Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivka

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
toox
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 274
Registrován: 28 dub 2008 18:06
Bydliště: Tromaville

Preventivka

#1 Příspěvek od toox »

Jen preventivní kontrola..přikládám log


Logfile of random's system information tool 1.09 (written by random/random)
Run by Honza at 2013-03-13 11:14:51
Microsoft Windows 7 Home Premium
System drive C: has 774 GB (81%) free of 954 GB
Total RAM: 4087 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:14:57, on 13.3.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-13a79411598-525497723-484556184-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1379411598-525497723-484556184-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7183 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\SysWOW64\PnkBstrA.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-11ebb3fb-aecb-4490-b1e1-8d543d85d4e7 -SystemEventPortName:HostProcess-6bd34752-8687-4671-914c-48075ac82a81 -IoCancelEventPortName:HostProcess-b03d651a-0369-4aea-9931-e06144d7d4f3 -NonStateChangingEventPortName:HostProcess-d5ebf498-fa1c-411f-81cd-7bbd35bda9bf -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8f9384e4-7ffe-4b1e-bbcc-f8df47fb4b6c -DeviceGroupId:WpdFsGroup
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Defraggler\Defraggler64.exe"
"C:\Users\Honza\Desktop\RSITx64.exe"
"C:\Users\Honza\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\x2ba2wy3.default

prefs.js - "browser.startup.homepage" - "https://facebook.com/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.15.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-02-24 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-02-24 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-14 2255360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-13 11:14:51 ----D---- C:\rsit
2013-03-13 11:14:51 ----D---- C:\Program Files\trend micro
2013-03-09 20:22:36 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-03-08 18:34:16 ----D---- C:\Program Files\Microsoft IntelliType Pro
2013-03-08 16:44:22 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-26 21:49:47 ----D---- C:\Windows\Sun
2013-02-24 12:56:06 ----RD---- C:\Users\Honza\AppData\Roaming\.minecraft
2013-02-24 12:56:04 ----D---- C:\ProgramData\Sun
2013-02-24 12:55:57 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-02-24 12:55:56 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-02-24 12:55:56 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-02-24 12:55:51 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-02-24 12:55:51 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-02-24 12:55:51 ----A---- C:\Windows\SYSWOW64\java.exe
2013-02-24 12:55:44 ----D---- C:\Program Files (x86)\Java

======List of files/folders modified in the last 1 month======

2013-03-13 11:14:57 ----D---- C:\Windows\Prefetch
2013-03-13 11:14:54 ----D---- C:\Windows\Temp
2013-03-13 11:14:51 ----RD---- C:\Program Files
2013-03-13 10:48:59 ----D---- C:\Windows\System32
2013-03-13 10:48:59 ----D---- C:\Windows\inf
2013-03-13 10:48:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-13 10:43:49 ----D---- C:\ProgramData\NVIDIA
2013-03-12 23:50:15 ----D---- C:\Windows\SysWOW64
2013-03-12 23:50:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-11 02:36:05 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2013-03-09 20:22:57 ----SHD---- C:\Windows\Installer
2013-03-09 20:22:38 ----D---- C:\Windows\system32\drivers
2013-03-09 20:22:36 ----RD---- C:\Program Files (x86)
2013-03-09 20:22:30 ----SHD---- C:\System Volume Information
2013-03-09 19:27:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-08 18:42:32 ----D---- C:\Windows\system32\config
2013-03-08 18:34:45 ----SD---- C:\Users\Honza\AppData\Roaming\Microsoft
2013-03-08 18:34:44 ----D---- C:\Windows\system32\Tasks
2013-03-08 18:34:34 ----D---- C:\Windows\system32\catroot
2013-03-08 18:34:33 ----D---- C:\Windows\system32\DriverStore
2013-03-08 18:34:27 ----RSD---- C:\Windows\Fonts
2013-03-08 18:32:26 ----D---- C:\Windows\winsxs
2013-03-02 18:49:14 ----D---- C:\Windows\system32\catroot2
2013-02-28 02:08:10 ----D---- C:\Users\Honza\AppData\Roaming\Winamp
2013-02-27 09:29:36 ----D---- C:\Windows
2013-02-24 12:56:04 ----HD---- C:\ProgramData
2013-02-24 12:56:04 ----D---- C:\Program Files (x86)\Common Files
2013-02-24 09:09:43 ----D---- C:\ProgramData\Adobe
2013-02-23 19:49:10 ----D---- C:\Users\Honza\AppData\Roaming\GarenaPlus
2013-02-23 19:49:09 ----D---- C:\ProgramData\GarenaMessenger

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 984144]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 370288]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 59728]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbflt64.sys [2012-09-21 24608]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-27 283200]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-06-21 131688]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 891240]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-10 1258856]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-04 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 253656]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-27 1255736]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Mc_Murphy
VIP in memoriam
VIP in memoriam
Příspěvky: 6706
Registrován: 03 lis 2008 15:55
Bydliště: Plzeň [ZČ]
Kontaktovat uživatele:
Kontaktovat uživatele Mc_Murphy

Re: Preventivka

#2 Příspěvek od Mc_Murphy »

Zdravím. :162:

Log vypadá na havěť čistý, maximálně lze promazat pár zbytečností.

:!: Každopádně si ale nejprve nainstaluj Windows 7 Home Premium Service Pack 1 a pak všechny dostupné aktualizace pro systém!
Až to provedeš, hoď sem nový aktuální log ze RSITu.
Obrázek-Obrázek
Obrázek-Obrázek

  • ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
    • You gave me love, I've found my identity, found my identity.

    I'm moving on, I'm moving on, I'm moving on by the Spirit.
    • You gave me hope, I've found my identity in Christ...
Nahoru
toox
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 274
Registrován: 28 dub 2008 18:06
Bydliště: Tromaville

Re: Preventivka

#3 Příspěvek od toox »

Tak aktualizace proběhla :)

Logfile of random's system information tool 1.09 (written by random/random)
Run by Honza at 2013-03-14 00:06:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 777 GB (81%) free of 954 GB
Total RAM: 4087 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:06:53, on 14.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files\trend micro\Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1379411598-525497723-484556184-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1379411598-525497723-484556184-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7329 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-91235938-9f6f-4097-9660-14ed7a126425 -SystemEventPortName:HostProcess-0e911032-584f-42ac-ba5d-d88f738601ce -IoCancelEventPortName:HostProcess-9c86fc28-b0e6-4cc5-8ca2-ea2c9bfae8e0 -NonStateChangingEventPortName:HostProcess-7f4f1912-e3dc-4773-a0c5-fc491897ef2f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:54e0fcb2-81fa-4cb9-abdb-088a9be78324 -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3764.15a90e00.547188500 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 3764 "\\.\pipe\gecko-crash-server-pipe.3764" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash2636.700B63D8.28451 --host-broker-channel=Flash2636.700B63D8.1212 --host-pid=2636 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=1604.006CF6C0.837288431 --proxy-stub-channel=Flash2636.700B63D8.28451 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
"C:\Users\Honza\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\x2ba2wy3.default

prefs.js - "browser.startup.homepage" - "https://facebook.com/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.15.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-02-24 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-02-24 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-13 23:31:17 ----D---- C:\Windows\system32\SPReview
2013-03-13 23:30:27 ----D---- C:\Windows\system32\EventProviders
2013-03-13 23:27:52 ----A---- C:\Windows\system32\netfxperf.dll
2013-03-13 23:27:52 ----A---- C:\Windows\system32\dfshim.dll
2013-03-13 23:27:47 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2013-03-13 23:27:44 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-03-13 23:27:44 ----A---- C:\Windows\system32\mstscax.dll
2013-03-13 23:27:44 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-03-13 23:27:44 ----A---- C:\Windows\system32\d3d10warp.dll
2013-03-13 23:27:42 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-03-13 23:27:39 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2013-03-13 23:27:39 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2013-03-13 23:27:39 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-03-13 23:27:39 ----A---- C:\Windows\system32\sysmain.dll
2013-03-13 23:27:37 ----A---- C:\Windows\system32\MSVidCtl.dll
2013-03-13 23:27:36 ----A---- C:\Windows\system32\wmp.dll
2013-03-13 23:27:36 ----A---- C:\Windows\system32\tquery.dll
2013-03-13 23:27:35 ----A---- C:\Windows\system32\mssrch.dll
2013-03-13 23:27:35 ----A---- C:\Windows\system32\mscoree.dll
2013-03-13 23:27:35 ----A---- C:\Windows\system32\mmcndmgr.dll
2013-03-13 23:27:35 ----A---- C:\Windows\system32\d2d1.dll
2013-03-13 23:27:34 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-03-13 23:27:34 ----A---- C:\Windows\system32\secproc_isv.dll
2013-03-13 23:27:34 ----A---- C:\Windows\system32\RMActivate_isv.exe
2013-03-13 23:27:34 ----A---- C:\Windows\system32\mf.dll
2013-03-13 23:27:33 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2013-03-13 23:27:33 ----A---- C:\Windows\system32\xpsservices.dll
2013-03-13 23:27:33 ----A---- C:\Windows\system32\secproc.dll
2013-03-13 23:27:33 ----A---- C:\Windows\system32\RMActivate.exe
2013-03-13 23:27:32 ----A---- C:\Windows\SYSWOW64\secproc.dll
2013-03-13 23:27:32 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2013-03-13 23:27:32 ----A---- C:\Windows\system32\rpcrt4.dll
2013-03-13 23:27:31 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2013-03-13 23:27:31 ----A---- C:\Windows\system32\schedsvc.dll
2013-03-13 23:27:31 ----A---- C:\Windows\system32\ole32.dll
2013-03-13 23:27:30 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2013-03-13 23:27:30 ----A---- C:\Windows\system32\spwizui.dll
2013-03-13 23:27:30 ----A---- C:\Windows\system32\esent.dll
2013-03-13 23:27:30 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-03-13 23:27:29 ----A---- C:\Windows\SYSWOW64\mf.dll
2013-03-13 23:27:29 ----A---- C:\Windows\system32\wevtsvc.dll
2013-03-13 23:27:29 ----A---- C:\Windows\system32\taskschd.dll
2013-03-13 23:27:29 ----A---- C:\Windows\system32\RacEngn.dll
2013-03-13 23:27:29 ----A---- C:\Windows\system32\ExplorerFrame.dll
2013-03-13 23:27:29 ----A---- C:\Windows\system32\diagperf.dll
2013-03-13 23:27:28 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2013-03-13 23:27:28 ----A---- C:\Windows\system32\vssapi.dll
2013-03-13 23:27:28 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2013-03-13 23:27:28 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2013-03-13 23:27:27 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2013-03-13 23:27:27 ----A---- C:\Windows\system32\UIRibbon.dll
2013-03-13 23:27:27 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2013-03-13 23:27:27 ----A---- C:\Windows\explorer.exe
2013-03-13 23:27:26 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-03-13 23:27:26 ----A---- C:\Windows\SYSWOW64\esent.dll
2013-03-13 23:27:26 ----A---- C:\Windows\system32\WsmSvc.dll
2013-03-13 23:27:25 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2013-03-13 23:27:25 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2013-03-13 23:27:25 ----A---- C:\Windows\system32\WMVCORE.DLL
2013-03-13 23:27:25 ----A---- C:\Windows\system32\rdpdd.dll
2013-03-13 23:27:25 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2013-03-13 23:27:25 ----A---- C:\Windows\system32\PresentationHost.exe
2013-03-13 23:27:24 ----A---- C:\Windows\SYSWOW64\tquery.dll
2013-03-13 23:27:24 ----A---- C:\Windows\system32\WinSAT.exe
2013-03-13 23:27:24 ----A---- C:\Windows\system32\spreview.exe
2013-03-13 23:27:24 ----A---- C:\Windows\system32\spinstall.exe
2013-03-13 23:27:24 ----A---- C:\Windows\system32\MPSSVC.dll
2013-03-13 23:27:24 ----A---- C:\Windows\system32\CertEnroll.dll
2013-03-13 23:27:23 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-03-13 23:27:23 ----A---- C:\Windows\system32\d3d9.dll
2013-03-13 23:27:22 ----A---- C:\Windows\SYSWOW64\RacEngn.dll
2013-03-13 23:27:22 ----A---- C:\Windows\SYSWOW64\AuthFWSnapin.dll
2013-03-13 23:27:22 ----A---- C:\Windows\system32\SearchFolder.dll
2013-03-13 23:27:22 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-03-13 23:27:22 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2013-03-13 23:27:21 ----A---- C:\Windows\system32\VSSVC.exe
2013-03-13 23:27:21 ----A---- C:\Windows\system32\gpsvc.dll
2013-03-13 23:27:21 ----A---- C:\Windows\system32\FntCache.dll
2013-03-13 23:27:21 ----A---- C:\Windows\system32\dwmcore.dll
2013-03-13 23:27:21 ----A---- C:\Windows\system32\dbgeng.dll
2013-03-13 23:27:20 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-03-13 23:27:20 ----A---- C:\Windows\system32\drivers\http.sys
2013-03-13 23:27:19 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2013-03-13 23:27:19 ----A---- C:\Windows\system32\actxprxy.dll
2013-03-13 23:27:18 ----A---- C:\Windows\SYSWOW64\ole32.dll
2013-03-13 23:27:18 ----A---- C:\Windows\system32\TSWorkspace.dll
2013-03-13 23:27:18 ----A---- C:\Windows\system32\termsrv.dll
2013-03-13 23:27:18 ----A---- C:\Windows\system32\qmgr.dll
2013-03-13 23:27:18 ----A---- C:\Windows\system32\audiosrv.dll
2013-03-13 23:27:17 ----A---- C:\Windows\system32\sqmapi.dll
2013-03-13 23:27:17 ----A---- C:\Windows\system32\mstsc.exe
2013-03-13 23:27:16 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2013-03-13 23:27:16 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2013-03-13 23:27:16 ----A---- C:\Windows\SYSWOW64\explorer.exe
2013-03-13 23:27:16 ----A---- C:\Windows\SYSWOW64\d3d9.dll
2013-03-13 23:27:16 ----A---- C:\Windows\system32\winhttp.dll
2013-03-13 23:27:16 ----A---- C:\Windows\system32\QAGENTRT.DLL
2013-03-13 23:27:16 ----A---- C:\Windows\system32\propsys.dll
2013-03-13 23:27:16 ----A---- C:\Windows\system32\netlogon.dll
2013-03-13 23:27:16 ----A---- C:\Windows\system32\msv1_0.dll
2013-03-13 23:27:16 ----A---- C:\Windows\system32\imapi2fs.dll
2013-03-13 23:27:16 ----A---- C:\Windows\system32\d3d11.dll
2013-03-13 23:27:15 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2013-03-13 23:27:15 ----A---- C:\Windows\system32\werconcpl.dll
2013-03-13 23:27:15 ----A---- C:\Windows\system32\wbengine.exe
2013-03-13 23:27:15 ----A---- C:\Windows\system32\taskeng.exe
2013-03-13 23:27:15 ----A---- C:\Windows\system32\setupapi.dll
2013-03-13 23:27:15 ----A---- C:\Windows\system32\rpcss.dll
2013-03-13 23:27:15 ----A---- C:\Windows\system32\authui.dll
2013-03-13 23:27:14 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-03-13 23:27:14 ----A---- C:\Windows\system32\WSDApi.dll
2013-03-13 23:27:14 ----A---- C:\Windows\system32\user32.dll
2013-03-13 23:27:14 ----A---- C:\Windows\system32\odbc32.dll
2013-03-13 23:27:14 ----A---- C:\Windows\system32\drivers\nvstor.sys
2013-03-13 23:27:13 ----A---- C:\Windows\system32\scavengeui.dll
2013-03-13 23:27:13 ----A---- C:\Windows\system32\drivers\tdx.sys
2013-03-13 23:27:13 ----A---- C:\Windows\system32\drivers\netbt.sys
2013-03-13 23:27:13 ----A---- C:\Windows\system32\dhcpcore.dll
2013-03-13 23:27:13 ----A---- C:\Windows\system32\certmgr.dll
2013-03-13 23:27:12 ----A---- C:\Windows\SYSWOW64\wer.dll
2013-03-13 23:27:12 ----A---- C:\Windows\SYSWOW64\certcli.dll
2013-03-13 23:27:12 ----A---- C:\Windows\system32\tsmf.dll
2013-03-13 23:27:12 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2013-03-13 23:27:12 ----A---- C:\Windows\system32\ncsi.dll
2013-03-13 23:27:12 ----A---- C:\Windows\system32\msdrm.dll
2013-03-13 23:27:12 ----A---- C:\Windows\system32\drivers\nvraid.sys
2013-03-13 23:27:11 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2013-03-13 23:27:11 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2013-03-13 23:27:11 ----A---- C:\Windows\system32\shlwapi.dll
2013-03-13 23:27:11 ----A---- C:\Windows\system32\netshell.dll
2013-03-13 23:27:11 ----A---- C:\Windows\system32\msdtctm.dll
2013-03-13 23:27:11 ----A---- C:\Windows\system32\framedynos.dll
2013-03-13 23:27:10 ----A---- C:\Windows\SYSWOW64\tcpmonui.dll
2013-03-13 23:27:10 ----A---- C:\Windows\system32\ws2_32.dll
2013-03-13 23:27:10 ----A---- C:\Windows\system32\wmicmiplugin.dll
2013-03-13 23:27:10 ----A---- C:\Windows\system32\winlogon.exe
2013-03-13 23:27:10 ----A---- C:\Windows\system32\usp10.dll
2013-03-13 23:27:10 ----A---- C:\Windows\system32\nlasvc.dll
2013-03-13 23:27:10 ----A---- C:\Windows\system32\netcfgx.dll
2013-03-13 23:27:10 ----A---- C:\Windows\system32\lsm.exe
2013-03-13 23:27:10 ----A---- C:\Windows\system32\dxgi.dll
2013-03-13 23:27:10 ----A---- C:\Windows\system32\comdlg32.dll
2013-03-13 23:27:09 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2013-03-13 23:27:09 ----A---- C:\Windows\system32\wmpps.dll
2013-03-13 23:27:09 ----A---- C:\Windows\system32\Query.dll
2013-03-13 23:27:09 ----A---- C:\Windows\system32\mswsock.dll
2013-03-13 23:27:09 ----A---- C:\Windows\system32\drvstore.dll
2013-03-13 23:27:09 ----A---- C:\Windows\system32\drivers\amdsata.sys
2013-03-13 23:27:09 ----A---- C:\Windows\system32\apphelp.dll
2013-03-13 23:27:08 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2013-03-13 23:27:08 ----A---- C:\Windows\SYSWOW64\tsmf.dll
2013-03-13 23:27:08 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2013-03-13 23:27:08 ----A---- C:\Windows\SYSWOW64\dot3api.dll
2013-03-13 23:27:08 ----A---- C:\Windows\system32\wpdshext.dll
2013-03-13 23:27:08 ----A---- C:\Windows\system32\QAGENT.DLL
2013-03-13 23:27:08 ----A---- C:\Windows\system32\BFE.DLL
2013-03-13 23:27:08 ----A---- C:\Windows\system32\azroles.dll
2013-03-13 23:27:07 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2013-03-13 23:27:07 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2013-03-13 23:27:07 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2013-03-13 23:27:07 ----A---- C:\Windows\system32\Vault.dll
2013-03-13 23:27:07 ----A---- C:\Windows\system32\samsrv.dll
2013-03-13 23:27:07 ----A---- C:\Windows\system32\lpksetup.exe
2013-03-13 23:27:07 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2013-03-13 23:27:07 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-03-13 23:27:07 ----A---- C:\Windows\system32\cmd.exe
2013-03-13 23:27:06 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-03-13 23:27:06 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2013-03-13 23:27:06 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-03-13 23:27:06 ----A---- C:\Windows\system32\mssvp.dll
2013-03-13 23:27:05 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-03-13 23:27:05 ----A---- C:\Windows\SYSWOW64\Query.dll
2013-03-13 23:27:05 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2013-03-13 23:27:05 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-03-13 23:27:05 ----A---- C:\Windows\system32\WebClnt.dll
2013-03-13 23:27:05 ----A---- C:\Windows\system32\sxs.dll
2013-03-13 23:27:05 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2013-03-13 23:27:04 ----A---- C:\Windows\system32\Wldap32.dll
2013-03-13 23:27:04 ----A---- C:\Windows\system32\mcbuilder.exe
2013-03-13 23:27:01 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2013-03-13 23:27:01 ----A---- C:\Windows\system32\taskcomp.dll
2013-03-13 23:27:01 ----A---- C:\Windows\system32\mfds.dll
2013-03-13 23:27:00 ----A---- C:\Windows\SYSWOW64\upnp.dll
2013-03-13 23:27:00 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2013-03-13 23:27:00 ----A---- C:\Windows\SYSWOW64\DShowRdpFilter.dll
2013-03-13 23:27:00 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-03-13 23:27:00 ----A---- C:\Windows\system32\pnidui.dll
2013-03-13 23:27:00 ----A---- C:\Windows\system32\ipsmsnap.dll
2013-03-13 23:27:00 ----A---- C:\Windows\system32\hgprint.dll
2013-03-13 23:27:00 ----A---- C:\Windows\system32\drivers\storport.sys
2013-03-13 23:26:59 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2013-03-13 23:26:59 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2013-03-13 23:26:59 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2013-03-13 23:26:59 ----A---- C:\Windows\SYSWOW64\imapi2fs.dll
2013-03-13 23:26:59 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-03-13 23:26:59 ----A---- C:\Windows\system32\webservices.dll
2013-03-13 23:26:59 ----A---- C:\Windows\system32\SessEnv.dll
2013-03-13 23:26:58 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-03-13 23:26:58 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2013-03-13 23:26:58 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2013-03-13 23:26:58 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2013-03-13 23:26:58 ----A---- C:\Windows\system32\winsta.dll
2013-03-13 23:26:58 ----A---- C:\Windows\system32\sqlsrv32.dll
2013-03-13 23:26:58 ----A---- C:\Windows\system32\gdi32.dll
2013-03-13 23:26:58 ----A---- C:\Windows\system32\fveapi.dll
2013-03-13 23:26:58 ----A---- C:\Windows\system32\drivers\msrpc.sys
2013-03-13 23:26:58 ----A---- C:\Windows\system32\dot3api.dll
2013-03-13 23:26:57 ----A---- C:\Windows\SYSWOW64\mcbuilder.exe
2013-03-13 23:26:57 ----A---- C:\Windows\system32\WMNetMgr.dll
2013-03-13 23:26:57 ----A---- C:\Windows\system32\schtasks.exe
2013-03-13 23:26:57 ----A---- C:\Windows\system32\prncache.dll
2013-03-13 23:26:57 ----A---- C:\Windows\system32\mcmde.dll
2013-03-13 23:26:57 ----A---- C:\Windows\system32\drivers\volsnap.sys
2013-03-13 23:26:56 ----A---- C:\Windows\SYSWOW64\xpsservices.dll
2013-03-13 23:26:56 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-03-13 23:26:56 ----A---- C:\Windows\SYSWOW64\userenv.dll
2013-03-13 23:26:56 ----A---- C:\Windows\SYSWOW64\drvstore.dll
2013-03-13 23:26:56 ----A---- C:\Windows\SYSWOW64\certmgr.dll
2013-03-13 23:26:56 ----A---- C:\Windows\system32\wlanpref.dll
2013-03-13 23:26:56 ----A---- C:\Windows\system32\vpnike.dll
2013-03-13 23:26:56 ----A---- C:\Windows\system32\userenv.dll
2013-03-13 23:26:56 ----A---- C:\Windows\system32\drivers\rdbss.sys
2013-03-13 23:26:55 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2013-03-13 23:26:55 ----A---- C:\Windows\system32\photowiz.dll
2013-03-13 23:26:55 ----A---- C:\Windows\system32\IPSECSVC.DLL
2013-03-13 23:26:55 ----A---- C:\Windows\system32\framedyn.dll
2013-03-13 23:26:55 ----A---- C:\Windows\system32\evr.dll
2013-03-13 23:26:55 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2013-03-13 23:26:54 ----A---- C:\Windows\SYSWOW64\cmd.exe
2013-03-13 23:26:54 ----A---- C:\Windows\system32\wmpmde.dll
2013-03-13 23:26:54 ----A---- C:\Windows\system32\WMPEncEn.dll
2013-03-13 23:26:54 ----A---- C:\Windows\system32\wmpeffects.dll
2013-03-13 23:26:54 ----A---- C:\Windows\system32\SyncCenter.dll
2013-03-13 23:26:54 ----A---- C:\Windows\system32\sppobjs.dll
2013-03-13 23:26:54 ----A---- C:\Windows\system32\mfreadwrite.dll
2013-03-13 23:26:54 ----A---- C:\Windows\system32\FXSSVC.exe
2013-03-13 23:26:54 ----A---- C:\Windows\system32\AudioSes.dll
2013-03-13 23:26:54 ----A---- C:\Windows\system32\aepdu.dll
2013-03-13 23:26:53 ----A---- C:\Windows\system32\srvsvc.dll
2013-03-13 23:26:53 ----A---- C:\Windows\system32\shsvcs.dll
2013-03-13 23:26:53 ----A---- C:\Windows\system32\aeinv.dll
2013-03-13 23:26:52 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2013-03-13 23:26:52 ----A---- C:\Windows\system32\fde.dll
2013-03-13 23:26:51 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2013-03-13 23:26:51 ----A---- C:\Windows\SYSWOW64\propsys.dll
2013-03-13 23:26:51 ----A---- C:\Windows\SYSWOW64\mfds.dll
2013-03-13 23:26:51 ----A---- C:\Windows\system32\WinSATAPI.dll
2013-03-13 23:26:51 ----A---- C:\Windows\system32\stobject.dll
2013-03-13 23:26:50 ----A---- C:\Windows\system32\netdiagfx.dll
2013-03-13 23:26:50 ----A---- C:\Windows\system32\localsec.dll
2013-03-13 23:26:50 ----A---- C:\Windows\system32\imapi2.dll
2013-03-13 23:26:50 ----A---- C:\Windows\system32\credui.dll
2013-03-13 23:26:50 ----A---- C:\Windows\system32\cdd.dll
2013-03-13 23:26:50 ----A---- C:\Windows\system32\bcryptprimitives.dll
2013-03-13 23:26:49 ----A---- C:\Windows\SYSWOW64\user32.dll
2013-03-13 23:26:49 ----A---- C:\Windows\system32\netid.dll
2013-03-13 23:26:49 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-03-13 23:26:49 ----A---- C:\Windows\system32\inetpp.dll
2013-03-13 23:26:49 ----A---- C:\Windows\system32\drivers\udfs.sys
2013-03-13 23:26:49 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2013-03-13 23:26:48 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-03-13 23:26:48 ----A---- C:\Windows\SYSWOW64\azroles.dll
2013-03-13 23:26:48 ----A---- C:\Windows\system32\tcpipcfg.dll
2013-03-13 23:26:48 ----A---- C:\Windows\system32\spp.dll
2013-03-13 23:26:48 ----A---- C:\Windows\system32\QSHVHOST.DLL
2013-03-13 23:26:48 ----A---- C:\Windows\system32\davclnt.dll
2013-03-13 23:26:48 ----A---- C:\Windows\system32\biocpl.dll
2013-03-13 23:26:47 ----A---- C:\Windows\system32\msinfo32.exe
2013-03-13 23:26:47 ----A---- C:\Windows\system32\gameux.dll
2013-03-13 23:26:46 ----A---- C:\Windows\SYSWOW64\themeui.dll
2013-03-13 23:26:46 ----A---- C:\Windows\system32\scansetting.dll
2013-03-13 23:26:46 ----A---- C:\Windows\system32\printui.dll
2013-03-13 23:26:46 ----A---- C:\Windows\system32\mspbda.dll
2013-03-13 23:26:45 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-03-13 23:26:45 ----A---- C:\Windows\system32\pla.dll
2013-03-13 23:26:44 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2013-03-13 23:26:44 ----A---- C:\Windows\SYSWOW64\spp.dll
2013-03-13 23:26:44 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-03-13 23:26:44 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2013-03-13 23:26:44 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2013-03-13 23:26:43 ----A---- C:\Windows\system32\wusa.exe
2013-03-13 23:26:43 ----A---- C:\Windows\system32\wiaservc.dll
2013-03-13 23:26:43 ----A---- C:\Windows\system32\vds.exe
2013-03-13 23:26:43 ----A---- C:\Windows\system32\msdri.dll
2013-03-13 23:26:43 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2013-03-13 23:26:43 ----A---- C:\Windows\system32\aitagent.exe
2013-03-13 23:26:42 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2013-03-13 23:26:42 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-03-13 23:26:42 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2013-03-13 23:26:42 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2013-03-13 23:26:42 ----A---- C:\Windows\system32\rpchttp.dll
2013-03-13 23:26:42 ----A---- C:\Windows\system32\mscms.dll
2013-03-13 23:26:42 ----A---- C:\Windows\system32\drivers\pci.sys
2013-03-13 23:26:41 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2013-03-13 23:26:41 ----A---- C:\Windows\SYSWOW64\NaturalLanguage6.dll
2013-03-13 23:26:41 ----A---- C:\Windows\SYSWOW64\evr.dll
2013-03-13 23:26:41 ----A---- C:\Windows\system32\XpsRasterService.dll
2013-03-13 23:26:41 ----A---- C:\Windows\system32\wisptis.exe
2013-03-13 23:26:41 ----A---- C:\Windows\system32\PkgMgr.exe
2013-03-13 23:26:41 ----A---- C:\Windows\system32\ocsetup.exe
2013-03-13 23:26:41 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2013-03-13 23:26:41 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2013-03-13 23:26:41 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-03-13 23:26:40 ----A---- C:\Windows\SYSWOW64\WinSATAPI.dll
2013-03-13 23:26:40 ----A---- C:\Windows\SYSWOW64\calc.exe
2013-03-13 23:26:40 ----A---- C:\Windows\system32\wpdbusenum.dll
2013-03-13 23:26:40 ----A---- C:\Windows\system32\sppwinob.dll
2013-03-13 23:26:40 ----A---- C:\Windows\system32\ocsetapi.dll
2013-03-13 23:26:40 ----A---- C:\Windows\system32\eapp3hst.dll
2013-03-13 23:26:40 ----A---- C:\Windows\system32\DXP.dll
2013-03-13 23:26:40 ----A---- C:\Windows\system32\drivers\volmgr.sys
2013-03-13 23:26:40 ----A---- C:\Windows\system32\ci.dll
2013-03-13 23:26:39 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2013-03-13 23:26:39 ----A---- C:\Windows\SYSWOW64\sqlsrv32.dll
2013-03-13 23:26:39 ----A---- C:\Windows\system32\wcncsvc.dll
2013-03-13 23:26:39 ----A---- C:\Windows\system32\upnp.dll
2013-03-13 23:26:39 ----A---- C:\Windows\system32\Robocopy.exe
2013-03-13 23:26:39 ----A---- C:\Windows\system32\ntshrui.dll
2013-03-13 23:26:39 ----A---- C:\Windows\system32\mprapi.dll
2013-03-13 23:26:39 ----A---- C:\Windows\system32\eapphost.dll
2013-03-13 23:26:39 ----A---- C:\Windows\system32\drivers\msdsm.sys
2013-03-13 23:26:38 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2013-03-13 23:26:38 ----A---- C:\Windows\SYSWOW64\sxs.dll
2013-03-13 23:26:38 ----A---- C:\Windows\SYSWOW64\stobject.dll
2013-03-13 23:26:38 ----A---- C:\Windows\SYSWOW64\netshell.dll
2013-03-13 23:26:38 ----A---- C:\Windows\system32\thumbcache.dll
2013-03-13 23:26:38 ----A---- C:\Windows\system32\t2embed.dll
2013-03-13 23:26:38 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2013-03-13 23:26:38 ----A---- C:\Windows\system32\hal.dll
2013-03-13 23:26:38 ----A---- C:\Windows\system32\DxpTaskSync.dll
2013-03-13 23:26:38 ----A---- C:\Windows\system32\drivers\HpSAMD.sys
2013-03-13 23:26:38 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-03-13 23:26:37 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-03-13 23:26:37 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-03-13 23:26:37 ----A---- C:\Windows\system32\scecli.dll
2013-03-13 23:26:37 ----A---- C:\Windows\system32\puiobj.dll
2013-03-13 23:26:37 ----A---- C:\Windows\system32\nlaapi.dll
2013-03-13 23:26:37 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2013-03-13 23:26:37 ----A---- C:\Windows\system32\msasn1.dll
2013-03-13 23:26:37 ----A---- C:\Windows\system32\iasrad.dll
2013-03-13 23:26:37 ----A---- C:\Windows\system32\dwmredir.dll
2013-03-13 23:26:37 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys
2013-03-13 23:26:37 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2013-03-13 23:26:36 ----A---- C:\Windows\SYSWOW64\prncache.dll
2013-03-13 23:26:36 ----A---- C:\Windows\system32\themeui.dll
2013-03-13 23:26:36 ----A---- C:\Windows\system32\drivers\amdxata.sys
2013-03-13 23:26:35 ----A---- C:\Windows\SYSWOW64\printui.dll
2013-03-13 23:26:35 ----A---- C:\Windows\system32\onex.dll
2013-03-13 23:26:35 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2013-03-13 23:26:34 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2013-03-13 23:26:34 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2013-03-13 23:26:34 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2013-03-13 23:26:34 ----A---- C:\Windows\SYSWOW64\net1.exe
2013-03-13 23:26:34 ----A---- C:\Windows\system32\wdc.dll
2013-03-13 23:26:34 ----A---- C:\Windows\system32\aaclient.dll
2013-03-13 23:26:33 ----A---- C:\Windows\SYSWOW64\scansetting.dll
2013-03-13 23:26:33 ----A---- C:\Windows\system32\wlangpui.dll
2013-03-13 23:26:33 ----A---- C:\Windows\system32\scesrv.dll
2013-03-13 23:26:33 ----A---- C:\Windows\system32\rasmans.dll
2013-03-13 23:26:33 ----A---- C:\Windows\system32\msftedit.dll
2013-03-13 23:26:33 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-03-13 23:26:32 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2013-03-13 23:26:32 ----A---- C:\Windows\SYSWOW64\wlangpui.dll
2013-03-13 23:26:32 ----A---- C:\Windows\SYSWOW64\MMDevAPI.dll
2013-03-13 23:26:32 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-03-13 23:26:32 ----A---- C:\Windows\system32\wscapi.dll
2013-03-13 23:26:32 ----A---- C:\Windows\system32\wiadefui.dll
2013-03-13 23:26:32 ----A---- C:\Windows\system32\VAN.dll
2013-03-13 23:26:32 ----A---- C:\Windows\system32\StructuredQuery.dll
2013-03-13 23:26:32 ----A---- C:\Windows\system32\SndVol.exe
2013-03-13 23:26:32 ----A---- C:\Windows\system32\sdengin2.dll
2013-03-13 23:26:32 ----A---- C:\Windows\system32\samcli.dll
2013-03-13 23:26:32 ----A---- C:\Windows\system32\netcenter.dll
2013-03-13 23:26:32 ----A---- C:\Windows\system32\iasacct.dll
2013-03-13 23:26:32 ----A---- C:\Windows\system32\dskquoui.dll
2013-03-13 23:26:32 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2013-03-13 23:26:31 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2013-03-13 23:26:31 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2013-03-13 23:26:31 ----A---- C:\Windows\SYSWOW64\QSHVHOST.DLL
2013-03-13 23:26:31 ----A---- C:\Windows\SYSWOW64\pnidui.dll
2013-03-13 23:26:31 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-03-13 23:26:31 ----A---- C:\Windows\system32\TabSvc.dll
2013-03-13 23:26:31 ----A---- C:\Windows\system32\srchadmin.dll
2013-03-13 23:26:31 ----A---- C:\Windows\system32\regapi.dll
2013-03-13 23:26:31 ----A---- C:\Windows\system32\QUTIL.DLL
2013-03-13 23:26:31 ----A---- C:\Windows\system32\drivers\termdd.sys
2013-03-13 23:26:31 ----A---- C:\Windows\system32\consent.exe
2013-03-13 23:26:30 ----A---- C:\Windows\SYSWOW64\webservices.dll
2013-03-13 23:26:30 ----A---- C:\Windows\SYSWOW64\SyncCenter.dll
2013-03-13 23:26:30 ----A---- C:\Windows\SYSWOW64\netdiagfx.dll
2013-03-13 23:26:30 ----A---- C:\Windows\SYSWOW64\fde.dll
2013-03-13 23:26:30 ----A---- C:\Windows\system32\wksprt.exe
2013-03-13 23:26:30 ----A---- C:\Windows\system32\taskhost.exe
2013-03-13 23:26:30 ----A---- C:\Windows\system32\setupcl.exe
2013-03-13 23:26:30 ----A---- C:\Windows\system32\rastls.dll
2013-03-13 23:26:30 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2013-03-13 23:26:30 ----A---- C:\Windows\system32\drivers\msahci.sys
2013-03-13 23:26:29 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2013-03-13 23:26:29 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2013-03-13 23:26:29 ----A---- C:\Windows\system32\tapisrv.dll
2013-03-13 23:26:29 ----A---- C:\Windows\system32\netiohlp.dll
2013-03-13 23:26:29 ----A---- C:\Windows\system32\mimefilt.dll
2013-03-13 23:26:29 ----A---- C:\Windows\system32\drivers\raspptp.sys
2013-03-13 23:26:29 ----A---- C:\Windows\system32\drivers\acpi.sys
2013-03-13 23:26:28 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2013-03-13 23:26:28 ----A---- C:\Windows\SYSWOW64\pla.dll
2013-03-13 23:26:28 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2013-03-13 23:26:28 ----A---- C:\Windows\system32\msconfig.exe
2013-03-13 23:26:28 ----A---- C:\Windows\system32\lsmproxy.dll
2013-03-13 23:26:28 ----A---- C:\Windows\system32\ListSvc.dll
2013-03-13 23:26:28 ----A---- C:\Windows\system32\hgcpl.dll
2013-03-13 23:26:28 ----A---- C:\Windows\system32\fdeploy.dll
2013-03-13 23:26:28 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2013-03-13 23:26:28 ----A---- C:\Windows\system32\drivers\ks.sys
2013-03-13 23:26:28 ----A---- C:\Windows\system32\clusapi.dll
2013-03-13 23:26:28 ----A---- C:\Windows\system32\basecsp.dll
2013-03-13 23:26:27 ----A---- C:\Windows\SYSWOW64\winsta.dll
2013-03-13 23:26:27 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2013-03-13 23:26:27 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-03-13 23:26:27 ----A---- C:\Windows\system32\mtxclu.dll
2013-03-13 23:26:27 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2013-03-13 23:26:27 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2013-03-13 23:26:26 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2013-03-13 23:26:26 ----A---- C:\Windows\SYSWOW64\imapi2.dll
2013-03-13 23:26:26 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-03-13 23:26:26 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2013-03-13 23:26:26 ----A---- C:\Windows\system32\riched20.dll
2013-03-13 23:26:26 ----A---- C:\Windows\system32\dnscmmc.dll
2013-03-13 23:26:25 ----A---- C:\Windows\SYSWOW64\WMPEncEn.dll
2013-03-13 23:26:25 ----A---- C:\Windows\SYSWOW64\onex.dll
2013-03-13 23:26:25 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2013-03-13 23:26:25 ----A---- C:\Windows\system32\sharemediacpl.dll
2013-03-13 23:26:25 ----A---- C:\Windows\system32\RpcRtRemote.dll
2013-03-13 23:26:25 ----A---- C:\Windows\system32\powercpl.dll
2013-03-13 23:26:25 ----A---- C:\Windows\system32\logoncli.dll
2013-03-13 23:26:25 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-03-13 23:26:24 ----A---- C:\Windows\SYSWOW64\winmm.dll
2013-03-13 23:26:24 ----A---- C:\Windows\SYSWOW64\shsvcs.dll
2013-03-13 23:26:24 ----A---- C:\Windows\SYSWOW64\samcli.dll
2013-03-13 23:26:24 ----A---- C:\Windows\SYSWOW64\netiohlp.dll
2013-03-13 23:26:24 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2013-03-13 23:26:24 ----A---- C:\Windows\SYSWOW64\autochk.exe
2013-03-13 23:26:24 ----A---- C:\Windows\SYSWOW64\autofmt.exe
2013-03-13 23:26:24 ----A---- C:\Windows\system32\wkssvc.dll
2013-03-13 23:26:24 ----A---- C:\Windows\system32\vpnikeapi.dll
2013-03-13 23:26:24 ----A---- C:\Windows\system32\themecpl.dll
2013-03-13 23:26:24 ----A---- C:\Windows\system32\SensorsCpl.dll
2013-03-13 23:26:24 ----A---- C:\Windows\system32\netjoin.dll
2013-03-13 23:26:24 ----A---- C:\Windows\system32\nci.dll
2013-03-13 23:26:24 ----A---- C:\Windows\system32\Narrator.exe
2013-03-13 23:26:24 ----A---- C:\Windows\system32\Faultrep.dll
2013-03-13 23:26:24 ----A---- C:\Windows\system32\eudcedit.exe
2013-03-13 23:26:23 ----A---- C:\Windows\SYSWOW64\thumbcache.dll
2013-03-13 23:26:23 ----A---- C:\Windows\SYSWOW64\proquota.exe
2013-03-13 23:26:23 ----A---- C:\Windows\SYSWOW64\msutb.dll
2013-03-13 23:26:23 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2013-03-13 23:26:23 ----A---- C:\Windows\SYSWOW64\autoconv.exe
2013-03-13 23:26:23 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2013-03-13 23:26:23 ----A---- C:\Windows\system32\sppcomapi.dll
2013-03-13 23:26:23 ----A---- C:\Windows\system32\comctl32.dll
2013-03-13 23:26:23 ----A---- C:\Windows\system32\cabview.dll
2013-03-13 23:26:23 ----A---- C:\Windows\system32\autochk.exe
2013-03-13 23:26:23 ----A---- C:\Windows\system32\autofmt.exe
2013-03-13 23:26:22 ----A---- C:\Windows\SYSWOW64\tcpipcfg.dll
2013-03-13 23:26:22 ----A---- C:\Windows\SYSWOW64\srchadmin.dll
2013-03-13 23:26:22 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2013-03-13 23:26:22 ----A---- C:\Windows\SYSWOW64\regapi.dll
2013-03-13 23:26:22 ----A---- C:\Windows\SYSWOW64\powercpl.dll
2013-03-13 23:26:22 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2013-03-13 23:26:22 ----A---- C:\Windows\SYSWOW64\mimefilt.dll
2013-03-13 23:26:22 ----A---- C:\Windows\SYSWOW64\ipsmsnap.dll
2013-03-13 23:26:22 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2013-03-13 23:26:22 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2013-03-13 23:26:22 ----A---- C:\Windows\system32\wpd_ci.dll
2013-03-13 23:26:22 ----A---- C:\Windows\system32\shsetup.dll
2013-03-13 23:26:22 ----A---- C:\Windows\system32\sdclt.exe
2013-03-13 23:26:22 ----A---- C:\Windows\system32\nshipsec.dll
2013-03-13 23:26:22 ----A---- C:\Windows\system32\fms.dll
2013-03-13 23:26:22 ----A---- C:\Windows\system32\bcdsrv.dll
2013-03-13 23:26:22 ----A---- C:\Windows\system32\autoconv.exe
2013-03-13 23:26:22 ----A---- C:\Windows\system32\audiodg.exe
2013-03-13 23:26:21 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2013-03-13 23:26:21 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2013-03-13 23:26:21 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2013-03-13 23:26:21 ----A---- C:\Windows\SYSWOW64\AuxiliaryDisplayCpl.dll
2013-03-13 23:26:21 ----A---- C:\Windows\system32\wwanconn.dll
2013-03-13 23:26:21 ----A---- C:\Windows\system32\wlanui.dll
2013-03-13 23:26:21 ----A---- C:\Windows\system32\prntvpt.dll
2013-03-13 23:26:21 ----A---- C:\Windows\system32\mscorier.dll
2013-03-13 23:26:21 ----A---- C:\Windows\system32\drivers\winusb.sys
2013-03-13 23:26:21 ----A---- C:\Windows\system32\drivers\wanarp.sys
2013-03-13 23:26:21 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-03-13 23:26:21 ----A---- C:\Windows\system32\drivers\scsiport.sys
2013-03-13 23:26:20 ----A---- C:\Windows\SYSWOW64\QAGENT.DLL
2013-03-13 23:26:20 ----A---- C:\Windows\SYSWOW64\netid.dll
2013-03-13 23:26:20 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2013-03-13 23:26:20 ----A---- C:\Windows\system32\SmiEngine.dll
2013-03-13 23:26:20 ----A---- C:\Windows\system32\qedit.dll
2013-03-13 23:26:20 ----A---- C:\Windows\system32\mprddm.dll
2013-03-13 23:26:20 ----A---- C:\Windows\system32\fontext.dll
2013-03-13 23:26:20 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2013-03-13 23:26:20 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-03-13 23:26:20 ----A---- C:\Windows\system32\dps.dll
2013-03-13 23:26:20 ----A---- C:\Windows\system32\Display.dll
2013-03-13 23:26:20 ----A---- C:\Windows\system32\credssp.dll
2013-03-13 23:26:20 ----A---- C:\Windows\system32\AxInstSv.dll
2013-03-13 23:26:19 ----A---- C:\Windows\SYSWOW64\wdc.dll
2013-03-13 23:26:19 ----A---- C:\Windows\SYSWOW64\untfs.dll
2013-03-13 23:26:19 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2013-03-13 23:26:19 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2013-03-13 23:26:19 ----A---- C:\Windows\SYSWOW64\rastls.dll
2013-03-13 23:26:19 ----A---- C:\Windows\SYSWOW64\nci.dll
2013-03-13 23:26:19 ----A---- C:\Windows\system32\wmpsrcwp.dll
2013-03-13 23:26:19 ----A---- C:\Windows\system32\mblctr.exe
2013-03-13 23:26:19 ----A---- C:\Windows\system32\batmeter.dll
2013-03-13 23:26:18 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2013-03-13 23:26:18 ----A---- C:\Windows\SYSWOW64\wlanpref.dll
2013-03-13 23:26:18 ----A---- C:\Windows\SYSWOW64\Vault.dll
2013-03-13 23:26:18 ----A---- C:\Windows\SYSWOW64\RpcRtRemote.dll
2013-03-13 23:26:18 ----A---- C:\Windows\SYSWOW64\Robocopy.exe
2013-03-13 23:26:18 ----A---- C:\Windows\system32\usercpl.dll
2013-03-13 23:26:18 ----A---- C:\Windows\system32\rtutils.dll
2013-03-13 23:26:18 ----A---- C:\Windows\system32\provsvc.dll
2013-03-13 23:26:18 ----A---- C:\Windows\system32\DiagCpl.dll
2013-03-13 23:26:18 ----A---- C:\Windows\system32\bootres.dll
2013-03-13 23:26:17 ----A---- C:\Windows\SYSWOW64\taskmgr.exe
2013-03-13 23:26:17 ----A---- C:\Windows\SYSWOW64\DxpTaskSync.dll
2013-03-13 23:26:17 ----A---- C:\Windows\system32\wpccpl.dll
2013-03-13 23:26:17 ----A---- C:\Windows\system32\sppsvc.exe
2013-03-13 23:26:17 ----A---- C:\Windows\system32\SndVolSSO.dll
2013-03-13 23:26:17 ----A---- C:\Windows\system32\rasppp.dll
2013-03-13 23:26:17 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2013-03-13 23:26:16 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2013-03-13 23:26:16 ----A---- C:\Windows\SYSWOW64\userinit.exe
2013-03-13 23:26:16 ----A---- C:\Windows\SYSWOW64\mtxclu.dll
2013-03-13 23:26:16 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2013-03-13 23:26:16 ----A---- C:\Windows\SYSWOW64\Display.dll
2013-03-13 23:26:16 ----A---- C:\Windows\system32\shdocvw.dll
2013-03-13 23:26:16 ----A---- C:\Windows\system32\hbaapi.dll
2013-03-13 23:26:16 ----A---- C:\Windows\system32\dxdiagn.dll
2013-03-13 23:26:16 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2013-03-13 23:26:16 ----A---- C:\Windows\system32\dot3cfg.dll
2013-03-13 23:26:15 ----A---- C:\Windows\SYSWOW64\termmgr.dll
2013-03-13 23:26:15 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2013-03-13 23:26:15 ----A---- C:\Windows\SYSWOW64\eudcedit.exe
2013-03-13 23:26:15 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2013-03-13 23:26:15 ----A---- C:\Windows\system32\taskmgr.exe
2013-03-13 23:26:15 ----A---- C:\Windows\system32\proquota.exe
2013-03-13 23:26:15 ----A---- C:\Windows\system32\prnfldr.dll
2013-03-13 23:26:15 ----A---- C:\Windows\system32\pdh.dll
2013-03-13 23:26:15 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2013-03-13 23:26:15 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2013-03-13 23:26:14 ----A---- C:\Windows\SYSWOW64\wiadefui.dll
2013-03-13 23:26:14 ----A---- C:\Windows\SYSWOW64\sppcomapi.dll
2013-03-13 23:26:14 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2013-03-13 23:26:14 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2013-03-13 23:26:14 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2013-03-13 23:26:14 ----A---- C:\Windows\SYSWOW64\cabview.dll
2013-03-13 23:26:14 ----A---- C:\Windows\system32\userinit.exe
2013-03-13 23:26:14 ----A---- C:\Windows\system32\untfs.dll
2013-03-13 23:26:14 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2013-03-13 23:26:14 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-03-13 23:26:14 ----A---- C:\Windows\system32\accessibilitycpl.dll
2013-03-13 23:26:13 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2013-03-13 23:26:13 ----A---- C:\Windows\SYSWOW64\SensorsCpl.dll
2013-03-13 23:26:13 ----A---- C:\Windows\SYSWOW64\FirewallControlPanel.dll
2013-03-13 23:26:12 ----A---- C:\Windows\SYSWOW64\PhotoScreensaver.scr
2013-03-13 23:26:12 ----A---- C:\Windows\SYSWOW64\hgcpl.dll
2013-03-13 23:26:12 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-03-13 23:26:12 ----A---- C:\Windows\SYSWOW64\dnscmmc.dll
2013-03-13 23:26:12 ----A---- C:\Windows\system32\zipfldr.dll
2013-03-13 23:26:12 ----A---- C:\Windows\system32\slui.exe
2013-03-13 23:26:12 ----A---- C:\Windows\system32\msieftp.dll
2013-03-13 23:26:12 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2013-03-13 23:26:11 ----A---- C:\Windows\SYSWOW64\tapisrv.dll
2013-03-13 23:26:11 ----A---- C:\Windows\SYSWOW64\scecli.dll
2013-03-13 23:26:11 ----A---- C:\Windows\SYSWOW64\mscories.dll
2013-03-13 23:26:11 ----A---- C:\Windows\SYSWOW64\mscms.dll
2013-03-13 23:26:11 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2013-03-13 23:26:11 ----A---- C:\Windows\SYSWOW64\localsec.dll
2013-03-13 23:26:11 ----A---- C:\Windows\SYSWOW64\fontext.dll
2013-03-13 23:26:11 ----A---- C:\Windows\system32\sud.dll
2013-03-13 23:26:11 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-03-13 23:26:11 ----A---- C:\Windows\system32\dot3svc.dll
2013-03-13 23:26:11 ----A---- C:\Windows\system32\DeviceCenter.dll
2013-03-13 23:26:10 ----A---- C:\Windows\SYSWOW64\SndVolSSO.dll
2013-03-13 23:26:10 ----A---- C:\Windows\SYSWOW64\iasacct.dll
2013-03-13 23:26:10 ----A---- C:\Windows\system32\twext.dll
2013-03-13 23:26:10 ----A---- C:\Windows\system32\taskbarcpl.dll
2013-03-13 23:26:10 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2013-03-13 23:26:10 ----A---- C:\Windows\system32\networkmap.dll
2013-03-13 23:26:10 ----A---- C:\Windows\system32\cryptui.dll
2013-03-13 23:26:10 ----A---- C:\Windows\system32\ActionCenter.dll
2013-03-13 23:26:09 ----A---- C:\Windows\SYSWOW64\wlanui.dll
2013-03-13 23:26:09 ----A---- C:\Windows\SYSWOW64\VAN.dll
2013-03-13 23:26:09 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2013-03-13 23:26:09 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2013-03-13 23:26:09 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-03-13 23:26:09 ----A---- C:\Windows\SYSWOW64\prntvpt.dll
2013-03-13 23:26:09 ----A---- C:\Windows\SYSWOW64\PerfCenterCPL.dll
2013-03-13 23:26:09 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2013-03-13 23:26:09 ----A---- C:\Windows\SYSWOW64\batmeter.dll
2013-03-13 23:26:09 ----A---- C:\Windows\system32\OobeFldr.dll
2013-03-13 23:26:09 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-03-13 23:26:09 ----A---- C:\Windows\system32\bcdedit.exe
2013-03-13 23:26:08 ----A---- C:\Windows\SYSWOW64\w32tm.exe
2013-03-13 23:26:08 ----A---- C:\Windows\SYSWOW64\spwizeng.dll
2013-03-13 23:26:08 ----A---- C:\Windows\SYSWOW64\azroleui.dll
2013-03-13 23:26:08 ----A---- C:\Windows\SYSWOW64\accessibilitycpl.dll
2013-03-13 23:26:08 ----A---- C:\Windows\system32\uxlib.dll
2013-03-13 23:26:08 ----A---- C:\Windows\system32\tzutil.exe
2013-03-13 23:26:08 ----A---- C:\Windows\system32\sisbkup.dll
2013-03-13 23:26:08 ----A---- C:\Windows\system32\recovery.dll
2013-03-13 23:26:08 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2013-03-13 23:26:08 ----A---- C:\Windows\system32\isoburn.exe
2013-03-13 23:26:08 ----A---- C:\Windows\system32\efscore.dll
2013-03-13 23:26:08 ----A---- C:\Windows\system32\dsuiext.dll
2013-03-13 23:26:08 ----A---- C:\Windows\system32\cca.dll
2013-03-13 23:26:08 ----A---- C:\Windows\system32\azroleui.dll
2013-03-13 23:26:08 ----A---- C:\Windows\system32\asycfilt.dll
2013-03-13 23:26:07 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2013-03-13 23:26:07 ----A---- C:\Windows\SYSWOW64\MSAC3ENC.DLL
2013-03-13 23:26:07 ----A---- C:\Windows\SYSWOW64\fdeploy.dll
2013-03-13 23:26:07 ----A---- C:\Windows\system32\systemcpl.dll
2013-03-13 23:26:07 ----A---- C:\Windows\system32\syncui.dll
2013-03-13 23:26:07 ----A---- C:\Windows\system32\sdcpl.dll
2013-03-13 23:26:07 ----A---- C:\Windows\system32\recdisc.exe
2013-03-13 23:26:07 ----A---- C:\Windows\system32\netplwiz.dll
2013-03-13 23:26:07 ----A---- C:\Windows\system32\httpapi.dll
2013-03-13 23:26:06 ----A---- C:\Windows\SYSWOW64\networkmap.dll
2013-03-13 23:26:06 ----A---- C:\Windows\SYSWOW64\netjoin.dll
2013-03-13 23:26:06 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2013-03-13 23:26:06 ----A---- C:\Windows\SYSWOW64\adsldp.dll
2013-03-13 23:26:06 ----A---- C:\Windows\system32\wlanmsm.dll
2013-03-13 23:26:06 ----A---- C:\Windows\system32\sysclass.dll
2013-03-13 23:26:06 ----A---- C:\Windows\system32\shwebsvc.dll
2013-03-13 23:26:06 ----A---- C:\Windows\system32\sdrsvc.dll
2013-03-13 23:26:06 ----A---- C:\Windows\system32\ncryptui.dll
2013-03-13 23:26:06 ----A---- C:\Windows\system32\drivers\mpio.sys
2013-03-13 23:26:06 ----A---- C:\Windows\system32\certcli.dll
2013-03-13 23:26:06 ----A---- C:\Windows\system32\autoplay.dll
2013-03-13 23:26:06 ----A---- C:\Windows\system32\appinfo.dll
2013-03-13 23:26:06 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2013-03-13 23:26:05 ----A---- C:\Windows\SYSWOW64\wusa.exe
2013-03-13 23:26:05 ----A---- C:\Windows\SYSWOW64\prnfldr.dll
2013-03-13 23:26:05 ----A---- C:\Windows\SYSWOW64\OnLineIDCpl.dll
2013-03-13 23:26:05 ----A---- C:\Windows\SYSWOW64\MCEWMDRMNDBootstrap.dll
2013-03-13 23:26:05 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2013-03-13 23:26:05 ----A---- C:\Windows\system32\spwizeng.dll
2013-03-13 23:26:05 ----A---- C:\Windows\system32\msvidc32.dll
2013-03-13 23:26:05 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2013-03-13 23:26:04 ----A---- C:\Windows\SYSWOW64\sud.dll
2013-03-13 23:26:04 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2013-03-13 23:26:04 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-03-13 23:26:04 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2013-03-13 23:26:04 ----A---- C:\Windows\SYSWOW64\iasrad.dll
2013-03-13 23:26:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2013-03-13 23:26:04 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2013-03-13 23:26:04 ----A---- C:\Windows\system32\vdsutil.dll
2013-03-13 23:26:04 ----A---- C:\Windows\system32\termmgr.dll
2013-03-13 23:26:04 ----A---- C:\Windows\system32\msscp.dll
2013-03-13 23:26:04 ----A---- C:\Windows\system32\MFPlay.dll
2013-03-13 23:26:03 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2013-03-13 23:26:03 ----A---- C:\Windows\SYSWOW64\ftp.exe
2013-03-13 23:26:03 ----A---- C:\Windows\SYSWOW64\dot3cfg.dll
2013-03-13 23:26:03 ----A---- C:\Windows\SYSWOW64\defaultlocationcpl.dll
2013-03-13 23:26:03 ----A---- C:\Windows\system32\tsgqec.dll
2013-03-13 23:26:03 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-03-13 23:26:03 ----A---- C:\Windows\system32\sethc.exe
2013-03-13 23:26:03 ----A---- C:\Windows\system32\ReAgent.dll
2013-03-13 23:26:03 ----A---- C:\Windows\system32\ntlanman.dll
2013-03-13 23:26:02 ----A---- C:\Windows\SYSWOW64\sisbkup.dll
2013-03-13 23:26:02 ----A---- C:\Windows\SYSWOW64\shwebsvc.dll
2013-03-13 23:26:02 ----A---- C:\Windows\SYSWOW64\ifsutil.dll
2013-03-13 23:26:02 ----A---- C:\Windows\SYSWOW64\efscore.dll
2013-03-13 23:26:02 ----A---- C:\Windows\SYSWOW64\ActionCenterCPL.dll
2013-03-13 23:26:02 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-03-13 23:26:02 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2013-03-13 23:26:02 ----A---- C:\Windows\system32\ssText3d.scr
2013-03-13 23:26:02 ----A---- C:\Windows\system32\sqlcese30.dll
2013-03-13 23:26:02 ----A---- C:\Windows\system32\rdpd3d.dll
2013-03-13 23:26:02 ----A---- C:\Windows\system32\iyuv_32.dll
2013-03-13 23:26:02 ----A---- C:\Windows\system32\iTVData.dll
2013-03-13 23:26:02 ----A---- C:\Windows\system32\iprtrmgr.dll
2013-03-13 23:26:02 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2013-03-13 23:26:01 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2013-03-13 23:26:01 ----A---- C:\Windows\SYSWOW64\syncui.dll
2013-03-13 23:26:01 ----A---- C:\Windows\SYSWOW64\ntlanman.dll
2013-03-13 23:26:01 ----A---- C:\Windows\SYSWOW64\dskquoui.dll
2013-03-13 23:26:01 ----A---- C:\Windows\SYSWOW64\DeviceCenter.dll
2013-03-13 23:26:01 ----A---- C:\Windows\SYSWOW64\autoplay.dll
2013-03-13 23:26:01 ----A---- C:\Windows\system32\wmdrmsdk.dll
2013-03-13 23:26:01 ----A---- C:\Windows\system32\srvcli.dll
2013-03-13 23:26:01 ----A---- C:\Windows\system32\slwga.dll
2013-03-13 23:26:01 ----A---- C:\Windows\system32\msiexec.exe
2013-03-13 23:26:01 ----A---- C:\Windows\system32\drmmgrtn.dll
2013-03-13 23:26:00 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2013-03-13 23:26:00 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-03-13 23:26:00 ----A---- C:\Windows\SYSWOW64\sethc.exe
2013-03-13 23:26:00 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2013-03-13 23:26:00 ----A---- C:\Windows\SYSWOW64\riched20.dll
2013-03-13 23:26:00 ----A---- C:\Windows\SYSWOW64\OobeFldr.dll
2013-03-13 23:26:00 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2013-03-13 23:26:00 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-03-13 23:26:00 ----A---- C:\Windows\system32\wavemsp.dll
2013-03-13 23:26:00 ----A---- C:\Windows\system32\srrstr.dll
2013-03-13 23:26:00 ----A---- C:\Windows\system32\ntprint.dll
2013-03-13 23:26:00 ----A---- C:\Windows\system32\nslookup.exe
2013-03-13 23:26:00 ----A---- C:\Windows\system32\NAPHLPR.DLL
2013-03-13 23:26:00 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2013-03-13 23:26:00 ----A---- C:\Windows\system32\bcdboot.exe
2013-03-13 23:26:00 ----A---- C:\Windows\system32\acppage.dll
2013-03-13 23:25:59 ----A---- C:\Windows\SYSWOW64\wmpsrcwp.dll
2013-03-13 23:25:59 ----A---- C:\Windows\SYSWOW64\netplwiz.dll
2013-03-13 23:25:59 ----A---- C:\Windows\SYSWOW64\NAPHLPR.DLL
2013-03-13 23:25:59 ----A---- C:\Windows\SYSWOW64\migisol.dll
2013-03-13 23:25:59 ----A---- C:\Windows\SYSWOW64\fms.dll
2013-03-13 23:25:59 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2013-03-13 23:25:59 ----A---- C:\Windows\SYSWOW64\activeds.dll
2013-03-13 23:25:59 ----A---- C:\Windows\system32\TSpkg.dll
2013-03-13 23:25:59 ----A---- C:\Windows\system32\sppnp.dll
2013-03-13 23:25:59 ----A---- C:\Windows\system32\certprop.dll
2013-03-13 23:25:58 ----A---- C:\Windows\SYSWOW64\nshipsec.dll
2013-03-13 23:25:58 ----A---- C:\Windows\SYSWOW64\httpapi.dll
2013-03-13 23:25:58 ----A---- C:\Windows\SYSWOW64\dpx.dll
2013-03-13 23:25:58 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2013-03-13 23:25:58 ----A---- C:\Windows\system32\wkscli.dll
2013-03-13 23:25:58 ----A---- C:\Windows\system32\remotepg.dll
2013-03-13 23:25:58 ----A---- C:\Windows\system32\networkexplorer.dll
2013-03-13 23:25:58 ----A---- C:\Windows\system32\cabinet.dll
2013-03-13 23:25:57 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-03-13 23:25:56 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2013-03-13 23:25:56 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2013-03-13 23:25:56 ----A---- C:\Windows\SYSWOW64\wavemsp.dll
2013-03-13 23:25:56 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2013-03-13 23:25:56 ----A---- C:\Windows\SYSWOW64\provsvc.dll
2013-03-13 23:25:56 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2013-03-13 23:25:56 ----A---- C:\Windows\SYSWOW64\isoburn.exe
2013-03-13 23:25:56 ----A---- C:\Windows\SYSWOW64\dot3ui.dll
2013-03-13 23:25:56 ----A---- C:\Windows\system32\wsnmp32.dll
2013-03-13 23:25:56 ----A---- C:\Windows\system32\wmpdxm.dll
2013-03-13 23:25:56 ----A---- C:\Windows\system32\WinSCard.dll
2013-03-13 23:25:56 ----A---- C:\Windows\system32\net1.exe
2013-03-13 23:25:56 ----A---- C:\Windows\system32\ftp.exe
2013-03-13 23:25:56 ----A---- C:\Windows\system32\dfrgui.exe
2013-03-13 23:25:55 ----A---- C:\Windows\SYSWOW64\wvc.dll
2013-03-13 23:25:55 ----A---- C:\Windows\SYSWOW64\wtsapi32.dll
2013-03-13 23:25:55 ----A---- C:\Windows\SYSWOW64\wimgapi.dll
2013-03-13 23:25:55 ----A---- C:\Windows\SYSWOW64\tzutil.exe
2013-03-13 23:25:55 ----A---- C:\Windows\SYSWOW64\ocsetup.exe
2013-03-13 23:25:55 ----A---- C:\Windows\SYSWOW64\dsuiext.dll
2013-03-13 23:25:55 ----A---- C:\Windows\SYSWOW64\dfrgui.exe
2013-03-13 23:25:55 ----A---- C:\Windows\system32\wvc.dll
2013-03-13 23:25:55 ----A---- C:\Windows\system32\wsqmcons.exe
2013-03-13 23:25:55 ----A---- C:\Windows\system32\wmdrmdev.dll
2013-03-13 23:25:55 ----A---- C:\Windows\system32\WerFaultSecure.exe
2013-03-13 23:25:55 ----A---- C:\Windows\system32\blackbox.dll
2013-03-13 23:25:54 ----A---- C:\Windows\SYSWOW64\twext.dll
2013-03-13 23:25:54 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-03-13 23:25:54 ----A---- C:\Windows\SYSWOW64\PkgMgr.exe
2013-03-13 23:25:54 ----A---- C:\Windows\SYSWOW64\mstask.dll
2013-03-13 23:25:54 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-03-13 23:25:54 ----A---- C:\Windows\system32\msyuv.dll
2013-03-13 23:25:54 ----A---- C:\Windows\system32\mfps.dll
2013-03-13 23:25:54 ----A---- C:\Windows\system32\mapistub.dll
2013-03-13 23:25:54 ----A---- C:\Windows\system32\mapi32.dll
2013-03-13 23:25:54 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-03-13 23:25:54 ----A---- C:\Windows\system32\Bubbles.scr
2013-03-13 23:25:53 ----A---- C:\Windows\twain_32.dll
Nahoru
toox
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 274
Registrován: 28 dub 2008 18:06
Bydliště: Tromaville

Re: Preventivka

#4 Příspěvek od toox »

2013-03-13 23:25:53 ----A---- C:\Windows\SYSWOW64\setupugc.exe
2013-03-13 23:25:53 ----A---- C:\Windows\SYSWOW64\qcap.dll
2013-03-13 23:25:53 ----A---- C:\Windows\SYSWOW64\qasf.dll
2013-03-13 23:25:53 ----A---- C:\Windows\system32\unimdmat.dll
2013-03-13 23:25:53 ----A---- C:\Windows\system32\OpcServices.dll
2013-03-13 23:25:53 ----A---- C:\Windows\system32\msrle32.dll
2013-03-13 23:25:53 ----A---- C:\Windows\system32\iscsium.dll
2013-03-13 23:25:52 ----A---- C:\Windows\SYSWOW64\uxlib.dll
2013-03-13 23:25:52 ----A---- C:\Windows\SYSWOW64\ssText3d.scr
2013-03-13 23:25:52 ----A---- C:\Windows\SYSWOW64\slwga.dll
2013-03-13 23:25:52 ----A---- C:\Windows\system32\tsbyuv.dll
2013-03-13 23:25:52 ----A---- C:\Windows\system32\seclogon.dll
2013-03-13 23:25:52 ----A---- C:\Windows\system32\Ribbons.scr
2013-03-13 23:25:52 ----A---- C:\Windows\system32\Mystify.scr
2013-03-13 23:25:52 ----A---- C:\Windows\system32\ifsutil.dll
2013-03-13 23:25:52 ----A---- C:\Windows\system32\diskraid.exe
2013-03-13 23:25:51 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2013-03-13 23:25:51 ----A---- C:\Windows\SYSWOW64\nslookup.exe
2013-03-13 23:25:51 ----A---- C:\Windows\SYSWOW64\msvfw32.dll
2013-03-13 23:25:51 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2013-03-13 23:25:51 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2013-03-13 23:25:51 ----A---- C:\Windows\SYSWOW64\audiodev.dll
2013-03-13 23:25:51 ----A---- C:\Windows\system32\wmpshell.dll
2013-03-13 23:25:51 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2013-03-13 23:25:51 ----A---- C:\Windows\system32\perfmon.exe
2013-03-13 23:25:51 ----A---- C:\Windows\system32\muifontsetup.dll
2013-03-13 23:25:51 ----A---- C:\Windows\system32\drivers\umbus.sys
2013-03-13 23:25:51 ----A---- C:\Windows\system32\d3d10level9.dll
2013-03-13 23:25:50 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2013-03-13 23:25:50 ----A---- C:\Windows\SYSWOW64\wimserv.exe
2013-03-13 23:25:50 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2013-03-13 23:25:50 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-03-13 23:25:50 ----A---- C:\Windows\SYSWOW64\msscp.dll
2013-03-13 23:25:50 ----A---- C:\Windows\SYSWOW64\diskraid.exe
2013-03-13 23:25:50 ----A---- C:\Windows\SYSWOW64\DevicePairingFolder.dll
2013-03-13 23:25:50 ----A---- C:\Windows\SYSWOW64\acppage.dll
2013-03-13 23:25:50 ----A---- C:\Windows\system32\umb.dll
2013-03-13 23:25:50 ----A---- C:\Windows\system32\tlscsp.dll
2013-03-13 23:25:50 ----A---- C:\Windows\system32\rdpencom.dll
2013-03-13 23:25:50 ----A---- C:\Windows\system32\qasf.dll
2013-03-13 23:25:50 ----A---- C:\Windows\system32\netutils.dll
2013-03-13 23:25:50 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2013-03-13 23:25:50 ----A---- C:\Windows\system32\AzSqlExt.dll
2013-03-13 23:25:49 ----A---- C:\Windows\SYSWOW64\remotepg.dll
2013-03-13 23:25:49 ----A---- C:\Windows\SYSWOW64\rdpencom.dll
2013-03-13 23:25:49 ----A---- C:\Windows\SYSWOW64\raschap.dll
2013-03-13 23:25:49 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2013-03-13 23:25:49 ----A---- C:\Windows\system32\runonce.exe
2013-03-13 23:25:49 ----A---- C:\Windows\system32\raschap.dll
2013-03-13 23:25:49 ----A---- C:\Windows\system32\FXSAPI.dll
2013-03-13 23:25:49 ----A---- C:\Windows\system32\dbghelp.dll
2013-03-13 23:25:49 ----A---- C:\Windows\system32\ActionQueue.dll
2013-03-13 23:25:49 ----A---- C:\Windows\bfsvc.exe
2013-03-13 23:25:48 ----A---- C:\Windows\SYSWOW64\QUTIL.DLL
2013-03-13 23:25:48 ----A---- C:\Windows\SYSWOW64\networkexplorer.dll
2013-03-13 23:25:48 ----A---- C:\Windows\SYSWOW64\NAPCRYPT.DLL
2013-03-13 23:25:48 ----A---- C:\Windows\SYSWOW64\input.dll
2013-03-13 23:25:48 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2013-03-13 23:25:48 ----A---- C:\Windows\system32\wpdwcn.dll
2013-03-13 23:25:48 ----A---- C:\Windows\system32\WMADMOD.DLL
2013-03-13 23:25:48 ----A---- C:\Windows\system32\wiavideo.dll
2013-03-13 23:25:48 ----A---- C:\Windows\system32\syssetup.dll
2013-03-13 23:25:47 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2013-03-13 23:25:47 ----A---- C:\Windows\SYSWOW64\vpnikeapi.dll
2013-03-13 23:25:47 ----A---- C:\Windows\SYSWOW64\vdsbas.dll
2013-03-13 23:25:47 ----A---- C:\Windows\SYSWOW64\UserAccountControlSettings.dll
2013-03-13 23:25:47 ----A---- C:\Windows\SYSWOW64\onexui.dll
2013-03-13 23:25:47 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2013-03-13 23:25:47 ----A---- C:\Windows\SYSWOW64\ocsetapi.dll
2013-03-13 23:25:47 ----A---- C:\Windows\SYSWOW64\iTVData.dll
2013-03-13 23:25:47 ----A---- C:\Windows\system32\WMVSDECD.DLL
2013-03-13 23:25:47 ----A---- C:\Windows\system32\vdsbas.dll
2013-03-13 23:25:47 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2013-03-13 23:25:47 ----A---- C:\Windows\system32\MdSched.exe
2013-03-13 23:25:47 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-03-13 23:25:46 ----A---- C:\Windows\SYSWOW64\wpdwcn.dll
2013-03-13 23:25:46 ----A---- C:\Windows\SYSWOW64\runonce.exe
2013-03-13 23:25:46 ----A---- C:\Windows\SYSWOW64\logagent.exe
2013-03-13 23:25:46 ----A---- C:\Windows\SYSWOW64\dxdiagn.dll
2013-03-13 23:25:46 ----A---- C:\Windows\system32\nltest.exe
2013-03-13 23:25:46 ----A---- C:\Windows\system32\mstask.dll
2013-03-13 23:25:46 ----A---- C:\Windows\system32\Mcx2Svc.dll
2013-03-13 23:25:46 ----A---- C:\Windows\system32\drivers\rmcast.sys
2013-03-13 23:25:46 ----A---- C:\Windows\system32\bitsadmin.exe
2013-03-13 23:25:45 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll
2013-03-13 23:25:45 ----A---- C:\Windows\SYSWOW64\shacct.dll
2013-03-13 23:25:45 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2013-03-13 23:25:45 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2013-03-13 23:25:45 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2013-03-13 23:25:45 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2013-03-13 23:25:45 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-03-13 23:25:45 ----A---- C:\Windows\system32\vss_ps.dll
2013-03-13 23:25:45 ----A---- C:\Windows\system32\tabcal.exe
2013-03-13 23:25:45 ----A---- C:\Windows\system32\shacct.dll
2013-03-13 23:25:45 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2013-03-13 23:25:45 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2013-03-13 23:25:45 ----A---- C:\Windows\system32\cscapi.dll
2013-03-13 23:25:44 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2013-03-13 23:25:44 ----A---- C:\Windows\SYSWOW64\wmpshell.dll
2013-03-13 23:25:44 ----A---- C:\Windows\SYSWOW64\unimdmat.dll
2013-03-13 23:25:44 ----A---- C:\Windows\SYSWOW64\lsmproxy.dll
2013-03-13 23:25:44 ----A---- C:\Windows\SYSWOW64\bitsadmin.exe
2013-03-13 23:25:44 ----A---- C:\Windows\system32\WPDSp.dll
2013-03-13 23:25:44 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2013-03-13 23:25:44 ----A---- C:\Windows\system32\wmdrmnet.dll
2013-03-13 23:25:44 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2013-03-13 23:25:44 ----A---- C:\Windows\system32\qcap.dll
2013-03-13 23:25:44 ----A---- C:\Windows\system32\mssphtb.dll
2013-03-13 23:25:44 ----A---- C:\Windows\system32\msnetobj.dll
2013-03-13 23:25:44 ----A---- C:\Windows\system32\logman.exe
2013-03-13 23:25:43 ----A---- C:\Windows\SYSWOW64\sqlcese30.dll
2013-03-13 23:25:43 ----A---- C:\Windows\SYSWOW64\rdpd3d.dll
2013-03-13 23:25:43 ----A---- C:\Windows\SYSWOW64\PortableDeviceSyncProvider.dll
2013-03-13 23:25:43 ----A---- C:\Windows\SYSWOW64\pdh.dll
2013-03-13 23:25:43 ----A---- C:\Windows\SYSWOW64\OpcServices.dll
2013-03-13 23:25:43 ----A---- C:\Windows\SYSWOW64\mprapi.dll
2013-03-13 23:25:43 ----A---- C:\Windows\SYSWOW64\logman.exe
2013-03-13 23:25:43 ----A---- C:\Windows\SYSWOW64\iscsium.dll
2013-03-13 23:25:43 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2013-03-13 23:25:43 ----A---- C:\Windows\SYSWOW64\Bubbles.scr
2013-03-13 23:25:43 ----A---- C:\Windows\system32\spbcd.dll
2013-03-13 23:25:43 ----A---- C:\Windows\system32\secproc_ssp.dll
2013-03-13 23:25:43 ----A---- C:\Windows\system32\qdv.dll
2013-03-13 23:25:43 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2013-03-13 23:25:43 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2013-03-13 23:25:42 ----A---- C:\Windows\SYSWOW64\WPDSp.dll
2013-03-13 23:25:42 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-03-13 23:25:42 ----A---- C:\Windows\SYSWOW64\srvcli.dll
2013-03-13 23:25:42 ----A---- C:\Windows\SYSWOW64\Ribbons.scr
2013-03-13 23:25:42 ----A---- C:\Windows\SYSWOW64\QSVRMGMT.DLL
2013-03-13 23:25:42 ----A---- C:\Windows\SYSWOW64\PortableDeviceStatus.dll
2013-03-13 23:25:42 ----A---- C:\Windows\SYSWOW64\olethk32.dll
2013-03-13 23:25:42 ----A---- C:\Windows\SYSWOW64\ncryptui.dll
2013-03-13 23:25:42 ----A---- C:\Windows\SYSWOW64\Mystify.scr
2013-03-13 23:25:42 ----A---- C:\Windows\system32\takeown.exe
2013-03-13 23:25:42 ----A---- C:\Windows\system32\PnPUnattend.exe
2013-03-13 23:25:42 ----A---- C:\Windows\system32\fphc.dll
2013-03-13 23:25:42 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2013-03-13 23:25:42 ----A---- C:\Windows\system32\dot3ui.dll
2013-03-13 23:25:41 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-03-13 23:25:41 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2013-03-13 23:25:41 ----A---- C:\Windows\SYSWOW64\wiavideo.dll
2013-03-13 23:25:41 ----A---- C:\Windows\SYSWOW64\utildll.dll
2013-03-13 23:25:41 ----A---- C:\Windows\SYSWOW64\takeown.exe
2013-03-13 23:25:41 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2013-03-13 23:25:41 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2013-03-13 23:25:41 ----A---- C:\Windows\SYSWOW64\fphc.dll
2013-03-13 23:25:41 ----A---- C:\Windows\SYSWOW64\dot3msm.dll
2013-03-13 23:25:41 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2013-03-13 23:25:41 ----A---- C:\Windows\system32\WMPhoto.dll
2013-03-13 23:25:41 ----A---- C:\Windows\system32\EhStorAPI.dll
2013-03-13 23:25:41 ----A---- C:\Windows\system32\amstream.dll
2013-03-13 23:25:40 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2013-03-13 23:25:40 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll
2013-03-13 23:25:40 ----A---- C:\Windows\SYSWOW64\sqmapi.dll
2013-03-13 23:25:40 ----A---- C:\Windows\SYSWOW64\qdv.dll
2013-03-13 23:25:40 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2013-03-13 23:25:40 ----A---- C:\Windows\SYSWOW64\EhStorAPI.dll
2013-03-13 23:25:40 ----A---- C:\Windows\system32\vfwwdm32.dll
2013-03-13 23:25:40 ----A---- C:\Windows\system32\shimgvw.dll
2013-03-13 23:25:40 ----A---- C:\Windows\system32\QCLIPROV.DLL
2013-03-13 23:25:40 ----A---- C:\Windows\system32\nrpsrv.dll
2013-03-13 23:25:40 ----A---- C:\Windows\system32\iasrecst.dll
2013-03-13 23:25:40 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2013-03-13 23:25:40 ----A---- C:\Windows\system32\djoin.exe
2013-03-13 23:25:40 ----A---- C:\Windows\system32\cmstp.exe
2013-03-13 23:25:40 ----A---- C:\Windows\system32\CertPolEng.dll
2013-03-13 23:25:39 ----A---- C:\Windows\SYSWOW64\sppinst.dll
2013-03-13 23:25:39 ----A---- C:\Windows\SYSWOW64\QCLIPROV.DLL
2013-03-13 23:25:39 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2013-03-13 23:25:39 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2013-03-13 23:25:39 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2013-03-13 23:25:39 ----A---- C:\Windows\SYSWOW64\cmstp.exe
2013-03-13 23:25:39 ----A---- C:\Windows\SYSWOW64\cca.dll
2013-03-13 23:25:39 ----A---- C:\Windows\system32\WavDest.dll
2013-03-13 23:25:39 ----A---- C:\Windows\system32\fdProxy.dll
2013-03-13 23:25:38 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2013-03-13 23:25:38 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2013-03-13 23:25:38 ----A---- C:\Windows\SYSWOW64\vfwwdm32.dll
2013-03-13 23:25:38 ----A---- C:\Windows\SYSWOW64\setupcln.dll
2013-03-13 23:25:38 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2013-03-13 23:25:38 ----A---- C:\Windows\SYSWOW64\MuiUnattend.exe
2013-03-13 23:25:38 ----A---- C:\Windows\SYSWOW64\AzSqlExt.dll
2013-03-13 23:25:38 ----A---- C:\Windows\system32\sscore.dll
2013-03-13 23:25:38 ----A---- C:\Windows\system32\relog.exe
2013-03-13 23:25:38 ----A---- C:\Windows\system32\mydocs.dll
2013-03-13 23:25:38 ----A---- C:\Windows\system32\MultiDigiMon.exe
2013-03-13 23:25:38 ----A---- C:\Windows\system32\KMSVC.DLL
2013-03-13 23:25:38 ----A---- C:\Windows\system32\iscsicli.exe
2013-03-13 23:25:38 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-03-13 23:25:38 ----A---- C:\Windows\system32\drivers\pacer.sys
2013-03-13 23:25:38 ----A---- C:\Windows\system32\diskpart.exe
2013-03-13 23:25:37 ----A---- C:\Windows\SYSWOW64\wkscli.dll
2013-03-13 23:25:37 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2013-03-13 23:25:37 ----A---- C:\Windows\SYSWOW64\relog.exe
2013-03-13 23:25:37 ----A---- C:\Windows\SYSWOW64\netiougc.exe
2013-03-13 23:25:37 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2013-03-13 23:25:37 ----A---- C:\Windows\SYSWOW64\iscsicli.exe
2013-03-13 23:25:37 ----A---- C:\Windows\SYSWOW64\iasrecst.dll
2013-03-13 23:25:37 ----A---- C:\Windows\system32\mobsync.exe
2013-03-13 23:25:37 ----A---- C:\Windows\system32\BWUnpairElevated.dll
2013-03-13 23:25:36 ----A---- C:\Windows\SYSWOW64\syssetup.dll
2013-03-13 23:25:36 ----A---- C:\Windows\SYSWOW64\spbcd.dll
2013-03-13 23:25:36 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2013-03-13 23:25:36 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2013-03-13 23:25:36 ----A---- C:\Windows\SYSWOW64\resutils.dll
2013-03-13 23:25:36 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2013-03-13 23:25:36 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2013-03-13 23:25:36 ----A---- C:\Windows\SYSWOW64\mydocs.dll
2013-03-13 23:25:36 ----A---- C:\Windows\SYSWOW64\itircl.dll
2013-03-13 23:25:36 ----A---- C:\Windows\SYSWOW64\diskpart.exe
2013-03-13 23:25:36 ----A---- C:\Windows\SYSWOW64\amstream.dll
2013-03-13 23:25:36 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2013-03-13 23:25:36 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2013-03-13 23:25:36 ----A---- C:\Windows\system32\msdmo.dll
2013-03-13 23:25:36 ----A---- C:\Windows\system32\itircl.dll
2013-03-13 23:25:36 ----A---- C:\Windows\system32\dot3msm.dll
2013-03-13 23:25:35 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2013-03-13 23:25:35 ----A---- C:\Windows\SYSWOW64\wmpps.dll
2013-03-13 23:25:35 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2013-03-13 23:25:35 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2013-03-13 23:25:35 ----A---- C:\Windows\SYSWOW64\ReAgentc.exe
2013-03-13 23:25:35 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2013-03-13 23:25:35 ----A---- C:\Windows\SYSWOW64\CertPolEng.dll
2013-03-13 23:25:35 ----A---- C:\Windows\system32\mciqtz32.dll
2013-03-13 23:25:35 ----A---- C:\Windows\system32\choice.exe
2013-03-13 23:25:35 ----A---- C:\Windows\system32\FXSTIFF.dll
2013-03-13 23:25:35 ----A---- C:\Windows\system32\findstr.exe
2013-03-13 23:25:35 ----A---- C:\Windows\system32\eappgnui.dll
2013-03-13 23:25:34 ----A---- C:\Windows\SYSWOW64\tlscsp.dll
2013-03-13 23:25:34 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2013-03-13 23:25:34 ----A---- C:\Windows\SYSWOW64\netutils.dll
2013-03-13 23:25:34 ----A---- C:\Windows\SYSWOW64\mobsync.exe
2013-03-13 23:25:34 ----A---- C:\Windows\SYSWOW64\mciqtz32.dll
2013-03-13 23:25:34 ----A---- C:\Windows\SYSWOW64\findstr.exe
2013-03-13 23:25:34 ----A---- C:\Windows\system32\sppc.dll
2013-03-13 23:25:34 ----A---- C:\Windows\system32\schedcli.dll
2013-03-13 23:25:34 ----A---- C:\Windows\system32\onexui.dll
2013-03-13 23:25:34 ----A---- C:\Windows\system32\luainstall.dll
2013-03-13 23:25:34 ----A---- C:\Windows\system32\drivers\tunnel.sys
2013-03-13 23:25:34 ----A---- C:\Windows\system32\drivers\dfsc.sys
2013-03-13 23:25:33 ----A---- C:\Windows\SYSWOW64\sppc.dll
2013-03-13 23:25:33 ----A---- C:\Windows\SYSWOW64\spopk.dll
2013-03-13 23:25:33 ----A---- C:\Windows\SYSWOW64\shimgvw.dll
2013-03-13 23:25:33 ----A---- C:\Windows\SYSWOW64\muifontsetup.dll
2013-03-13 23:25:33 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2013-03-13 23:25:33 ----A---- C:\Windows\SYSWOW64\cabinet.dll
2013-03-13 23:25:33 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2013-03-13 23:25:33 ----A---- C:\Windows\system32\spopk.dll
2013-03-13 23:25:33 ----A---- C:\Windows\system32\repair-bde.exe
2013-03-13 23:25:33 ----A---- C:\Windows\system32\manage-bde.exe
2013-03-13 23:25:33 ----A---- C:\Windows\system32\inetmib1.dll
2013-03-13 23:25:32 ----A---- C:\Windows\SYSWOW64\unlodctr.exe
2013-03-13 23:25:32 ----A---- C:\Windows\SYSWOW64\rdprefdrvapi.dll
2013-03-13 23:25:32 ----A---- C:\Windows\SYSWOW64\msdmo.dll
2013-03-13 23:25:32 ----A---- C:\Windows\SYSWOW64\luainstall.dll
2013-03-13 23:25:32 ----A---- C:\Windows\system32\RDPENCDD.dll
2013-03-13 23:25:32 ----A---- C:\Windows\system32\odbcconf.dll
2013-03-13 23:25:32 ----A---- C:\Windows\system32\fixmapi.exe
2013-03-13 23:25:31 ----A---- C:\Windows\SYSWOW64\odbcconf.dll
2013-03-13 23:25:31 ----A---- C:\Windows\SYSWOW64\inetmib1.dll
2013-03-13 23:25:31 ----A---- C:\Windows\system32\UIRibbonRes.dll
2013-03-13 23:25:31 ----A---- C:\Windows\system32\FXSMON.dll
2013-03-13 23:25:31 ----A---- C:\Windows\system32\elsTrans.dll
2013-03-13 23:25:30 ----A---- C:\Windows\SYSWOW64\wups.dll
2013-03-13 23:25:30 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2013-03-13 23:25:30 ----A---- C:\Windows\SYSWOW64\perfts.dll
2013-03-13 23:25:30 ----A---- C:\Windows\system32\wshbth.dll
2013-03-13 23:25:30 ----A---- C:\Windows\system32\TRAPI.dll
2013-03-13 23:25:30 ----A---- C:\Windows\system32\LogonUI.exe
2013-03-13 23:25:30 ----A---- C:\Windows\system32\drivers\tdi.sys
2013-03-13 23:25:29 ----A---- C:\Windows\SYSWOW64\imm32.dll
2013-03-13 23:25:29 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2013-03-13 23:25:29 ----A---- C:\Windows\system32\napdsnap.dll
2013-03-13 23:25:29 ----A---- C:\Windows\system32\dsauth.dll
2013-03-13 23:25:28 ----A---- C:\Windows\SYSWOW64\TRAPI.dll
2013-03-13 23:25:28 ----A---- C:\Windows\SYSWOW64\elsTrans.dll
2013-03-13 23:25:28 ----A---- C:\Windows\SYSWOW64\bitsperf.dll
2013-03-13 23:25:28 ----A---- C:\Windows\system32\FXSUNATD.exe
2013-03-13 23:25:28 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2013-03-13 23:25:28 ----A---- C:\Windows\system32\cscdll.dll
2013-03-13 23:25:28 ----A---- C:\Windows\system32\bitsperf.dll
2013-03-13 23:25:27 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2013-03-13 23:25:27 ----A---- C:\Windows\SYSWOW64\schedcli.dll
2013-03-13 23:25:27 ----A---- C:\Windows\SYSWOW64\napdsnap.dll
2013-03-13 23:25:27 ----A---- C:\Windows\SYSWOW64\dsauth.dll
2013-03-13 23:25:27 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2013-03-13 23:25:26 ----A---- C:\Windows\system32\wsdchngr.dll
2013-03-13 23:25:26 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2013-03-13 23:25:25 ----A---- C:\Windows\SYSWOW64\sscore.dll
2013-03-13 23:25:24 ----A---- C:\Windows\SYSWOW64\wsdchngr.dll
2013-03-13 23:25:24 ----A---- C:\Windows\SYSWOW64\shgina.dll
2013-03-13 23:25:24 ----A---- C:\Windows\SYSWOW64\riched32.dll
2013-03-13 23:25:24 ----A---- C:\Windows\system32\shgina.dll
2013-03-13 23:25:23 ----A---- C:\Windows\system32\wshirda.dll
2013-03-13 23:25:23 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2013-03-13 23:25:23 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2013-03-13 23:25:22 ----A---- C:\Windows\system32\rdpcfgex.dll
2013-03-13 23:25:22 ----A---- C:\Windows\system32\drivers\hidusb.sys
2013-03-13 23:25:22 ----A---- C:\Windows\system32\drivers\appid.sys
2013-03-13 23:25:21 ----A---- C:\Windows\SYSWOW64\wshirda.dll
2013-03-13 23:25:21 ----A---- C:\Windows\system32\riched32.dll
2013-03-13 23:25:21 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2013-03-13 23:25:21 ----A---- C:\Windows\system32\browseui.dll
2013-03-13 23:25:20 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2013-03-13 23:25:20 ----A---- C:\Windows\SYSWOW64\browseui.dll
2013-03-13 23:25:20 ----A---- C:\Windows\system32\spwmp.dll
2013-03-13 23:25:20 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2013-03-13 23:25:20 ----A---- C:\Windows\system32\C_ISCII.DLL
2013-03-13 23:25:19 ----AH---- C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2013-03-13 23:25:19 ----A---- C:\Windows\SYSWOW64\shunimpl.dll
2013-03-13 23:25:19 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2013-03-13 23:25:19 ----A---- C:\Windows\SYSWOW64\C_ISCII.DLL
2013-03-13 23:25:19 ----A---- C:\Windows\system32\shunimpl.dll
2013-03-13 23:25:19 ----A---- C:\Windows\system32\dxmasf.dll
2013-03-13 23:25:19 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2013-03-13 23:25:19 ----A---- C:\Windows\system32\drivers\scfilter.sys
2013-03-13 23:25:19 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2013-03-13 23:25:19 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2013-03-13 23:25:19 ----A---- C:\Windows\system32\drivers\cdrom.sys
2013-03-13 23:25:18 ----A---- C:\Windows\SYSWOW64\KBDTUQ.DLL
2013-03-13 23:25:18 ----A---- C:\Windows\SYSWOW64\KBDTUF.DLL
2013-03-13 23:25:18 ----A---- C:\Windows\SYSWOW64\KBDSG.DLL
2013-03-13 23:25:18 ----A---- C:\Windows\SYSWOW64\kbdlk41a.dll
2013-03-13 23:25:18 ----A---- C:\Windows\SYSWOW64\KBDGR1.DLL
2013-03-13 23:25:18 ----A---- C:\Windows\system32\KBDTUQ.DLL
2013-03-13 23:25:18 ----A---- C:\Windows\system32\KBDTUF.DLL
2013-03-13 23:25:18 ----A---- C:\Windows\system32\KBDSG.DLL
2013-03-13 23:25:18 ----A---- C:\Windows\system32\KBDSF.DLL
2013-03-13 23:25:18 ----A---- C:\Windows\system32\KBDPO.DLL
2013-03-13 23:25:18 ----A---- C:\Windows\system32\KBDNEPR.DLL
2013-03-13 23:25:18 ----A---- C:\Windows\system32\kbdlk41a.dll
2013-03-13 23:25:18 ----A---- C:\Windows\system32\KBDINTAM.DLL
2013-03-13 23:25:18 ----A---- C:\Windows\system32\KBDINBEN.DLL
2013-03-13 23:25:17 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-03-13 23:25:17 ----A---- C:\Windows\SYSWOW64\KBDUS.DLL
2013-03-13 23:25:17 ----A---- C:\Windows\SYSWOW64\KBDGKL.DLL
2013-03-13 23:25:17 ----A---- C:\Windows\SYSWOW64\KBDGEO.DLL
2013-03-13 23:25:17 ----A---- C:\Windows\SYSWOW64\KBDBLR.DLL
2013-03-13 23:25:17 ----A---- C:\Windows\system32\wmploc.DLL
2013-03-13 23:25:17 ----A---- C:\Windows\system32\KBDGR1.DLL
2013-03-13 23:25:17 ----A---- C:\Windows\system32\KBDGKL.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDUGHR1.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDTURME.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDTAJIK.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDMON.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDMAORI.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDLT1.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDINTEL.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDINTAM.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDINORI.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDINMAR.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDINKAN.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDINHIN.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDINBEN.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDCZ1.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDBULG.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\system32\KBDUS.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\system32\KBDMON.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\system32\KBDLT1.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\system32\KBDGEO.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\system32\KBDCZ1.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\system32\KBDBULG.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\system32\KBDBLR.DLL
2013-03-13 23:25:16 ----A---- C:\Windows\system32\KBDBASH.DLL
2013-03-13 23:25:15 ----A---- C:\Windows\SYSWOW64\spwizres.dll
2013-03-13 23:25:15 ----A---- C:\Windows\SYSWOW64\pifmgr.dll
2013-03-13 23:25:15 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2013-03-13 23:25:15 ----A---- C:\Windows\SYSWOW64\KBDSF.DLL
2013-03-13 23:25:15 ----A---- C:\Windows\SYSWOW64\KBDPO.DLL
2013-03-13 23:25:15 ----A---- C:\Windows\SYSWOW64\KBDNEPR.DLL
2013-03-13 23:25:15 ----A---- C:\Windows\system32\spwizres.dll
2013-03-13 23:25:15 ----A---- C:\Windows\system32\pifmgr.dll
2013-03-13 23:25:15 ----A---- C:\Windows\system32\nlsbres.dll
2013-03-13 23:25:15 ----A---- C:\Windows\system32\KBDTURME.DLL
2013-03-13 23:25:15 ----A---- C:\Windows\system32\KBDMAORI.DLL
2013-03-13 23:25:15 ----A---- C:\Windows\system32\KBDINTEL.DLL
2013-03-13 23:25:15 ----A---- C:\Windows\system32\KBDINORI.DLL
2013-03-13 23:25:15 ----A---- C:\Windows\system32\KBDINMAR.DLL
2013-03-13 23:25:15 ----A---- C:\Windows\system32\KBDINKAN.DLL
2013-03-13 23:25:15 ----A---- C:\Windows\system32\KBDINHIN.DLL
2013-03-13 23:25:15 ----A---- C:\Windows\system32\BlbEvents.dll
2013-03-13 23:24:52 ----A---- C:\Windows\SYSWOW64\wdscore.dll
2013-03-13 23:24:52 ----A---- C:\Windows\system32\dpx.dll
2013-03-13 23:24:42 ----A---- C:\Windows\SYSWOW64\wbemcomn.dll
2013-03-13 23:24:10 ----A---- C:\Windows\system32\wbemcomn.dll
2013-03-13 23:22:44 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-13 12:17:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-13 12:17:00 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-13 12:17:00 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-13 12:16:59 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-13 12:16:59 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-13 12:16:59 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-13 12:16:59 ----A---- C:\Windows\system32\url.dll
2013-03-13 12:16:59 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-13 12:16:59 ----A---- C:\Windows\system32\ieui.dll
2013-03-13 12:16:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-13 12:16:58 ----A---- C:\Windows\system32\urlmon.dll
2013-03-13 12:16:58 ----A---- C:\Windows\system32\jscript9.dll
2013-03-13 12:16:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-13 12:16:57 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-13 12:16:57 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-13 12:16:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-13 12:16:56 ----A---- C:\Windows\system32\wininet.dll
2013-03-13 12:16:56 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-13 12:16:55 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-13 12:16:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-13 12:16:55 ----A---- C:\Windows\system32\vbscript.dll
2013-03-13 12:16:55 ----A---- C:\Windows\system32\jscript.dll
2013-03-13 12:16:55 ----A---- C:\Windows\system32\iertutil.dll
2013-03-13 12:16:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-13 12:16:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-13 12:16:51 ----A---- C:\Windows\system32\mshtml.dll
2013-03-13 12:16:51 ----A---- C:\Windows\system32\ieframe.dll
2013-03-13 12:16:50 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-13 12:15:59 ----A---- C:\Windows\system32\win32k.sys
2013-03-13 12:15:57 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-03-13 12:15:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-03-13 12:15:55 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-03-13 12:15:51 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-03-13 12:15:51 ----A---- C:\Windows\system32\win32spl.dll
2013-03-13 12:15:47 ----A---- C:\Windows\system32\winsrv.dll
2013-03-13 12:15:46 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-03-13 12:15:46 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-03-13 12:15:46 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-03-13 12:15:46 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-03-13 12:15:45 ----A---- C:\Windows\SYSWOW64\user.exe
2013-03-13 12:15:42 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-03-13 12:15:41 ----A---- C:\Windows\system32\drivers\netio.sys
2013-03-13 12:15:41 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-03-13 12:15:40 ----A---- C:\Windows\system32\msxml6.dll
2013-03-13 12:15:40 ----A---- C:\Windows\system32\msxml3.dll
2013-03-13 12:15:39 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-03-13 12:15:39 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2013-03-13 12:15:39 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-03-13 12:15:39 ----A---- C:\Windows\system32\msxml3r.dll
2013-03-13 12:15:38 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-03-13 12:15:38 ----A---- C:\Windows\system32\ncrypt.dll
2013-03-13 11:14:51 ----D---- C:\rsit
2013-03-13 11:14:51 ----D---- C:\Program Files\trend micro
2013-03-09 20:22:36 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-03-08 18:34:16 ----D---- C:\Program Files\Microsoft IntelliType Pro
2013-03-08 16:44:22 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-26 21:49:47 ----D---- C:\Windows\Sun
2013-02-24 12:56:06 ----RD---- C:\Users\Honza\AppData\Roaming\.minecraft
2013-02-24 12:56:04 ----D---- C:\ProgramData\Sun
2013-02-24 12:55:57 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-02-24 12:55:56 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-02-24 12:55:56 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-02-24 12:55:51 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-02-24 12:55:51 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-02-24 12:55:51 ----A---- C:\Windows\SYSWOW64\java.exe
2013-02-24 12:55:44 ----D---- C:\Program Files (x86)\Java

======List of files/folders modified in the last 1 month======

2013-03-14 00:06:51 ----D---- C:\Windows\Temp
2013-03-13 23:56:28 ----D---- C:\Windows\Microsoft.NET
2013-03-13 23:56:27 ----RSD---- C:\Windows\assembly
2013-03-13 23:54:44 ----D---- C:\Windows\System32
2013-03-13 23:54:44 ----D---- C:\Windows\inf
2013-03-13 23:54:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-13 23:48:33 ----D---- C:\Windows\winsxs
2013-03-13 23:48:06 ----D---- C:\Windows\system32\config
2013-03-13 23:48:03 ----D---- C:\ProgramData\NVIDIA
2013-03-13 23:46:28 ----D---- C:\Windows\system32\drivers
2013-03-13 23:46:27 ----D---- C:\Windows\system32\DriverStore
2013-03-13 23:42:37 ----D---- C:\Windows
2013-03-13 23:39:04 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-03-13 23:39:04 ----D---- C:\Program Files (x86)\Windows Portable Devices
2013-03-13 23:39:04 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2013-03-13 23:39:04 ----D---- C:\Program Files (x86)\Windows Media Player
2013-03-13 23:39:04 ----D---- C:\Program Files (x86)\Windows Mail
2013-03-13 23:39:03 ----D---- C:\Program Files\Windows Sidebar
2013-03-13 23:39:03 ----D---- C:\Program Files\Windows Portable Devices
2013-03-13 23:39:03 ----D---- C:\Program Files\Windows Photo Viewer
2013-03-13 23:39:03 ----D---- C:\Program Files\Windows Media Player
2013-03-13 23:39:03 ----D---- C:\Program Files\Windows Mail
2013-03-13 23:39:03 ----D---- C:\Program Files\Windows Journal
2013-03-13 23:39:03 ----D---- C:\Program Files\DVD Maker
2013-03-13 23:39:03 ----D---- C:\Program Files\Common Files\System
2013-03-13 23:39:02 ----D---- C:\Windows\servicing
2013-03-13 23:39:02 ----D---- C:\Windows\ehome
2013-03-13 23:39:02 ----D---- C:\Program Files\Windows Defender
2013-03-13 23:39:01 ----D---- C:\Windows\SYSWOW64\Setup
2013-03-13 23:39:01 ----D---- C:\Windows\SYSWOW64\oobe
2013-03-13 23:39:01 ----D---- C:\Windows\SYSWOW64\migration
2013-03-13 23:39:01 ----D---- C:\Windows\SYSWOW64\da-DK
2013-03-13 23:39:01 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-13 23:39:01 ----D---- C:\Windows\SYSWOW64\cs
2013-03-13 23:39:01 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2013-03-13 23:39:00 ----D---- C:\Windows\SYSWOW64\wbem
2013-03-13 23:39:00 ----D---- C:\Windows\SYSWOW64\sppui
2013-03-13 23:39:00 ----D---- C:\Windows\SYSWOW64\migwiz
2013-03-13 23:39:00 ----D---- C:\Windows\SYSWOW64\manifeststore
2013-03-13 23:39:00 ----D---- C:\Windows\SYSWOW64\es-ES
2013-03-13 23:39:00 ----D---- C:\Windows\SYSWOW64\Dism
2013-03-13 23:39:00 ----D---- C:\Windows\SysWOW64
2013-03-13 23:38:56 ----D---- C:\Windows\system32\oobe
2013-03-13 23:38:56 ----D---- C:\Windows\system32\migration
2013-03-13 23:38:56 ----D---- C:\Windows\system32\en-US
2013-03-13 23:38:56 ----D---- C:\Windows\system32\da-DK
2013-03-13 23:38:55 ----D---- C:\Windows\system32\wbem
2013-03-13 23:38:55 ----D---- C:\Windows\system32\sppui
2013-03-13 23:38:55 ----D---- C:\Windows\system32\Setup
2013-03-13 23:38:55 ----D---- C:\Windows\system32\migwiz
2013-03-13 23:38:55 ----D---- C:\Windows\system32\manifeststore
2013-03-13 23:38:55 ----D---- C:\Windows\system32\es-ES
2013-03-13 23:38:55 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-03-13 23:38:55 ----D---- C:\Windows\system32\Dism
2013-03-13 23:38:55 ----D---- C:\Windows\system32\cs-CZ
2013-03-13 23:38:55 ----D---- C:\Windows\system32\cs
2013-03-13 23:38:55 ----D---- C:\Windows\system32\AdvancedInstallers
2013-03-13 23:38:51 ----RSD---- C:\Windows\Fonts
2013-03-13 23:38:51 ----D---- C:\Windows\AppPatch
2013-03-13 23:38:46 ----D---- C:\Windows\system32\Boot
2013-03-13 23:36:21 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2013-03-13 23:36:21 ----A---- C:\Windows\system32\msclmd.dll
2013-03-13 23:30:11 ----SHD---- C:\System Volume Information
2013-03-13 23:22:39 ----D---- C:\Windows\system32\catroot2
2013-03-13 23:22:39 ----D---- C:\Windows\system32\catroot
2013-03-13 12:27:30 ----D---- C:\Program Files\Internet Explorer
2013-03-13 12:27:30 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-13 12:25:40 ----D---- C:\Windows\debug
2013-03-13 11:14:57 ----D---- C:\Windows\Prefetch
2013-03-13 11:14:51 ----RD---- C:\Program Files
2013-03-12 23:50:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-11 02:36:05 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2013-03-09 20:22:57 ----SHD---- C:\Windows\Installer
2013-03-09 20:22:36 ----RD---- C:\Program Files (x86)
2013-03-09 19:27:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-08 18:34:45 ----SD---- C:\Users\Honza\AppData\Roaming\Microsoft
2013-03-08 18:34:44 ----D---- C:\Windows\system32\Tasks
2013-03-04 14:53:46 ----A---- C:\Windows\system32\MRT.exe
2013-02-28 02:08:10 ----D---- C:\Users\Honza\AppData\Roaming\Winamp
2013-02-24 12:56:04 ----HD---- C:\ProgramData
2013-02-24 12:56:04 ----D---- C:\Program Files (x86)\Common Files
2013-02-24 09:09:43 ----D---- C:\ProgramData\Adobe
2013-02-23 19:49:10 ----D---- C:\Users\Honza\AppData\Roaming\GarenaPlus
2013-02-23 19:49:09 ----D---- C:\ProgramData\GarenaMessenger

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 984144]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 370288]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 59728]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbflt64.sys [2012-09-21 24608]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-27 283200]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-06-21 131688]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 891240]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-10 1258856]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-04 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 253656]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-27 1255736]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Mc_Murphy
VIP in memoriam
VIP in memoriam
Příspěvky: 6706
Registrován: 03 lis 2008 15:55
Bydliště: Plzeň [ZČ]
Kontaktovat uživatele:
Kontaktovat uživatele Mc_Murphy

Re: Preventivka

#5 Příspěvek od Mc_Murphy »

toox píše:Tak aktualizace proběhla :)
Dobrá práce. :thumbsup:


:arrow: Takže fixni v HJT níže uvedené položky.
  • Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
  • Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
  • Položky, které v seznamu nenajdeš, prostě přeskoč.
  • HJT najdeš zde: C:\Program Files\trend micro\Honza.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =


:arrow: Dále stáhni utilitu OTM z jednoho z těchto odkazů: Ulož ji na Plochu a dvojklikem spusť.

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script (pouze zelená písmenka v bílém poli, včetně té dvojtečky před Commands!):

Kód: Vybrat vše

:Commands
[ClearAllRestorePoints]
[ResetHosts]
[Purity]
[EmptyTemp]
[EmptyFlash]

:Services
AdobeFlashPlayerUpdateSvc
nvUpdatusService
SkypeUpdate
SwitchBoard

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Windows\tasks\Adobe Flash Player Updater.job

:Reg
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=-
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"=-
[HKEY_USERS\S-1-5-21-1379411598-525497723-484556184-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=-
[HKEY_USERS\S-1-5-21-1379411598-525497723-484556184-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=-
Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\
Obrázek-Obrázek
Obrázek-Obrázek

  • ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
    • You gave me love, I've found my identity, found my identity.

    I'm moving on, I'm moving on, I'm moving on by the Spirit.
    • You gave me hope, I've found my identity in Christ...
Nahoru
toox
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 274
Registrován: 28 dub 2008 18:06
Bydliště: Tromaville

Re: Preventivka

#6 Příspěvek od toox »

ták hotovo :)

All processes killed
========== COMMANDS ==========

Restore point Set: OTM Restore Point
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Honza
->Temp folder emptied: 2196 bytes
->Temporary Internet Files folder emptied: 3563362 bytes
->Java cache emptied: 23696 bytes
->FireFox cache emptied: 129506208 bytes
->Flash cache emptied: 1200 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5374 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50641 bytes
RecycleBin emptied: 1819203 bytes

Total Files Cleaned = 129,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Honza
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service nvUpdatusService stopped successfully!
Service nvUpdatusService deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service SwitchBoard stopped successfully!
Service SwitchBoard deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5C72.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA61E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1379411598-525497723-484556184-1001\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\S-1-5-21-1379411598-525497723-484556184-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 03142013_225411

Files moved on Reboot...
C:\Users\Honza\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
Mc_Murphy
VIP in memoriam
VIP in memoriam
Příspěvky: 6706
Registrován: 03 lis 2008 15:55
Bydliště: Plzeň [ZČ]
Kontaktovat uživatele:
Kontaktovat uživatele Mc_Murphy

Re: Preventivka

#7 Příspěvek od Mc_Murphy »

Super, OTM provedlo, co mělo. Takže po sobě jen uklidím a je hotovo.


:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stáhni a spusť.
  • Klikni na CleanUp a potvrď YES.
  • Program uklidí a může (nemusí) restartovat PC.
:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stáhni a spusť.
  • Klikni na Start a potvrď OK.
  • Program uklidí a může (nemusí) restartovat PC.
  • Po použití utilitu smaž ručně.
:arrow: Pokud nemáš, stáhni CCleaner z tohoto odkazu.
  • Panel čistič
  • Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.
  • Panel registry
  • Klikni na Hledej problémy.
  • Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
  • Postup opakuj, dokud nebude bez problémů - většinou cca 3x.
  • Panel nástroje
  • Zde můžeš odinstalovat nepotřebné programy.
Obrázek CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše. :James008:
Obrázek-Obrázek
Obrázek-Obrázek

  • ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
    • You gave me love, I've found my identity, found my identity.

    I'm moving on, I'm moving on, I'm moving on by the Spirit.
    • You gave me hope, I've found my identity in Christ...
Nahoru
toox
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 274
Registrován: 28 dub 2008 18:06
Bydliště: Tromaville

Re: Preventivka

#8 Příspěvek od toox »

HOTOVO !

Díky moc, ať se daří.. :James008:
Nahoru
Uživatelský avatar
Mc_Murphy
VIP in memoriam
VIP in memoriam
Příspěvky: 6706
Registrován: 03 lis 2008 15:55
Bydliště: Plzeň [ZČ]
Kontaktovat uživatele:
Kontaktovat uživatele Mc_Murphy

Re: Preventivka

#9 Příspěvek od Mc_Murphy »

Není vůbec zač a rádo se stalo. :85: Přeji pěkný den. :fez:

:closed:
Obrázek-Obrázek
Obrázek-Obrázek

  • ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
    • You gave me love, I've found my identity, found my identity.

    I'm moving on, I'm moving on, I'm moving on by the Spirit.
    • You gave me hope, I've found my identity in Christ...
Nahoru
Zamčeno

Zpět na „Sekce pouze pro Vzorné návštěvníky“