at 2014-06-26 19:31:03
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 107 GB (33%) free of 322 GB
Total RAM: 3767 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:31:11, on 26.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\ondra.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\ondra\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel Local License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lmadmin - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XMouseButton Launcher - Highresolution Enterprises - C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe

--
End of file - 12965 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 23017920
\??\C:\Windows\system32\conhost.exe "-1679323007-1149696046-779486070-622172438939457738-1805283591792599594840173410
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
SCIA -T A03-0338B 11.10 -1 -c scia\SCIA_Software.lic -lmgrd_port 6978 -x lmremove --lmgrd_start 53ac560d -l logs/SCIA.log
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\QipGuard\QipGuard.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe"
WLIDSvcM.exe 2232
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
atieclxx
"taskhost.exe"
taskeng.exe {F910A8F8-2039-42B5-B5DD-22AF1FF4FE3F}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
/notportable /svclaunch
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5344.0.572544496\1640426573" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x68c1 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.713.3.3000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="5344.7.946607722\1248664905" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="5344.10.2035235986\1275293164" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Program Files\totalcmd\TOTALCMD64.EXE"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="5344.12.1241011007\245526135" /prefetch:673131151
"C:\Users\ondra\Downloads\RSITx64 (1).exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\ondra\AppData\Roaming\Mozilla\Firefox\Profiles\0xyu2uyx.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-05-21 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL [2014-01-22 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL [2014-05-14 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-05-21 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Users\ondra\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll [2012-11-26 50800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2014-05-14 1730264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-11 2107176]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-22 10775072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-21 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-21 391192]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-21 413720]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2013-09-12 5618456]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-01-30 21822128]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b]
C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [2004-06-23 729088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
C:\Program Files (x86)\QIP 2012\qip.exe [2012-11-26 8376944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf]
C:\Program Files (x86)\Overwolf\Overwolf.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\ondra\AppData\Roaming\QipGuard\QipGuard.exe [2013-12-05 436224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2010-03-26 1125152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ondra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^KN StrongDC.lnk]
C:\PROGRA~1\KN_STR~1\StrongDC.exe [2008-07-15 3361792]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-21 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-03-03 1300560]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-04-21 269824]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-06-26 18:34:58 ----A---- C:\Windows\system32\IEUDINIT.EXE
2014-06-26 18:27:12 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2014-06-26 18:27:12 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-26 18:27:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-06-26 18:27:08 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2014-06-26 18:27:08 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-06-26 18:27:08 ----A---- C:\Windows\SYSWOW64\msls31.dll
2014-06-26 18:27:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-06-26 18:27:08 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2014-06-26 18:27:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-06-26 18:27:08 ----A---- C:\Windows\system32\elshyph.dll
2014-06-26 18:27:07 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-06-26 18:27:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-26 18:27:07 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-06-26 18:27:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\wextract.exe
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\url.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\inseng.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\icardie.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-06-26 18:27:06 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-06-26 18:27:05 ----A---- C:\Windows\SYSWOW64\occache.dll
2014-06-26 18:27:05 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-06-26 18:27:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-06-26 18:27:05 ----A---- C:\Windows\SYSWOW64\mshta.exe
2014-06-26 18:27:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-06-26 18:27:04 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2014-06-26 18:27:04 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2014-06-26 18:27:04 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2014-06-26 18:27:04 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2014-06-26 18:27:04 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-06-26 18:27:04 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-06-26 18:27:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-06-26 18:27:04 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2014-06-26 18:27:04 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-06-26 18:27:04 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2014-06-26 18:27:04 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-06-26 18:27:04 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2014-06-26 18:27:03 ----A---- C:\Windows\system32\wininet.dll
2014-06-26 18:27:03 ----A---- C:\Windows\system32\urlmon.dll
2014-06-26 18:27:03 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-26 18:27:03 ----A---- C:\Windows\system32\msrating.dll
2014-06-26 18:27:03 ----A---- C:\Windows\system32\msls31.dll
2014-06-26 18:27:03 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-06-26 18:27:03 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-26 18:27:03 ----A---- C:\Windows\system32\jsIntl.dll
2014-06-26 18:27:03 ----A---- C:\Windows\system32\iertutil.dll
2014-06-26 18:27:02 ----A---- C:\Windows\system32\msfeedssync.exe
2014-06-26 18:27:02 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-06-26 18:27:01 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-06-26 18:27:01 ----A---- C:\Windows\system32\mshtmler.dll
2014-06-26 18:27:01 ----A---- C:\Windows\system32\jscript9diag.dll
2014-06-26 18:27:01 ----A---- C:\Windows\system32\jscript9.dll
2014-06-26 18:27:01 ----A---- C:\Windows\system32\ieui.dll
2014-06-26 18:27:01 ----A---- C:\Windows\system32\iesysprep.dll
2014-06-26 18:27:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-26 18:27:00 ----A---- C:\Windows\system32\ieframe.dll
2014-06-26 18:27:00 ----A---- C:\Windows\system32\ieapfltr.dll
2014-06-26 18:27:00 ----A---- C:\Windows\system32\ieapfltr.dat
2014-06-26 18:27:00 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-26 18:27:00 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-26 18:26:59 ----A---- C:\Windows\system32\wextract.exe
2014-06-26 18:26:59 ----A---- C:\Windows\system32\webcheck.dll
2014-06-26 18:26:59 ----A---- C:\Windows\system32\vbscript.dll
2014-06-26 18:26:59 ----A---- C:\Windows\system32\url.dll
2014-06-26 18:26:59 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-06-26 18:26:59 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-26 18:26:59 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-26 18:26:59 ----A---- C:\Windows\system32\licmgr10.dll
2014-06-26 18:26:59 ----A---- C:\Windows\system32\inseng.dll
2014-06-26 18:26:59 ----A---- C:\Windows\system32\iexpress.exe
2014-06-26 18:26:59 ----A---- C:\Windows\system32\iesetup.dll
2014-06-26 18:26:59 ----A---- C:\Windows\system32\iernonce.dll
2014-06-26 18:26:59 ----A---- C:\Windows\system32\iedkcs32.dll
2014-06-26 18:26:59 ----A---- C:\Windows\system32\ie4uinit.exe
2014-06-26 18:26:59 ----A---- C:\Windows\system32\icardie.dll
2014-06-26 18:26:58 ----A---- C:\Windows\system32\mshtml.dll
2014-06-26 18:26:58 ----A---- C:\Windows\system32\ieUnatt.exe
2014-06-26 18:26:57 ----A---- C:\Windows\system32\pngfilt.dll
2014-06-26 18:26:57 ----A---- C:\Windows\system32\occache.dll
2014-06-26 18:26:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-06-26 18:26:57 ----A---- C:\Windows\system32\mshta.exe
2014-06-26 18:26:57 ----A---- C:\Windows\system32\jscript.dll
2014-06-26 18:26:57 ----A---- C:\Windows\system32\imgutil.dll
2014-06-26 18:26:57 ----A---- C:\Windows\system32\iepeers.dll
2014-06-26 18:26:57 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-06-26 18:26:57 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-06-26 18:26:57 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-06-26 18:25:55 ----A---- C:\Windows\system32\wow64.dll
2014-06-26 18:25:54 ----A---- C:\Windows\system32\tdh.dll
2014-06-26 18:25:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-06-26 18:25:54 ----A---- C:\Windows\system32\ntdll.dll
2014-06-26 18:25:54 ----A---- C:\Windows\system32\advapi32.dll
2014-06-26 18:25:53 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-06-26 18:25:53 ----A---- C:\Windows\SYSWOW64\user.exe
2014-06-26 18:25:53 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-06-26 18:25:53 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-06-26 18:25:53 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-06-26 18:25:53 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-06-26 18:25:53 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-06-26 18:25:52 ----A---- C:\Windows\SYSWOW64\tdh.dll
2014-06-26 18:25:52 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-06-26 18:25:52 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2014-06-26 18:25:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-26 18:25:25 ----A---- C:\Windows\system32\drivers\afd.sys
2014-06-26 18:25:24 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2014-06-26 18:25:24 ----A---- C:\Windows\system32\mswsock.dll
2014-06-26 18:25:09 ----A---- C:\Windows\system32\taskhost.exe
2014-06-26 18:24:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-26 18:24:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-26 18:24:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-26 18:24:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-26 18:24:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-26 18:24:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-26 18:24:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-26 18:24:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-26 18:24:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-26 18:24:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-26 18:24:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-26 18:24:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-26 18:24:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-26 18:24:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-26 18:24:08 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-26 18:24:07 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-26 18:24:07 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-26 18:24:07 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-26 18:24:07 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2014-06-26 18:24:07 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2014-06-26 18:24:07 ----A---- C:\Windows\system32\XpsPrint.dll
2014-06-26 18:24:07 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-06-26 18:24:07 ----A---- C:\Windows\system32\WMPhoto.dll
2014-06-26 18:24:06 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2014-06-26 18:24:06 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-06-26 18:24:06 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-06-26 18:24:06 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-06-26 18:24:06 ----A---- C:\Windows\system32\dxgi.dll
2014-06-26 18:24:06 ----A---- C:\Windows\system32\d3d10warp.dll
2014-06-26 18:24:06 ----A---- C:\Windows\system32\d2d1.dll
2014-06-26 18:24:05 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2014-06-26 18:24:05 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-06-26 18:24:05 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2014-06-26 18:24:05 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2014-06-26 18:24:05 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2014-06-26 18:24:05 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2014-06-26 18:24:05 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2014-06-26 18:24:05 ----A---- C:\Windows\system32\FntCache.dll
2014-06-26 18:24:05 ----A---- C:\Windows\system32\DWrite.dll
2014-06-26 18:24:04 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-06-26 18:24:04 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2014-06-26 18:24:04 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-06-26 18:24:04 ----A---- C:\Windows\system32\d3d10level9.dll
2014-06-26 18:24:04 ----A---- C:\Windows\system32\d3d10core.dll
2014-06-26 18:24:04 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-06-26 18:24:04 ----A---- C:\Windows\system32\d3d10_1.dll
2014-06-26 18:24:04 ----A---- C:\Windows\system32\d3d10.dll
2014-06-26 18:24:03 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2014-06-26 18:24:03 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2014-06-26 18:24:03 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-06-26 18:24:03 ----A---- C:\Windows\system32\UIAnimation.dll
2014-06-26 18:21:07 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2014-06-26 18:21:07 ----A---- C:\Windows\system32\d3d11.dll
2014-06-26 18:20:39 ----D---- C:\Program Files\CCleaner
2014-06-26 16:51:00 ----D---- C:\Windows\system32\SPReview
2014-06-26 16:06:25 ----A---- C:\Windows\SYSWOW64\MSAC3ENC.DLL
2014-06-26 16:06:25 ----A---- C:\Windows\SYSWOW64\mobsync.exe
2014-06-26 16:06:25 ----A---- C:\Windows\system32\mprddm.dll
2014-06-26 16:06:25 ----A---- C:\Windows\system32\mobsync.exe
2014-06-26 16:06:24 ----A---- C:\Windows\SYSWOW64\MMDevAPI.dll
2014-06-26 16:06:21 ----A---- C:\Windows\SYSWOW64\raschap.dll
2014-06-26 16:06:21 ----A---- C:\Windows\SYSWOW64\RacEngn.dll
2014-06-26 16:06:21 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-06-26 16:06:21 ----A---- C:\Windows\SYSWOW64\provsvc.dll
2014-06-26 16:06:21 ----A---- C:\Windows\SYSWOW64\mstask.dll
2014-06-26 16:06:21 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-06-26 16:06:21 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2014-06-26 16:06:21 ----A---- C:\Windows\SYSWOW64\lsmproxy.dll
2014-06-26 16:06:21 ----A---- C:\Windows\SYSWOW64\logagent.exe
2014-06-26 16:06:21 ----A---- C:\Windows\SYSWOW64\KBDLT1.DLL
2014-06-26 16:06:21 ----A---- C:\Windows\SYSWOW64\KBDINTEL.DLL
2014-06-26 16:06:21 ----A---- C:\Windows\SYSWOW64\KBDCZ1.DLL
2014-06-26 16:06:21 ----A---- C:\Windows\SYSWOW64\iTVData.dll
2014-06-26 16:06:21 ----A---- C:\Windows\system32\msdri.dll
2014-06-26 16:06:21 ----A---- C:\Windows\system32\KBDBLR.DLL
2014-06-26 16:06:21 ----A---- C:\Windows\system32\itircl.dll
2014-06-26 16:06:21 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-06-26 16:06:21 ----A---- C:\Windows\system32\inetmib1.dll
2014-06-26 16:06:21 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-06-26 16:06:21 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2014-06-26 16:06:20 ----A---- C:\Windows\SYSWOW64\Robocopy.exe
2014-06-26 16:06:20 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-06-26 16:06:20 ----A---- C:\Windows\SYSWOW64\propsys.dll
2014-06-26 16:06:20 ----A---- C:\Windows\system32\Ribbons.scr
2014-06-26 16:06:20 ----A---- C:\Windows\system32\printui.dll
2014-06-26 16:06:20 ----A---- C:\Windows\system32\pnidui.dll
2014-06-26 16:06:20 ----A---- C:\Windows\system32\pifmgr.dll
2014-06-26 16:06:20 ----A---- C:\Windows\system32\drivers\scsiport.sys
2014-06-26 16:06:19 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2014-06-26 16:06:19 ----A---- C:\Windows\SYSWOW64\samcli.dll
2014-06-26 16:06:19 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2014-06-26 16:06:19 ----A---- C:\Windows\SYSWOW64\rdprefdrvapi.dll
2014-06-26 16:06:19 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2014-06-26 16:06:19 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2014-06-26 16:06:19 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2014-06-26 16:06:19 ----A---- C:\Windows\SYSWOW64\ntlanman.dll
2014-06-26 16:06:19 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2014-06-26 16:06:19 ----A---- C:\Windows\SYSWOW64\netiougc.exe
2014-06-26 16:06:19 ----A---- C:\Windows\SYSWOW64\netiohlp.dll
2014-06-26 16:06:19 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2014-06-26 16:06:19 ----A---- C:\Windows\SYSWOW64\ncryptui.dll
2014-06-26 16:06:19 ----A---- C:\Windows\system32\sdcpl.dll
2014-06-26 16:06:19 ----A---- C:\Windows\system32\RDPENCDD.dll
2014-06-26 16:06:19 ----A---- C:\Windows\system32\OobeFldr.dll
2014-06-26 16:06:19 ----A---- C:\Windows\system32\nslookup.exe
2014-06-26 16:06:19 ----A---- C:\Windows\system32\nlasvc.dll
2014-06-26 16:06:19 ----A---- C:\Windows\system32\nlaapi.dll
2014-06-26 16:06:19 ----A---- C:\Windows\system32\netshell.dll
2014-06-26 16:06:19 ----A---- C:\Windows\system32\netlogon.dll
2014-06-26 16:06:19 ----A---- C:\Windows\system32\netjoin.dll
2014-06-26 16:06:19 ----A---- C:\Windows\system32\ncsi.dll
2014-06-26 16:06:19 ----A---- C:\Windows\system32\MultiDigiMon.exe
2014-06-26 16:06:17 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-06-26 16:06:17 ----A---- C:\Windows\SYSWOW64\cmd.exe
2014-06-26 16:06:17 ----A---- C:\Windows\SYSWOW64\C_ISCII.DLL
2014-06-26 16:06:17 ----A---- C:\Windows\SYSWOW64\activeds.dll
2014-06-26 16:06:17 ----A---- C:\Windows\system32\drivers\cdrom.sys
2014-06-26 16:06:17 ----A---- C:\Windows\system32\diagperf.dll
2014-06-26 16:06:17 ----A---- C:\Windows\system32\dbghelp.dll
2014-06-26 16:06:17 ----A---- C:\Windows\system32\dbgeng.dll
2014-06-26 16:06:17 ----A---- C:\Windows\system32\d3d9.dll
2014-06-26 16:06:17 ----A---- C:\Windows\system32\consent.exe
2014-06-26 16:06:17 ----A---- C:\Windows\system32\comdlg32.dll
2014-06-26 16:06:17 ----A---- C:\Windows\system32\CertPolEng.dll
2014-06-26 16:06:17 ----A---- C:\Windows\system32\certmgr.dll
2014-06-26 16:06:17 ----A---- C:\Windows\system32\certcli.dll
2014-06-26 16:06:17 ----A---- C:\Windows\system32\cdd.dll
2014-06-26 16:06:17 ----A---- C:\Windows\system32\aepdu.dll
2014-06-26 16:06:17 ----A---- C:\Windows\system32\aeinv.dll
2014-06-26 16:06:17 ----A---- C:\Windows\system32\acppage.dll
2014-06-26 16:06:16 ----A---- C:\Windows\SYSWOW64\imapi2.dll
2014-06-26 16:06:16 ----A---- C:\Windows\SYSWOW64\AuxiliaryDisplayCpl.dll
2014-06-26 16:06:16 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-06-26 16:06:16 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-06-26 16:06:16 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2014-06-26 16:06:16 ----A---- C:\Windows\system32\imapi2fs.dll
2014-06-26 16:06:16 ----A---- C:\Windows\system32\ftp.exe
2014-06-26 16:06:16 ----A---- C:\Windows\system32\drivers\http.sys
2014-06-26 16:06:16 ----A---- C:\Windows\system32\drivers\HpSAMD.sys
2014-06-26 16:06:16 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2014-06-26 16:06:16 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2014-06-26 16:06:16 ----A---- C:\Windows\system32\drivers\appid.sys
2014-06-26 16:06:16 ----A---- C:\Windows\system32\bcdsrv.dll
2014-06-26 16:06:16 ----A---- C:\Windows\system32\bcdedit.exe
2014-06-26 16:06:16 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2014-06-26 16:06:16 ----A---- C:\Windows\system32\authui.dll
2014-06-26 16:06:16 ----A---- C:\Windows\system32\appinfo.dll
2014-06-26 16:06:15 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2014-06-26 16:06:15 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2014-06-26 16:06:15 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-06-26 16:06:15 ----A---- C:\Windows\SYSWOW64\dskquoui.dll
2014-06-26 16:06:15 ----A---- C:\Windows\SYSWOW64\diskpart.exe
2014-06-26 16:06:15 ----A---- C:\Windows\system32\SearchFolder.dll
2014-06-26 16:06:15 ----A---- C:\Windows\system32\Faultrep.dll
2014-06-26 16:06:15 ----A---- C:\Windows\system32\ExplorerFrame.dll
2014-06-26 16:06:15 ----A---- C:\Windows\system32\elsTrans.dll
2014-06-26 16:06:15 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-06-26 16:06:15 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-06-26 16:06:15 ----A---- C:\Windows\system32\Display.dll
2014-06-26 16:06:14 ----A---- C:\Windows\system32\taskschd.dll
2014-06-26 16:06:13 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2014-06-26 16:06:13 ----A---- C:\Windows\SYSWOW64\tcpipcfg.dll
2014-06-26 16:06:13 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2014-06-26 16:06:13 ----A---- C:\Windows\SYSWOW64\srvcli.dll
2014-06-26 16:06:13 ----A---- C:\Windows\SYSWOW64\sppinst.dll
2014-06-26 16:06:13 ----A---- C:\Windows\SYSWOW64\spp.dll
2014-06-26 16:06:13 ----A---- C:\Windows\SYSWOW64\spbcd.dll
2014-06-26 16:06:13 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2014-06-26 16:06:13 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2014-06-26 16:06:13 ----A---- C:\Windows\system32\thumbcache.dll
2014-06-26 16:06:13 ----A---- C:\Windows\system32\tabcal.exe
2014-06-26 16:06:13 ----A---- C:\Windows\system32\sysmain.dll
2014-06-26 16:06:13 ----A---- C:\Windows\system32\sysclass.dll
2014-06-26 16:06:13 ----A---- C:\Windows\system32\sppsvc.exe
2014-06-26 16:06:13 ----A---- C:\Windows\system32\spp.dll
2014-06-26 16:06:13 ----A---- C:\Windows\system32\shwebsvc.dll
2014-06-26 16:06:12 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2014-06-26 16:06:12 ----A---- C:\Windows\SYSWOW64\wvc.dll
2014-06-26 16:06:12 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-06-26 16:06:12 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-06-26 16:06:12 ----A---- C:\Windows\SYSWOW64\wtsapi32.dll
2014-06-26 16:06:12 ----A---- C:\Windows\SYSWOW64\wmpsrcwp.dll
2014-06-26 16:06:12 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2014-06-26 16:06:12 ----A---- C:\Windows\system32\wwanconn.dll
2014-06-26 16:06:12 ----A---- C:\Windows\system32\wsqmcons.exe
2014-06-26 16:06:12 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-06-26 16:06:12 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2014-06-26 16:06:12 ----A---- C:\Windows\system32\wmpeffects.dll
2014-06-26 16:06:12 ----A---- C:\Windows\system32\wmdrmnet.dll
2014-06-26 16:06:12 ----A---- C:\Windows\system32\wmdrmdev.dll
2014-06-26 16:06:12 ----A---- C:\Windows\system32\WMADMOD.DLL
2014-06-26 16:06:12 ----A---- C:\Windows\system32\wkssvc.dll
2014-06-26 16:06:12 ----A---- C:\Windows\system32\winhttp.dll
2014-06-26 16:06:12 ----A---- C:\Windows\system32\srchadmin.dll
2014-06-26 16:06:12 ----A---- C:\Windows\system32\sqmapi.dll
2014-06-26 16:06:12 ----A---- C:\Windows\system32\drivers\winusb.sys
2014-06-26 16:06:11 ----A---- C:\Windows\SYSWOW64\WPDSp.dll
2014-06-26 16:06:11 ----A---- C:\Windows\system32\wsdchngr.dll
2014-06-26 16:06:11 ----A---- C:\Windows\system32\ws2_32.dll
2014-06-26 16:06:11 ----A---- C:\Windows\system32\wpdwcn.dll
2014-06-26 16:06:11 ----A---- C:\Windows\system32\wpd_ci.dll
2014-06-26 16:06:11 ----A---- C:\Windows\system32\userinit.exe
2014-06-26 16:06:11 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-06-26 16:06:09 ----A---- C:\Windows\twain_32.dll
2014-06-26 16:06:09 ----A---- C:\Windows\SYSWOW64\wiadefui.dll
2014-06-26 16:06:09 ----A---- C:\Windows\SYSWOW64\untfs.dll
2014-06-26 16:06:09 ----A---- C:\Windows\SYSWOW64\unlodctr.exe
2014-06-26 16:06:09 ----A---- C:\Windows\SYSWOW64\tzutil.exe
2014-06-26 16:06:09 ----A---- C:\Windows\system32\WerFaultSecure.exe
2014-06-26 16:06:09 ----A---- C:\Windows\system32\umb.dll
2014-06-26 16:06:09 ----A---- C:\Windows\system32\drivers\umbus.sys
2014-06-26 16:06:08 ----A---- C:\Windows\SYSWOW64\wdc.dll
2014-06-26 16:06:08 ----A---- C:\Windows\SYSWOW64\wavemsp.dll
2014-06-26 16:06:08 ----A---- C:\Windows\SYSWOW64\shacct.dll
2014-06-26 16:06:08 ----A---- C:\Windows\system32\VSSVC.exe
2014-06-26 16:06:08 ----A---- C:\Windows\system32\vssapi.dll
2014-06-26 16:06:08 ----A---- C:\Windows\system32\vss_ps.dll
2014-06-26 16:06:07 ----A---- C:\Windows\SYSWOW64\setupugc.exe
2014-06-26 16:06:07 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2014-06-26 16:06:07 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-06-26 16:06:07 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2014-06-26 16:06:07 ----A---- C:\Windows\system32\mimefilt.dll
2014-06-26 16:06:07 ----A---- C:\Windows\system32\mfps.dll
2014-06-26 16:06:07 ----A---- C:\Windows\system32\MFPlay.dll
2014-06-26 16:06:07 ----A---- C:\Windows\system32\mfds.dll
2014-06-26 16:06:07 ----A---- C:\Windows\system32\mf.dll
2014-06-26 16:06:07 ----A---- C:\Windows\system32\Mcx2Svc.dll
2014-06-26 16:06:06 ----A---- C:\Windows\SYSWOW64\nshipsec.dll
2014-06-26 16:06:06 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-06-26 16:06:06 ----A---- C:\Windows\SYSWOW64\mprapi.dll
2014-06-26 16:06:06 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2014-06-26 16:06:06 ----A---- C:\Windows\SYSWOW64\logman.exe
2014-06-26 16:06:06 ----A---- C:\Windows\SYSWOW64\KBDSF.DLL
2014-06-26 16:06:06 ----A---- C:\Windows\SYSWOW64\itircl.dll
2014-06-26 16:06:06 ----A---- C:\Windows\system32\netutils.dll
2014-06-26 16:06:06 ----A---- C:\Windows\system32\mscorier.dll
2014-06-26 16:06:06 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2014-06-26 16:06:06 ----A---- C:\Windows\system32\mblctr.exe
2014-06-26 16:06:06 ----A---- C:\Windows\system32\luainstall.dll
2014-06-26 16:06:06 ----A---- C:\Windows\system32\LogonUI.exe
2014-06-26 16:06:06 ----A---- C:\Windows\system32\KBDUS.DLL
2014-06-26 16:06:06 ----A---- C:\Windows\system32\KBDTUF.DLL
2014-06-26 16:06:06 ----A---- C:\Windows\system32\KBDINBEN.DLL
2014-06-26 16:06:06 ----A---- C:\Windows\system32\KBDGKL.DLL
2014-06-26 16:06:06 ----A---- C:\Windows\system32\IPSECSVC.DLL
2014-06-26 16:06:05 ----A---- C:\Windows\SYSWOW64\OnLineIDCpl.dll
2014-06-26 16:06:05 ----A---- C:\Windows\SYSWOW64\ocsetup.exe
2014-06-26 16:06:05 ----A---- C:\Windows\SYSWOW64\ocsetapi.dll
2014-06-26 16:06:05 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2014-06-26 16:06:05 ----A---- C:\Windows\system32\OpcServices.dll
2014-06-26 16:06:05 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2014-06-26 16:06:05 ----A---- C:\Windows\system32\ole32.dll
2014-06-26 16:06:04 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-06-26 16:06:04 ----A---- C:\Windows\system32\msrle32.dll
2014-06-26 16:06:04 ----A---- C:\Windows\system32\mspbda.dll
2014-06-26 16:06:04 ----A---- C:\Windows\system32\msdmo.dll
2014-06-26 16:06:03 ----A---- C:\Windows\SYSWOW64\NAPCRYPT.DLL
2014-06-26 16:06:03 ----A---- C:\Windows\SYSWOW64\MuiUnattend.exe
2014-06-26 16:06:03 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-06-26 16:06:03 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2014-06-26 16:06:03 ----A---- C:\Windows\system32\muifontsetup.dll
2014-06-26 16:06:03 ----A---- C:\Windows\system32\msvidc32.dll
2014-06-26 16:06:03 ----A---- C:\Windows\system32\msdrm.dll
2014-06-26 16:06:03 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2014-06-26 16:06:03 ----A---- C:\Windows\system32\drivers\msdsm.sys
2014-06-26 16:06:01 ----A---- C:\Windows\SYSWOW64\drvstore.dll
2014-06-26 16:06:01 ----A---- C:\Windows\SYSWOW64\dot3ui.dll
2014-06-26 16:06:01 ----A---- C:\Windows\SYSWOW64\dot3cfg.dll
2014-06-26 16:06:01 ----A---- C:\Windows\SYSWOW64\credui.dll
2014-06-26 16:06:01 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2014-06-26 16:06:01 ----A---- C:\Windows\SYSWOW64\autochk.exe
2014-06-26 16:06:01 ----A---- C:\Windows\system32\choice.exe
2014-06-26 16:06:01 ----A---- C:\Windows\system32\dot3cfg.dll
2014-06-26 16:06:01 ----A---- C:\Windows\system32\diskraid.exe
2014-06-26 16:06:01 ----A---- C:\Windows\system32\asycfilt.dll
2014-06-26 16:06:01 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2014-06-26 16:06:00 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2014-06-26 16:06:00 ----A---- C:\Windows\SYSWOW64\cabview.dll
2014-06-26 16:06:00 ----A---- C:\Windows\SYSWOW64\Bubbles.scr
2014-06-26 16:06:00 ----A---- C:\Windows\SYSWOW64\accessibilitycpl.dll
2014-06-26 16:06:00 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2014-06-26 16:06:00 ----A---- C:\Windows\system32\cca.dll
2014-06-26 16:06:00 ----A---- C:\Windows\system32\Bubbles.scr
2014-06-26 16:06:00 ----A---- C:\Windows\system32\apphelp.dll
2014-06-26 16:05:59 ----A---- C:\Windows\system32\iasrad.dll
2014-06-26 16:05:59 ----A---- C:\Windows\system32\iasacct.dll
2014-06-26 16:05:59 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2014-06-26 16:05:58 ----A---- C:\Windows\system32\fveapi.dll
2014-06-26 16:05:57 ----A---- C:\Windows\SYSWOW64\TRAPI.dll
2014-06-26 16:05:57 ----A---- C:\Windows\SYSWOW64\themeui.dll
2014-06-26 16:05:57 ----A---- C:\Windows\SYSWOW64\imm32.dll
2014-06-26 16:05:57 ----A---- C:\Windows\SYSWOW64\fde.dll
2014-06-26 16:05:57 ----A---- C:\Windows\SYSWOW64\elsTrans.dll
2014-06-26 16:05:57 ----A---- C:\Windows\SYSWOW64\efscore.dll
2014-06-26 16:05:57 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2014-06-26 16:05:57 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2014-06-26 16:05:57 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2014-06-26 16:05:57 ----A---- C:\Windows\SYSWOW64\DxpTaskSync.dll
2014-06-26 16:05:57 ----A---- C:\Windows\SYSWOW64\dxdiagn.dll
2014-06-26 16:05:57 ----A---- C:\Windows\system32\tsmf.dll
2014-06-26 16:05:57 ----A---- C:\Windows\system32\TRAPI.dll
2014-06-26 16:05:57 ----A---- C:\Windows\system32\imapi2.dll
2014-06-26 16:05:57 ----A---- C:\Windows\system32\fontext.dll
2014-06-26 16:05:57 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2014-06-26 16:05:57 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2014-06-26 16:05:56 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2014-06-26 16:05:56 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2014-06-26 16:05:56 ----A---- C:\Windows\system32\UIRibbonRes.dll
2014-06-26 16:05:56 ----A---- C:\Windows\system32\UIRibbon.dll
2014-06-26 16:05:56 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-26 16:05:56 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-26 16:05:56 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-06-26 16:05:55 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-06-26 16:05:55 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2014-06-26 16:05:55 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2014-06-26 16:05:55 ----A---- C:\Windows\SYSWOW64\WMPEncEn.dll
2014-06-26 16:05:55 ----A---- C:\Windows\SYSWOW64\winmm.dll
2014-06-26 16:05:55 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2014-06-26 16:05:55 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2014-06-26 16:05:55 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2014-06-26 16:05:55 ----A---- C:\Windows\SYSWOW64\SyncCenter.dll
2014-06-26 16:05:55 ----A---- C:\Windows\system32\WMNetMgr.dll
2014-06-26 16:05:55 ----A---- C:\Windows\system32\WinSAT.exe
2014-06-26 16:05:55 ----A---- C:\Windows\system32\termsrv.dll
2014-06-26 16:05:55 ----A---- C:\Windows\system32\taskmgr.exe
2014-06-26 16:05:55 ----A---- C:\Windows\system32\taskbarcpl.dll
2014-06-26 16:05:55 ----A---- C:\Windows\system32\takeown.exe
2014-06-26 16:05:55 ----A---- C:\Windows\system32\t2embed.dll
2014-06-26 16:05:55 ----A---- C:\Windows\system32\syssetup.dll
2014-06-26 16:05:54 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2014-06-26 16:05:54 ----A---- C:\Windows\SYSWOW64\wlanui.dll
2014-06-26 16:05:54 ----A---- C:\Windows\system32\XpsRasterService.dll
2014-06-26 16:05:54 ----A---- C:\Windows\system32\wvc.dll
2014-06-26 16:05:54 ----A---- C:\Windows\system32\wusa.exe
2014-06-26 16:05:54 ----A---- C:\Windows\system32\wsnmp32.dll
2014-06-26 16:05:54 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2014-06-26 16:05:54 ----A---- C:\Windows\system32\wpdshext.dll
2014-06-26 16:05:54 ----A---- C:\Windows\system32\WMVSDECD.DLL
2014-06-26 16:05:53 ----A---- C:\Windows\SYSWOW64\wdscore.dll
2014-06-26 16:05:53 ----A---- C:\Windows\SYSWOW64\wbemcomn.dll
2014-06-26 16:05:53 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2014-06-26 16:05:53 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-06-26 16:05:53 ----A---- C:\Windows\SYSWOW64\upnp.dll
2014-06-26 16:05:53 ----A---- C:\Windows\SYSWOW64\Ribbons.scr
2014-06-26 16:05:53 ----A---- C:\Windows\SYSWOW64\relog.exe
2014-06-26 16:05:53 ----A---- C:\Windows\system32\wdc.dll
2014-06-26 16:05:53 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2014-06-26 16:05:53 ----A---- C:\Windows\system32\SyncCenter.dll
2014-06-26 16:05:53 ----A---- C:\Windows\system32\runonce.exe
2014-06-26 16:05:53 ----A---- C:\Windows\system32\rtutils.dll
2014-06-26 16:05:53 ----A---- C:\Windows\system32\Robocopy.exe
2014-06-26 16:05:53 ----A---- C:\Windows\system32\riched32.dll
2014-06-26 16:05:53 ----A---- C:\Windows\system32\riched20.dll
2014-06-26 16:05:53 ----A---- C:\Windows\system32\regapi.dll
2014-06-26 16:05:53 ----A---- C:\Windows\system32\drivers\wanarp.sys
2014-06-26 16:05:53 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2014-06-26 16:05:53 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2014-06-26 16:05:52 ----A---- C:\Windows\SYSWOW64\schedcli.dll
2014-06-26 16:05:52 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-06-26 16:05:52 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2014-06-26 16:05:52 ----A---- C:\Windows\SYSWOW64\qcap.dll
2014-06-26 16:05:52 ----A---- C:\Windows\SYSWOW64\powercpl.dll
2014-06-26 16:05:52 ----A---- C:\Windows\SYSWOW64\PortableDeviceSyncProvider.dll
2014-06-26 16:05:52 ----A---- C:\Windows\SYSWOW64\pla.dll
2014-06-26 16:05:52 ----A---- C:\Windows\SYSWOW64\PerfCenterCPL.dll
2014-06-26 16:05:52 ----A---- C:\Windows\SYSWOW64\pdh.dll
2014-06-26 16:05:52 ----A---- C:\Windows\system32\schedsvc.dll
2014-06-26 16:05:52 ----A---- C:\Windows\system32\scesrv.dll
2014-06-26 16:05:52 ----A---- C:\Windows\system32\scansetting.dll
2014-06-26 16:05:52 ----A---- C:\Windows\system32\rdpdd.dll
2014-06-26 16:05:52 ----A---- C:\Windows\system32\rasmans.dll
2014-06-26 16:05:52 ----A---- C:\Windows\system32\qdv.dll
2014-06-26 16:05:52 ----A---- C:\Windows\system32\perfmon.exe
2014-06-26 16:05:52 ----A---- C:\Windows\system32\drivers\rdbss.sys
2014-06-26 16:05:52 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2014-06-26 16:05:51 ----A---- C:\Windows\SYSWOW64\sud.dll
2014-06-26 16:05:51 ----A---- C:\Windows\SYSWOW64\sppcomapi.dll
2014-06-26 16:05:51 ----A---- C:\Windows\SYSWOW64\slwga.dll
2014-06-26 16:05:51 ----A---- C:\Windows\SYSWOW64\setupcln.dll
2014-06-26 16:05:51 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2014-06-26 16:05:51 ----A---- C:\Windows\SYSWOW64\KBDUGHR1.DLL
2014-06-26 16:05:51 ----A---- C:\Windows\SYSWOW64\KBDTUF.DLL
2014-06-26 16:05:51 ----A---- C:\Windows\SYSWOW64\KBDSG.DLL
2014-06-26 16:05:51 ----A---- C:\Windows\system32\StructuredQuery.dll
2014-06-26 16:05:51 ----A---- C:\Windows\system32\srrstr.dll
2014-06-26 16:05:51 ----A---- C:\Windows\system32\spwizui.dll
2014-06-26 16:05:51 ----A---- C:\Windows\system32\spreview.exe
2014-06-26 16:05:51 ----A---- C:\Windows\system32\sppwinob.dll
2014-06-26 16:05:51 ----A---- C:\Windows\system32\sppcomapi.dll
2014-06-26 16:05:51 ----A---- C:\Windows\system32\spinstall.exe
2014-06-26 16:05:51 ----A---- C:\Windows\system32\SmiEngine.dll
2014-06-26 16:05:51 ----A---- C:\Windows\system32\slui.exe
2014-06-26 16:05:51 ----A---- C:\Windows\system32\shunimpl.dll
2014-06-26 16:05:51 ----A---- C:\Windows\system32\sharemediacpl.dll
2014-06-26 16:05:51 ----A---- C:\Windows\system32\mcbuilder.exe
2014-06-26 16:05:51 ----A---- C:\Windows\system32\manage-bde.exe
2014-06-26 16:05:51 ----A---- C:\Windows\system32\lpksetup.exe
2014-06-26 16:05:51 ----A---- C:\Windows\system32\logman.exe
2014-06-26 16:05:51 ----A---- C:\Windows\system32\KMSVC.DLL
2014-06-26 16:05:51 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2014-06-26 16:05:51 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2014-06-26 16:05:51 ----A---- C:\Windows\system32\KBDSG.DLL
2014-06-26 16:05:50 ----A---- C:\Windows\SYSWOW64\migisol.dll
2014-06-26 16:05:50 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2014-06-26 16:05:50 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys
2014-06-26 16:05:49 ----A---- C:\Windows\SYSWOW64\imapi2fs.dll
2014-06-26 16:05:49 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2014-06-26 16:05:49 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-06-26 16:05:48 ----A---- C:\Windows\SYSWOW64\odbcconf.dll
2014-06-26 16:05:48 ----A---- C:\Windows\SYSWOW64\netshell.dll
2014-06-26 16:05:48 ----A---- C:\Windows\SYSWOW64\KBDPO.DLL
2014-06-26 16:05:48 ----A---- C:\Windows\SYSWOW64\KBDMAORI.DLL
2014-06-26 16:05:48 ----A---- C:\Windows\SYSWOW64\KBDINORI.DLL
2014-06-26 16:05:48 ----A---- C:\Windows\SYSWOW64\KBDINKAN.DLL
2014-06-26 16:05:48 ----A---- C:\Windows\SYSWOW64\KBDBLR.DLL
2014-06-26 16:05:48 ----A---- C:\Windows\SYSWOW64\isoburn.exe
2014-06-26 16:05:48 ----A---- C:\Windows\SYSWOW64\iscsium.dll
2014-06-26 16:05:48 ----A---- C:\Windows\SYSWOW64\iscsicli.exe
2014-06-26 16:05:48 ----A---- C:\Windows\SYSWOW64\ipsmsnap.dll
2014-06-26 16:05:48 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2014-06-26 16:05:48 ----A---- C:\Windows\system32\odbc32.dll
2014-06-26 16:05:48 ----A---- C:\Windows\system32\KBDNEPR.DLL
2014-06-26 16:05:48 ----A---- C:\Windows\system32\kbdlk41a.dll
2014-06-26 16:05:48 ----A---- C:\Windows\system32\KBDINKAN.DLL
2014-06-26 16:05:48 ----A---- C:\Windows\system32\KBDINHIN.DLL
2014-06-26 16:05:48 ----A---- C:\Windows\system32\KBDBULG.DLL
2014-06-26 16:05:48 ----A---- C:\Windows\system32\iTVData.dll
2014-06-26 16:05:48 ----A---- C:\Windows\system32\iprtrmgr.dll
2014-06-26 16:05:48 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2014-06-26 16:05:47 ----A---- C:\Windows\SYSWOW64\pnidui.dll
2014-06-26 16:05:47 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2014-06-26 16:05:47 ----A---- C:\Windows\SYSWOW64\networkmap.dll
2014-06-26 16:05:47 ----A---- C:\Windows\SYSWOW64\networkexplorer.dll
2014-06-26 16:05:47 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2014-06-26 16:05:47 ----A---- C:\Windows\system32\PnPUnattend.exe
2014-06-26 16:05:47 ----A---- C:\Windows\system32\nrpsrv.dll
2014-06-26 16:05:47 ----A---- C:\Windows\system32\nlsbres.dll
2014-06-26 16:05:47 ----A---- C:\Windows\system32\netid.dll
2014-06-26 16:05:47 ----A---- C:\Windows\system32\drivers\netbt.sys
2014-06-26 16:05:46 ----A---- C:\Windows\SYSWOW64\olethk32.dll
2014-06-26 16:05:46 ----A---- C:\Windows\SYSWOW64\ole32.dll
2014-06-26 16:05:46 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-06-26 16:05:46 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2014-06-26 16:05:46 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2014-06-26 16:05:46 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2014-06-26 16:05:46 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2014-06-26 16:05:46 ----A---- C:\Windows\system32\mscoree.dll
2014-06-26 16:05:46 ----A---- C:\Windows\system32\mscms.dll
2014-06-26 16:05:45 ----A---- C:\Windows\system32\MPSSVC.dll
2014-06-26 16:05:45 ----A---- C:\Windows\system32\drivers\mpio.sys
2014-06-26 16:05:44 ----A---- C:\Windows\SYSWOW64\nci.dll
2014-06-26 16:05:44 ----A---- C:\Windows\SYSWOW64\napdsnap.dll
2014-06-26 16:05:44 ----A---- C:\Windows\SYSWOW64\muifontsetup.dll
2014-06-26 16:05:44 ----A---- C:\Windows\system32\NAPHLPR.DLL
2014-06-26 16:05:44 ----A---- C:\Windows\system32\napdsnap.dll
2014-06-26 16:05:44 ----A---- C:\Windows\system32\Mystify.scr
2014-06-26 16:05:44 ----A---- C:\Windows\system32\msiexec.exe
2014-06-26 16:05:44 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2014-06-26 16:05:43 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-06-26 16:05:43 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2014-06-26 16:05:43 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2014-06-26 16:05:43 ----A---- C:\Windows\system32\msv1_0.dll
2014-06-26 16:05:43 ----A---- C:\Windows\system32\mstask.dll
2014-06-26 16:05:43 ----A---- C:\Windows\system32\msscp.dll
2014-06-26 16:05:43 ----A---- C:\Windows\system32\msnetobj.dll
2014-06-26 16:05:43 ----A---- C:\Windows\system32\msftedit.dll
2014-06-26 16:05:41 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-06-26 16:05:41 ----A---- C:\Windows\SYSWOW64\CertPolEng.dll
2014-06-26 16:05:41 ----A---- C:\Windows\SYSWOW64\calc.exe
2014-06-26 16:05:41 ----A---- C:\Windows\system32\cryptui.dll
2014-06-26 16:05:41 ----A---- C:\Windows\system32\clusapi.dll
2014-06-26 16:05:41 ----A---- C:\Windows\system32\certprop.dll
2014-06-26 16:05:41 ----A---- C:\Windows\system32\CertEnroll.dll
2014-06-26 16:05:41 ----A---- C:\Windows\system32\cabview.dll
2014-06-26 16:05:41 ----A---- C:\Windows\system32\browseui.dll
2014-06-26 16:05:40 ----A---- C:\Windows\SYSWOW64\DevicePairingFolder.dll
2014-06-26 16:05:40 ----A---- C:\Windows\system32\drivers\dfsc.sys
2014-06-26 16:05:40 ----A---- C:\Windows\system32\dhcpcore.dll
2014-06-26 16:05:40 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2014-06-26 16:05:39 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2014-06-26 16:05:39 ----A---- C:\Windows\SYSWOW64\acppage.dll
2014-06-26 16:05:39 ----A---- C:\Windows\system32\drivers\acpi.sys
2014-06-26 16:05:38 ----A---- C:\Windows\SYSWOW64\batmeter.dll
2014-06-26 16:05:38 ----A---- C:\Windows\SYSWOW64\ActionCenterCPL.dll
2014-06-26 16:05:38 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2014-06-26 16:05:38 ----A---- C:\Windows\system32\bcryptprimitives.dll
2014-06-26 16:05:38 ----A---- C:\Windows\bfsvc.exe
2014-06-26 16:05:37 ----A---- C:\Windows\system32\gdi32.dll
2014-06-26 16:05:37 ----A---- C:\Windows\system32\BlbEvents.dll
2014-06-26 16:05:37 ----A---- C:\Windows\system32\blackbox.dll
2014-06-26 16:05:37 ----A---- C:\Windows\system32\biocpl.dll
2014-06-26 16:05:37 ----A---- C:\Windows\system32\BFE.DLL
2014-06-26 16:05:37 ----A---- C:\Windows\system32\basecsp.dll
2014-06-26 16:05:37 ----A---- C:\Windows\system32\AxInstSv.dll
2014-06-26 16:05:37 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2014-06-26 16:05:37 ----A---- C:\Windows\system32\autochk.exe
2014-06-26 16:05:36 ----A---- C:\Windows\SYSWOW64\hgcpl.dll
2014-06-26 16:05:36 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2014-06-26 16:05:36 ----A---- C:\Windows\SYSWOW64\ftp.exe
2014-06-26 16:05:36 ----A---- C:\Windows\SYSWOW64\FirewallControlPanel.dll
2014-06-26 16:05:36 ----A---- C:\Windows\SYSWOW64\findstr.exe
2014-06-26 16:05:36 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2014-06-26 16:05:36 ----A---- C:\Windows\SYSWOW64\dsauth.dll
2014-06-26 16:05:36 ----A---- C:\Windows\SYSWOW64\dpx.dll
2014-06-26 16:05:36 ----A---- C:\Windows\system32\hgprint.dll
2014-06-26 16:05:36 ----A---- C:\Windows\system32\hgcpl.dll
2014-06-26 16:05:36 ----A---- C:\Windows\system32\FXSUNATD.exe
2014-06-26 16:05:36 ----A---- C:\Windows\system32\FXSSVC.exe
2014-06-26 16:05:36 ----A---- C:\Windows\system32\FXSMON.dll
2014-06-26 16:05:36 ----A---- C:\Windows\system32\fphc.dll
2014-06-26 16:05:36 ----A---- C:\Windows\system32\fms.dll
2014-06-26 16:05:36 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2014-06-26 16:05:36 ----A---- C:\Windows\system32\DXP.dll
2014-06-26 16:05:36 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-06-26 16:05:36 ----A---- C:\Windows\system32\drivers\hidusb.sys
2014-06-26 16:05:36 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-06-26 16:05:35 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-06-26 16:05:35 ----A---- C:\Windows\SYSWOW64\tcpmonui.dll
2014-06-26 16:05:35 ----A---- C:\Windows\SYSWOW64\takeown.exe
2014-06-26 16:05:35 ----A---- C:\Windows\SYSWOW64\fdeploy.dll
2014-06-26 16:05:35 ----A---- C:\Windows\SYSWOW64\eudcedit.exe
2014-06-26 16:05:35 ----A---- C:\Windows\SYSWOW64\dnscmmc.dll
2014-06-26 16:05:35 ----A---- C:\Windows\system32\tlscsp.dll
2014-06-26 16:05:35 ----A---- C:\Windows\system32\eudcedit.exe
2014-06-26 16:05:35 ----A---- C:\Windows\system32\DxpTaskSync.dll
2014-06-26 16:05:35 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2014-06-26 16:05:35 ----A---- C:\Windows\system32\dot3ui.dll
2014-06-26 16:05:35 ----A---- C:\Windows\system32\diskpart.exe
2014-06-26 16:05:34 ----A---- C:\Windows\system32\themecpl.dll
2014-06-26 16:05:33 ----A---- C:\Windows\SYSWOW64\unimdmat.dll
2014-06-26 16:05:33 ----A---- C:\Windows\SYSWOW64\twext.dll
2014-06-26 16:05:33 ----A---- C:\Windows\SYSWOW64\stobject.dll
2014-06-26 16:05:33 ----A---- C:\Windows\system32\upnp.dll
2014-06-26 16:05:33 ----A---- C:\Windows\system32\untfs.dll
2014-06-26 16:05:33 ----A---- C:\Windows\system32\tzutil.exe
2014-06-26 16:05:33 ----A---- C:\Windows\system32\twext.dll
2014-06-26 16:05:33 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2014-06-26 16:05:33 ----A---- C:\Windows\system32\drivers\udfs.sys
2014-06-26 16:05:33 ----A---- C:\Windows\system32\drivers\tunnel.sys
2014-06-26 16:05:33 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-06-26 16:05:32 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2014-06-26 16:05:32 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2014-06-26 16:05:32 ----A---- C:\Windows\system32\wmpsrcwp.dll
2014-06-26 16:05:32 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-06-26 16:05:32 ----A---- C:\Windows\system32\wlanmsm.dll
2014-06-26 16:05:32 ----A---- C:\Windows\system32\wlangpui.dll
2014-06-26 16:05:32 ----A---- C:\Windows\system32\wkscli.dll
2014-06-26 16:05:32 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-06-26 16:05:31 ----A---- C:\Windows\SYSWOW64\wusa.exe
2014-06-26 16:05:31 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2014-06-26 16:05:31 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-06-26 16:05:31 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2014-06-26 16:05:31 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2014-06-26 16:05:31 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2014-06-26 16:05:31 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-06-26 16:05:31 ----A---- C:\Windows\SYSWOW64\w32tm.exe
2014-06-26 16:05:31 ----A---- C:\Windows\SYSWOW64\Vault.dll
2014-06-26 16:05:31 ----A---- C:\Windows\SYSWOW64\userinit.exe
2014-06-26 16:05:31 ----A---- C:\Windows\SYSWOW64\userenv.dll
2014-06-26 16:05:31 ----A---- C:\Windows\system32\wwanprotdim.dll
2014-06-26 16:05:31 ----A---- C:\Windows\system32\WsmSvc.dll
2014-06-26 16:05:31 ----A---- C:\Windows\system32\WSDApi.dll
2014-06-26 16:05:31 ----A---- C:\Windows\system32\WPDSp.dll
2014-06-26 16:05:31 ----A---- C:\Windows\system32\winlogon.exe
2014-06-26 16:05:31 ----A---- C:\Windows\system32\wevtsvc.dll
2014-06-26 16:05:31 ----A---- C:\Windows\system32\werconcpl.dll
2014-06-26 16:05:31 ----A---- C:\Windows\system32\vfwwdm32.dll
2014-06-26 16:05:31 ----A---- C:\Windows\system32\vdsutil.dll
2014-06-26 16:05:31 ----A---- C:\Windows\system32\vds.exe
2014-06-26 16:05:31 ----A---- C:\Windows\system32\VAN.dll
2014-06-26 16:05:31 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2014-06-26 16:05:30 ----A---- C:\Windows\SYSWOW64\wimserv.exe
2014-06-26 16:05:30 ----A---- C:\Windows\SYSWOW64\wimgapi.dll
2014-06-26 16:05:30 ----A---- C:\Windows\SYSWOW64\wiavideo.dll
2014-06-26 16:05:30 ----A---- C:\Windows\SYSWOW64\webservices.dll
2014-06-26 16:05:30 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-06-26 16:05:30 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-06-26 16:05:30 ----A---- C:\Windows\SYSWOW64\RpcRtRemote.dll
2014-06-26 16:05:30 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-06-26 16:05:30 ----A---- C:\Windows\SYSWOW64\remotepg.dll
2014-06-26 16:05:30 ----A---- C:\Windows\SYSWOW64\ReAgentc.exe
2014-06-26 16:05:30 ----A---- C:\Windows\SYSWOW64\rdpd3d.dll
2014-06-26 16:05:30 ----A---- C:\Windows\system32\wiadefui.dll
2014-06-26 16:05:30 ----A---- C:\Windows\system32\webservices.dll
2014-06-26 16:05:30 ----A---- C:\Windows\system32\wcncsvc.dll
2014-06-26 16:05:30 ----A---- C:\Windows\system32\wavemsp.dll
2014-06-26 16:05:30 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-06-26 16:05:30 ----A---- C:\Windows\system32\rpcrt4.dll
2014-06-26 16:05:30 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-06-26 16:05:30 ----A---- C:\Windows\system32\relog.exe
2014-06-26 16:05:30 ----A---- C:\Windows\system32\rastls.dll
2014-06-26 16:05:30 ----A---- C:\Windows\system32\drivers\scfilter.sys
2014-06-26 16:05:30 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2014-06-26 16:05:29 ----A---- C:\Windows\SYSWOW64\scecli.dll
2014-06-26 16:05:29 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-06-26 16:05:29 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-06-26 16:05:29 ----A---- C:\Windows\SYSWOW64\QUTIL.DLL
2014-06-26 16:05:29 ----A---- C:\Windows\SYSWOW64\QCLIPROV.DLL
2014-06-26 16:05:29 ----A---- C:\Windows\SYSWOW64\QAGENT.DLL
2014-06-26 16:05:29 ----A---- C:\Windows\SYSWOW64\prntvpt.dll
2014-06-26 16:05:29 ----A---- C:\Windows\system32\scecli.dll
2014-06-26 16:05:29 ----A---- C:\Windows\system32\raschap.dll
2014-06-26 16:05:29 ----A---- C:\Windows\system32\RacEngn.dll
2014-06-26 16:05:29 ----A---- C:\Windows\system32\Query.dll
2014-06-26 16:05:29 ----A---- C:\Windows\system32\qmgr.dll
2014-06-26 16:05:29 ----A---- C:\Windows\system32\QCLIPROV.DLL
2014-06-26 16:05:29 ----A---- C:\Windows\system32\QAGENTRT.DLL
2014-06-26 16:05:29 ----A---- C:\Windows\system32\QAGENT.DLL
2014-06-26 16:05:29 ----A---- C:\Windows\system32\proquota.exe
2014-06-26 16:05:29 ----A---- C:\Windows\system32\propsys.dll
2014-06-26 16:05:28 ----A---- C:\Windows\SYSWOW64\SndVolSSO.dll
2014-06-26 16:05:28 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2014-06-26 16:05:28 ----A---- C:\Windows\system32\sqlcese30.dll
2014-06-26 16:05:28 ----A---- C:\Windows\system32\sppnp.dll
2014-06-26 16:05:28 ----A---- C:\Windows\system32\spopk.dll
2014-06-26 16:05:28 ----A---- C:\Windows\system32\shsvcs.dll
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\nslookup.exe
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\mfds.dll
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\mcbuilder.exe
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\KBDTURME.DLL
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\KBDTUQ.DLL
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\KBDNEPR.DLL
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\KBDGR1.DLL
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\KBDGEO.DLL
2014-06-26 16:05:27 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2014-06-26 16:05:27 ----A---- C:\Windows\system32\ntlanman.dll
2014-06-26 16:05:27 ----A---- C:\Windows\system32\mmcndmgr.dll
2014-06-26 16:05:27 ----A---- C:\Windows\system32\logoncli.dll
2014-06-26 16:05:27 ----A---- C:\Windows\system32\KBDSF.DLL
2014-06-26 16:05:27 ----A---- C:\Windows\system32\KBDPO.DLL
2014-06-26 16:05:27 ----A---- C:\Windows\system32\KBDMON.DLL
2014-06-26 16:05:27 ----A---- C:\Windows\system32\KBDINMAR.DLL
2014-06-26 16:05:27 ----A---- C:\Windows\system32\KBDGEO.DLL
2014-06-26 16:05:27 ----A---- C:\Windows\system32\iyuv_32.dll
2014-06-26 16:05:26 ----A---- C:\Windows\SYSWOW64\PortableDeviceStatus.dll
2014-06-26 16:05:26 ----A---- C:\Windows\SYSWOW64\onexui.dll
2014-06-26 16:05:26 ----A---- C:\Windows\SYSWOW64\netid.dll
2014-06-26 16:05:26 ----A---- C:\Windows\system32\netplwiz.dll
2014-06-26 16:05:26 ----A---- C:\Windows\system32\netfxperf.dll
2014-06-26 16:05:25 ----A---- C:\Windows\SYSWOW64\pifmgr.dll
2014-06-26 16:05:25 ----A---- C:\Windows\SYSWOW64\onex.dll
2014-06-26 16:05:25 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2014-06-26 16:05:25 ----A---- C:\Windows\SYSWOW64\Mystify.scr
2014-06-26 16:05:25 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2014-06-26 16:05:25 ----A---- C:\Windows\SYSWOW64\msvfw32.dll
2014-06-26 16:05:25 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2014-06-26 16:05:25 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2014-06-26 16:05:25 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2014-06-26 16:05:25 ----A---- C:\Windows\system32\odbcconf.dll
2014-06-26 16:05:25 ----A---- C:\Windows\system32\ocsetup.exe
2014-06-26 16:05:25 ----A---- C:\Windows\system32\ocsetapi.dll
2014-06-26 16:05:25 ----A---- C:\Windows\system32\net1.exe
2014-06-26 16:05:25 ----A---- C:\Windows\system32\ncryptui.dll
2014-06-26 16:05:25 ----A---- C:\Windows\system32\mydocs.dll
2014-06-26 16:05:25 ----A---- C:\Windows\system32\msyuv.dll
2014-06-26 16:05:25 ----A---- C:\Windows\system32\mstsc.exe
2014-06-26 16:05:25 ----A---- C:\Windows\system32\msieftp.dll
2014-06-26 16:05:25 ----A---- C:\Windows\system32\msasn1.dll
2014-06-26 16:05:24 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2014-06-26 16:05:24 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2014-06-26 16:05:24 ----A---- C:\Windows\SYSWOW64\certcli.dll
2014-06-26 16:05:24 ----A---- C:\Windows\system32\cmstp.exe
2014-06-26 16:05:23 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2014-06-26 16:05:23 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-06-26 16:05:23 ----A---- C:\Windows\SYSWOW64\d3d9.dll
2014-06-26 16:05:23 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2014-06-26 16:05:23 ----A---- C:\Windows\system32\DeviceCenter.dll
2014-06-26 16:05:23 ----A---- C:\Windows\system32\davclnt.dll
2014-06-26 16:05:21 ----A---- C:\Windows\SYSWOW64\iasrad.dll
2014-06-26 16:05:21 ----A---- C:\Windows\SYSWOW64\iasacct.dll
2014-06-26 16:05:21 ----A---- C:\Windows\SYSWOW64\httpapi.dll
2014-06-26 16:05:21 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2014-06-26 16:05:21 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2014-06-26 16:05:21 ----A---- C:\Windows\SYSWOW64\AuthFWSnapin.dll
2014-06-26 16:05:21 ----A---- C:\Windows\SYSWOW64\adsldp.dll
2014-06-26 16:05:21 ----A---- C:\Windows\system32\hal.dll
2014-06-26 16:05:21 ----A---- C:\Windows\system32\gpsvc.dll
2014-06-26 16:05:21 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2014-06-26 16:05:21 ----A---- C:\Windows\system32\cabinet.dll
2014-06-26 16:05:21 ----A---- C:\Windows\system32\bcdboot.exe
2014-06-26 16:05:21 ----A---- C:\Windows\system32\autoplay.dll
2014-06-26 16:05:21 ----A---- C:\Windows\system32\autofmt.exe
2014-06-26 16:05:21 ----A---- C:\Windows\system32\actxprxy.dll
2014-06-26 16:05:21 ----A---- C:\Windows\system32\ActionQueue.dll
2014-06-26 16:05:21 ----A---- C:\Windows\system32\ActionCenter.dll
2014-06-26 16:05:21 ----A---- C:\Windows\system32\accessibilitycpl.dll
2014-06-26 16:05:20 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2014-06-26 16:05:20 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2014-06-26 16:05:20 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2014-06-26 16:05:20 ----A---- C:\Windows\SYSWOW64\fontext.dll
2014-06-26 16:05:20 ----A---- C:\Windows\SYSWOW64\Display.dll
2014-06-26 16:05:20 ----A---- C:\Windows\system32\inetpp.dll
2014-06-26 16:05:20 ----A---- C:\Windows\system32\fde.dll
2014-06-26 16:05:20 ----A---- C:\Windows\system32\evr.dll
2014-06-26 16:05:20 ----A---- C:\Windows\system32\efscore.dll
2014-06-26 16:05:20 ----A---- C:\Windows\system32\dwmredir.dll
2014-06-26 16:05:20 ----A---- C:\Windows\system32\dsauth.dll
2014-06-26 16:05:20 ----A---- C:\Windows\system32\drvstore.dll
2014-06-26 16:05:20 ----A---- C:\Windows\system32\dot3svc.dll
2014-06-26 16:05:20 ----A---- C:\Windows\system32\dot3msm.dll
2014-06-26 16:05:20 ----A---- C:\Windows\system32\dot3api.dll
2014-06-26 16:05:19 ----A---- C:\Windows\system32\syncui.dll
2014-06-26 16:05:18 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-06-26 16:05:17 ----A---- C:\Windows\system32\tcpipcfg.dll
2014-06-26 16:05:16 ----A---- C:\Windows\SYSWOW64\tapisrv.dll
2014-06-26 16:05:16 ----A---- C:\Windows\system32\SndVol.exe
2014-06-26 16:05:15 ----A---- C:\Windows\SYSWOW64\ssText3d.scr
2014-06-26 16:05:15 ----A---- C:\Windows\SYSWOW64\srchadmin.dll
2014-06-26 16:05:15 ----A---- C:\Windows\SYSWOW64\sppc.dll
2014-06-26 16:05:15 ----A---- C:\Windows\system32\srvcli.dll
2014-06-26 16:05:15 ----A---- C:\Windows\system32\SndVolSSO.dll
2014-06-26 16:05:14 ----A---- C:\Windows\SYSWOW64\spwizeng.dll
2014-06-26 16:05:13 ----A---- C:\Windows\SYSWOW64\sqlsrv32.dll
2014-06-26 16:05:13 ----A---- C:\Windows\SYSWOW64\sqlcese30.dll
2014-06-26 16:05:13 ----A---- C:\Windows\SYSWOW64\spwizres.dll
2014-06-26 16:05:12 ----A---- C:\Windows\system32\WinSCard.dll
2014-06-26 16:05:12 ----A---- C:\Windows\system32\WebClnt.dll
2014-06-26 16:05:11 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2014-06-26 16:05:11 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2014-06-26 16:05:11 ----A---- C:\Windows\SYSWOW64\wmpps.dll
2014-06-26 16:05:11 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2014-06-26 16:05:11 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll
2014-06-26 16:05:11 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll
2014-06-26 16:05:11 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2014-06-26 16:05:11 ----A---- C:\Windows\system32\wmpdxm.dll
2014-06-26 16:05:11 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2014-06-26 16:05:11 ----A---- C:\Windows\system32\wbengine.exe
2014-06-26 16:05:09 ----A---- C:\Windows\system32\wbemcomn.dll
2014-06-26 16:05:09 ----A---- C:\Windows\system32\vpnikeapi.dll
2014-06-26 16:05:09 ----A---- C:\Windows\system32\vpnike.dll
2014-06-26 16:05:09 ----A---- C:\Windows\system32\tsbyuv.dll
2014-06-26 16:05:08 ----A---- C:\Windows\SYSWOW64\uxlib.dll
2014-06-26 16:05:08 ----A---- C:\Windows\SYSWOW64\utildll.dll
2014-06-26 16:05:08 ----A---- C:\Windows\SYSWOW64\shsvcs.dll
2014-06-26 16:05:08 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2014-06-26 16:05:08 ----A---- C:\Windows\system32\Vault.dll
2014-06-26 16:05:08 ----A---- C:\Windows\system32\schedcli.dll
2014-06-26 16:05:08 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-06-26 16:05:07 ----A---- C:\Windows\system32\schtasks.exe
2014-06-26 16:05:06 ----A---- C:\Windows\SYSWOW64\riched32.dll
2014-06-26 16:05:06 ----A---- C:\Windows\SYSWOW64\riched20.dll
2014-06-26 16:05:06 ----A---- C:\Windows\SYSWOW64\QSVRMGMT.DLL
2014-06-26 16:05:06 ----A---- C:\Windows\SYSWOW64\QSHVHOST.DLL
2014-06-26 16:05:06 ----A---- C:\Windows\SYSWOW64\qdv.dll
2014-06-26 16:05:06 ----A---- C:\Windows\SYSWOW64\qasf.dll
2014-06-26 16:05:06 ----A---- C:\Windows\SYSWOW64\proquota.exe
2014-06-26 16:05:06 ----A---- C:\Windows\SYSWOW64\prnfldr.dll
2014-06-26 16:05:06 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-06-26 16:05:06 ----A---- C:\Windows\system32\QUTIL.DLL
2014-06-26 16:05:06 ----A---- C:\Windows\system32\prncache.dll
2014-06-26 16:05:05 ----A---- C:\Windows\system32\rpchttp.dll
2014-06-26 16:05:05 ----A---- C:\Windows\system32\recovery.dll
2014-06-26 16:05:05 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2014-06-26 16:05:04 ----A---- C:\Windows\system32\SensorsCpl.dll
2014-06-26 16:05:03 ----A---- C:\Windows\system32\shdocvw.dll
2014-06-26 16:05:03 ----A---- C:\Windows\system32\shacct.dll
2014-06-26 16:05:03 ----A---- C:\Windows\system32\setupapi.dll
2014-06-26 16:05:02 ----A---- C:\Windows\SYSWOW64\shimgvw.dll
2014-06-26 16:05:02 ----A---- C:\Windows\system32\shlwapi.dll
2014-06-26 16:05:01 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2014-06-26 16:05:00 ----A---- C:\Windows\system32\MdSched.exe
2014-06-26 16:05:00 ----A---- C:\Windows\system32\lsmproxy.dll
2014-06-26 16:04:59 ----A---- C:\Windows\SYSWOW64\mciqtz32.dll
2014-06-26 16:04:58 ----A---- C:\Windows\system32\mciqtz32.dll
2014-06-26 16:04:58 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2014-06-26 16:04:55 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2014-06-26 16:04:55 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2014-06-26 16:04:55 ----A---- C:\Windows\SYSWOW64\NAPHLPR.DLL
2014-06-26 16:04:55 ----A---- C:\Windows\SYSWOW64\mydocs.dll
2014-06-26 16:04:55 ----A---- C:\Windows\SYSWOW64\mimefilt.dll
2014-06-26 16:04:55 ----A---- C:\Windows\SYSWOW64\localsec.dll
2014-06-26 16:04:55 ----A---- C:\Windows\SYSWOW64\kbdlk41a.dll
2014-06-26 16:04:55 ----A---- C:\Windows\SYSWOW64\KBDINBEN.DLL
2014-06-26 16:04:55 ----A---- C:\Windows\SYSWOW64\KBDGKL.DLL
2014-06-26 16:04:55 ----A---- C:\Windows\SYSWOW64\KBDBULG.DLL
2014-06-26 16:04:55 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-06-26 16:04:55 ----A---- C:\Windows\SYSWOW64\input.dll
2014-06-26 16:04:55 ----A---- C:\Windows\system32\netiohlp.dll
2014-06-26 16:04:55 ----A---- C:\Windows\system32\netcfgx.dll
2014-06-26 16:04:55 ----A---- C:\Windows\system32\netcenter.dll
2014-06-26 16:04:55 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2014-06-26 16:04:55 ----A---- C:\Windows\system32\MSVidCtl.dll
2014-06-26 16:04:55 ----A---- C:\Windows\system32\ListSvc.dll
2014-06-26 16:04:55 ----A---- C:\Windows\system32\KBDTURME.DLL
2014-06-26 16:04:55 ----A---- C:\Windows\system32\KBDMAORI.DLL
2014-06-26 16:04:55 ----A---- C:\Windows\system32\KBDINTAM.DLL
2014-06-26 16:04:55 ----A---- C:\Windows\system32\KBDGR1.DLL
2014-06-26 16:04:55 ----A---- C:\Windows\system32\KBDCZ1.DLL
2014-06-26 16:04:55 ----A---- C:\Windows\system32\isoburn.exe
2014-06-26 16:04:55 ----A---- C:\Windows\system32\iscsium.dll
2014-06-26 16:04:55 ----A---- C:\Windows\system32\iscsicli.exe
2014-06-26 16:04:55 ----A---- C:\Windows\system32\iasrecst.dll
2014-06-26 16:04:55 ----A---- C:\Windows\system32\httpapi.dll
2014-06-26 16:04:55 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2014-06-26 16:04:54 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2014-06-26 16:04:54 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2014-06-26 16:04:54 ----A---- C:\Windows\SYSWOW64\netutils.dll
2014-06-26 16:04:54 ----A---- C:\Windows\SYSWOW64\netplwiz.dll
2014-06-26 16:04:54 ----A---- C:\Windows\SYSWOW64\netjoin.dll
2014-06-26 16:04:54 ----A---- C:\Windows\SYSWOW64\mtxclu.dll
2014-06-26 16:04:54 ----A---- C:\Windows\system32\ntprint.dll
2014-06-26 16:04:54 ----A---- C:\Windows\system32\nltest.exe
2014-06-26 16:04:54 ----A---- C:\Windows\system32\mtxclu.dll
2014-06-26 16:04:54 ----A---- C:\Windows\system32\mprapi.dll
2014-06-26 16:04:54 ----A---- C:\Windows\system32\drivers\msahci.sys
2014-06-26 16:04:53 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-06-26 16:04:53 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-06-26 16:04:53 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2014-06-26 16:04:53 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2014-06-26 16:04:53 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2014-06-26 16:04:53 ----A---- C:\Windows\SYSWOW64\certmgr.dll
2014-06-26 16:04:53 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2014-06-26 16:04:53 ----A---- C:\Windows\system32\msdtctm.dll
2014-06-26 16:04:53 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-06-26 16:04:53 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2014-06-26 16:04:53 ----A---- C:\Windows\system32\BWUnpairElevated.dll
2014-06-26 16:04:53 ----A---- C:\Windows\system32\bootres.dll
2014-06-26 16:04:52 ----AH---- C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2014-06-26 16:04:52 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2014-06-26 16:04:52 ----A---- C:\Windows\SYSWOW64\cmstp.exe
2014-06-26 16:04:52 ----A---- C:\Windows\SYSWOW64\AzSqlExt.dll
2014-06-26 16:04:52 ----A---- C:\Windows\SYSWOW64\audiodev.dll

mr.paratko · #14 Příspěvek od **mr.paratko** » 26 čer 2014 18:36

2014-06-26 16:04:52 ----A---- C:\Windows\SYSWOW64\amstream.dll
2014-06-26 16:04:52 ----A---- C:\Windows\system32\drivers\ataport.sys
2014-06-26 16:04:52 ----A---- C:\Windows\system32\credui.dll
2014-06-26 16:04:52 ----A---- C:\Windows\system32\cmd.exe
2014-06-26 16:04:52 ----A---- C:\Windows\system32\batmeter.dll
2014-06-26 16:04:52 ----A---- C:\Windows\system32\amstream.dll
2014-06-26 16:04:52 ----A---- C:\Windows\system32\aitagent.exe
2014-06-26 16:04:51 ----A---- C:\Windows\SYSWOW64\fphc.dll
2014-06-26 16:04:51 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2014-06-26 16:04:51 ----A---- C:\Windows\SYSWOW64\dsuiext.dll
2014-06-26 16:04:51 ----A---- C:\Windows\SYSWOW64\diskraid.exe
2014-06-26 16:04:51 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-06-26 16:04:51 ----A---- C:\Windows\SYSWOW64\bitsadmin.exe
2014-06-26 16:04:51 ----A---- C:\Windows\SYSWOW64\azroles.dll
2014-06-26 16:04:51 ----A---- C:\Windows\SYSWOW64\autoplay.dll
2014-06-26 16:04:51 ----A---- C:\Windows\SYSWOW64\autofmt.exe
2014-06-26 16:04:51 ----A---- C:\Windows\system32\hbaapi.dll
2014-06-26 16:04:51 ----A---- C:\Windows\system32\framedynos.dll
2014-06-26 16:04:51 ----A---- C:\Windows\system32\framedyn.dll
2014-06-26 16:04:51 ----A---- C:\Windows\system32\fdProxy.dll
2014-06-26 16:04:51 ----A---- C:\Windows\system32\eapphost.dll
2014-06-26 16:04:51 ----A---- C:\Windows\system32\eappgnui.dll
2014-06-26 16:04:51 ----A---- C:\Windows\system32\eapp3hst.dll
2014-06-26 16:04:51 ----A---- C:\Windows\system32\dxmasf.dll
2014-06-26 16:04:51 ----A---- C:\Windows\system32\dxdiagn.dll
2014-06-26 16:04:51 ----A---- C:\Windows\system32\bitsperf.dll
2014-06-26 16:04:51 ----A---- C:\Windows\system32\AzSqlExt.dll
2014-06-26 16:04:51 ----A---- C:\Windows\system32\azroles.dll
2014-06-26 16:04:51 ----A---- C:\Windows\system32\autoconv.exe
2014-06-26 16:04:51 ----A---- C:\Windows\system32\audiosrv.dll
2014-06-26 16:04:51 ----A---- C:\Windows\system32\AudioSes.dll
2014-06-26 16:04:51 ----A---- C:\Windows\system32\audiodg.exe
2014-06-26 16:04:50 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-06-26 16:04:50 ----A---- C:\Windows\SYSWOW64\tsmf.dll
2014-06-26 16:04:50 ----A---- C:\Windows\SYSWOW64\tlscsp.dll
2014-06-26 16:04:50 ----A---- C:\Windows\SYSWOW64\sxs.dll
2014-06-26 16:04:50 ----A---- C:\Windows\SYSWOW64\sscore.dll
2014-06-26 16:04:50 ----A---- C:\Windows\SYSWOW64\spopk.dll
2014-06-26 16:04:50 ----A---- C:\Windows\SYSWOW64\DShowRdpFilter.dll
2014-06-26 16:04:50 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-06-26 16:04:50 ----A---- C:\Windows\SYSWOW64\dot3msm.dll
2014-06-26 16:04:50 ----A---- C:\Windows\SYSWOW64\dot3api.dll
2014-06-26 16:04:50 ----A---- C:\Windows\SYSWOW64\dfrgui.exe
2014-06-26 16:04:50 ----A---- C:\Windows\SYSWOW64\DeviceCenter.dll
2014-06-26 16:04:50 ----A---- C:\Windows\system32\user32.dll
2014-06-26 16:04:50 ----A---- C:\Windows\system32\unimdmat.dll
2014-06-26 16:04:50 ----A---- C:\Windows\system32\taskeng.exe
2014-06-26 16:04:50 ----A---- C:\Windows\system32\taskcomp.dll
2014-06-26 16:04:50 ----A---- C:\Windows\system32\TabSvc.dll
2014-06-26 16:04:50 ----A---- C:\Windows\system32\sud.dll
2014-06-26 16:04:50 ----A---- C:\Windows\system32\ssText3d.scr
2014-06-26 16:04:50 ----A---- C:\Windows\system32\spwmp.dll
2014-06-26 16:04:50 ----A---- C:\Windows\system32\sppobjs.dll
2014-06-26 16:04:50 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2014-06-26 16:04:50 ----A---- C:\Windows\system32\drivers\termdd.sys
2014-06-26 16:04:50 ----A---- C:\Windows\system32\dpx.dll
2014-06-26 16:04:50 ----A---- C:\Windows\system32\dps.dll
2014-06-26 16:04:50 ----A---- C:\Windows\system32\djoin.exe
2014-06-26 16:04:50 ----A---- C:\Windows\system32\dfshim.dll
2014-06-26 16:04:49 ----A---- C:\Windows\SYSWOW64\syssetup.dll
2014-06-26 16:04:49 ----A---- C:\Windows\SYSWOW64\syncui.dll
2014-06-26 16:04:49 ----A---- C:\Windows\system32\WMVCORE.DLL
2014-06-26 16:04:49 ----A---- C:\Windows\system32\wmploc.DLL
2014-06-26 16:04:49 ----A---- C:\Windows\system32\wmp.dll
2014-06-26 16:04:48 ----A---- C:\Windows\SYSWOW64\xpsservices.dll
2014-06-26 16:04:48 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2014-06-26 16:04:48 ----A---- C:\Windows\SYSWOW64\wpdwcn.dll
2014-06-26 16:04:48 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-06-26 16:04:48 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2014-06-26 16:04:48 ----A---- C:\Windows\SYSWOW64\wlanpref.dll
2014-06-26 16:04:48 ----A---- C:\Windows\SYSWOW64\wlangpui.dll
2014-06-26 16:04:48 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2014-06-26 16:04:48 ----A---- C:\Windows\system32\xpsservices.dll
2014-06-26 16:04:48 ----A---- C:\Windows\system32\wshbth.dll
2014-06-26 16:04:48 ----A---- C:\Windows\system32\wmpmde.dll
2014-06-26 16:04:48 ----A---- C:\Windows\system32\Wldap32.dll
2014-06-26 16:04:48 ----A---- C:\Windows\system32\wlanui.dll
2014-06-26 16:04:48 ----A---- C:\Windows\system32\wlanpref.dll
2014-06-26 16:04:48 ----A---- C:\Windows\system32\wisptis.exe
2014-06-26 16:04:48 ----A---- C:\Windows\system32\winsta.dll
2014-06-26 16:04:48 ----A---- C:\Windows\system32\WinSATAPI.dll
2014-06-26 16:04:48 ----A---- C:\Windows\system32\vdsbas.dll
2014-06-26 16:04:48 ----A---- C:\Windows\system32\drivers\volmgr.sys
2014-06-26 16:04:47 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2014-06-26 16:04:47 ----A---- C:\Windows\SYSWOW64\vpnikeapi.dll
2014-06-26 16:04:47 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2014-06-26 16:04:47 ----A---- C:\Windows\SYSWOW64\resutils.dll
2014-06-26 16:04:47 ----A---- C:\Windows\SYSWOW64\regapi.dll
2014-06-26 16:04:47 ----A---- C:\Windows\SYSWOW64\rdpencom.dll
2014-06-26 16:04:47 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2014-06-26 16:04:47 ----A---- C:\Windows\SYSWOW64\prncache.dll
2014-06-26 16:04:47 ----A---- C:\Windows\SYSWOW64\printui.dll
2014-06-26 16:04:47 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2014-06-26 16:04:47 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2014-06-26 16:04:47 ----A---- C:\Windows\SYSWOW64\PkgMgr.exe
2014-06-26 16:04:47 ----A---- C:\Windows\SYSWOW64\perfts.dll
2014-06-26 16:04:47 ----A---- C:\Windows\SYSWOW64\OobeFldr.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\WavDest.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\setupcl.exe
2014-06-26 16:04:47 ----A---- C:\Windows\system32\SessEnv.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\remotepg.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\ReAgent.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\rdpd3d.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\rasppp.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2014-06-26 16:04:47 ----A---- C:\Windows\system32\QSHVHOST.DLL
2014-06-26 16:04:47 ----A---- C:\Windows\system32\qasf.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\puiobj.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\provsvc.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\prnfldr.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\PresentationHost.exe
2014-06-26 16:04:47 ----A---- C:\Windows\system32\powercpl.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\pla.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\PkgMgr.exe
2014-06-26 16:04:47 ----A---- C:\Windows\system32\photowiz.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\pdh.dll
2014-06-26 16:04:47 ----A---- C:\Windows\system32\drivers\raspptp.sys
2014-06-26 16:04:47 ----A---- C:\Windows\system32\drivers\pci.sys
2014-06-26 16:04:47 ----A---- C:\Windows\system32\drivers\pacer.sys
2014-06-26 16:04:46 ----A---- C:\Windows\SYSWOW64\sisbkup.dll
2014-06-26 16:04:46 ----A---- C:\Windows\SYSWOW64\shwebsvc.dll
2014-06-26 16:04:46 ----A---- C:\Windows\SYSWOW64\shunimpl.dll
2014-06-26 16:04:46 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2014-06-26 16:04:46 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-06-26 16:04:46 ----A---- C:\Windows\SYSWOW64\scansetting.dll
2014-06-26 16:04:46 ----A---- C:\Windows\SYSWOW64\runonce.exe
2014-06-26 16:04:46 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2014-06-26 16:04:46 ----A---- C:\Windows\system32\shimgvw.dll
2014-06-26 16:04:46 ----A---- C:\Windows\system32\shgina.dll
2014-06-26 16:04:46 ----A---- C:\Windows\system32\secproc.dll
2014-06-26 16:04:46 ----A---- C:\Windows\system32\scavengeui.dll
2014-06-26 16:04:46 ----A---- C:\Windows\system32\samsrv.dll
2014-06-26 16:04:46 ----A---- C:\Windows\system32\samcli.dll
2014-06-26 16:04:46 ----A---- C:\Windows\system32\RMActivate.exe
2014-06-26 16:04:46 ----A---- C:\Windows\system32\drivers\rmcast.sys
2014-06-26 16:04:45 ----A---- C:\Windows\SYSWOW64\shgina.dll
2014-06-26 16:04:45 ----A---- C:\Windows\SYSWOW64\sethc.exe
2014-06-26 16:04:45 ----A---- C:\Windows\SYSWOW64\SensorsCpl.dll
2014-06-26 16:04:45 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-06-26 16:04:45 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2014-06-26 16:04:45 ----A---- C:\Windows\SYSWOW64\msdmo.dll
2014-06-26 16:04:45 ----A---- C:\Windows\SYSWOW64\mscms.dll
2014-06-26 16:04:45 ----A---- C:\Windows\system32\slwga.dll
2014-06-26 16:04:45 ----A---- C:\Windows\system32\sisbkup.dll
2014-06-26 16:04:45 ----A---- C:\Windows\system32\shsetup.dll
2014-06-26 16:04:45 ----A---- C:\Windows\system32\sethc.exe
2014-06-26 16:04:45 ----A---- C:\Windows\system32\RpcRtRemote.dll
2014-06-26 16:04:45 ----A---- C:\Windows\system32\msconfig.exe
2014-06-26 16:04:45 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2014-06-26 16:04:44 ----A---- C:\Windows\SYSWOW64\wmpshell.dll
2014-06-26 16:04:44 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2014-06-26 16:04:44 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-06-26 16:04:44 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2014-06-26 16:04:44 ----A---- C:\Windows\SYSWOW64\wkscli.dll
2014-06-26 16:04:44 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-06-26 16:04:44 ----A---- C:\Windows\SYSWOW64\WinSATAPI.dll
2014-06-26 16:04:44 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2014-06-26 16:04:44 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2014-06-26 16:04:44 ----A---- C:\Windows\system32\wmpshell.dll
2014-06-26 16:04:44 ----A---- C:\Windows\system32\wmpps.dll
2014-06-26 16:04:44 ----A---- C:\Windows\system32\WMPEncEn.dll
2014-06-26 16:04:44 ----A---- C:\Windows\system32\wmicmiplugin.dll
2014-06-26 16:04:44 ----A---- C:\Windows\system32\wksprt.exe
2014-06-26 16:04:43 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-06-26 16:04:43 ----A---- C:\Windows\SYSWOW64\azroleui.dll
2014-06-26 16:04:43 ----A---- C:\Windows\SYSWOW64\autoconv.exe
2014-06-26 16:04:43 ----A---- C:\Windows\system32\TSpkg.dll
2014-06-26 16:04:43 ----A---- C:\Windows\system32\azroleui.dll
2014-06-26 16:04:43 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2014-06-26 16:04:42 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-06-26 16:04:41 ----A---- C:\Windows\system32\sxs.dll
2014-06-26 16:04:41 ----A---- C:\Windows\system32\stobject.dll
2014-06-26 16:04:41 ----A---- C:\Windows\system32\sscore.dll
2014-06-26 16:04:40 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2014-06-26 16:04:40 ----A---- C:\Windows\SYSWOW64\sqmapi.dll
2014-06-26 16:04:40 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-06-26 16:04:40 ----A---- C:\Windows\system32\tapisrv.dll
2014-06-26 16:04:40 ----A---- C:\Windows\system32\srvsvc.dll
2014-06-26 16:04:40 ----A---- C:\Windows\system32\sqlsrv32.dll
2014-06-26 16:04:40 ----A---- C:\Windows\system32\spwizres.dll
2014-06-26 16:04:40 ----A---- C:\Windows\system32\spwizeng.dll
2014-06-26 16:04:40 ----A---- C:\Windows\system32\sppc.dll
2014-06-26 16:04:40 ----A---- C:\Windows\system32\spbcd.dll
2014-06-26 16:04:39 ----A---- C:\Windows\SYSWOW64\thumbcache.dll
2014-06-26 16:04:39 ----A---- C:\Windows\SYSWOW64\termmgr.dll
2014-06-26 16:04:39 ----A---- C:\Windows\SYSWOW64\taskmgr.exe
2014-06-26 16:04:39 ----A---- C:\Windows\system32\themeui.dll
2014-06-26 16:04:39 ----A---- C:\Windows\system32\termmgr.dll
2014-06-26 16:04:39 ----A---- C:\Windows\system32\systemcpl.dll
2014-06-26 16:04:39 ----A---- C:\Windows\system32\drivers\tdi.sys
2014-06-26 16:04:34 ----A---- C:\Windows\SYSWOW64\OpcServices.dll
2014-06-26 16:04:32 ----A---- C:\Windows\system32\onexui.dll
2014-06-26 16:04:31 ----A---- C:\Windows\SYSWOW64\PhotoScreensaver.scr
2014-06-26 16:04:31 ----A---- C:\Windows\system32\onex.dll
2014-06-26 16:04:30 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2014-06-26 16:04:30 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2014-06-26 16:04:30 ----A---- C:\Windows\system32\seclogon.dll
2014-06-26 16:04:30 ----A---- C:\Windows\system32\sdrsvc.dll
2014-06-26 16:04:30 ----A---- C:\Windows\system32\sdengin2.dll
2014-06-26 16:04:30 ----A---- C:\Windows\system32\sdclt.exe
2014-06-26 16:04:30 ----A---- C:\Windows\system32\prntvpt.dll
2014-06-26 16:04:30 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2014-06-26 16:04:30 ----A---- C:\Windows\system32\nshipsec.dll
2014-06-26 16:04:30 ----A---- C:\Windows\system32\networkexplorer.dll
2014-06-26 16:04:29 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-06-26 16:04:29 ----A---- C:\Windows\SYSWOW64\wshirda.dll
2014-06-26 16:04:29 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2014-06-26 16:04:29 ----A---- C:\Windows\SYSWOW64\wsdchngr.dll
2014-06-26 16:04:29 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2014-06-26 16:04:29 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-06-26 16:04:29 ----A---- C:\Windows\SYSWOW64\Query.dll
2014-06-26 16:04:29 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2014-06-26 16:04:29 ----A---- C:\Windows\system32\wshirda.dll
2014-06-26 16:04:29 ----A---- C:\Windows\system32\wscapi.dll
2014-06-26 16:04:29 ----A---- C:\Windows\system32\wpdbusenum.dll
2014-06-26 16:04:29 ----A---- C:\Windows\system32\wpccpl.dll
2014-06-26 16:04:29 ----A---- C:\Windows\system32\rpcss.dll
2014-06-26 16:04:29 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-06-26 16:04:29 ----A---- C:\Windows\system32\repair-bde.exe
2014-06-26 16:04:29 ----A---- C:\Windows\system32\recdisc.exe
2014-06-26 16:04:29 ----A---- C:\Windows\system32\rdpencom.dll
2014-06-26 16:04:29 ----A---- C:\Windows\system32\rdpcfgex.dll
2014-06-26 16:04:29 ----A---- C:\Windows\system32\qedit.dll
2014-06-26 16:04:29 ----A---- C:\Windows\system32\qcap.dll
2014-06-26 16:04:29 ----A---- C:\Windows\system32\networkmap.dll
2014-06-26 16:04:29 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2014-06-26 16:04:28 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-06-26 16:04:28 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-06-26 16:04:28 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-06-26 16:04:28 ----A---- C:\Windows\SYSWOW64\netdiagfx.dll
2014-06-26 16:04:28 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2014-06-26 16:04:28 ----A---- C:\Windows\SYSWOW64\net1.exe
2014-06-26 16:04:28 ----A---- C:\Windows\SYSWOW64\NaturalLanguage6.dll
2014-06-26 16:04:28 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2014-06-26 16:04:28 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2014-06-26 16:04:28 ----A---- C:\Windows\SYSWOW64\msutb.dll
2014-06-26 16:04:28 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2014-06-26 16:04:28 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-06-26 16:04:28 ----A---- C:\Windows\system32\secproc_isv.dll
2014-06-26 16:04:28 ----A---- C:\Windows\system32\netdiagfx.dll
2014-06-26 16:04:28 ----A---- C:\Windows\system32\nci.dll
2014-06-26 16:04:28 ----A---- C:\Windows\system32\Narrator.exe
2014-06-26 16:04:28 ----A---- C:\Windows\system32\msinfo32.exe
2014-06-26 16:04:28 ----A---- C:\Windows\system32\lsm.exe
2014-06-26 16:04:28 ----A---- C:\Windows\system32\localsec.dll
2014-06-26 16:04:28 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2014-06-26 16:04:28 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2014-06-26 16:04:28 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-06-26 16:04:28 ----A---- C:\Windows\system32\drivers\msrpc.sys
2014-06-26 16:04:28 ----A---- C:\Windows\system32\drivers\ks.sys
2014-06-26 16:04:28 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\vfwwdm32.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\vdsbas.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\VAN.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\UserAccountControlSettings.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\MCEWMDRMNDBootstrap.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\luainstall.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\KBDUS.DLL
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\KBDTAJIK.DLL
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\KBDMON.DLL
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\KBDINTAM.DLL
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\KBDINMAR.DLL
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\KBDINHIN.DLL
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\inetmib1.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\defaultlocationcpl.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\cca.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\cabinet.dll
2014-06-26 16:04:27 ----A---- C:\Windows\SYSWOW64\browseui.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\wiavideo.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\wiaservc.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\uxlib.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\userenv.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\usercpl.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\mfreadwrite.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\mcmde.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\mapistub.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\mapi32.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\KBDTUQ.DLL
2014-06-26 16:04:27 ----A---- C:\Windows\system32\KBDLT1.DLL
2014-06-26 16:04:27 ----A---- C:\Windows\system32\KBDINTEL.DLL
2014-06-26 16:04:27 ----A---- C:\Windows\system32\KBDINORI.DLL
2014-06-26 16:04:27 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-06-26 16:04:27 ----A---- C:\Windows\system32\ipsmsnap.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\dwmcore.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\dsuiext.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\dskquoui.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\dnscmmc.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\DiagCpl.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\dfrgui.exe
2014-06-26 16:04:27 ----A---- C:\Windows\system32\ci.dll
2014-06-26 16:04:27 ----A---- C:\Windows\system32\C_ISCII.DLL
2014-06-26 16:04:26 ----A---- C:\Windows\SYSWOW64\ifsutil.dll
2014-06-26 16:04:26 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2014-06-26 16:04:26 ----A---- C:\Windows\SYSWOW64\iasrecst.dll
2014-06-26 16:04:26 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2014-06-26 16:04:26 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-06-26 16:04:26 ----A---- C:\Windows\SYSWOW64\fms.dll
2014-06-26 16:04:26 ----A---- C:\Windows\SYSWOW64\EhStorAPI.dll
2014-06-26 16:04:26 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2014-06-26 16:04:26 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2014-06-26 16:04:26 ----A---- C:\Windows\SYSWOW64\bitsperf.dll
2014-06-26 16:04:26 ----A---- C:\Windows\system32\zipfldr.dll
2014-06-26 16:04:26 ----A---- C:\Windows\system32\ifsutil.dll
2014-06-26 16:04:26 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-06-26 16:04:26 ----A---- C:\Windows\system32\FXSAPI.dll
2014-06-26 16:04:26 ----A---- C:\Windows\system32\fixmapi.exe
2014-06-26 16:04:26 ----A---- C:\Windows\system32\findstr.exe
2014-06-26 16:04:26 ----A---- C:\Windows\system32\fdeploy.dll
2014-06-26 16:04:26 ----A---- C:\Windows\system32\EhStorAPI.dll
2014-06-26 16:04:26 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2014-06-26 16:04:26 ----A---- C:\Windows\system32\cscdll.dll
2014-06-26 16:04:26 ----A---- C:\Windows\system32\cscapi.dll
2014-06-26 16:04:26 ----A---- C:\Windows\system32\credssp.dll
2014-06-26 16:04:26 ----A---- C:\Windows\system32\comctl32.dll
2014-06-26 16:04:26 ----A---- C:\Windows\system32\bitsadmin.exe
2014-06-26 16:00:45 ----D---- C:\Windows\system32\EventProviders
2014-06-26 09:39:03 ----D---- C:\ProgramData\ESET
2014-06-26 09:39:03 ----D---- C:\Program Files\ESET
2014-06-26 09:36:54 ----SHD---- C:\Config.Msi
2014-06-26 09:35:29 ----D---- C:\ProgramData\boost_interprocess
2014-06-26 09:31:19 ----D---- C:\Users\ondra\AppData\Roaming\ESET
2014-06-24 12:44:16 ----D---- C:\Windows\ERUNT
2014-06-24 11:51:52 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-06-24 11:51:23 ----D---- C:\AdwCleaner
2014-06-23 15:07:19 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-06-23 15:04:39 ----D---- C:\ProgramData\Malwarebytes
2014-06-23 15:04:39 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-23 15:04:39 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-06-23 15:04:39 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-06-23 15:04:39 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-06-23 10:47:59 ----D---- C:\Program Files\trend micro
2014-06-23 10:47:56 ----D---- C:\rsit
2014-06-04 16:40:57 ----D---- C:\Program Files (x86)\DOSBox-0.74

======List of files/folders modified in the last 1 month======

2014-06-26 19:31:07 ----D---- C:\Windows\Temp
2014-06-26 19:30:28 ----D---- C:\Windows\system32\catroot
2014-06-26 19:27:37 ----RD---- C:\Program Files (x86)
2014-06-26 19:27:19 ----D---- C:\Program Files (x86)\Google
2014-06-26 19:26:34 ----D---- C:\Windows\System32
2014-06-26 19:26:34 ----D---- C:\Windows\inf
2014-06-26 19:26:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-26 19:20:31 ----D---- C:\Windows\winsxs
2014-06-26 19:19:35 ----D---- C:\Windows\Panther
2014-06-26 19:18:48 ----D---- C:\Windows\system32\config
2014-06-26 19:18:43 ----D---- C:\Windows
2014-06-26 19:16:23 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-06-26 19:16:23 ----D---- C:\Windows\system32\cs-CZ
2014-06-26 19:16:23 ----D---- C:\Program Files\Internet Explorer
2014-06-26 19:16:23 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-26 19:16:21 ----D---- C:\Windows\SYSWOW64\migration
2014-06-26 19:16:21 ----D---- C:\Windows\SYSWOW64\en-US
2014-06-26 19:16:21 ----D---- C:\Windows\SysWOW64
2014-06-26 19:16:21 ----D---- C:\Windows\system32\migration
2014-06-26 19:16:21 ----D---- C:\Windows\system32\en-US
2014-06-26 19:16:21 ----D---- C:\Windows\PolicyDefinitions
2014-06-26 19:16:19 ----D---- C:\Windows\system32\drivers
2014-06-26 19:16:19 ----D---- C:\Windows\AppPatch
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\zh-TW
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\zh-HK
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\zh-CN
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\tr-TR
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\sv-SE
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\ru-RU
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\pt-PT
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\pt-BR
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\pl-PL
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\nl-NL
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\nb-NO
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\ko-KR
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\ja-JP
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\it-IT
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\hu-HU
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\fr-FR
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\fi-FI
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\es-ES
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\el-GR
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\de-DE
2014-06-26 19:16:18 ----D---- C:\Windows\SYSWOW64\da-DK
2014-06-26 19:16:17 ----D---- C:\Windows\system32\zh-TW
2014-06-26 19:16:17 ----D---- C:\Windows\system32\zh-HK
2014-06-26 19:16:17 ----D---- C:\Windows\system32\zh-CN
2014-06-26 19:16:17 ----D---- C:\Windows\system32\tr-TR
2014-06-26 19:16:17 ----D---- C:\Windows\system32\sv-SE
2014-06-26 19:16:17 ----D---- C:\Windows\system32\ru-RU
2014-06-26 19:16:17 ----D---- C:\Windows\system32\pt-PT
2014-06-26 19:16:17 ----D---- C:\Windows\system32\pt-BR
2014-06-26 19:16:17 ----D---- C:\Windows\system32\pl-PL
2014-06-26 19:16:17 ----D---- C:\Windows\system32\nl-NL
2014-06-26 19:16:17 ----D---- C:\Windows\system32\nb-NO
2014-06-26 19:16:17 ----D---- C:\Windows\system32\ko-KR
2014-06-26 19:16:17 ----D---- C:\Windows\system32\ja-JP
2014-06-26 19:16:17 ----D---- C:\Windows\system32\it-IT
2014-06-26 19:16:17 ----D---- C:\Windows\system32\hu-HU
2014-06-26 19:16:17 ----D---- C:\Windows\system32\fr-FR
2014-06-26 19:16:17 ----D---- C:\Windows\system32\fi-FI
2014-06-26 19:16:17 ----D---- C:\Windows\system32\es-ES
2014-06-26 19:16:17 ----D---- C:\Windows\system32\el-GR
2014-06-26 19:16:17 ----D---- C:\Windows\system32\de-DE
2014-06-26 19:16:17 ----D---- C:\Windows\system32\da-DK
2014-06-26 19:14:00 ----D---- C:\Users\ondra\AppData\Roaming\TS3Client
2014-06-26 19:14:00 ----D---- C:\Users\ondra\AppData\Roaming\DAEMON Tools Lite
2014-06-26 19:14:00 ----D---- C:\Program Files (x86)\Steam
2014-06-26 19:13:59 ----D---- C:\Program Files (x86)\PDFCreator
2014-06-26 19:13:23 ----D---- C:\Windows\Minidump
2014-06-26 19:13:23 ----D---- C:\Windows\Logs
2014-06-26 19:13:23 ----D---- C:\Windows\debug
2014-06-26 18:28:05 ----D---- C:\Windows\system32\catroot2
2014-06-26 18:20:49 ----SHD---- C:\System Volume Information
2014-06-26 18:20:46 ----D---- C:\Windows\system32\Tasks
2014-06-26 18:20:39 ----RD---- C:\Program Files
2014-06-26 17:21:48 ----D---- C:\Windows\Microsoft.NET
2014-06-26 17:21:16 ----RSD---- C:\Windows\assembly
2014-06-26 16:58:27 ----D---- C:\Windows\system32\DriverStore
2014-06-26 16:54:34 ----D---- C:\Program Files (x86)\Windows Sidebar
2014-06-26 16:54:34 ----D---- C:\Program Files (x86)\Windows Portable Devices
2014-06-26 16:54:34 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2014-06-26 16:54:34 ----D---- C:\Program Files (x86)\Windows Media Player
2014-06-26 16:54:34 ----D---- C:\Program Files (x86)\Windows Mail
2014-06-26 16:54:33 ----D---- C:\Program Files\Windows Sidebar
2014-06-26 16:54:33 ----D---- C:\Program Files\Windows Portable Devices
2014-06-26 16:54:33 ----D---- C:\Program Files\Windows Photo Viewer
2014-06-26 16:54:33 ----D---- C:\Program Files\Windows Media Player
2014-06-26 16:54:33 ----D---- C:\Program Files\Windows Mail
2014-06-26 16:54:33 ----D---- C:\Program Files\Windows Journal
2014-06-26 16:54:33 ----D---- C:\Program Files\DVD Maker
2014-06-26 16:54:29 ----D---- C:\Windows\servicing
2014-06-26 16:54:29 ----D---- C:\Program Files\Windows Defender
2014-06-26 16:54:29 ----D---- C:\Program Files\Common Files\System
2014-06-26 16:54:28 ----D---- C:\Windows\ehome
2014-06-26 16:54:25 ----D---- C:\Windows\SYSWOW64\Setup
2014-06-26 16:54:25 ----D---- C:\Windows\SYSWOW64\oobe
2014-06-26 16:54:25 ----D---- C:\Windows\SYSWOW64\cs
2014-06-26 16:54:25 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2014-06-26 16:54:19 ----D---- C:\Windows\SYSWOW64\wbem
2014-06-26 16:54:19 ----D---- C:\Windows\SYSWOW64\sppui
2014-06-26 16:54:19 ----D---- C:\Windows\SYSWOW64\manifeststore
2014-06-26 16:54:18 ----D---- C:\Windows\SYSWOW64\migwiz
2014-06-26 16:54:18 ----D---- C:\Windows\SYSWOW64\Dism
2014-06-26 16:54:07 ----D---- C:\Windows\system32\oobe
2014-06-26 16:54:06 ----D---- C:\Windows\system32\Setup
2014-06-26 16:54:06 ----D---- C:\Windows\system32\cs
2014-06-26 16:54:06 ----D---- C:\Windows\system32\AdvancedInstallers
2014-06-26 16:54:04 ----D---- C:\Windows\system32\wbem
2014-06-26 16:54:04 ----D---- C:\Windows\system32\sppui
2014-06-26 16:54:04 ----D---- C:\Windows\system32\manifeststore
2014-06-26 16:54:04 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-06-26 16:54:03 ----D---- C:\Windows\system32\migwiz
2014-06-26 16:54:03 ----D---- C:\Windows\system32\Dism
2014-06-26 16:53:42 ----RSD---- C:\Windows\Fonts
2014-06-26 16:53:26 ----D---- C:\Windows\system32\Boot
2014-06-26 16:40:09 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2014-06-26 16:40:09 ----A---- C:\Windows\system32\msclmd.dll
2014-06-26 09:39:39 ----SHD---- C:\Windows\Installer
2014-06-26 09:39:03 ----HD---- C:\ProgramData
2014-06-26 09:30:59 ----D---- C:\Windows\Prefetch
2014-06-25 00:04:54 ----D---- C:\Users\ondra\AppData\Roaming\vlc
2014-06-23 10:04:55 ----D---- C:\Windows\Downloaded Program Files
2014-06-15 16:14:21 ----D---- C:\ProgramData\Microsoft Help
2014-06-13 09:17:32 ----D---- C:\Windows\system32\MRT
2014-06-13 09:14:43 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-09-22 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2013-01-14 90056]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2013-02-19 141064]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2013-03-11 331144]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-04-21 6406144]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-21 188928]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2013-09-21 3060800]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-22 2356000]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2010-04-21 10322848]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-11 316464]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-07 124944]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-03-05 335400]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-02-14 102440]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-01-13 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-01 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-13 21544]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 57840]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-04-21 10322848]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-21 202752]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-03-26 920352]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2013-09-12 1337752]
R2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-21 116648]
R2 hasplms;Sentinel Local License Manager; C:\Windows\system32\hasplms.exe [2013-01-11 4466120]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 lmadmin;lmadmin; C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe [2011-08-05 6587728]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-12-06 75136]
R2 QipGuard;QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [2012-11-26 417904]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-09-12 5071712]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R2 XMouseButton Launcher;XMouseButton Launcher; C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe [2012-06-23 87040]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-03-08 1044816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-09-26 1030600]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-21 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-26 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-15 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-22 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#15 Příspěvek od **JaRon** » 27 čer 2014 06:07

je to v poriadku

VIRY.CZ

Vir Policie ČR...

Vir Policie ČR...

Re: Vir Policie ČR...

Re: Vir Policie ČR...

Re: Vir Policie ČR...

Re: Vir Policie ČR...

Re: Vir Policie ČR...

Re: Vir Policie ČR...

Re: Vir Policie ČR...

Re: Vir Policie ČR...

Re: Vir Policie ČR...

Re: Vir Policie ČR...

Re: Vir Policie ČR...

Re: Vir Policie ČR...

Re: Vir Policie ČR...

Re: Vir Policie ČR...