Pomoc s logem, divne soubory Po spusteni.

[murons2]

Ahoj, nejprve jsem zjistil ze nemuzu psat hacky a carky pres klasvesu vedle BackSpace. Na netu pisou asi vir. Zacal jsem zkoumat a v okne Po spusteni mam prapodivne soubory viz obrazek. Jinak Pc funguje normalne. Antivirus od Microsoftu nic nenajde. Predpokladam, ze to budou ty soubory 666666.exe apod . Pc je nova instalace, vse legalni software. Děkuji za pomoc.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:36:48, on 1.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\rdx\AppData\Roaming\ICQM\icq.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\rdx\AppData\Local\Temp\system.exe
C:\Users\rdx\AppData\Local\Temp\chost.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [system] wscript.exe //B "C:\Users\rdx\AppData\Local\Temp\system.vbs"
O4 - HKCU\..\Run: [icq] C:\Users\rdx\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [12ce4e06a81e8d54fd01d9b762f1b1bb] "C:\Users\rdx\AppData\Local\Temp\system.exe" ..
O4 - HKCU\..\Run: [946589f7f847301f8eee827f12194b9e] "C:\Users\rdx\AppData\Local\Temp\chost.exe" ..
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: 6.exe
O4 - Startup: 6000.exe
O4 - Startup: 66.exe
O4 - Startup: 666666.exe
O4 - Startup: 7.exe
O4 - Startup: 7777.exe
O4 - Startup: applction windows 6666.exe
O4 - Startup: applection windows 777.exe
O4 - Startup: system.vbs
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\rdx\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\rdx\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

--
End of file - 11537 bytes

[vyosek]

Zdravim

Dejte prosim log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786 je podrobnejsi nez HJT

[murons2]

prikladam log v txt, ma moc znaku. Dekuji

[murons2]

Aha, txt to neumi, tak rozdelen na dva
1. cast:


Run by rdx at 2014-06-01 07:26:03
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 821 GB (86%) free of 954 GB
Total RAM: 16339 MB (88% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:26:06, on 1.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\rdx\AppData\Roaming\ICQM\icq.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\rdx\AppData\Local\Temp\system.exe
C:\Users\rdx\AppData\Local\Temp\chost.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\rdx.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [system] wscript.exe //B "C:\Users\rdx\AppData\Local\Temp\system.vbs"
O4 - HKCU\..\Run: [icq] C:\Users\rdx\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [12ce4e06a81e8d54fd01d9b762f1b1bb] "C:\Users\rdx\AppData\Local\Temp\system.exe" ..
O4 - HKCU\..\Run: [946589f7f847301f8eee827f12194b9e] "C:\Users\rdx\AppData\Local\Temp\chost.exe" ..
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: 6.exe
O4 - Startup: 6000.exe
O4 - Startup: 66.exe
O4 - Startup: 666666.exe
O4 - Startup: 7.exe
O4 - Startup: 7777.exe
O4 - Startup: applction windows 6666.exe
O4 - Startup: applection windows 777.exe
O4 - Startup: system.vbs
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\rdx\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\rdx\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

--
End of file - 11985 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4

ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4

ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\Tablet\Wacom\WTabletServicePro.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\Windows\system32\viakaraokesrv.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
/QuitInfo:00000000000005BC;00000000000005C0; /AddRef;
"taskhost.exe"
/QuitInfo:0000000000000630;0000000000000628; /AddRef;
"C:\Windows\system32\Dwm.exe"
/QuitInfo:000000000000064C;0000000000000658;
C:\Windows\Explorer.EXE
/loadhooks /Parent:0000000000000BC8
"C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe"
"C:\Program Files\Tablet\Wacom\WacomHost.exe" "C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Windows\System32\wscript.exe" //B "C:\Users\rdx\AppData\Local\Temp\system.vbs"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\rdx\AppData\Roaming\ICQM\icq.exe" -CU
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\rdx\AppData\Local\Temp\system.exe" ..
"C:\Users\rdx\AppData\Local\Temp\chost.exe" ..
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe" "C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -Recover
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskeng.exe {E290CC95-9D4A-4F93-A42F-67E81AD75108}

"C:\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\rdx\AppData\Roaming\Mozilla\Firefox\Profiles\9h7ymnul.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-07-27 341448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-07-27 341448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-07-27 341448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-30 2199840]
"itype"=c:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10 1873256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"system"=wscript.exe //B C:\Users\rdx\AppData\Local\Temp\system.vbs []
"AdobeBridge"= []
"icq"=C:\Users\rdx\AppData\Roaming\ICQM\icq.exe [2014-05-29 34826760]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
"12ce4e06a81e8d54fd01d9b762f1b1bb"=C:\Users\rdx\AppData\Local\Temp\system.exe [2014-05-31 417280]
"946589f7f847301f8eee827f12194b9e"=C:\Users\rdx\AppData\Local\Temp\chost.exe [2014-06-01 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\12ce4e06a81e8d54fd01d9b762f1b1bb]
C:\Users\rdx\AppData\Local\Temp\system.exe [2014-05-31 417280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\946589f7f847301f8eee827f12194b9e]
C:\Users\rdx\AppData\Local\Temp\chost.exe [2014-06-01 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACPW07EN]
C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [2014-03-18 1813832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2012-07-27 36800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^rdx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^1717.exe]
C:\Users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1717.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^rdx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^6.exe]
C:\Users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\6.exe [2014-05-31 417280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^rdx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^66666 clen.exe]
C:\Users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\66666 clen.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^rdx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^77 clen.exe]
C:\Users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\77 clen.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^rdx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^7a7.exe]
C:\Users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7a7.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-05-23 5120144]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-02-29 56088]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-20 291648]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-06-25 1073352]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2012-07-27 823224]

C:\Users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
6.exe
6000.exe
66.exe
666666.exe
7.exe
7777.exe
applction windows 6666.exe
applection windows 777.exe
system.vbs

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe","%1"

======List of files/folders created in the last 1 month======

2014-06-01 07:26:03 ----D---- C:\rsit
2014-06-01 07:26:03 ----D---- C:\Program Files\trend micro
2014-06-01 00:29:57 ----D---- C:\Program Files (x86)\CCleaner
2014-06-01 00:21:02 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-06-01 00:20:50 ----D---- C:\AdwCleaner
2014-05-31 21:26:11 ----D---- C:\Program Files\VideoLAN
2014-05-31 18:18:41 ----SD---- C:\Windows\system32\CompatTel
2014-05-31 11:12:35 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-05-31 11:12:35 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-05-31 11:12:35 ----A---- C:\Windows\system32\wmploc.DLL
2014-05-31 11:12:34 ----A---- C:\Windows\system32\wmp.dll
2014-05-31 11:07:11 ----D---- C:\Windows\Migration
2014-05-31 11:07:10 ----SHD---- C:\Config.Msi
2014-05-31 11:04:51 ----A---- C:\Windows\system32\IEUDINIT.EXE
2014-05-31 11:01:11 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2014-05-31 11:01:11 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\wextract.exe
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\url.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\msls31.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\inseng.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\icardie.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-05-31 11:01:09 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-05-31 11:01:09 ----A---- C:\Windows\system32\elshyph.dll
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\occache.dll
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\mshta.exe
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-05-31 11:01:08 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\wininet.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\urlmon.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-05-31 11:01:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-31 11:01:08 ----A---- C:\Windows\system32\msrating.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\msls31.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\mshtmler.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\msfeedssync.exe
2014-05-31 11:01:08 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\jsproxy.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\jsIntl.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\jscript9diag.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\jscript9.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\ieui.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\iesysprep.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\iertutil.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\ieframe.dll
2014-05-31 11:01:08 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\wextract.exe
2014-05-31 11:01:07 ----A---- C:\Windows\system32\webcheck.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\vbscript.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\url.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\pngfilt.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\occache.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\mshtml.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\mshta.exe
2014-05-31 11:01:07 ----A---- C:\Windows\system32\msfeeds.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\licmgr10.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\jscript.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\inseng.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\imgutil.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\iexpress.exe
2014-05-31 11:01:07 ----A---- C:\Windows\system32\ieUnatt.exe
2014-05-31 11:01:07 ----A---- C:\Windows\system32\iesetup.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\iernonce.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\iepeers.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-05-31 11:01:07 ----A---- C:\Windows\system32\iedkcs32.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\ieapfltr.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\ieapfltr.dat
2014-05-31 11:01:07 ----A---- C:\Windows\system32\ie4uinit.exe
2014-05-31 11:01:07 ----A---- C:\Windows\system32\icardie.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\dxtrans.dll
2014-05-31 11:01:07 ----A---- C:\Windows\system32\dxtmsft.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-31 11:00:12 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-31 11:00:12 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2014-05-31 11:00:12 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2014-05-31 11:00:12 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2014-05-31 11:00:12 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2014-05-31 11:00:12 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-05-31 11:00:12 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-05-31 11:00:12 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-05-31 11:00:12 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2014-05-31 11:00:12 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2014-05-31 11:00:12 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2014-05-31 11:00:12 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2014-05-31 11:00:12 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2014-05-31 11:00:12 ----A---- C:\Windows\system32\XpsPrint.dll
2014-05-31 11:00:12 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-05-31 11:00:12 ----A---- C:\Windows\system32\WMPhoto.dll
2014-05-31 11:00:12 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-05-31 11:00:12 ----A---- C:\Windows\system32\FntCache.dll
2014-05-31 11:00:12 ----A---- C:\Windows\system32\dxgi.dll
2014-05-31 11:00:12 ----A---- C:\Windows\system32\DWrite.dll
2014-05-31 11:00:12 ----A---- C:\Windows\system32\d3d10warp.dll
2014-05-31 11:00:12 ----A---- C:\Windows\system32\d3d10core.dll
2014-05-31 11:00:12 ----A---- C:\Windows\system32\d3d10.dll
2014-05-31 11:00:12 ----A---- C:\Windows\system32\d2d1.dll
2014-05-31 11:00:11 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2014-05-31 11:00:11 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2014-05-31 11:00:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-05-31 11:00:11 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-05-31 11:00:11 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2014-05-31 11:00:11 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-05-31 11:00:11 ----A---- C:\Windows\system32\UIAnimation.dll
2014-05-31 11:00:11 ----A---- C:\Windows\system32\d3d10level9.dll
2014-05-31 11:00:11 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-05-31 11:00:11 ----A---- C:\Windows\system32\d3d10_1.dll
2014-05-31 10:37:05 ----D---- C:\ProgramData\Line 6
2014-05-31 10:33:09 ----D---- C:\Program Files (x86)\Line6
2014-05-31 10:01:25 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2014-05-31 10:01:25 ----A---- C:\Windows\system32\wwansvc.dll
2014-05-31 10:01:25 ----A---- C:\Windows\system32\wwanprotdim.dll
2014-05-31 10:01:25 ----A---- C:\Windows\system32\msieftp.dll
2014-05-31 10:01:25 ----A---- C:\Windows\system32\comctl32.dll
2014-05-31 10:01:24 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2014-05-31 10:01:21 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2014-05-31 10:01:21 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2014-05-31 10:01:21 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2014-05-31 10:01:21 ----A---- C:\Windows\system32\dhcpcore6.dll
2014-05-31 10:01:20 ----A---- C:\Windows\system32\shell32.dll
2014-05-31 10:01:19 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-31 10:01:18 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-05-31 10:01:18 ----A---- C:\Windows\system32\wintrust.dll
2014-05-31 10:01:13 ----A---- C:\Windows\system32\aepdu.dll
2014-05-31 10:01:13 ----A---- C:\Windows\system32\aeinv.dll
2014-05-31 10:01:10 ----A---- C:\Windows\system32\consent.exe
2014-05-31 10:01:10 ----A---- C:\Windows\system32\appinfo.dll
2014-05-31 10:01:00 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-05-31 10:01:00 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2014-05-31 10:01:00 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-05-31 10:01:00 ----A---- C:\Windows\system32\cryptsvc.dll
2014-05-31 10:01:00 ----A---- C:\Windows\system32\cryptnet.dll
2014-05-31 10:01:00 ----A---- C:\Windows\system32\crypt32.dll
2014-05-31 10:00:58 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-05-31 10:00:58 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2014-05-31 10:00:58 ----A---- C:\Windows\system32\wer.dll
2014-05-31 10:00:58 ----A---- C:\Windows\system32\imagehlp.dll
2014-05-31 10:00:57 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-05-31 10:00:57 ----A---- C:\Windows\system32\tzres.dll
2014-05-31 10:00:55 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-05-31 10:00:55 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-05-31 10:00:55 ----A---- C:\Windows\system32\msxml3r.dll
2014-05-31 10:00:55 ----A---- C:\Windows\system32\msxml3.dll
2014-05-31 10:00:41 ----A---- C:\Windows\system32\win32k.sys
2014-05-31 10:00:41 ----A---- C:\Windows\system32\drivers\portcls.sys
2014-05-31 10:00:41 ----A---- C:\Windows\system32\drivers\drmk.sys
2014-05-31 10:00:41 ----A---- C:\Windows\system32\drivers\afd.sys
2014-05-31 10:00:40 ----A---- C:\Windows\system32\drivers\ataport.sys
2014-05-31 10:00:38 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2014-05-31 10:00:38 ----A---- C:\Windows\SYSWOW64\credui.dll
2014-05-31 10:00:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-05-31 10:00:38 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2014-05-31 10:00:38 ----A---- C:\Windows\system32\credui.dll
2014-05-31 10:00:38 ----A---- C:\Windows\system32\authui.dll
2014-05-31 10:00:36 ----A---- C:\Windows\SYSWOW64\lpk.dll
2014-05-31 10:00:36 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2014-05-31 10:00:36 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2014-05-31 10:00:36 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2014-05-31 10:00:36 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2014-05-31 10:00:36 ----A---- C:\Windows\system32\lpk.dll
2014-05-31 10:00:36 ----A---- C:\Windows\system32\fontsub.dll
2014-05-31 10:00:36 ----A---- C:\Windows\system32\dciman32.dll
2014-05-31 10:00:36 ----A---- C:\Windows\system32\atmlib.dll
2014-05-31 10:00:36 ----A---- C:\Windows\system32\atmfd.dll
2014-05-31 10:00:35 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-05-31 10:00:35 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-05-31 10:00:35 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-05-31 10:00:35 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-05-31 10:00:35 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-05-31 10:00:35 ----A---- C:\Windows\system32\RMActivate.exe
2014-05-31 10:00:34 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-05-31 10:00:34 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-05-31 10:00:34 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-05-31 10:00:34 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-05-31 10:00:34 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-05-31 10:00:34 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-05-31 10:00:34 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-05-31 10:00:34 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-05-31 10:00:34 ----A---- C:\Windows\system32\secproc_isv.dll
2014-05-31 10:00:34 ----A---- C:\Windows\system32\secproc.dll
2014-05-31 10:00:34 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-05-31 10:00:34 ----A---- C:\Windows\system32\msdrm.dll
2014-05-31 10:00:29 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-05-31 10:00:29 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-05-31 10:00:29 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-05-31 10:00:29 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-05-31 10:00:29 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-05-31 10:00:29 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-05-31 10:00:29 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-05-31 10:00:28 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2014-05-31 10:00:28 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2014-05-31 10:00:28 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-05-31 10:00:28 ----A---- C:\Windows\system32\d3d11.dll
2014-05-31 10:00:23 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-05-31 10:00:23 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-05-31 10:00:22 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-05-31 10:00:22 ----A---- C:\Windows\system32\rpcrt4.dll
2014-05-31 10:00:22 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-05-31 10:00:22 ----A---- C:\Windows\system32\drivers\usbcir.sys
2014-05-31 10:00:21 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2014-05-31 10:00:21 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2014-05-31 10:00:21 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2014-05-31 10:00:21 ----A---- C:\Windows\system32\nlasvc.dll
2014-05-31 10:00:21 ----A---- C:\Windows\system32\netcorehc.dll
2014-05-31 10:00:21 ----A---- C:\Windows\system32\ncsi.dll
2014-05-31 10:00:21 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-05-31 10:00:20 ----A---- C:\Windows\SYSWOW64\netevent.dll
2014-05-31 10:00:20 ----A---- C:\Windows\system32\nlaapi.dll
2014-05-31 10:00:20 ----A---- C:\Windows\system32\netevent.dll
2014-05-31 10:00:20 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2014-05-31 10:00:18 ----A---- C:\Windows\system32\drivers\hidparse.sys
2014-05-31 10:00:18 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-05-31 10:00:17 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-05-31 10:00:17 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2014-05-31 10:00:17 ----A---- C:\Windows\system32\WebClnt.dll
2014-05-31 10:00:17 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2014-05-31 10:00:17 ----A---- C:\Windows\system32\davclnt.dll
2014-05-31 10:00:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-31 10:00:16 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-31 10:00:15 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-31 10:00:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-31 10:00:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-31 10:00:15 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-31 10:00:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-31 10:00:15 ----A---- C:\Windows\system32\winlogon.exe
2014-05-31 10:00:15 ----A---- C:\Windows\system32\schannel.dll
2014-05-31 10:00:15 ----A---- C:\Windows\system32\objsel.dll
2014-05-31 10:00:15 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-31 10:00:15 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-31 10:00:15 ----A---- C:\Windows\system32\kerberos.dll
2014-05-31 10:00:15 ----A---- C:\Windows\system32\drivers\cng.sys
2014-05-31 10:00:14 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-31 10:00:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-31 10:00:14 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-31 10:00:14 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-05-31 10:00:14 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-31 10:00:14 ----A---- C:\Windows\system32\wdigest.dll
2014-05-31 10:00:14 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-31 10:00:14 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-31 10:00:13 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-31 10:00:13 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-31 10:00:13 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-31 10:00:13 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-31 10:00:13 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-31 10:00:13 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-31 10:00:13 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-31 10:00:13 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-31 10:00:13 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-31 10:00:13 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-31 10:00:13 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-31 10:00:13 ----A---- C:\Windows\system32\sspicli.dll
2014-05-31 10:00:13 ----A---- C:\Windows\system32\smss.exe
2014-05-31 10:00:13 ----A---- C:\Windows\system32\secur32.dll
2014-05-31 10:00:13 ----A---- C:\Windows\system32\ncrypt.dll
2014-05-31 10:00:13 ----A---- C:\Windows\system32\lsass.exe
2014-05-31 10:00:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-31 10:00:13 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-31 10:00:13 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-31 10:00:13 ----A---- C:\Windows\system32\csrsrv.dll
2014-05-31 10:00:13 ----A---- C:\Windows\system32\credssp.dll
2014-05-31 10:00:13 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-31 10:00:13 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-31 10:00:13 ----A---- C:\Windows\system32\adprovider.dll
2014-05-31 10:00:12 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2014-05-31 10:00:12 ----A---- C:\Windows\system32\apisetschema.dll
2014-05-31 10:00:07 ----A---- C:\Windows\system32\OxpsConverter.exe
2014-05-31 09:59:48 ----A---- C:\Windows\system32\mswsock.dll
2014-05-31 09:59:48 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-05-31 09:59:47 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2014-05-31 09:59:33 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-05-31 09:59:32 ----A---- C:\Windows\system32\drivers\netio.sys
2014-05-31 09:59:30 ----A---- C:\Windows\SYSWOW64\tdh.dll
2014-05-31 09:59:30 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-05-31 09:59:30 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2014-05-31 09:59:30 ----A---- C:\Windows\system32\tdh.dll
2014-05-31 09:59:30 ----A---- C:\Windows\system32\ntdll.dll
2014-05-31 09:59:30 ----A---- C:\Windows\system32\advapi32.dll
2014-05-31 09:59:27 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-05-31 09:59:27 ----A---- C:\Windows\system32\iologmsg.dll
2014-05-31 09:59:27 ----A---- C:\Windows\system32\drivers\storport.sys
2014-05-31 09:59:27 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-05-31 09:59:27 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-05-31 09:59:24 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2014-05-31 09:59:24 ----A---- C:\Windows\system32\shdocvw.dll
2014-05-31 09:59:22 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2014-05-31 09:59:22 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-05-31 09:59:22 ----A---- C:\Windows\system32\win32spl.dll
2014-05-31 09:59:22 ----A---- C:\Windows\system32\gdi32.dll
2014-05-31 09:59:21 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-05-31 09:59:21 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-31 09:59:21 ----A---- C:\Windows\system32\taskhost.exe
2014-05-31 09:59:21 ----A---- C:\Windows\system32\qedit.dll
2014-05-31 09:59:21 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-31 09:59:20 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2014-05-31 09:59:20 ----A---- C:\Windows\system32\cryptdlg.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-31 09:59:16 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-05-31 09:59:16 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-05-31 09:59:16 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-05-31 09:59:16 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-05-31 09:59:16 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-05-31 09:59:16 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-05-31 09:59:16 ----A---- C:\Windows\system32\wow64win.dll
2014-05-31 09:59:16 ----A---- C:\Windows\system32\wow64cpu.dll
2014-05-31 09:59:16 ----A---- C:\Windows\system32\wow64.dll
2014-05-31 09:59:16 ----A---- C:\Windows\system32\winsrv.dll
2014-05-31 09:59:16 ----A---- C:\Windows\system32\ntvdm64.dll
2014-05-31 09:59:16 ----A---- C:\Windows\system32\kernel32.dll
2014-05-31 09:59:16 ----A---- C:\Windows\system32\conhost.exe
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-05-31 09:59:15 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-05-31 09:59:15 ----A---- C:\Windows\SYSWOW64\user.exe
2014-05-31 09:59:14 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-05-31 09:59:13 ----A---- C:\Windows\SYSWOW64\certutil.exe
2014-05-31 09:59:13 ----A---- C:\Windows\system32\certutil.exe
2014-05-31 09:59:12 ----A---- C:\Windows\SYSWOW64\certenc.dll
2014-05-31 09:59:12 ----A---- C:\Windows\system32\certenc.dll
2014-05-31 09:59:08 ----A---- C:\Windows\SYSWOW64\wscript.exe
2014-05-31 09:59:08 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2014-05-31 09:59:08 ----A---- C:\Windows\SYSWOW64\cscript.exe
2014-05-31 09:59:08 ----A---- C:\Windows\system32\wscript.exe
2014-05-31 09:59:08 ----A---- C:\Windows\system32\scrrun.dll
2014-05-31 09:59:08 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-05-31 09:59:08 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-05-31 09:59:08 ----A---- C:\Windows\system32\cscript.exe
2014-05-31 09:59:08 ----A---- C:\Windows\system32\cdd.dll
2014-05-31 09:54:06 ----D---- C:\Users\rdx\AppData\Roaming\TCXConverter
2014-05-31 09:54:06 ----D---- C:\Program Files (x86)\TCX Converter
2014-05-31 09:53:19 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2014-05-31 09:53:19 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2014-05-31 09:53:19 ----A---- C:\Windows\system32\nshwfp.dll
2014-05-31 09:53:19 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-05-31 09:53:19 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-05-31 09:53:18 ----A---- C:\Windows\system32\scavengeui.dll
2014-05-30 23:02:38 ----D---- C:\Users\rdx\AppData\Roaming\WTablet
2014-05-30 22:59:44 ----D---- C:\Program Files\TabletPlugins
2014-05-30 22:59:44 ----D---- C:\Program Files (x86)\TabletPlugins
2014-05-30 22:59:39 ----A---- C:\Windows\system32\drivers\wacomrouterfilter.sys
2014-05-30 22:59:37 ----A---- C:\Windows\system32\drivers\wdfcoinstaller01009.dll
2014-05-30 22:59:37 ----A---- C:\Windows\system32\drivers\wachidrouter.sys
2014-05-30 22:59:37 ----A---- C:\Windows\system32\drivers\hidkmdf.sys
2014-05-30 22:59:32 ----A---- C:\Windows\SYSWOW64\Wintab32.dll
2014-05-30 22:59:32 ----A---- C:\Windows\SYSWOW64\WacomMT.dll
2014-05-30 22:59:32 ----A---- C:\Windows\SYSWOW64\Wacom_Touch_Tablet.dll
2014-05-30 22:59:32 ----A---- C:\Windows\SYSWOW64\Wacom_Tablet.dll
2014-05-30 22:59:32 ----A---- C:\Windows\system32\Wintab32.dll
2014-05-30 22:59:32 ----A---- C:\Windows\system32\WacomMT.dll
2014-05-30 22:59:32 ----A---- C:\Windows\system32\Wacom_Touch_Tablet.dll
2014-05-30 22:59:31 ----A---- C:\Windows\system32\Wacom_Tablet.dll
2014-05-30 22:59:30 ----D---- C:\Program Files\Tablet
2014-05-30 19:27:34 ----D---- C:\Users\rdx\AppData\Roaming\Skype
2014-05-30 19:27:31 ----RD---- C:\Program Files (x86)\Skype
2014-05-30 19:27:21 ----D---- C:\ProgramData\Skype
2014-05-30 19:19:01 ----D---- C:\Users\rdx\AppData\Roaming\Garmin
2014-05-30 13:23:12 ----D---- C:\Windows\system32\SPReview
2014-05-30 13:23:01 ----D---- C:\Windows\system32\EventProviders
2014-05-30 13:02:52 ----A---- C:\Windows\system32\netfxperf.dll
2014-05-30 13:02:52 ----A---- C:\Windows\system32\dfshim.dll
2014-05-30 13:02:49 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-05-30 13:02:47 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-05-30 13:02:44 ----A---- C:\Windows\SYSWOW64\pmcsnap.dll
2014-05-30 13:02:44 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2014-05-30 13:02:44 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2014-05-30 13:02:44 ----A---- C:\Windows\system32\sysmain.dll
2014-05-30 13:02:43 ----A---- C:\Windows\system32\MSVidCtl.dll
2014-05-30 13:02:42 ----A---- C:\Windows\system32\xpsservices.dll
2014-05-30 13:02:42 ----A---- C:\Windows\system32\mscoree.dll
2014-05-30 13:02:42 ----A---- C:\Windows\system32\mmcndmgr.dll
2014-05-30 13:02:42 ----A---- C:\Windows\system32\mf.dll
2014-05-30 13:02:41 ----A---- C:\Windows\SYSWOW64\PushPrinterConnections.exe
2014-05-30 13:02:41 ----A---- C:\Windows\SYSWOW64\ppcsnap.dll
2014-05-30 13:02:41 ----A---- C:\Windows\system32\schedsvc.dll
2014-05-30 13:02:40 ----A---- C:\Windows\system32\spwizui.dll
2014-05-30 13:02:40 ----A---- C:\Windows\system32\ole32.dll
2014-05-30 13:02:39 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2014-05-30 13:02:39 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-05-30 13:02:39 ----A---- C:\Windows\system32\wevtsvc.dll
2014-05-30 13:02:39 ----A---- C:\Windows\system32\vssapi.dll
2014-05-30 13:02:39 ----A---- C:\Windows\system32\taskschd.dll
2014-05-30 13:02:39 ----A---- C:\Windows\system32\RacEngn.dll
2014-05-30 13:02:39 ----A---- C:\Windows\system32\ExplorerFrame.dll
2014-05-30 13:02:39 ----A---- C:\Windows\system32\diagperf.dll
2014-05-30 13:02:38 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2014-05-30 13:02:38 ----A---- C:\Windows\system32\UIRibbon.dll
2014-05-30 13:02:38 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2014-05-30 13:02:38 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-05-30 13:02:38 ----A---- C:\Windows\explorer.exe
2014-05-30 13:02:37 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2014-05-30 13:02:37 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2014-05-30 13:02:37 ----A---- C:\Windows\system32\WsmSvc.dll
2014-05-30 13:02:37 ----A---- C:\Windows\system32\WMVCORE.DLL
2014-05-30 13:02:37 ----A---- C:\Windows\system32\WinSAT.exe
2014-05-30 13:02:37 ----A---- C:\Windows\system32\spreview.exe
2014-05-30 13:02:37 ----A---- C:\Windows\system32\spinstall.exe
2014-05-30 13:02:37 ----A---- C:\Windows\system32\rdpdd.dll
2014-05-30 13:02:37 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-05-30 13:02:37 ----A---- C:\Windows\system32\PresentationHost.exe
2014-05-30 13:02:37 ----A---- C:\Windows\system32\MPSSVC.dll
2014-05-30 13:02:37 ----A---- C:\Windows\system32\CertEnroll.dll
2014-05-30 13:02:36 ----A---- C:\Windows\SYSWOW64\RacEngn.dll
2014-05-30 13:02:36 ----A---- C:\Windows\system32\SearchFolder.dll
2014-05-30 13:02:36 ----A---- C:\Windows\system32\d3d9.dll
2014-05-30 13:02:35 ----A---- C:\Windows\SYSWOW64\AuthFWSnapin.dll
2014-05-30 13:02:35 ----A---- C:\Windows\system32\VSSVC.exe
2014-05-30 13:02:35 ----A---- C:\Windows\system32\gpsvc.dll
2014-05-30 13:02:35 ----A---- C:\Windows\system32\dwmcore.dll
2014-05-30 13:02:35 ----A---- C:\Windows\system32\drivers\http.sys
2014-05-30 13:02:35 ----A---- C:\Windows\system32\dbgeng.dll
2014-05-30 13:02:35 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2014-05-30 13:02:34 ----A---- C:\Windows\SYSWOW64\ole32.dll
2014-05-30 13:02:34 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2014-05-30 13:02:34 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-05-30 13:02:34 ----A---- C:\Windows\system32\actxprxy.dll
2014-05-30 13:02:33 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2014-05-30 13:02:33 ----A---- C:\Windows\system32\winhttp.dll
2014-05-30 13:02:33 ----A---- C:\Windows\system32\termsrv.dll
2014-05-30 13:02:33 ----A---- C:\Windows\system32\qmgr.dll
2014-05-30 13:02:33 ----A---- C:\Windows\system32\netlogon.dll
2014-05-30 13:02:33 ----A---- C:\Windows\system32\mstsc.exe
2014-05-30 13:02:33 ----A---- C:\Windows\system32\imapi2fs.dll
2014-05-30 13:02:33 ----A---- C:\Windows\system32\gpprefcl.dll
2014-05-30 13:02:33 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-05-30 13:02:33 ----A---- C:\Windows\system32\audiosrv.dll
2014-05-30 13:02:32 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2014-05-30 13:02:32 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2014-05-30 13:02:32 ----A---- C:\Windows\SYSWOW64\explorer.exe
2014-05-30 13:02:32 ----A---- C:\Windows\SYSWOW64\d3d9.dll
2014-05-30 13:02:32 ----A---- C:\Windows\system32\werconcpl.dll
2014-05-30 13:02:32 ----A---- C:\Windows\system32\wbengine.exe
2014-05-30 13:02:32 ----A---- C:\Windows\system32\setupapi.dll
2014-05-30 13:02:32 ----A---- C:\Windows\system32\rpcss.dll
2014-05-30 13:02:32 ----A---- C:\Windows\system32\QAGENTRT.DLL
2014-05-30 13:02:32 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2014-05-30 13:02:32 ----A---- C:\Windows\system32\propsys.dll
2014-05-30 13:02:31 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-05-30 13:02:31 ----A---- C:\Windows\SYSWOW64\certcli.dll
2014-05-30 13:02:31 ----A---- C:\Windows\system32\WSDApi.dll
2014-05-30 13:02:31 ----A---- C:\Windows\system32\user32.dll
2014-05-30 13:02:31 ----A---- C:\Windows\system32\umrdp.dll
2014-05-30 13:02:31 ----A---- C:\Windows\system32\taskeng.exe
2014-05-30 13:02:31 ----A---- C:\Windows\system32\odbc32.dll
2014-05-30 13:02:31 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-05-30 13:02:31 ----A---- C:\Windows\system32\drivers\netbt.sys
2014-05-30 13:02:31 ----A---- C:\Windows\system32\dhcpcore.dll
2014-05-30 13:02:31 ----A---- C:\Windows\system32\certmgr.dll
2014-05-30 13:02:30 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2014-05-30 13:02:30 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2014-05-30 13:02:30 ----A---- C:\Windows\system32\tsmf.dll
2014-05-30 13:02:30 ----A---- C:\Windows\system32\shlwapi.dll
2014-05-30 13:02:30 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2014-05-30 13:02:30 ----A---- C:\Windows\system32\netshell.dll
2014-05-30 13:02:30 ----A---- C:\Windows\system32\msdtctm.dll
2014-05-30 13:02:30 ----A---- C:\Windows\system32\framedynos.dll
2014-05-30 13:02:29 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-05-30 13:02:29 ----A---- C:\Windows\SYSWOW64\tsmf.dll
2014-05-30 13:02:29 ----A---- C:\Windows\SYSWOW64\tcpmonui.dll
2014-05-30 13:02:29 ----A---- C:\Windows\SYSWOW64\dot3api.dll
2014-05-30 13:02:29 ----A---- C:\Windows\system32\ws2_32.dll
2014-05-30 13:02:29 ----A---- C:\Windows\system32\wpdshext.dll
2014-05-30 13:02:29 ----A---- C:\Windows\system32\wmpps.dll
2014-05-30 13:02:29 ----A---- C:\Windows\system32\wmicmiplugin.dll
2014-05-30 13:02:29 ----A---- C:\Windows\system32\Query.dll
2014-05-30 13:02:29 ----A---- C:\Windows\system32\netcfgx.dll
2014-05-30 13:02:29 ----A---- C:\Windows\system32\lsm.exe
2014-05-30 13:02:29 ----A---- C:\Windows\system32\drvstore.dll
2014-05-30 13:02:29 ----A---- C:\Windows\system32\drivers\csc.sys
2014-05-30 13:02:29 ----A---- C:\Windows\system32\comdlg32.dll
2014-05-30 13:02:29 ----A---- C:\Windows\system32\azroles.dll
2014-05-30 13:02:29 ----A---- C:\Windows\system32\appmgr.dll
2014-05-30 13:02:29 ----A---- C:\Windows\system32\apphelp.dll
2014-05-30 13:02:28 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2014-05-30 13:02:28 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2014-05-30 13:02:28 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2014-05-30 13:02:28 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2014-05-30 13:02:28 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2014-05-30 13:02:28 ----A---- C:\Windows\system32\Vault.dll
2014-05-30 13:02:28 ----A---- C:\Windows\system32\samsrv.dll
2014-05-30 13:02:28 ----A---- C:\Windows\system32\QAGENT.DLL
2014-05-30 13:02:28 ----A---- C:\Windows\system32\lpksetup.exe
2014-05-30 13:02:28 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2014-05-30 13:02:28 ----A---- C:\Windows\system32\cmd.exe
2014-05-30 13:02:28 ----A---- C:\Windows\system32\BFE.DLL
2014-05-30 13:02:27 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-05-30 13:02:27 ----A---- C:\Windows\SYSWOW64\Query.dll
2014-05-30 13:02:27 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2014-05-30 13:02:27 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2014-05-30 13:02:27 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2014-05-30 13:02:27 ----A---- C:\Windows\system32\Wldap32.dll
2014-05-30 13:02:27 ----A---- C:\Windows\system32\taskcomp.dll
2014-05-30 13:02:27 ----A---- C:\Windows\system32\sxs.dll
2014-05-30 13:02:27 ----A---- C:\Windows\system32\rdpclip.exe
2014-05-30 13:02:27 ----A---- C:\Windows\system32\mfds.dll
2014-05-30 13:02:27 ----A---- C:\Windows\system32\mcbuilder.exe
2014-05-30 13:02:27 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2014-05-30 13:02:27 ----A---- C:\Windows\system32\cscsvc.dll
2014-05-30 13:02:27 ----A---- C:\Windows\system32\cscobj.dll
2014-05-30 13:02:26 ----A---- C:\Windows\SYSWOW64\upnp.dll
2014-05-30 13:02:26 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2014-05-30 13:02:26 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2014-05-30 13:02:26 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2014-05-30 13:02:26 ----A---- C:\Windows\SYSWOW64\imapi2fs.dll
2014-05-30 13:02:26 ----A---- C:\Windows\SYSWOW64\DShowRdpFilter.dll
2014-05-30 13:02:26 ----A---- C:\Windows\system32\winsta.dll
2014-05-30 13:02:26 ----A---- C:\Windows\system32\webservices.dll
2014-05-30 13:02:26 ----A---- C:\Windows\system32\sqlsrv32.dll
2014-05-30 13:02:26 ----A---- C:\Windows\system32\spoolsv.exe
2014-05-30 13:02:26 ----A---- C:\Windows\system32\SessEnv.dll
2014-05-30 13:02:26 ----A---- C:\Windows\system32\rdpendp.dll
2014-05-30 13:02:26 ----A---- C:\Windows\system32\pnidui.dll
2014-05-30 13:02:26 ----A---- C:\Windows\system32\ipsmsnap.dll
2014-05-30 13:02:26 ----A---- C:\Windows\system32\hgprint.dll
2014-05-30 13:02:26 ----A---- C:\Windows\system32\fveapi.dll
2014-05-30 13:02:26 ----A---- C:\Windows\system32\dot3api.dll
2014-05-30 13:02:25 ----A---- C:\Windows\SYSWOW64\xpsservices.dll
2014-05-30 13:02:25 ----A---- C:\Windows\SYSWOW64\userenv.dll
2014-05-30 13:02:25 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2014-05-30 13:02:25 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2014-05-30 13:02:25 ----A---- C:\Windows\SYSWOW64\mcbuilder.exe
2014-05-30 13:02:25 ----A---- C:\Windows\SYSWOW64\drvstore.dll
2014-05-30 13:02:25 ----A---- C:\Windows\SYSWOW64\certmgr.dll
2014-05-30 13:02:25 ----A---- C:\Windows\system32\WMNetMgr.dll
2014-05-30 13:02:25 ----A---- C:\Windows\system32\wlanpref.dll
2014-05-30 13:02:25 ----A---- C:\Windows\system32\vpnike.dll
2014-05-30 13:02:25 ----A---- C:\Windows\system32\userenv.dll
2014-05-30 13:02:25 ----A---- C:\Windows\system32\schtasks.exe
2014-05-30 13:02:25 ----A---- C:\Windows\system32\prncache.dll
2014-05-30 13:02:25 ----A---- C:\Windows\system32\photowiz.dll
2014-05-30 13:02:25 ----A---- C:\Windows\system32\mcmde.dll
2014-05-30 13:02:25 ----A---- C:\Windows\system32\evr.dll
2014-05-30 13:02:25 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-05-30 13:02:25 ----A---- C:\Windows\system32\drivers\rdbss.sys
2014-05-30 13:02:25 ----A---- C:\Windows\system32\drivers\msrpc.sys
2014-05-30 13:02:25 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2014-05-30 13:02:24 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2014-05-30 13:02:24 ----A---- C:\Windows\SYSWOW64\cmd.exe
2014-05-30 13:02:24 ----A---- C:\Windows\system32\wmpmde.dll
2014-05-30 13:02:24 ----A---- C:\Windows\system32\WMPEncEn.dll
2014-05-30 13:02:24 ----A---- C:\Windows\system32\wmpeffects.dll
2014-05-30 13:02:24 ----A---- C:\Windows\system32\tscfgwmi.dll
2014-05-30 13:02:24 ----A---- C:\Windows\system32\SyncCenter.dll
2014-05-30 13:02:24 ----A---- C:\Windows\system32\srvsvc.dll
2014-05-30 13:02:24 ----A---- C:\Windows\system32\sppobjs.dll
2014-05-30 13:02:24 ----A---- C:\Windows\system32\shsvcs.dll
2014-05-30 13:02:24 ----A---- C:\Windows\system32\mfreadwrite.dll
2014-05-30 13:02:24 ----A---- C:\Windows\system32\IPSECSVC.DLL
2014-05-30 13:02:24 ----A---- C:\Windows\system32\FXSSVC.exe
2014-05-30 13:02:24 ----A---- C:\Windows\system32\framedyn.dll
2014-05-30 13:02:24 ----A---- C:\Windows\system32\AudioSes.dll
2014-05-30 13:02:23 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2014-05-30 13:02:23 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-05-30 13:02:23 ----A---- C:\Windows\SYSWOW64\rdpendp.dll
2014-05-30 13:02:23 ----A---- C:\Windows\SYSWOW64\propsys.dll
2014-05-30 13:02:23 ----A---- C:\Windows\SYSWOW64\mfds.dll
2014-05-30 13:02:23 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2014-05-30 13:02:23 ----A---- C:\Windows\SYSWOW64\azroles.dll
2014-05-30 13:02:23 ----A---- C:\Windows\SYSWOW64\appmgr.dll
2014-05-30 13:02:23 ----A---- C:\Windows\system32\WinSATAPI.dll
2014-05-30 13:02:23 ----A---- C:\Windows\system32\vmicsvc.exe
2014-05-30 13:02:23 ----A---- C:\Windows\system32\tcpipcfg.dll
2014-05-30 13:02:23 ----A---- C:\Windows\system32\stobject.dll
2014-05-30 13:02:23 ----A---- C:\Windows\system32\spp.dll
2014-05-30 13:02:23 ----A---- C:\Windows\system32\QSHVHOST.DLL
2014-05-30 13:02:23 ----A---- C:\Windows\system32\netid.dll
2014-05-30 13:02:23 ----A---- C:\Windows\system32\netdiagfx.dll
2014-05-30 13:02:23 ----A---- C:\Windows\system32\localsec.dll
2014-05-30 13:02:23 ----A---- C:\Windows\system32\inetpp.dll
2014-05-30 13:02:23 ----A---- C:\Windows\system32\imapi2.dll
2014-05-30 13:02:23 ----A---- C:\Windows\system32\fde.dll
2014-05-30 13:02:23 ----A---- C:\Windows\system32\drivers\vmbus.sys
2014-05-30 13:02:23 ----A---- C:\Windows\system32\drivers\udfs.sys
2014-05-30 13:02:23 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2014-05-30 13:02:23 ----A---- C:\Windows\system32\cscui.dll
2014-05-30 13:02:23 ----A---- C:\Windows\system32\biocpl.dll
2014-05-30 13:02:23 ----A---- C:\Windows\system32\bcryptprimitives.dll
2014-05-30 13:02:22 ----A---- C:\Windows\SYSWOW64\themeui.dll
2014-05-30 13:02:22 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2014-05-30 13:02:22 ----A---- C:\Windows\SYSWOW64\spp.dll
2014-05-30 13:02:22 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2014-05-30 13:02:22 ----A---- C:\Windows\system32\scansetting.dll
2014-05-30 13:02:22 ----A---- C:\Windows\system32\printui.dll
2014-05-30 13:02:22 ----A---- C:\Windows\system32\pla.dll
2014-05-30 13:02:22 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2014-05-30 13:02:22 ----A---- C:\Windows\system32\mspbda.dll
2014-05-30 13:02:22 ----A---- C:\Windows\system32\msinfo32.exe
2014-05-30 13:02:22 ----A---- C:\Windows\splwow64.exe
2014-05-30 13:02:21 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2014-05-30 13:02:21 ----A---- C:\Windows\SYSWOW64\NaturalLanguage6.dll
2014-05-30 13:02:21 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2014-05-30 13:02:21 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-05-30 13:02:21 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2014-05-30 13:02:21 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2014-05-30 13:02:21 ----A---- C:\Windows\system32\XpsRasterService.dll
2014-05-30 13:02:21 ----A---- C:\Windows\system32\wusa.exe
2014-05-30 13:02:21 ----A---- C:\Windows\system32\wisptis.exe
2014-05-30 13:02:21 ----A---- C:\Windows\system32\wiaservc.dll
2014-05-30 13:02:21 ----A---- C:\Windows\system32\vds.exe
2014-05-30 13:02:21 ----A---- C:\Windows\system32\sppwinob.dll
2014-05-30 13:02:21 ----A---- C:\Windows\system32\rpchttp.dll
2014-05-30 13:02:21 ----A---- C:\Windows\system32\PkgMgr.exe
2014-05-30 13:02:21 ----A---- C:\Windows\system32\ocsetup.exe
2014-05-30 13:02:21 ----A---- C:\Windows\system32\msdri.dll
2014-05-30 13:02:21 ----A---- C:\Windows\system32\mscms.dll
2014-05-30 13:02:21 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2014-05-30 13:02:21 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2014-05-30 13:02:21 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2014-05-30 13:02:21 ----A---- C:\Windows\system32\drivers\pci.sys
2014-05-30 13:02:21 ----A---- C:\Windows\system32\aitagent.exe
2014-05-30 13:02:21 ----A---- C:\Windows\system32\AdmTmpl.dll
2014-05-30 13:02:20 ----A---- C:\Windows\SYSWOW64\WinSATAPI.dll
2014-05-30 13:02:20 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2014-05-30 13:02:20 ----A---- C:\Windows\SYSWOW64\sxs.dll
2014-05-30 13:02:20 ----A---- C:\Windows\SYSWOW64\sqlsrv32.dll
2014-05-30 13:02:20 ----A---- C:\Windows\SYSWOW64\calc.exe
2014-05-30 13:02:20 ----A---- C:\Windows\system32\wpdbusenum.dll
2014-05-30 13:02:20 ----A---- C:\Windows\system32\wcncsvc.dll
2014-05-30 13:02:20 ----A---- C:\Windows\system32\upnp.dll
2014-05-30 13:02:20 ----A---- C:\Windows\system32\thumbcache.dll
2014-05-30 13:02:20 ----A---- C:\Windows\system32\t2embed.dll
2014-05-30 13:02:20 ----A---- C:\Windows\system32\Robocopy.exe
2014-05-30 13:02:20 ----A---- C:\Windows\system32\ocsetapi.dll
2014-05-30 13:02:20 ----A---- C:\Windows\system32\mprapi.dll
2014-05-30 13:02:20 ----A---- C:\Windows\system32\hal.dll
2014-05-30 13:02:20 ----A---- C:\Windows\system32\eapphost.dll
2014-05-30 13:02:20 ----A---- C:\Windows\system32\eapp3hst.dll
2014-05-30 13:02:20 ----A---- C:\Windows\system32\DXP.dll
2014-05-30 13:02:20 ----A---- C:\Windows\system32\drivers\volmgr.sys
2014-05-30 13:02:20 ----A---- C:\Windows\system32\drivers\msdsm.sys
2014-05-30 13:02:20 ----A---- C:\Windows\system32\drivers\HpSAMD.sys
2014-05-30 13:02:20 ----A---- C:\Windows\system32\ci.dll
2014-05-30 13:02:19 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2014-05-30 13:02:19 ----A---- C:\Windows\SYSWOW64\stobject.dll
2014-05-30 13:02:19 ----A---- C:\Windows\SYSWOW64\prncache.dll
2014-05-30 13:02:19 ----A---- C:\Windows\SYSWOW64\netshell.dll
2014-05-30 13:02:19 ----A---- C:\Windows\system32\themeui.dll
2014-05-30 13:02:19 ----A---- C:\Windows\system32\scrptadm.dll
2014-05-30 13:02:19 ----A---- C:\Windows\system32\scecli.dll
2014-05-30 13:02:19 ----A---- C:\Windows\system32\puiobj.dll
2014-05-30 13:02:19 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2014-05-30 13:02:19 ----A---- C:\Windows\system32\onex.dll
2014-05-30 13:02:19 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2014-05-30 13:02:19 ----A---- C:\Windows\system32\msasn1.dll
2014-05-30 13:02:19 ----A---- C:\Windows\system32\iasrad.dll
2014-05-30 13:02:19 ----A---- C:\Windows\system32\DxpTaskSync.dll
2014-05-30 13:02:19 ----A---- C:\Windows\system32\dwmredir.dll
2014-05-30 13:02:19 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys
2014-05-30 13:02:19 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-05-30 13:02:18 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2014-05-30 13:02:18 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2014-05-30 13:02:18 ----A---- C:\Windows\SYSWOW64\scansetting.dll
2014-05-30 13:02:18 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-05-30 13:02:18 ----A---- C:\Windows\SYSWOW64\printui.dll
2014-05-30 13:02:18 ----A---- C:\Windows\SYSWOW64\net1.exe
2014-05-30 13:02:18 ----A---- C:\Windows\system32\wdc.dll
2014-05-30 13:02:18 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2014-05-30 13:02:17 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2014-05-30 13:02:17 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2014-05-30 13:02:17 ----A---- C:\Windows\SYSWOW64\wlangpui.dll
2014-05-30 13:02:17 ----A---- C:\Windows\SYSWOW64\webservices.dll
2014-05-30 13:02:17 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2014-05-30 13:02:17 ----A---- C:\Windows\SYSWOW64\scrptadm.dll
2014-05-30 13:02:17 ----A---- C:\Windows\SYSWOW64\QSHVHOST.DLL
2014-05-30 13:02:17 ----A---- C:\Windows\SYSWOW64\pnidui.dll
2014-05-30 13:02:17 ----A---- C:\Windows\SYSWOW64\MMDevAPI.dll
2014-05-30 13:02:17 ----A---- C:\Windows\SYSWOW64\fde.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\wscapi.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\wlangpui.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\wiadefui.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\VAN.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\TabSvc.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\StructuredQuery.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\srchadmin.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\SndVol.exe
2014-05-30 13:02:17 ----A---- C:\Windows\system32\sdengin2.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\scesrv.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\samcli.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\regapi.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\rasmans.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\QUTIL.DLL
2014-05-30 13:02:17 ----A---- C:\Windows\system32\netcenter.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\msftedit.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\iasacct.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\dskquoui.dll
2014-05-30 13:02:17 ----A---- C:\Windows\system32\drivers\termdd.sys
2014-05-30 13:02:17 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2014-05-30 13:02:16 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-05-30 13:02:16 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2014-05-30 13:02:16 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2014-05-30 13:02:16 ----A---- C:\Windows\SYSWOW64\SyncCenter.dll
2014-05-30 13:02:16 ----A---- C:\Windows\SYSWOW64\pla.dll
2014-05-30 13:02:16 ----A---- C:\Windows\SYSWOW64\netdiagfx.dll
2014-05-30 13:02:16 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2014-05-30 13:02:16 ----A---- C:\Windows\SYSWOW64\cscobj.dll
2014-05-30 13:02:16 ----A---- C:\Windows\system32\wksprt.exe
2014-05-30 13:02:16 ----A---- C:\Windows\system32\tapisrv.dll
2014-05-30 13:02:16 ----A---- C:\Windows\system32\setupcl.exe
2014-05-30 13:02:16 ----A---- C:\Windows\system32\rastls.dll
2014-05-30 13:02:16 ----A---- C:\Windows\system32\netiohlp.dll
2014-05-30 13:02:16 ----A---- C:\Windows\system32\msconfig.exe
2014-05-30 13:02:16 ----A---- C:\Windows\system32\mimefilt.dll
2014-05-30 13:02:16 ----A---- C:\Windows\system32\lsmproxy.dll
2014-05-30 13:02:16 ----A---- C:\Windows\system32\ListSvc.dll
2014-05-30 13:02:16 ----A---- C:\Windows\system32\hgcpl.dll
2014-05-30 13:02:16 ----A---- C:\Windows\system32\fdeploy.dll
2014-05-30 13:02:16 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2014-05-30 13:02:16 ----A---- C:\Windows\system32\drivers\raspptp.sys
2014-05-30 13:02:16 ----A---- C:\Windows\system32\drivers\msahci.sys
2014-05-30 13:02:16 ----A---- C:\Windows\system32\drivers\ks.sys
2014-05-30 13:02:16 ----A---- C:\Windows\system32\drivers\acpi.sys
2014-05-30 13:02:16 ----A---- C:\Windows\system32\clusapi.dll
2014-05-30 13:02:16 ----A---- C:\Windows\system32\basecsp.dll
2014-05-30 13:02:15 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-05-30 13:02:15 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2014-05-30 13:02:15 ----A---- C:\Windows\SYSWOW64\imapi2.dll
2014-05-30 13:02:15 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2014-05-30 13:02:15 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-05-30 13:02:15 ----A---- C:\Windows\system32\riched20.dll
2014-05-30 13:02:15 ----A---- C:\Windows\system32\mtxclu.dll
2014-05-30 13:02:15 ----A---- C:\Windows\system32\dnscmmc.dll
2014-05-30 13:02:15 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2014-05-30 13:02:14 ----A---- C:\Windows\SYSWOW64\WMPEncEn.dll
2014-05-30 13:02:14 ----A---- C:\Windows\SYSWOW64\winmm.dll
2014-05-30 13:02:14 ----A---- C:\Windows\SYSWOW64\shsvcs.dll
2014-05-30 13:02:14 ----A---- C:\Windows\SYSWOW64\samcli.dll
2014-05-30 13:02:14 ----A---- C:\Windows\SYSWOW64\proquota.exe
2014-05-30 13:02:14 ----A---- C:\Windows\SYSWOW64\onex.dll
2014-05-30 13:02:14 ----A---- C:\Windows\SYSWOW64\netiohlp.dll
2014-05-30 13:02:14 ----A---- C:\Windows\SYSWOW64\msutb.dll
2014-05-30 13:02:14 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2014-05-30 13:02:14 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2014-05-30 13:02:14 ----A---- C:\Windows\SYSWOW64\autochk.exe
2014-05-30 13:02:14 ----A---- C:\Windows\SYSWOW64\autofmt.exe
2014-05-30 13:02:14 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-05-30 13:02:14 ----A---- C:\Windows\system32\wkssvc.dll
2014-05-30 13:02:14 ----A---- C:\Windows\system32\vpnikeapi.dll
2014-05-30 13:02:14 ----A---- C:\Windows\system32\themecpl.dll
2014-05-30 13:02:14 ----A---- C:\Windows\system32\sppcomapi.dll
2014-05-30 13:02:14 ----A---- C:\Windows\system32\sharemediacpl.dll
2014-05-30 13:02:14 ----A---- C:\Windows\system32\SensorsCpl.dll
2014-05-30 13:02:14 ----A---- C:\Windows\system32\RpcRtRemote.dll
2014-05-30 13:02:14 ----A---- C:\Windows\system32\powercpl.dll
2014-05-30 13:02:14 ----A---- C:\Windows\system32\netjoin.dll
2014-05-30 13:02:14 ----A---- C:\Windows\system32\nci.dll
2014-05-30 13:02:14 ----A---- C:\Windows\system32\Narrator.exe
2014-05-30 13:02:14 ----A---- C:\Windows\system32\logoncli.dll
2014-05-30 13:02:14 ----A---- C:\Windows\system32\Faultrep.dll
2014-05-30 13:02:14 ----A---- C:\Windows\system32\eudcedit.exe
2014-05-30 13:02:14 ----A---- C:\Windows\system32\cabview.dll
2014-05-30 13:02:14 ----A---- C:\Windows\system32\autochk.exe
2014-05-30 13:02:14 ----A---- C:\Windows\system32\autofmt.exe
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\thumbcache.dll
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\tcpipcfg.dll
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\srchadmin.dll
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\regapi.dll
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\QAGENT.DLL
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\powercpl.dll
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\netid.dll
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\mimefilt.dll
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\ipsmsnap.dll
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\AuxiliaryDisplayCpl.dll
2014-05-30 13:02:13 ----A---- C:\Windows\SYSWOW64\autoconv.exe
2014-05-30 13:02:13 ----A---- C:\Windows\system32\wwanconn.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\wpd_ci.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\wlanui.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\SmiEngine.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\shsetup.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\sdclt.exe
2014-05-30 13:02:13 ----A---- C:\Windows\system32\prntvpt.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\nshipsec.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\mscorier.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\mprddm.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\fontext.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\fms.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\drivers\wanarp.sys
2014-05-30 13:02:13 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2014-05-30 13:02:13 ----A---- C:\Windows\system32\drivers\scsiport.sys
2014-05-30 13:02:13 ----A---- C:\Windows\system32\dps.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\Display.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\bcdsrv.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\AxInstSv.dll
2014-05-30 13:02:13 ----A---- C:\Windows\system32\autoconv.exe
2014-05-30 13:02:13 ----A---- C:\Windows\system32\audiodg.exe
2014-05-30 13:02:12 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2014-05-30 13:02:12 ----A---- C:\Windows\SYSWOW64\wlanpref.dll
2014-05-30 13:02:12 ----A---- C:\Windows\SYSWOW64\wdc.dll
2014-05-30 13:02:12 ----A---- C:\Windows\SYSWOW64\Vault.dll
2014-05-30 13:02:12 ----A---- C:\Windows\SYSWOW64\untfs.dll
2014-05-30 13:02:12 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2014-05-30 13:02:12 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2014-05-30 13:02:12 ----A---- C:\Windows\SYSWOW64\RpcRtRemote.dll
2014-05-30 13:02:12 ----A---- C:\Windows\SYSWOW64\Robocopy.exe
2014-05-30 13:02:12 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-05-30 13:02:12 ----A---- C:\Windows\SYSWOW64\nci.dll
2014-05-30 13:02:12 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-05-30 13:02:12 ----A---- C:\Windows\system32\wpccpl.dll
2014-05-30 13:02:12 ----A---- C:\Windows\system32\wmpsrcwp.dll
2014-05-30 13:02:12 ----A---- C:\Windows\system32\usercpl.dll
2014-05-30 13:02:12 ----A---- C:\Windows\system32\sppsvc.exe
2014-05-30 13:02:12 ----A---- C:\Windows\system32\rtutils.dll
2014-05-30 13:02:12 ----A---- C:\Windows\system32\provsvc.dll
2014-05-30 13:02:12 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2014-05-30 13:02:12 ----A---- C:\Windows\system32\mblctr.exe
2014-05-30 13:02:12 ----A---- C:\Windows\system32\DiagCpl.dll
2014-05-30 13:02:12 ----A---- C:\Windows\system32\bootres.dll
2014-05-30 13:02:12 ----A---- C:\Windows\system32\batmeter.dll
2014-05-30 13:02:11 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2014-05-30 13:02:11 ----A---- C:\Windows\SYSWOW64\userinit.exe
2014-05-30 13:02:11 ----A---- C:\Windows\SYSWOW64\termmgr.dll
2014-05-30 13:02:11 ----A---- C:\Windows\SYSWOW64\taskmgr.exe
2014-05-30 13:02:11 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2014-05-30 13:02:11 ----A---- C:\Windows\SYSWOW64\mtxclu.dll
2014-05-30 13:02:11 ----A---- C:\Windows\SYSWOW64\eudcedit.exe
2014-05-30 13:02:11 ----A---- C:\Windows\SYSWOW64\DxpTaskSync.dll
2014-05-30 13:02:11 ----A---- C:\Windows\SYSWOW64\Display.dll
2014-05-30 13:02:11 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2014-05-30 13:02:11 ----A---- C:\Windows\system32\taskmgr.exe
2014-05-30 13:02:11 ----A---- C:\Windows\system32\SndVolSSO.dll
2014-05-30 13:02:11 ----A---- C:\Windows\system32\rasppp.dll
2014-05-30 13:02:11 ----A---- C:\Windows\system32\proquota.exe
2014-05-30 13:02:11 ----A---- C:\Windows\system32\prnfldr.dll
2014-05-30 13:02:11 ----A---- C:\Windows\system32\pdh.dll
2014-05-30 13:02:11 ----A---- C:\Windows\system32\hbaapi.dll
2014-05-30 13:02:11 ----A---- C:\Windows\system32\dxdiagn.dll
2014-05-30 13:02:11 ----A---- C:\Windows\system32\drivers\winhv.sys
2014-05-30 13:02:11 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2014-05-30 13:02:11 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2014-05-30 13:02:11 ----A---- C:\Windows\system32\dot3cfg.dll
2014-05-30 13:02:10 ----A---- C:\Windows\SYSWOW64\wiadefui.dll
2014-05-30 13:02:10 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2014-05-30 13:02:10 ----A---- C:\Windows\SYSWOW64\sppcomapi.dll
2014-05-30 13:02:10 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2014-05-30 13:02:10 ----A---- C:\Windows\SYSWOW64\SensorsCpl.dll
2014-05-30 13:02:10 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2014-05-30 13:02:10 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2014-05-30 13:02:10 ----A---- C:\Windows\SYSWOW64\FirewallControlPanel.dll

[murons2]

2 cast

2014-05-30 13:02:10 ----A---- C:\Windows\SYSWOW64\dnscmmc.dll
2014-05-30 13:02:10 ----A---- C:\Windows\SYSWOW64\cabview.dll
2014-05-30 13:02:10 ----A---- C:\Windows\system32\zipfldr.dll
2014-05-30 13:02:10 ----A---- C:\Windows\system32\userinit.exe
2014-05-30 13:02:10 ----A---- C:\Windows\system32\untfs.dll
2014-05-30 13:02:10 ----A---- C:\Windows\system32\slui.exe
2014-05-30 13:02:10 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2014-05-30 13:02:10 ----A---- C:\Windows\system32\drivers\storvsc.sys
2014-05-30 13:02:10 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2014-05-30 13:02:10 ----A---- C:\Windows\system32\accessibilitycpl.dll
2014-05-30 13:02:09 ----A---- C:\Windows\SYSWOW64\tapisrv.dll
2014-05-30 13:02:09 ----A---- C:\Windows\SYSWOW64\scecli.dll
2014-05-30 13:02:09 ----A---- C:\Windows\SYSWOW64\PhotoScreensaver.scr
2014-05-30 13:02:09 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-05-30 13:02:09 ----A---- C:\Windows\SYSWOW64\mscms.dll
2014-05-30 13:02:09 ----A---- C:\Windows\SYSWOW64\localsec.dll
2014-05-30 13:02:09 ----A---- C:\Windows\SYSWOW64\hgcpl.dll
2014-05-30 13:02:09 ----A---- C:\Windows\SYSWOW64\fontext.dll
2014-05-30 13:02:09 ----A---- C:\Windows\system32\sud.dll
2014-05-30 13:02:09 ----A---- C:\Windows\system32\DeviceCenter.dll
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\wlanui.dll
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\w32tm.exe
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\VAN.dll
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\spwizeng.dll
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\SndVolSSO.dll
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\prntvpt.dll
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\PerfCenterCPL.dll
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\iasacct.dll
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\batmeter.dll
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\azroleui.dll
2014-05-30 13:02:08 ----A---- C:\Windows\SYSWOW64\accessibilitycpl.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\uxlib.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\twext.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\taskbarcpl.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\sisbkup.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\recovery.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\OobeFldr.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\networkmap.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\isoburn.exe
2014-05-30 13:02:08 ----A---- C:\Windows\system32\dsuiext.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2014-05-30 13:02:08 ----A---- C:\Windows\system32\dot3svc.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\cryptui.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\cca.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\bcdedit.exe
2014-05-30 13:02:08 ----A---- C:\Windows\system32\azroleui.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\asycfilt.dll
2014-05-30 13:02:08 ----A---- C:\Windows\system32\ActionCenter.dll
2014-05-30 13:02:07 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2014-05-30 13:02:07 ----A---- C:\Windows\SYSWOW64\wusa.exe
2014-05-30 13:02:07 ----A---- C:\Windows\SYSWOW64\sud.dll
2014-05-30 13:02:07 ----A---- C:\Windows\SYSWOW64\prnfldr.dll
2014-05-30 13:02:07 ----A---- C:\Windows\SYSWOW64\OnLineIDCpl.dll
2014-05-30 13:02:07 ----A---- C:\Windows\SYSWOW64\networkmap.dll
2014-05-30 13:02:07 ----A---- C:\Windows\SYSWOW64\netjoin.dll
2014-05-30 13:02:07 ----A---- C:\Windows\SYSWOW64\MSAC3ENC.DLL
2014-05-30 13:02:07 ----A---- C:\Windows\SYSWOW64\MCEWMDRMNDBootstrap.dll
2014-05-30 13:02:07 ----A---- C:\Windows\SYSWOW64\fdeploy.dll
2014-05-30 13:02:07 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2014-05-30 13:02:07 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-05-30 13:02:07 ----A---- C:\Windows\SYSWOW64\adsldp.dll
2014-05-30 13:02:07 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\wlanmsm.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\tzutil.exe
2014-05-30 13:02:07 ----A---- C:\Windows\system32\systemcpl.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\sysclass.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\syncui.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\spwizeng.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\shwebsvc.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\sdrsvc.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\sdcpl.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\recdisc.exe
2014-05-30 13:02:07 ----A---- C:\Windows\system32\netplwiz.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\ncryptui.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\msvidc32.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\MFPlay.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\httpapi.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\efscore.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2014-05-30 13:02:07 ----A---- C:\Windows\system32\drivers\mpio.sys
2014-05-30 13:02:07 ----A---- C:\Windows\system32\certcli.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\autoplay.dll
2014-05-30 13:02:07 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2014-05-30 13:02:06 ----A---- C:\Windows\SYSWOW64\sisbkup.dll
2014-05-30 13:02:06 ----A---- C:\Windows\SYSWOW64\shwebsvc.dll
2014-05-30 13:02:06 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2014-05-30 13:02:06 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2014-05-30 13:02:06 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2014-05-30 13:02:06 ----A---- C:\Windows\SYSWOW64\ifsutil.dll
2014-05-30 13:02:06 ----A---- C:\Windows\SYSWOW64\iasrad.dll
2014-05-30 13:02:06 ----A---- C:\Windows\SYSWOW64\ftp.exe
2014-05-30 13:02:06 ----A---- C:\Windows\SYSWOW64\efscore.dll
2014-05-30 13:02:06 ----A---- C:\Windows\SYSWOW64\dot3cfg.dll
2014-05-30 13:02:06 ----A---- C:\Windows\SYSWOW64\defaultlocationcpl.dll
2014-05-30 13:02:06 ----A---- C:\Windows\system32\vdsutil.dll
2014-05-30 13:02:06 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2014-05-30 13:02:06 ----A---- C:\Windows\system32\termmgr.dll
2014-05-30 13:02:06 ----A---- C:\Windows\system32\sqlcese30.dll
2014-05-30 13:02:06 ----A---- C:\Windows\system32\sethc.exe
2014-05-30 13:02:06 ----A---- C:\Windows\system32\ReAgent.dll
2014-05-30 13:02:06 ----A---- C:\Windows\system32\rdpd3d.dll
2014-05-30 13:02:06 ----A---- C:\Windows\system32\ntlanman.dll
2014-05-30 13:02:06 ----A---- C:\Windows\system32\msscp.dll
2014-05-30 13:02:06 ----A---- C:\Windows\system32\iprtrmgr.dll
2014-05-30 13:02:06 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2014-05-30 13:02:05 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2014-05-30 13:02:05 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2014-05-30 13:02:05 ----A---- C:\Windows\SYSWOW64\syncui.dll
2014-05-30 13:02:05 ----A---- C:\Windows\SYSWOW64\sethc.exe
2014-05-30 13:02:05 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2014-05-30 13:02:05 ----A---- C:\Windows\SYSWOW64\riched20.dll
2014-05-30 13:02:05 ----A---- C:\Windows\SYSWOW64\OobeFldr.dll
2014-05-30 13:02:05 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2014-05-30 13:02:05 ----A---- C:\Windows\SYSWOW64\ntlanman.dll
2014-05-30 13:02:05 ----A---- C:\Windows\SYSWOW64\dskquoui.dll
2014-05-30 13:02:05 ----A---- C:\Windows\SYSWOW64\DeviceCenter.dll
2014-05-30 13:02:05 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-05-30 13:02:05 ----A---- C:\Windows\SYSWOW64\autoplay.dll
2014-05-30 13:02:05 ----A---- C:\Windows\SYSWOW64\ActionCenterCPL.dll
2014-05-30 13:02:05 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-05-30 13:02:05 ----A---- C:\Windows\system32\wavemsp.dll
2014-05-30 13:02:05 ----A---- C:\Windows\system32\ssText3d.scr
2014-05-30 13:02:05 ----A---- C:\Windows\system32\srvcli.dll
2014-05-30 13:02:05 ----A---- C:\Windows\system32\srrstr.dll
2014-05-30 13:02:05 ----A---- C:\Windows\system32\slwga.dll
2014-05-30 13:02:05 ----A---- C:\Windows\system32\ntprint.dll
2014-05-30 13:02:05 ----A---- C:\Windows\system32\nslookup.exe
2014-05-30 13:02:05 ----A---- C:\Windows\system32\NAPHLPR.DLL
2014-05-30 13:02:05 ----A---- C:\Windows\system32\msiexec.exe
2014-05-30 13:02:05 ----A---- C:\Windows\system32\iyuv_32.dll
2014-05-30 13:02:05 ----A---- C:\Windows\system32\iTVData.dll
2014-05-30 13:02:05 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-05-30 13:02:05 ----A---- C:\Windows\system32\drivers\vmstorfl.sys
2014-05-30 13:02:05 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2014-05-30 13:02:05 ----A---- C:\Windows\system32\bcdboot.exe
2014-05-30 13:02:05 ----A---- C:\Windows\system32\acppage.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\wmpsrcwp.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\wavemsp.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\provsvc.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\nshipsec.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\netplwiz.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\NAPHLPR.DLL
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\migisol.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\isoburn.exe
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\httpapi.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\fms.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\dsuiext.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\dpx.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\dot3ui.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\dfrgui.exe
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2014-05-30 13:02:04 ----A---- C:\Windows\SYSWOW64\activeds.dll
2014-05-30 13:02:04 ----A---- C:\Windows\system32\wsnmp32.dll
2014-05-30 13:02:04 ----A---- C:\Windows\system32\wmpdxm.dll
2014-05-30 13:02:04 ----A---- C:\Windows\system32\wkscli.dll
2014-05-30 13:02:04 ----A---- C:\Windows\system32\WinSCard.dll
2014-05-30 13:02:04 ----A---- C:\Windows\system32\sppnp.dll
2014-05-30 13:02:04 ----A---- C:\Windows\system32\remotepg.dll
2014-05-30 13:02:04 ----A---- C:\Windows\system32\PresentationSettings.exe
2014-05-30 13:02:04 ----A---- C:\Windows\system32\networkexplorer.dll
2014-05-30 13:02:04 ----A---- C:\Windows\system32\net1.exe
2014-05-30 13:02:04 ----A---- C:\Windows\system32\ftp.exe
2014-05-30 13:02:04 ----A---- C:\Windows\system32\dfrgui.exe
2014-05-30 13:02:04 ----A---- C:\Windows\system32\certprop.dll
2014-05-30 13:02:04 ----A---- C:\Windows\system32\cabinet.dll
2014-05-30 13:02:03 ----A---- C:\Windows\twain_32.dll
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\wvc.dll
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\wtsapi32.dll
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\wimgapi.dll
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\uxlib.dll
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\tzutil.exe
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\twext.dll
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\ssText3d.scr
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\slwga.dll
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\setupugc.exe
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\qcap.dll
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\qasf.dll
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\PkgMgr.exe
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\ocsetup.exe
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\mstask.dll
2014-05-30 13:02:03 ----A---- C:\Windows\SYSWOW64\AdmTmpl.dll
2014-05-30 13:02:03 ----A---- C:\Windows\system32\wvc.dll
2014-05-30 13:02:03 ----A---- C:\Windows\system32\wsqmcons.exe
2014-05-30 13:02:03 ----A---- C:\Windows\system32\wmdrmdev.dll
2014-05-30 13:02:03 ----A---- C:\Windows\system32\WerFaultSecure.exe
2014-05-30 13:02:03 ----A---- C:\Windows\system32\unimdmat.dll
2014-05-30 13:02:03 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-05-30 13:02:03 ----A---- C:\Windows\system32\tsbyuv.dll
2014-05-30 13:02:03 ----A---- C:\Windows\system32\seclogon.dll
2014-05-30 13:02:03 ----A---- C:\Windows\system32\Ribbons.scr
2014-05-30 13:02:03 ----A---- C:\Windows\system32\OpcServices.dll
2014-05-30 13:02:03 ----A---- C:\Windows\system32\Mystify.scr
2014-05-30 13:02:03 ----A---- C:\Windows\system32\msyuv.dll
2014-05-30 13:02:03 ----A---- C:\Windows\system32\msrle32.dll
2014-05-30 13:02:03 ----A---- C:\Windows\system32\mfps.dll
2014-05-30 13:02:03 ----A---- C:\Windows\system32\mapistub.dll
2014-05-30 13:02:03 ----A---- C:\Windows\system32\mapi32.dll
2014-05-30 13:02:03 ----A---- C:\Windows\system32\iscsium.dll
2014-05-30 13:02:03 ----A---- C:\Windows\system32\ifsutil.dll
2014-05-30 13:02:03 ----A---- C:\Windows\system32\diskraid.exe
2014-05-30 13:02:03 ----A---- C:\Windows\system32\Bubbles.scr
2014-05-30 13:02:03 ----A---- C:\Windows\system32\blackbox.dll
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\wimserv.exe
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\remotepg.dll
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\rdpencom.dll
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\raschap.dll
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\nslookup.exe
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\msvfw32.dll
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\diskraid.exe
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\DevicePairingFolder.dll
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\audiodev.dll
2014-05-30 13:02:02 ----A---- C:\Windows\SYSWOW64\acppage.dll
2014-05-30 13:02:02 ----A---- C:\Windows\system32\wmpshell.dll
2014-05-30 13:02:02 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-05-30 13:02:02 ----A---- C:\Windows\system32\umb.dll
2014-05-30 13:02:02 ----A---- C:\Windows\system32\tlscsp.dll
2014-05-30 13:02:02 ----A---- C:\Windows\system32\runonce.exe
2014-05-30 13:02:02 ----A---- C:\Windows\system32\rdpencom.dll
2014-05-30 13:02:02 ----A---- C:\Windows\system32\qasf.dll
2014-05-30 13:02:02 ----A---- C:\Windows\system32\perfmon.exe
2014-05-30 13:02:02 ----A---- C:\Windows\system32\netutils.dll
2014-05-30 13:02:02 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2014-05-30 13:02:02 ----A---- C:\Windows\system32\muifontsetup.dll
2014-05-30 13:02:02 ----A---- C:\Windows\system32\FXSAPI.dll
2014-05-30 13:02:02 ----A---- C:\Windows\system32\drivers\umbus.sys
2014-05-30 13:02:02 ----A---- C:\Windows\system32\dbghelp.dll
2014-05-30 13:02:02 ----A---- C:\Windows\system32\AzSqlExt.dll
2014-05-30 13:02:02 ----A---- C:\Windows\system32\ActionQueue.dll
2014-05-30 13:02:02 ----A---- C:\Windows\bfsvc.exe
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\wpdwcn.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\vpnikeapi.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\vdsbas.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\UserAccountControlSettings.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\runonce.exe
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\QUTIL.DLL
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\onexui.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\ocsetapi.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\networkexplorer.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\NAPCRYPT.DLL
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\logagent.exe
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\iTVData.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\input.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\dxdiagn.dll
2014-05-30 13:02:01 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-05-30 13:02:01 ----A---- C:\Windows\system32\wpdwcn.dll
2014-05-30 13:02:01 ----A---- C:\Windows\system32\WMVSDECD.DLL
2014-05-30 13:02:01 ----A---- C:\Windows\system32\WMADMOD.DLL
2014-05-30 13:02:01 ----A---- C:\Windows\system32\wiavideo.dll
2014-05-30 13:02:01 ----A---- C:\Windows\system32\vdsbas.dll
2014-05-30 13:02:01 ----A---- C:\Windows\system32\syssetup.dll
2014-05-30 13:02:01 ----A---- C:\Windows\system32\shacct.dll
2014-05-30 13:02:01 ----A---- C:\Windows\system32\raschap.dll
2014-05-30 13:02:01 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2014-05-30 13:02:01 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2014-05-30 13:02:01 ----A---- C:\Windows\system32\nltest.exe
2014-05-30 13:02:01 ----A---- C:\Windows\system32\mstask.dll
2014-05-30 13:02:01 ----A---- C:\Windows\system32\MdSched.exe
2014-05-30 13:02:01 ----A---- C:\Windows\system32\Mcx2Svc.dll
2014-05-30 13:02:01 ----A---- C:\Windows\system32\drivers\rmcast.sys
2014-05-30 13:02:01 ----A---- C:\Windows\system32\cscapi.dll
2014-05-30 13:02:01 ----A---- C:\Windows\system32\bitsadmin.exe
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\WPDSp.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\wmpshell.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\unimdmat.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\srvcli.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\sqlcese30.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\shacct.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\Ribbons.scr
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\rdpd3d.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\QSVRMGMT.DLL
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\PortableDeviceSyncProvider.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\PortableDeviceStatus.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\pdh.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\OpcServices.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\olethk32.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\ncryptui.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\Mystify.scr
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\mprapi.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\lsmproxy.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\logman.exe
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\iscsium.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\Bubbles.scr
2014-05-30 13:02:00 ----A---- C:\Windows\SYSWOW64\bitsadmin.exe
2014-05-30 13:02:00 ----A---- C:\Windows\system32\WPDSp.dll
2014-05-30 13:02:00 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2014-05-30 13:02:00 ----A---- C:\Windows\system32\wmdrmnet.dll
2014-05-30 13:02:00 ----A---- C:\Windows\system32\vss_ps.dll
2014-05-30 13:02:00 ----A---- C:\Windows\system32\vmictimeprovider.dll
2014-05-30 13:02:00 ----A---- C:\Windows\system32\takeown.exe
2014-05-30 13:02:00 ----A---- C:\Windows\system32\tabcal.exe
2014-05-30 13:02:00 ----A---- C:\Windows\system32\spbcd.dll
2014-05-30 13:02:00 ----A---- C:\Windows\system32\qdv.dll
2014-05-30 13:02:00 ----A---- C:\Windows\system32\qcap.dll
2014-05-30 13:02:00 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2014-05-30 13:02:00 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2014-05-30 13:02:00 ----A---- C:\Windows\system32\PnPUnattend.exe
2014-05-30 13:02:00 ----A---- C:\Windows\system32\msnetobj.dll
2014-05-30 13:02:00 ----A---- C:\Windows\system32\logman.exe
2014-05-30 13:02:00 ----A---- C:\Windows\system32\fphc.dll
2014-05-30 13:02:00 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2014-05-30 13:02:00 ----A---- C:\Windows\system32\dot3ui.dll
2014-05-30 13:02:00 ----A---- C:\Windows\system32\CscMig.dll
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\wiavideo.dll
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\utildll.dll
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\takeown.exe
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\sppinst.dll
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\qdv.dll
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\QCLIPROV.DLL
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\fphc.dll
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\EhStorAPI.dll
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\dot3msm.dll
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\cmstp.exe
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\cca.dll
2014-05-30 13:01:59 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2014-05-30 13:01:59 ----A---- C:\Windows\system32\WavDest.dll
2014-05-30 13:01:59 ----A---- C:\Windows\system32\vfwwdm32.dll
2014-05-30 13:01:59 ----A---- C:\Windows\system32\shimgvw.dll
2014-05-30 13:01:59 ----A---- C:\Windows\system32\QCLIPROV.DLL
2014-05-30 13:01:59 ----A---- C:\Windows\system32\nrpsrv.dll
2014-05-30 13:01:59 ----A---- C:\Windows\system32\iasrecst.dll
2014-05-30 13:01:59 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2014-05-30 13:01:59 ----A---- C:\Windows\system32\fdProxy.dll
2014-05-30 13:01:59 ----A---- C:\Windows\system32\EhStorAPI.dll
2014-05-30 13:01:59 ----A---- C:\Windows\system32\djoin.exe
2014-05-30 13:01:59 ----A---- C:\Windows\system32\cmstp.exe
2014-05-30 13:01:59 ----A---- C:\Windows\system32\CertPolEng.dll
2014-05-30 13:01:59 ----A---- C:\Windows\system32\amstream.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\wkscli.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\vfwwdm32.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\spbcd.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\setupcln.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\resutils.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\relog.exe
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\netiougc.exe
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\mydocs.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\MuiUnattend.exe
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\itircl.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\iscsicli.exe
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\iasrecst.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\diskpart.exe
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\AzSqlExt.dll
2014-05-30 13:01:58 ----A---- C:\Windows\SYSWOW64\amstream.dll
2014-05-30 13:01:58 ----A---- C:\Windows\system32\sscore.dll
2014-05-30 13:01:58 ----A---- C:\Windows\system32\relog.exe
2014-05-30 13:01:58 ----A---- C:\Windows\system32\mydocs.dll
2014-05-30 13:01:58 ----A---- C:\Windows\system32\MultiDigiMon.exe
2014-05-30 13:01:58 ----A---- C:\Windows\system32\msdmo.dll
2014-05-30 13:01:58 ----A---- C:\Windows\system32\mobsync.exe
2014-05-30 13:01:58 ----A---- C:\Windows\system32\KMSVC.DLL
2014-05-30 13:01:58 ----A---- C:\Windows\system32\itircl.dll
2014-05-30 13:01:58 ----A---- C:\Windows\system32\iscsicli.exe
2014-05-30 13:01:58 ----A---- C:\Windows\system32\drivers\pacer.sys
2014-05-30 13:01:58 ----A---- C:\Windows\system32\dot3msm.dll
2014-05-30 13:01:58 ----A---- C:\Windows\system32\diskpart.exe
2014-05-30 13:01:58 ----A---- C:\Windows\system32\BWUnpairElevated.dll
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\wmpps.dll
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\tlscsp.dll
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\syssetup.dll
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\sppc.dll
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\spopk.dll
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\shimgvw.dll
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\ReAgentc.exe
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\netutils.dll
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\muifontsetup.dll
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\mobsync.exe
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\mciqtz32.dll
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\luainstall.dll
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\findstr.exe
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\CertPolEng.dll
2014-05-30 13:01:57 ----A---- C:\Windows\SYSWOW64\cabinet.dll
2014-05-30 13:01:57 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2014-05-30 13:01:57 ----A---- C:\Windows\system32\sppc.dll
2014-05-30 13:01:57 ----A---- C:\Windows\system32\spopk.dll
2014-05-30 13:01:57 ----A---- C:\Windows\system32\schedcli.dll
2014-05-30 13:01:57 ----A---- C:\Windows\system32\repair-bde.exe
2014-05-30 13:01:57 ----A---- C:\Windows\system32\RDPENCDD.dll
2014-05-30 13:01:57 ----A---- C:\Windows\system32\qprocess.exe
2014-05-30 13:01:57 ----A---- C:\Windows\system32\qappsrv.exe
2014-05-30 13:01:57 ----A---- C:\Windows\system32\onexui.dll
2014-05-30 13:01:57 ----A---- C:\Windows\system32\mciqtz32.dll
2014-05-30 13:01:57 ----A---- C:\Windows\system32\manage-bde.exe
2014-05-30 13:01:57 ----A---- C:\Windows\system32\luainstall.dll
2014-05-30 13:01:57 ----A---- C:\Windows\system32\inetmib1.dll
2014-05-30 13:01:57 ----A---- C:\Windows\system32\choice.exe
2014-05-30 13:01:57 ----A---- C:\Windows\system32\chglogon.exe
2014-05-30 13:01:57 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-05-30 13:01:57 ----A---- C:\Windows\system32\findstr.exe
2014-05-30 13:01:57 ----A---- C:\Windows\system32\eappgnui.dll
2014-05-30 13:01:57 ----A---- C:\Windows\system32\drivers\tunnel.sys
2014-05-30 13:01:57 ----A---- C:\Windows\system32\drivers\dfsc.sys
2014-05-30 13:01:56 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-05-30 13:01:56 ----A---- C:\Windows\SYSWOW64\unlodctr.exe
2014-05-30 13:01:56 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2014-05-30 13:01:56 ----A---- C:\Windows\SYSWOW64\rdprefdrvapi.dll
2014-05-30 13:01:56 ----A---- C:\Windows\SYSWOW64\perfts.dll
2014-05-30 13:01:56 ----A---- C:\Windows\SYSWOW64\odbcconf.dll
2014-05-30 13:01:56 ----A---- C:\Windows\SYSWOW64\msdmo.dll
2014-05-30 13:01:56 ----A---- C:\Windows\SYSWOW64\inetmib1.dll
2014-05-30 13:01:56 ----A---- C:\Windows\SYSWOW64\imm32.dll
2014-05-30 13:01:56 ----A---- C:\Windows\system32\wshbth.dll
2014-05-30 13:01:56 ----A---- C:\Windows\system32\vmstorfltres.dll
2014-05-30 13:01:56 ----A---- C:\Windows\system32\vmicres.dll
2014-05-30 13:01:56 ----A---- C:\Windows\system32\vmbusres.dll
2014-05-30 13:01:56 ----A---- C:\Windows\system32\UIRibbonRes.dll
2014-05-30 13:01:56 ----A---- C:\Windows\system32\tskill.exe
2014-05-30 13:01:56 ----A---- C:\Windows\system32\tsdiscon.exe
2014-05-30 13:01:56 ----A---- C:\Windows\system32\tscon.exe
2014-05-30 13:01:56 ----A---- C:\Windows\system32\TRAPI.dll
2014-05-30 13:01:56 ----A---- C:\Windows\system32\shadow.exe
2014-05-30 13:01:56 ----A---- C:\Windows\system32\rwinsta.exe
2014-05-30 13:01:56 ----A---- C:\Windows\system32\reset.exe
2014-05-30 13:01:56 ----A---- C:\Windows\system32\query.exe
2014-05-30 13:01:56 ----A---- C:\Windows\system32\odbcconf.dll
2014-05-30 13:01:56 ----A---- C:\Windows\system32\LogonUI.exe
2014-05-30 13:01:56 ----A---- C:\Windows\system32\logoff.exe
2014-05-30 13:01:56 ----A---- C:\Windows\system32\chgusr.exe
2014-05-30 13:01:56 ----A---- C:\Windows\system32\chgport.exe
2014-05-30 13:01:56 ----A---- C:\Windows\system32\change.exe
2014-05-30 13:01:56 ----A---- C:\Windows\system32\FXSMON.dll
2014-05-30 13:01:56 ----A---- C:\Windows\system32\fixmapi.exe
2014-05-30 13:01:56 ----A---- C:\Windows\system32\elsTrans.dll
2014-05-30 13:01:56 ----A---- C:\Windows\system32\dsauth.dll
2014-05-30 13:01:56 ----A---- C:\Windows\system32\drivers\tdi.sys
2014-05-30 13:01:55 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2014-05-30 13:01:55 ----A---- C:\Windows\SYSWOW64\wsdchngr.dll
2014-05-30 13:01:55 ----A---- C:\Windows\SYSWOW64\TRAPI.dll
2014-05-30 13:01:55 ----A---- C:\Windows\SYSWOW64\sscore.dll
2014-05-30 13:01:55 ----A---- C:\Windows\SYSWOW64\schedcli.dll
2014-05-30 13:01:55 ----A---- C:\Windows\SYSWOW64\shgina.dll
2014-05-30 13:01:55 ----A---- C:\Windows\SYSWOW64\riched32.dll
2014-05-30 13:01:55 ----A---- C:\Windows\SYSWOW64\napdsnap.dll
2014-05-30 13:01:55 ----A---- C:\Windows\SYSWOW64\elsTrans.dll
2014-05-30 13:01:55 ----A---- C:\Windows\SYSWOW64\dsauth.dll
2014-05-30 13:01:55 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2014-05-30 13:01:55 ----A---- C:\Windows\SYSWOW64\bitsperf.dll
2014-05-30 13:01:55 ----A---- C:\Windows\system32\wsdchngr.dll
2014-05-30 13:01:55 ----A---- C:\Windows\system32\shgina.dll
2014-05-30 13:01:55 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2014-05-30 13:01:55 ----A---- C:\Windows\system32\napdsnap.dll
2014-05-30 13:01:55 ----A---- C:\Windows\system32\FXSUNATD.exe
2014-05-30 13:01:55 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2014-05-30 13:01:55 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2014-05-30 13:01:55 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2014-05-30 13:01:55 ----A---- C:\Windows\system32\cscdll.dll
2014-05-30 13:01:55 ----A---- C:\Windows\system32\bitsperf.dll
2014-05-30 13:01:54 ----A---- C:\Windows\SYSWOW64\wshirda.dll
2014-05-30 13:01:54 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-05-30 13:01:54 ----A---- C:\Windows\SYSWOW64\browseui.dll
2014-05-30 13:01:54 ----A---- C:\Windows\system32\wshirda.dll
2014-05-30 13:01:54 ----A---- C:\Windows\system32\VmdCoinstall.dll
2014-05-30 13:01:54 ----A---- C:\Windows\system32\vmbuspipe.dll
2014-05-30 13:01:54 ----A---- C:\Windows\system32\VmbusCoinstaller.dll
2014-05-30 13:01:54 ----A---- C:\Windows\system32\spwmp.dll
2014-05-30 13:01:54 ----A---- C:\Windows\system32\riched32.dll
2014-05-30 13:01:54 ----A---- C:\Windows\system32\rdpcfgex.dll
2014-05-30 13:01:54 ----A---- C:\Windows\system32\IcCoinstall.dll
2014-05-30 13:01:54 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2014-05-30 13:01:54 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2014-05-30 13:01:54 ----A---- C:\Windows\system32\drivers\hidusb.sys
2014-05-30 13:01:54 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2014-05-30 13:01:54 ----A---- C:\Windows\system32\drivers\appid.sys
2014-05-30 13:01:54 ----A---- C:\Windows\system32\C_ISCII.DLL
2014-05-30 13:01:54 ----A---- C:\Windows\system32\browseui.dll
2014-05-30 13:01:53 ----AH---- C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\shunimpl.dll
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDUS.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDUGHR1.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDTURME.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDTUQ.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDTUF.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDTAJIK.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDSG.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDMON.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDMAORI.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDLT1.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\kbdlk41a.dll
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDINTEL.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDINTAM.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDINORI.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDINMAR.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDINKAN.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDINHIN.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDINBEN.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDGR1.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDGKL.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDGEO.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDCZ1.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDBULG.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDBLR.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-05-30 13:01:53 ----A---- C:\Windows\SYSWOW64\C_ISCII.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\shunimpl.dll
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDUS.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDTUQ.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDTUF.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDSG.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDSF.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDPO.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDNEPR.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDMON.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDLT1.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\kbdlk41a.dll
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDINTAM.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDINBEN.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDGR1.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDGKL.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDGEO.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDCZ1.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDBULG.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDBLR.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-05-30 13:01:53 ----A---- C:\Windows\system32\dxmasf.dll
2014-05-30 13:01:53 ----A---- C:\Windows\system32\drivers\vms3cap.sys
2014-05-30 13:01:53 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2014-05-30 13:01:53 ----A---- C:\Windows\system32\drivers\scfilter.sys
2014-05-30 13:01:53 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2014-05-30 13:01:53 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2014-05-30 13:01:53 ----A---- C:\Windows\system32\drivers\cdrom.sys
2014-05-30 13:01:52 ----A---- C:\Windows\SYSWOW64\spwizres.dll
2014-05-30 13:01:52 ----A---- C:\Windows\SYSWOW64\pifmgr.dll
2014-05-30 13:01:52 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2014-05-30 13:01:52 ----A---- C:\Windows\SYSWOW64\KBDSF.DLL
2014-05-30 13:01:52 ----A---- C:\Windows\SYSWOW64\KBDPO.DLL
2014-05-30 13:01:52 ----A---- C:\Windows\SYSWOW64\KBDNEPR.DLL
2014-05-30 13:01:52 ----A---- C:\Windows\system32\spwizres.dll
2014-05-30 13:01:52 ----A---- C:\Windows\system32\pifmgr.dll
2014-05-30 13:01:52 ----A---- C:\Windows\system32\nlsbres.dll
2014-05-30 13:01:52 ----A---- C:\Windows\system32\KBDTURME.DLL
2014-05-30 13:01:52 ----A---- C:\Windows\system32\KBDMAORI.DLL
2014-05-30 13:01:52 ----A---- C:\Windows\system32\KBDINTEL.DLL
2014-05-30 13:01:52 ----A---- C:\Windows\system32\KBDINORI.DLL
2014-05-30 13:01:52 ----A---- C:\Windows\system32\KBDINMAR.DLL
2014-05-30 13:01:52 ----A---- C:\Windows\system32\KBDINKAN.DLL
2014-05-30 13:01:52 ----A---- C:\Windows\system32\KBDINHIN.DLL
2014-05-30 13:01:52 ----A---- C:\Windows\system32\drivers\VMBusHID.sys
2014-05-30 13:01:52 ----A---- C:\Windows\system32\BlbEvents.dll
2014-05-30 13:01:48 ----A---- C:\Windows\SYSWOW64\wdscore.dll
2014-05-30 13:01:48 ----A---- C:\Windows\system32\dpx.dll
2014-05-30 13:01:46 ----A---- C:\Windows\SYSWOW64\sqmapi.dll
2014-05-30 13:01:45 ----A---- C:\Windows\SYSWOW64\printmanagement.msc
2014-05-30 13:01:44 ----A---- C:\Windows\SYSWOW64\wbemcomn.dll
2014-05-30 13:01:32 ----A---- C:\Windows\system32\wbemcomn.dll
2014-05-30 13:01:31 ----A---- C:\Windows\system32\sqmapi.dll
2014-05-30 12:48:56 ----A---- C:\Windows\SYSWOW64\esent.dll
2014-05-30 12:48:56 ----A---- C:\Windows\system32\fsutil.exe
2014-05-30 12:48:56 ----A---- C:\Windows\system32\esent.dll
2014-05-30 12:48:56 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-05-30 12:48:56 ----A---- C:\Windows\system32\drivers\nvstor.sys
2014-05-30 12:48:56 ----A---- C:\Windows\system32\drivers\nvraid.sys
2014-05-30 12:48:56 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2014-05-30 12:48:56 ----A---- C:\Windows\system32\drivers\amdxata.sys
2014-05-30 12:48:56 ----A---- C:\Windows\system32\drivers\amdsata.sys
2014-05-30 12:48:55 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2014-05-30 11:54:02 ----D---- C:\Program Files (x86)\Google
2014-05-30 07:45:43 ----D---- C:\Windows\pss
2014-05-30 07:38:09 ----D---- C:\Windows\SYSWOW64\Wat
2014-05-30 07:38:09 ----D---- C:\Windows\system32\Wat
2014-05-30 02:19:04 ----A---- C:\Windows\system32\Wdfres.dll
2014-05-30 02:19:04 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-05-30 02:10:46 ----A---- C:\Windows\system32\browserchoice.exe
2014-05-30 01:55:24 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-05-30 01:55:24 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-05-30 01:55:24 ----A---- C:\Windows\system32\WUDFHost.exe
2014-05-30 01:55:24 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-05-30 01:55:24 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-05-30 01:55:24 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-05-30 01:55:23 ----A---- C:\Windows\system32\WUDFx.dll
2014-05-30 01:47:20 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2014-05-30 01:47:19 ----A---- C:\Windows\SYSWOW64\wmi.dll
2014-05-30 01:47:19 ----A---- C:\Windows\system32\wmi.dll
2014-05-29 19:22:04 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2014-05-29 19:22:04 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2014-05-29 19:22:04 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2014-05-29 19:22:04 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-05-29 19:22:04 ----A---- C:\Windows\system32\XAudio2_7.dll
2014-05-29 19:22:04 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2014-05-29 19:22:04 ----A---- C:\Windows\system32\xactengine3_7.dll
2014-05-29 19:22:04 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2014-05-29 19:22:03 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-05-29 19:22:03 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-05-29 19:22:03 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-05-29 19:22:03 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-05-29 19:22:03 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-05-29 19:22:03 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-05-29 19:22:03 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-05-29 19:22:03 ----A---- C:\Windows\system32\d3dcsx_43.dll
2014-05-29 19:22:02 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2014-05-29 19:22:02 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2014-05-29 19:22:02 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2014-05-29 19:22:02 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2014-05-29 19:22:02 ----A---- C:\Windows\system32\XAudio2_6.dll
2014-05-29 19:22:02 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2014-05-29 19:22:02 ----A---- C:\Windows\system32\xactengine3_6.dll
2014-05-29 19:22:02 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2014-05-29 19:22:01 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2014-05-29 19:22:01 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2014-05-29 19:22:01 ----A---- C:\Windows\system32\XAudio2_5.dll
2014-05-29 19:22:01 ----A---- C:\Windows\system32\xactengine3_5.dll
2014-05-29 19:22:00 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2014-05-29 19:22:00 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2014-05-29 19:22:00 ----A---- C:\Windows\system32\d3dcsx_42.dll
2014-05-29 19:22:00 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2014-05-29 19:21:59 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2014-05-29 19:21:59 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2014-05-29 19:21:59 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2014-05-29 19:21:59 ----A---- C:\Windows\system32\D3DX9_42.dll
2014-05-29 19:21:59 ----A---- C:\Windows\system32\d3dx11_42.dll
2014-05-29 19:21:59 ----A---- C:\Windows\system32\d3dx10_42.dll
2014-05-29 19:21:58 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-05-29 19:21:58 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2014-05-29 19:21:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2014-05-29 19:21:58 ----A---- C:\Windows\system32\D3DX9_41.dll
2014-05-29 19:21:58 ----A---- C:\Windows\system32\d3dx10_41.dll
2014-05-29 19:21:58 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2014-05-29 19:21:57 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2014-05-29 19:21:57 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2014-05-29 19:21:57 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2014-05-29 19:21:57 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2014-05-29 19:21:57 ----A---- C:\Windows\system32\XAudio2_4.dll
2014-05-29 19:21:57 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2014-05-29 19:21:57 ----A---- C:\Windows\system32\xactengine3_4.dll
2014-05-29 19:21:57 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2014-05-29 19:21:56 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2014-05-29 19:21:56 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2014-05-29 19:21:56 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2014-05-29 19:21:56 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-05-29 19:21:56 ----A---- C:\Windows\system32\d3dx10_40.dll
2014-05-29 19:21:56 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-05-29 19:21:55 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2014-05-29 19:21:55 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2014-05-29 19:21:55 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2014-05-29 19:21:55 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2014-05-29 19:21:55 ----A---- C:\Windows\system32\XAudio2_3.dll
2014-05-29 19:21:55 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2014-05-29 19:21:55 ----A---- C:\Windows\system32\xactengine3_3.dll
2014-05-29 19:21:55 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2014-05-29 19:21:54 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2014-05-29 19:21:54 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2014-05-29 19:21:54 ----A---- C:\Windows\system32\XAudio2_2.dll
2014-05-29 19:21:54 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2014-05-29 19:21:51 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2014-05-29 19:21:51 ----A---- C:\Windows\system32\xactengine3_2.dll
2014-05-29 19:21:50 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2014-05-29 19:21:50 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2014-05-29 19:21:50 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2014-05-29 19:21:50 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2014-05-29 19:21:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2014-05-29 19:21:50 ----A---- C:\Windows\system32\XAudio2_1.dll
2014-05-29 19:21:50 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2014-05-29 19:21:50 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-05-29 19:21:50 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-05-29 19:21:50 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-05-29 19:21:49 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2014-05-29 19:21:49 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2014-05-29 19:21:49 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2014-05-29 19:21:49 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2014-05-29 19:21:49 ----A---- C:\Windows\system32\xactengine3_1.dll
2014-05-29 19:21:49 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2014-05-29 19:21:49 ----A---- C:\Windows\system32\d3dx10_38.dll
2014-05-29 19:21:49 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2014-05-29 19:21:48 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2014-05-29 19:21:48 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2014-05-29 19:21:48 ----A---- C:\Windows\system32\XAudio2_0.dll
2014-05-29 19:21:48 ----A---- C:\Windows\system32\D3DX9_38.dll
2014-05-29 19:21:47 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2014-05-29 19:21:47 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2014-05-29 19:21:47 ----A---- C:\Windows\system32\xactengine3_0.dll
2014-05-29 19:21:47 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2014-05-29 19:21:46 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2014-05-29 19:21:46 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2014-05-29 19:21:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2014-05-29 19:21:46 ----A---- C:\Windows\system32\D3DX9_37.dll
2014-05-29 19:21:46 ----A---- C:\Windows\system32\d3dx10_37.dll
2014-05-29 19:21:46 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2014-05-29 19:21:45 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-05-29 19:21:45 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-05-29 19:21:44 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-05-29 19:21:44 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-05-29 19:21:44 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-05-29 19:21:44 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-05-29 19:21:44 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-05-29 19:21:44 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-05-29 19:21:43 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-05-29 19:21:43 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-05-29 19:21:42 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-05-29 19:21:42 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-05-29 19:21:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-05-29 19:21:42 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-05-29 19:21:42 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-05-29 19:21:42 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-05-29 19:21:41 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-05-29 19:21:41 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-05-29 19:21:41 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2014-05-29 19:21:41 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2014-05-29 19:21:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2014-05-29 19:21:41 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-05-29 19:21:41 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-05-29 19:21:41 ----A---- C:\Windows\system32\d3dx9_34.dll
2014-05-29 19:21:41 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-05-29 19:21:41 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-05-29 19:21:40 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2014-05-29 19:21:40 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2014-05-29 19:21:40 ----A---- C:\Windows\system32\xinput1_3.dll
2014-05-29 19:21:40 ----A---- C:\Windows\system32\xactengine2_7.dll
2014-05-29 19:21:39 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2014-05-29 19:21:39 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2014-05-29 19:21:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2014-05-29 19:21:39 ----A---- C:\Windows\system32\d3dx9_33.dll
2014-05-29 19:21:39 ----A---- C:\Windows\system32\d3dx10_33.dll
2014-05-29 19:21:39 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2014-05-29 19:21:38 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2014-05-29 19:21:38 ----A---- C:\Windows\system32\xactengine2_6.dll
2014-05-29 19:21:37 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2014-05-29 19:21:37 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2014-05-29 19:21:37 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2014-05-29 19:21:37 ----A---- C:\Windows\system32\xactengine2_5.dll
2014-05-29 19:21:37 ----A---- C:\Windows\system32\d3dx9_32.dll
2014-05-29 19:21:37 ----A---- C:\Windows\system32\d3dx10.dll
2014-05-29 19:21:36 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2014-05-29 19:21:36 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2014-05-29 19:21:36 ----A---- C:\Windows\system32\xactengine2_4.dll
2014-05-29 19:21:36 ----A---- C:\Windows\system32\x3daudio1_1.dll
2014-05-29 19:21:35 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2014-05-29 19:21:35 ----A---- C:\Windows\system32\d3dx9_31.dll
2014-05-29 19:21:34 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2014-05-29 19:21:34 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2014-05-29 19:21:34 ----A---- C:\Windows\system32\xinput1_2.dll
2014-05-29 19:21:34 ----A---- C:\Windows\system32\xactengine2_3.dll
2014-05-29 19:21:33 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2014-05-29 19:21:33 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2014-05-29 19:21:33 ----A---- C:\Windows\system32\xinput1_1.dll
2014-05-29 19:21:33 ----A---- C:\Windows\system32\xactengine2_2.dll
2014-05-29 19:21:31 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2014-05-29 19:21:31 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-05-29 19:21:23 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2014-05-29 19:21:23 ----A---- C:\Windows\system32\d3dx9_30.dll
2014-05-29 19:21:21 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2014-05-29 19:21:21 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2014-05-29 19:21:21 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2014-05-29 19:21:21 ----A---- C:\Windows\system32\xactengine2_0.dll
2014-05-29 19:21:21 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-05-29 19:21:21 ----A---- C:\Windows\system32\d3dx9_29.dll
2014-05-29 19:21:20 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2014-05-29 19:21:20 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2014-05-29 19:21:20 ----A---- C:\Windows\system32\d3dx9_28.dll
2014-05-29 19:21:20 ----A---- C:\Windows\system32\d3dx9_27.dll
2014-05-29 19:21:19 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2014-05-29 19:21:19 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2014-05-29 19:21:19 ----A---- C:\Windows\system32\d3dx9_26.dll
2014-05-29 19:21:19 ----A---- C:\Windows\system32\d3dx9_25.dll
2014-05-29 19:21:18 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2014-05-29 19:21:18 ----A---- C:\Windows\system32\d3dx9_24.dll
2014-05-29 19:20:30 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2014-05-29 19:20:30 ----A---- C:\Windows\system32\xmllite.dll
2014-05-29 19:20:28 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2014-05-29 19:20:28 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2014-05-29 19:20:28 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2014-05-29 19:20:28 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2014-05-29 19:20:28 ----A---- C:\Windows\system32\odbctrac.dll
2014-05-29 19:20:28 ----A---- C:\Windows\system32\odbccu32.dll
2014-05-29 19:20:28 ----A---- C:\Windows\system32\odbccr32.dll
2014-05-29 19:20:28 ----A---- C:\Windows\system32\odbccp32.dll
2014-05-29 19:20:27 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2014-05-29 19:20:08 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-05-29 19:20:08 ----A---- C:\Windows\system32\poqexec.exe
2014-05-29 19:20:05 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-05-29 19:20:05 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-05-29 19:20:05 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-05-29 19:20:05 ----A---- C:\Windows\system32\tsgqec.dll
2014-05-29 19:20:05 ----A---- C:\Windows\system32\mstscax.dll
2014-05-29 19:20:05 ----A---- C:\Windows\system32\aaclient.dll
2014-05-29 19:19:56 ----A---- C:\Windows\system32\CPFilters.dll
2014-05-29 19:19:55 ----A---- C:\Windows\SYSWOW64\sbe.dll
2014-05-29 19:19:55 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2014-05-29 19:19:55 ----A---- C:\Windows\system32\sbe.dll
2014-05-29 19:19:39 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-05-29 19:19:39 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-05-29 19:19:39 ----A---- C:\Windows\system32\quartz.dll
2014-05-29 19:19:39 ----A---- C:\Windows\system32\qdvd.dll
2014-05-29 19:19:37 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2014-05-29 19:19:37 ----A---- C:\Windows\system32\ntshrui.dll
2014-05-29 19:19:34 ----A---- C:\Windows\SYSWOW64\tquery.dll
2014-05-29 19:19:34 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2014-05-29 19:19:34 ----A---- C:\Windows\system32\tquery.dll
2014-05-29 19:19:34 ----A---- C:\Windows\system32\SearchIndexer.exe
2014-05-29 19:19:34 ----A---- C:\Windows\system32\mssrch.dll
2014-05-29 19:19:33 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2014-05-29 19:19:33 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2014-05-29 19:19:33 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2014-05-29 19:19:33 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2014-05-29 19:19:33 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2014-05-29 19:19:33 ----A---- C:\Windows\SYSWOW64\mssph.dll
2014-05-29 19:19:33 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2014-05-29 19:19:33 ----A---- C:\Windows\system32\SearchFilterHost.exe
2014-05-29 19:19:33 ----A---- C:\Windows\system32\mssvp.dll
2014-05-29 19:19:33 ----A---- C:\Windows\system32\mssphtb.dll
2014-05-29 19:19:33 ----A---- C:\Windows\system32\mssph.dll
2014-05-29 19:19:32 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2014-05-29 19:19:32 ----A---- C:\Windows\system32\msscntrs.dll
2014-05-29 19:19:29 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-05-29 19:19:29 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2014-05-29 19:19:29 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-05-29 19:19:26 ----A---- C:\Windows\SYSWOW64\webio.dll
2014-05-29 19:19:26 ----A---- C:\Windows\system32\webio.dll
2014-05-29 19:18:39 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2014-05-29 19:18:39 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2014-05-29 19:18:39 ----A---- C:\Windows\system32\mfc42u.dll
2014-05-29 19:18:39 ----A---- C:\Windows\system32\mfc42.dll
2014-05-29 19:18:29 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-05-29 19:18:28 ----A---- C:\Windows\system32\rdrmemptylst.exe
2014-05-29 19:18:28 ----A---- C:\Windows\system32\rdpwsx.dll
2014-05-29 19:18:28 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-05-29 19:18:06 ----A---- C:\Windows\system32\msxml6.dll
2014-05-29 19:18:05 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-05-29 19:18:00 ----A---- C:\Windows\system32\profsvc.dll
2014-05-29 19:18:00 ----A---- C:\Windows\system32\profprov.dll
2014-05-29 19:17:58 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2014-05-29 19:17:58 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-05-29 19:17:58 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-05-29 19:17:58 ----A---- C:\Windows\system32\dnscacheugc.exe
2014-05-29 19:17:58 ----A---- C:\Windows\system32\dnsapi.dll
2014-05-29 19:17:44 ----A---- C:\Windows\system32\dpnet.dll
2014-05-29 19:17:43 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2014-05-29 19:17:43 ----A---- C:\Windows\SYSWOW64\dpnaddr.dll
2014-05-29 19:17:43 ----A---- C:\Windows\system32\dpnaddr.dll
2014-05-29 19:17:19 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-05-29 19:17:19 ----A---- C:\Windows\system32\usp10.dll
2014-05-29 19:17:19 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-05-29 19:17:19 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-05-29 19:17:19 ----A---- C:\Windows\system32\drivers\srv.sys
2014-05-29 19:17:18 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-05-29 19:17:17 ----A---- C:\Windows\system32\Wpc.dll
2014-05-29 19:17:17 ----A---- C:\Windows\system32\gameux.dll
2014-05-29 19:17:16 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2014-05-29 19:17:16 ----A---- C:\Windows\SYSWOW64\gameux.dll
2014-05-29 19:17:06 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2014-05-29 19:17:06 ----A---- C:\Windows\system32\psisdecd.dll
2014-05-29 19:17:02 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-05-29 19:16:44 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-05-29 19:16:43 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-05-29 19:16:43 ----A---- C:\Windows\system32\msi.dll
2014-05-29 19:16:20 ----A---- C:\Windows\SYSWOW64\synceng.dll
2014-05-29 19:16:20 ----A---- C:\Windows\system32\winresume.exe
2014-05-29 19:16:20 ----A---- C:\Windows\system32\winload.exe
2014-05-29 19:16:20 ----A---- C:\Windows\system32\synceng.dll
2014-05-29 19:16:19 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-05-29 19:16:19 ----A---- C:\Windows\system32\kdusb.dll
2014-05-29 19:16:19 ----A---- C:\Windows\system32\kdcom.dll
2014-05-29 19:16:19 ----A---- C:\Windows\system32\kd1394.dll
2014-05-29 19:15:38 ----A---- C:\Windows\system32\umpnpmgr.dll
2014-05-29 19:15:38 ----A---- C:\Windows\system32\cfgmgr32.dll
2014-05-29 19:15:37 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2014-05-29 19:15:37 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2014-05-29 19:15:37 ----A---- C:\Windows\SYSWOW64\devobj.dll
2014-05-29 19:15:37 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2014-05-29 19:15:36 ----A---- C:\Windows\system32\netapi32.dll
2014-05-29 19:15:36 ----A---- C:\Windows\system32\browser.dll
2014-05-29 19:15:36 ----A---- C:\Windows\system32\browcli.dll
2014-05-29 19:15:35 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2014-05-29 19:15:35 ----A---- C:\Windows\SYSWOW64\browcli.dll
2014-05-29 19:15:33 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2014-05-29 19:15:33 ----A---- C:\Windows\system32\srcore.dll
2014-05-29 19:15:33 ----A---- C:\Windows\system32\prevhost.exe
2014-05-29 19:15:33 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-05-29 19:15:32 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-05-29 19:15:32 ----A---- C:\Windows\system32\rstrui.exe
2014-05-29 19:15:29 ----A---- C:\Windows\system32\WFS.exe
2014-05-29 19:15:29 ----A---- C:\Windows\system32\FXSCOVER.exe
2014-05-29 19:15:28 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2014-05-29 19:15:28 ----A---- C:\Windows\system32\inetcomm.dll
2014-05-29 19:15:27 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2014-05-29 19:15:27 ----A---- C:\Windows\system32\msvcrt.dll
2014-05-29 19:15:27 ----A---- C:\Windows\system32\localspl.dll
2014-05-29 19:15:22 ----A---- C:\Windows\system32\drivers\bowser.sys
2014-05-29 19:15:18 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-05-29 19:15:18 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2014-05-29 19:15:18 ----A---- C:\Windows\system32\oleaut32.dll
2014-05-29 19:15:18 ----A---- C:\Windows\system32\oleacc.dll
2014-05-29 19:15:17 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2014-05-29 19:15:17 ----A---- C:\Windows\system32\EncDec.dll
2014-05-29 19:15:12 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2014-05-29 19:15:12 ----A---- C:\Windows\system32\cdosys.dll
2014-05-29 19:13:50 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-05-29 19:13:50 ----A---- C:\Windows\system32\packager.dll
2014-05-29 15:19:10 ----D---- C:\Users\rdx\AppData\Roaming\FireShot
2014-05-29 15:13:44 ----D---- C:\Program Files (x86)\Steam
2014-05-29 11:07:49 ----D---- C:\Users\rdx\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-05-29 10:35:31 ----D---- C:\Users\rdx\AppData\Roaming\ICQ-Profile
2014-05-29 10:35:31 ----D---- C:\Users\rdx\AppData\Roaming\ICQM
2014-05-29 09:11:55 ----A---- C:\Windows\etdrv.sys
2014-05-29 09:11:48 ----A---- C:\Windows\gdrv.sys
2014-05-29 08:44:48 ----D---- C:\Suitcase
2014-05-29 08:44:22 ----D---- C:\Program Files\Suitcase
2014-05-29 08:43:59 ----D---- C:\Windows\system32\appmgmt
2014-05-29 08:29:33 ----D---- C:\ProgramData\Package Cache
2014-05-29 08:22:29 ----A---- C:\Windows\SYSWOW64\msvcp110.dll
2014-05-29 08:05:35 ----D---- C:\ProgramData\Extensis
2014-05-29 08:05:10 ----D---- C:\Program Files (x86)\Extensis
2014-05-29 02:01:04 ----D---- C:\Users\rdx\AppData\Roaming\ACD Systems
2014-05-29 01:56:01 ----D---- C:\ProgramData\ACD Systems
2014-05-29 01:55:47 ----D---- C:\Program Files\Common Files\ACD Systems
2014-05-29 01:55:47 ----D---- C:\Program Files\ACD Systems
2014-05-29 01:40:06 ----D---- C:\Program Files\Microsoft IntelliType Pro
2014-05-29 01:40:04 ----D---- C:\Windows\PCHEALTH
2014-05-29 01:23:32 ----D---- C:\Downloads
2014-05-29 00:50:11 ----D---- C:\Users\rdx\AppData\Roaming\DropboxMaster
2014-05-29 00:49:14 ----D---- C:\Users\rdx\AppData\Roaming\Dropbox
2014-05-28 23:26:40 ----D---- C:\Users\rdx\AppData\Roaming\NVIDIA
2014-05-28 23:20:55 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2014-05-28 23:17:25 ----D---- C:\ProgramData\ALM
2014-05-28 23:06:11 ----N---- C:\Windows\system32\drivers\PxHlpa64.sys
2014-05-28 23:06:11 ----N---- C:\Windows\system32\drivers\cdralw2k.sys
2014-05-28 23:06:11 ----N---- C:\Windows\system32\drivers\cdr4_xp.sys
2014-05-28 23:06:07 ----D---- C:\Program Files (x86)\My Company Name
2014-05-28 23:04:18 ----D---- C:\Program Files (x86)\Adobe
2014-05-28 23:02:56 ----D---- C:\Program Files\Adobe
2014-05-28 23:02:31 ----D---- C:\Program Files\Common Files\Adobe
2014-05-28 22:58:25 ----D---- C:\ProgramData\Adobe
2014-05-28 22:52:41 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2014-05-28 22:52:39 ----D---- C:\Users\rdx\AppData\Roaming\DAEMON Tools Lite
2014-05-28 22:52:36 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2014-05-28 22:51:28 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-05-28 21:50:59 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-05-28 21:46:15 ----N---- C:\Windows\system32\MpSigStub.exe
2014-05-28 21:36:04 ----D---- C:\Program Files (x86)\Microsoft Security Client
2014-05-28 21:36:03 ----D---- C:\Program Files\Microsoft Security Client
2014-05-28 21:34:59 ----D---- C:\de5fb9189f32d019ec50a5d2ec414d
2014-05-28 21:28:26 ----D---- C:\totalcmd
2014-05-28 21:27:42 ----D---- C:\Users\rdx\AppData\Roaming\WinRAR
2014-05-28 21:27:11 ----D---- C:\Program Files (x86)\WinRAR
2014-05-28 21:26:58 ----D---- C:\Extracted
2014-05-28 21:25:16 ----D---- C:\ProgramData\Mozilla
2014-05-28 21:25:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-28 21:25:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-28 21:21:07 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-05-28 21:20:58 ----D---- C:\ProgramData\NVIDIA
2014-05-28 21:20:49 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-05-28 21:20:39 ----A---- C:\Windows\system32\nvvsvc.exe
2014-05-28 21:20:39 ----A---- C:\Windows\system32\nvsvc64.dll
2014-05-28 21:20:39 ----A---- C:\Windows\system32\nvshext.dll
2014-05-28 21:20:39 ----A---- C:\Windows\system32\nvmctray.dll
2014-05-28 21:20:39 ----A---- C:\Windows\system32\nvcpl.dll
2014-05-28 21:20:35 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-05-28 21:20:35 ----A---- C:\Windows\system32\OpenCL.dll
2014-05-28 21:20:34 ----D---- C:\ProgramData\NVIDIA Corporation
2014-05-28 21:20:32 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-05-28 21:19:38 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-05-28 21:18:51 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-05-28 21:18:15 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-05-28 21:18:15 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-05-28 21:18:15 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-05-28 21:18:15 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-05-28 21:18:15 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-05-28 21:18:15 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-05-28 21:18:15 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-05-28 21:18:15 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-05-28 21:18:15 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-05-28 21:18:15 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-05-28 21:18:15 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-05-28 21:18:15 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-05-28 21:18:15 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-05-28 21:18:15 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvopencl.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvoglv64.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvinitx.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\NvIFR64.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvhdap64.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\NvFBC64.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvdispgenco6433788.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvdispco6433788.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvcuvid.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvcuda.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvcompiler.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\nvapi64.dll
2014-05-28 21:18:15 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-05-28 21:18:15 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2014-05-28 21:17:04 ----D---- C:\Program Files\NVIDIA Corporation
2014-05-28 21:17:04 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-05-28 21:17:02 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-05-28 21:17:02 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-05-28 21:16:42 ----D---- C:\NVIDIA
2014-05-28 21:12:29 ----D---- C:\Windows\Panther
2014-05-28 21:10:59 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2014-05-28 21:10:59 ----A---- C:\Windows\system32\rdpcore.dll
2014-05-28 21:10:59 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-05-28 21:09:54 ----D---- C:\Users\rdx\AppData\Roaming\Macromedia
2014-05-28 21:09:54 ----D---- C:\Users\rdx\AppData\Roaming\Adobe
2014-05-28 21:09:32 ----D---- C:\Download
2014-05-28 21:09:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-28 21:09:17 ----D---- C:\Windows\SYSWOW64\Macromed
2014-05-28 21:09:16 ----D---- C:\Windows\system32\Macromed
2014-05-28 21:06:43 ----D---- C:\Users\rdx\AppData\Roaming\Intel Corporation
2014-05-28 21:04:13 ----A---- C:\Windows\system32\wups2.dll
2014-05-28 21:04:13 ----A---- C:\Windows\system32\wucltux.dll
2014-05-28 21:04:13 ----A---- C:\Windows\system32\wuaueng.dll
2014-05-28 21:04:13 ----A---- C:\Windows\system32\wuauclt.exe
2014-05-28 21:04:11 ----A---- C:\Windows\system32\wups.dll
2014-05-28 21:04:11 ----A---- C:\Windows\system32\wudriver.dll
2014-05-28 21:04:11 ----A---- C:\Windows\system32\wuapi.dll
2014-05-28 21:04:02 ----D---- C:\Program Files\GIGABYTE
2014-05-28 21:04:02 ----D---- C:\Program Files (x86)\GIGABYTE
2014-05-28 21:04:02 ----A---- C:\Windows\system32\wuwebv.dll
2014-05-28 21:04:02 ----A---- C:\Windows\system32\wuapp.exe
2014-05-28 21:04:02 ----A---- C:\Windows\system32\drivers\AppleCharger.sys
2014-05-28 21:04:02 ----A---- C:\Windows\system32\AppleChargerSrv.exe
2014-05-28 21:03:45 ----A---- C:\Windows\system32\drivers\EtronXHCI.sys
2014-05-28 21:03:45 ----A---- C:\Windows\system32\drivers\EtronHub3.sys
2014-05-28 21:03:44 ----D---- C:\Program Files (x86)\Etron Technology
2014-05-28 21:02:34 ----A---- C:\Windows\system32\drivers\iusb3hcs.sys
2014-05-28 21:02:32 ----A---- C:\Windows\system32\drivers\L1C62x64.sys
2014-05-28 21:02:26 ----A---- C:\Windows\system32\drivers\iusb3xhc.sys
2014-05-28 21:02:25 ----A---- C:\Windows\system32\drivers\iusb3hub.sys
2014-05-28 21:02:14 ----D---- C:\Windows\SYSWOW64\Atheros_L1e
2014-05-28 21:02:05 ----A---- C:\Windows\system32\drivers\iaStor.sys
2014-05-28 21:01:28 ----A---- C:\Windows\system32\VIASysFx.dll
2014-05-28 21:01:28 ----A---- C:\Windows\system32\VIAPropPageExt.dll
2014-05-28 21:01:28 ----A---- C:\Windows\system32\ViaMicArrayPropPageExt.dll
2014-05-28 21:01:28 ----A---- C:\Windows\system32\ViaMicArrayAPO.dll
2014-05-28 21:01:28 ----A---- C:\Windows\system32\ViakaraokeSrv.exe
2014-05-28 21:01:28 ----A---- C:\Windows\system32\ViaKaraokePropPageExt.dll
2014-05-28 21:01:28 ----A---- C:\Windows\system32\ViaKaraokeApo.dll
2014-05-28 21:01:28 ----A---- C:\Windows\system32\nQPropPageExt.dll
2014-05-28 21:01:28 ----A---- C:\Windows\system32\nQAPO.dll
2014-05-28 21:01:28 ----A---- C:\Windows\system32\Dts2PropPageExt.dll
2014-05-28 21:01:28 ----A---- C:\Windows\system32\drivers\viahduaa.sys
2014-05-28 21:01:24 ----A---- C:\Windows\system32\drivers\IntelMEFWVer.dll
2014-05-28 21:01:03 ----N---- C:\Windows\difxapi.dll
2014-05-28 21:01:03 ----D---- C:\Program Files (x86)\VIA
2014-05-28 21:00:50 ----A---- C:\Windows\SYSWOW64\log.txt
2014-05-28 21:00:49 ----D---- C:\ProgramData\Intel
2014-05-28 21:00:45 ----D---- C:\Program Files\Intel
2014-05-28 21:00:30 ----SHD---- C:\Windows\Installer
2014-05-28 21:00:28 ----RA---- C:\Windows\SYSWOW64\CSVer.dll
2014-05-28 21:00:22 ----A---- C:\Windows\system32\drivers\HECIx64.sys
2014-05-28 21:00:21 ----D---- C:\Intel
2014-05-28 21:00:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-28 21:00:15 ----D---- C:\Program Files (x86)\Intel
2014-05-28 21:00:14 ----D---- C:\Users\rdx\AppData\Roaming\InstallShield
2014-05-28 20:59:34 ----A---- C:\Windows\GSetup.ini
2014-05-28 20:32:01 ----D---- C:\Users\rdx\AppData\Roaming\GHISLER
2014-05-28 20:30:37 ----D---- C:\Users\rdx\AppData\Roaming\Thunderbird
2014-05-28 20:30:37 ----D---- C:\Users\rdx\AppData\Roaming\Mozilla
2014-05-28 20:17:10 ----D---- C:\Users\rdx\AppData\Roaming\Identities
2014-05-28 20:17:02 ----SD---- C:\Users\rdx\AppData\Roaming\Microsoft
2014-05-28 20:17:02 ----D---- C:\Users\rdx\AppData\Roaming\Media Center Programs
2014-05-28 20:16:57 ----SHD---- C:\Recovery
2014-05-28 20:16:57 ----SHD---- C:\ProgramData\Šablony
2014-05-28 20:16:57 ----SHD---- C:\ProgramData\Plocha
2014-05-28 20:16:57 ----SHD---- C:\ProgramData\Oblíbené položky
2014-05-28 20:16:57 ----SHD---- C:\ProgramData\Nabídka Start
2014-05-28 20:16:57 ----SHD---- C:\ProgramData\Dokumenty
2014-05-28 20:16:57 ----SHD---- C:\ProgramData\Data aplikací
2014-05-28 20:16:54 ----D---- C:\Windows\SoftwareDistribution
2014-05-28 20:13:02 ----D---- C:\Windows\Prefetch
2014-05-28 20:12:49 ----SHD---- C:\System Volume Information
2014-05-28 20:12:49 ----ASH---- C:\pagefile.sys
2014-05-28 20:12:49 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 month======

2014-06-01 07:26:03 ----RD---- C:\Program Files
2014-06-01 06:40:49 ----D---- C:\Windows\system32\LogFiles
2014-06-01 06:39:37 ----D---- C:\Windows\system32\wdi
2014-06-01 06:39:15 ----D---- C:\Windows\Temp
2014-06-01 04:04:30 ----D---- C:\Windows\system32\config
2014-06-01 03:34:54 ----D---- C:\Windows\system32\catroot2
2014-06-01 03:34:54 ----D---- C:\Windows\system32\catroot
2014-06-01 03:33:37 ----D---- C:\Windows\winsxs
2014-06-01 03:22:36 ----D---- C:\Windows\System32
2014-06-01 03:22:36 ----D---- C:\Windows\inf
2014-06-01 03:22:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-01 00:29:57 ----RD---- C:\Program Files (x86)
2014-06-01 00:21:02 ----D---- C:\Windows\SysWOW64
2014-06-01 00:02:26 ----D---- C:\Windows\system32\drivers
2014-05-31 21:02:05 ----D---- C:\Windows\rescache
2014-05-31 20:36:07 ----D---- C:\Windows\Microsoft.NET
2014-05-31 20:34:45 ----RSD---- C:\Windows\assembly
2014-05-31 18:18:52 ----D---- C:\Program Files\Windows Media Player
2014-05-31 18:18:52 ----D---- C:\Program Files (x86)\Windows Media Player
2014-05-31 18:18:51 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-05-31 18:18:51 ----D---- C:\Windows\system32\cs-CZ
2014-05-31 18:18:51 ----D---- C:\Program Files\Internet Explorer
2014-05-31 18:18:51 ----D---- C:\Program Files (x86)\Internet Explorer
2014-05-31 18:18:50 ----D---- C:\Windows\SYSWOW64\migration
2014-05-31 18:18:49 ----D---- C:\Windows\SYSWOW64\en-US
2014-05-31 18:18:49 ----D---- C:\Windows\system32\migration
2014-05-31 18:18:49 ----D---- C:\Windows\PolicyDefinitions
2014-05-31 18:18:48 ----D---- C:\Windows\system32\en-US
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\zh-TW
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\zh-HK
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\zh-CN
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\tr-TR
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\sv-SE
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\ru-RU
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\pt-PT
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\pt-BR
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\pl-PL
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\nl-NL
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\nb-NO
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\ko-KR
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\ja-JP
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\it-IT
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\hu-HU
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\fr-FR
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\fi-FI
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\es-ES
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\el-GR
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\de-DE
2014-05-31 18:18:47 ----D---- C:\Windows\SYSWOW64\da-DK
2014-05-31 18:18:43 ----D---- C:\Windows\system32\zh-TW
2014-05-31 18:18:43 ----D---- C:\Windows\system32\zh-HK
2014-05-31 18:18:43 ----D---- C:\Windows\system32\zh-CN
2014-05-31 18:18:43 ----D---- C:\Windows\system32\tr-TR
2014-05-31 18:18:43 ----D---- C:\Windows\system32\sv-SE
2014-05-31 18:18:43 ----D---- C:\Windows\system32\ru-RU
2014-05-31 18:18:43 ----D---- C:\Windows\system32\pt-PT
2014-05-31 18:18:43 ----D---- C:\Windows\system32\pt-BR
2014-05-31 18:18:43 ----D---- C:\Windows\system32\pl-PL
2014-05-31 18:18:43 ----D---- C:\Windows\system32\nl-NL
2014-05-31 18:18:43 ----D---- C:\Windows\system32\nb-NO
2014-05-31 18:18:43 ----D---- C:\Windows\system32\ko-KR
2014-05-31 18:18:43 ----D---- C:\Windows\system32\ja-JP
2014-05-31 18:18:43 ----D---- C:\Windows\system32\it-IT
2014-05-31 18:18:43 ----D---- C:\Windows\system32\hu-HU
2014-05-31 18:18:43 ----D---- C:\Windows\system32\fr-FR
2014-05-31 18:18:43 ----D---- C:\Windows\system32\fi-FI
2014-05-31 18:18:43 ----D---- C:\Windows\system32\es-ES
2014-05-31 18:18:43 ----D---- C:\Windows\system32\el-GR
2014-05-31 18:18:43 ----D---- C:\Windows\system32\de-DE
2014-05-31 18:18:43 ----D---- C:\Windows\system32\da-DK
2014-05-31 18:18:41 ----D---- C:\Windows\AppPatch
2014-05-31 18:18:37 ----D---- C:\Program Files\Windows Defender
2014-05-31 18:18:37 ----D---- C:\Program Files (x86)\Windows Defender
2014-05-31 18:18:25 ----D---- C:\Program Files\Windows Journal
2014-05-31 18:18:16 ----D---- C:\Windows\system32\DriverStore
2014-05-31 11:07:11 ----SD---- C:\ProgramData\Microsoft
2014-05-31 11:07:11 ----D---- C:\Windows
2014-05-31 11:04:51 ----D---- C:\Windows\Logs
2014-05-31 10:37:05 ----HD---- C:\ProgramData
2014-05-30 19:27:32 ----D---- C:\Program Files (x86)\Common Files
2014-05-30 19:18:34 ----D---- C:\Windows\system32\drivers\UMDF
2014-05-30 18:04:58 ----RSD---- C:\Windows\Fonts
2014-05-30 14:16:00 ----D---- C:\Program Files (x86)\Windows Sidebar
2014-05-30 14:16:00 ----D---- C:\Program Files (x86)\Windows Portable Devices
2014-05-30 14:16:00 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2014-05-30 14:16:00 ----D---- C:\Program Files (x86)\Windows Mail
2014-05-30 14:15:59 ----D---- C:\Windows\servicing
2014-05-30 14:15:59 ----D---- C:\Windows\ehome
2014-05-30 14:15:59 ----D---- C:\Program Files\Windows Sidebar
2014-05-30 14:15:59 ----D---- C:\Program Files\Windows Portable Devices
2014-05-30 14:15:59 ----D---- C:\Program Files\Windows Photo Viewer
2014-05-30 14:15:59 ----D---- C:\Program Files\Windows Mail
2014-05-30 14:15:59 ----D---- C:\Program Files\DVD Maker
2014-05-30 14:15:59 ----D---- C:\Program Files\Common Files\System
2014-05-30 14:15:54 ----D---- C:\Windows\SYSWOW64\oobe
2014-05-30 14:15:53 ----D---- C:\Windows\SYSWOW64\wbem
2014-05-30 14:15:53 ----D---- C:\Windows\SYSWOW64\sppui
2014-05-30 14:15:53 ----D---- C:\Windows\SYSWOW64\Setup
2014-05-30 14:15:53 ----D---- C:\Windows\SYSWOW64\migwiz
2014-05-30 14:15:53 ----D---- C:\Windows\SYSWOW64\manifeststore
2014-05-30 14:15:53 ----D---- C:\Windows\SYSWOW64\Dism
2014-05-30 14:15:53 ----D---- C:\Windows\SYSWOW64\cs
2014-05-30 14:15:53 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2014-05-30 14:15:45 ----D---- C:\Windows\system32\Setup
2014-05-30 14:15:45 ----D---- C:\Windows\system32\oobe
2014-05-30 14:15:45 ----D---- C:\Windows\system32\cs
2014-05-30 14:15:45 ----D---- C:\Windows\system32\AdvancedInstallers
2014-05-30 14:15:43 ----D---- C:\Windows\system32\wbem
2014-05-30 14:15:43 ----D---- C:\Windows\system32\sppui
2014-05-30 14:15:43 ----D---- C:\Windows\system32\manifeststore
2014-05-30 14:15:43 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-05-30 14:15:42 ----D---- C:\Windows\system32\migwiz
2014-05-30 14:15:42 ----D---- C:\Windows\system32\Dism
2014-05-30 14:15:26 ----D---- C:\Windows\system32\Boot
2014-05-30 14:11:23 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2014-05-30 14:11:22 ----A---- C:\Windows\system32\msclmd.dll
2014-05-30 11:54:03 ----D---- C:\Windows\Tasks
2014-05-30 11:54:03 ----D---- C:\Windows\system32\Tasks
2014-05-29 11:26:24 ----D---- C:\Windows\debug
2014-05-29 08:17:58 ----D---- C:\Windows\system32\NDF
2014-05-29 01:55:47 ----D---- C:\Program Files\Common Files
2014-05-29 01:40:04 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-05-28 21:20:39 ----D---- C:\Windows\Help
2014-05-28 21:00:55 ----D---- C:\Windows\system32\restore
2014-05-28 20:31:30 ----D---- C:\Windows\system32\CodeIntegrity
2014-05-28 20:17:09 ----SHD---- C:\$Recycle.Bin
2014-05-28 20:17:02 ----RD---- C:\Users
2014-05-28 20:16:57 ----D---- C:\Program Files\Windows NT
2014-05-28 20:15:23 ----D---- C:\Windows\system32\sysprep
2014-05-28 20:13:11 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-02-01 568600]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-20 19264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-11-02 21616]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-10 52584]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-05-28 283064]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2012-02-03 59520]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2012-02-03 84736]
R3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2014-03-17 14136]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 357184]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 789824]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-04-25 104560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-05-20 197408]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-05-04 2196592]
R3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys [2014-03-17 95032]
R3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2014-03-17 15160]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2014-05-29 25640]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-05-29 25640]
S3 L6TPortA;Service - Line 6 TonePort UX1; C:\Windows\System32\Drivers\L6TPortA64.sys [2013-07-11 772864]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-01 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-05-10 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-05-15 277784]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1617696]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-05-15 363800]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-05-04 27760]
R2 WTabletServicePro;Wacom Professional Service; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2014-04-22 635160]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-28 257712]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-31 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-07 119408]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[vyosek]

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[murons2]

Děkuji za pomoc, minimálně už fungují háček a čárka . Tu jsou logy:

Rkill:

Rkill 2.6.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 06/01/2014 02:25:03 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\rdx\AppData\Local\Temp\system.exe (PID: 4012) [UP-HEUR]
* C:\Users\rdx\AppData\Local\Temp\chost.exe (PID: 4004) [UP-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 06/01/2014 02:26:28 PM
Execution time: 0 hours(s), 1 minute(s), and 25 seconds(s)

[murons2]

ComboFix 14-05-29.01 - rdx 01.06.2014 14:33:11.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.16339.14133 [GMT 2:00]
Spuštěný z: c:\users\rdx\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\extracted\a.exe
c:\users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\6.exe
c:\users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\6000.exe
c:\users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\66.exe
c:\users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\666666.exe
c:\users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7.exe
c:\users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7777.exe
c:\users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\applction windows 6666.exe
c:\users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\applection windows 777.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-01 do 2014-06-01 )))))))))))))))))))))))))))))))
.
.
2014-06-01 12:37 . 2014-06-01 12:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-01 11:53 . 2014-06-01 11:53 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{39657D9E-EDF7-4E60-AA35-6BFDF150F455}\offreg.dll
2014-06-01 08:14 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll
2014-06-01 08:14 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-06-01 08:14 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-06-01 08:14 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-06-01 05:26 . 2014-06-01 05:26 -------- d-----w- C:\rsit
2014-06-01 05:26 . 2014-06-01 05:26 -------- d-----w- c:\program files\trend micro
2014-06-01 01:35 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-06-01 01:35 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-06-01 01:35 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-06-01 01:35 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2014-06-01 01:35 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2014-06-01 01:35 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-06-01 01:35 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-06-01 01:35 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2014-06-01 01:35 . 2014-03-01 04:23 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-06-01 01:34 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-06-01 01:34 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-06-01 01:34 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-06-01 01:34 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-05-31 22:29 . 2014-05-31 22:29 -------- d-----w- c:\program files (x86)\CCleaner
2014-05-31 22:21 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-31 22:20 . 2014-05-31 22:22 -------- d-----w- C:\AdwCleaner
2014-05-31 22:14 . 2014-04-30 14:20 10702536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{39657D9E-EDF7-4E60-AA35-6BFDF150F455}\mpengine.dll
2014-05-31 19:26 . 2014-05-31 19:26 -------- d-----w- c:\program files\VideoLAN
2014-05-31 16:18 . 2014-05-31 16:18 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-31 09:12 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-05-31 09:12 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-05-31 09:12 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-05-31 09:12 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-05-31 09:12 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-05-31 09:07 . 2014-05-31 09:07 -------- d-----w- c:\windows\Migration
2014-05-31 09:04 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-05-31 09:00 . 2014-05-31 09:00 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-31 08:37 . 2014-05-31 08:37 -------- d-----w- c:\programdata\Line 6
2014-05-31 08:33 . 2014-05-31 08:33 -------- d-----w- c:\program files (x86)\Line6
2014-05-31 08:00 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
2014-05-31 07:59 . 2013-09-08 02:27 327168 ----a-w- c:\windows\system32\mswsock.dll
2014-05-31 07:54 . 2014-05-31 07:54 -------- d-----w- c:\program files (x86)\TCX Converter
2014-05-31 07:53 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2014-05-31 07:53 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-05-31 07:53 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2014-05-31 07:53 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2014-05-31 07:53 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2014-05-31 07:53 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2014-05-30 21:13 . 2014-04-30 14:20 10702536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-05-30 17:27 . 2014-05-30 17:27 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-05-30 17:27 . 2014-05-30 17:27 -------- d-----r- c:\program files (x86)\Skype
2014-05-30 17:27 . 2014-05-30 17:27 -------- d-----w- c:\programdata\Skype
2014-05-30 11:23 . 2014-05-30 11:23 -------- d-----w- c:\windows\system32\SPReview
2014-05-30 11:23 . 2014-05-30 11:23 -------- d-----w- c:\windows\system32\EventProviders
2014-05-30 11:01 . 2010-11-20 13:27 68096 ----a-w- c:\windows\system32\vfwwdm32.dll
2014-05-30 10:48 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2014-05-30 10:48 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2014-05-30 10:48 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2014-05-30 10:48 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2014-05-30 10:48 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2014-05-30 10:48 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2014-05-30 10:48 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2014-05-30 10:48 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2014-05-30 10:48 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2014-05-30 10:48 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2014-05-30 09:54 . 2014-05-30 09:54 -------- d-----w- c:\program files (x86)\Google
2014-05-30 05:38 . 2014-05-30 05:38 -------- d-----w- c:\windows\SysWow64\Wat
2014-05-30 05:38 . 2014-05-30 05:38 -------- d-----w- c:\windows\system32\Wat
2014-05-30 00:19 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2014-05-30 00:19 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-05-30 00:19 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2014-05-30 00:10 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-05-29 23:55 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-05-29 23:55 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-05-29 23:55 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-05-29 23:55 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-05-29 23:55 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-05-29 23:55 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-05-29 23:55 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-05-29 23:47 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-05-29 23:47 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2014-05-29 23:47 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2014-05-29 17:21 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2014-05-29 17:20 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll
2014-05-29 17:19 . 2010-12-23 10:42 961024 ----a-w- c:\windows\system32\CPFilters.dll
2014-05-29 17:18 . 2011-03-11 06:34 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2014-05-29 17:18 . 2011-03-11 06:34 1395712 ----a-w- c:\windows\system32\mfc42.dll
2014-05-29 17:18 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2014-05-29 17:18 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2014-05-29 17:18 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2014-05-29 17:18 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2014-05-29 17:18 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-05-29 17:18 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2014-05-29 17:18 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2014-05-29 17:18 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2014-05-29 17:18 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2014-05-29 17:18 . 2010-11-20 13:27 33792 ----a-w- c:\windows\system32\profprov.dll
2014-05-29 17:16 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2014-05-29 17:16 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2014-05-29 17:16 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2014-05-29 17:16 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2014-05-29 17:16 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2014-05-29 17:16 . 2011-02-05 17:10 642944 ----a-w- c:\windows\system32\winload.efi
2014-05-29 17:16 . 2011-02-05 17:06 605552 ----a-w- c:\windows\system32\winload.exe
2014-05-29 17:16 . 2011-02-05 17:06 566208 ----a-w- c:\windows\system32\winresume.efi
2014-05-29 17:16 . 2011-02-05 17:06 518672 ----a-w- c:\windows\system32\winresume.exe
2014-05-29 17:16 . 2011-02-05 17:10 20352 ----a-w- c:\windows\system32\kdusb.dll
2014-05-29 17:16 . 2011-02-05 17:10 19328 ----a-w- c:\windows\system32\kd1394.dll
2014-05-29 17:16 . 2011-02-05 17:10 17792 ----a-w- c:\windows\system32\kdcom.dll
2014-05-29 17:16 . 2010-11-20 13:27 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2014-05-29 17:13 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2014-05-29 17:13 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2014-05-29 13:13 . 2014-05-31 19:19 -------- d-----w- c:\program files (x86)\Common Files\Steam
2014-05-29 13:13 . 2014-06-01 08:10 -------- d-----w- c:\program files (x86)\Steam
2014-05-29 07:11 . 2014-05-29 07:12 25640 ----a-w- c:\windows\etdrv.sys
2014-05-29 07:11 . 2014-05-29 07:11 25640 ----a-w- c:\windows\gdrv.sys
2014-05-29 06:44 . 2014-05-29 06:44 -------- d-----w- C:\Suitcase
2014-05-29 06:44 . 2014-05-29 06:44 -------- d-----w- c:\program files\Suitcase
2014-05-29 06:43 . 2014-05-29 06:43 -------- d-----w- c:\windows\system32\appmgmt
2014-05-29 06:29 . 2014-05-29 06:29 -------- d-----w- c:\programdata\Package Cache
2014-05-29 06:22 . 2014-01-09 09:06 661448 ----a-w- c:\windows\SysWow64\msvcp110.dll
2014-05-29 06:05 . 2014-05-29 06:05 -------- d-----w- c:\programdata\Extensis
2014-05-29 06:05 . 2014-05-29 06:05 -------- d-----w- c:\program files (x86)\Extensis
2014-05-28 23:56 . 2014-05-28 23:56 -------- d-----w- c:\programdata\ACD Systems
2014-05-28 23:55 . 2014-05-28 23:55 -------- d-----w- c:\program files\Common Files\ACD Systems
2014-05-28 23:55 . 2014-05-28 23:55 -------- d-----w- c:\program files\ACD Systems
2014-05-28 23:40 . 2014-05-28 23:40 -------- d-----w- c:\program files\Microsoft IntelliType Pro
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-31 09:01 . 2014-05-31 09:01 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-05-31 09:01 . 2014-05-31 09:01 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-05-30 12:11 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-05-30 12:11 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-03-17 16:13 . 2014-05-30 20:59 95032 ----a-w- c:\windows\system32\drivers\wachidrouter.sys
2014-03-11 07:52 . 2014-03-11 07:52 133928 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-04 09:17 . 2014-05-31 07:59 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\rdx\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\rdx\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\rdx\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"icq"="c:\users\rdx\AppData\Roaming\ICQM\icq.exe" [2014-05-29 34826760]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
"system"="wscript.exe" [2013-10-12 141824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-05-23 5120144]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-06-25 1073352]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]
.
c:\users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
system.vbs [2014-5-28 84029]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 L6TPortA;Service - Line 6 TonePort UX1;c:\windows\system32\Drivers\L6TPortA64.sys;c:\windows\SYSNATIVE\Drivers\L6TPortA64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S2 WTabletServicePro;Wacom Professional Service;c:\program files\Tablet\Wacom\WTabletServicePro.exe;c:\program files\Tablet\Wacom\WTabletServicePro.exe [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-30 09:54 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-28 20:09]
.
2014-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30 09:54]
.
2014-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30 09:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\rdx\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\rdx\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\rdx\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\rdx\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\rdx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.rdx\
FF - prefs.js: browser.startup.homepage - about:blank
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1452769194-1412962965-539194677-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v70po\UserChoice]
@Denied: (2) (S-1-5-21-1452769194-1412962965-539194677-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 7.v70po"
.
[HKEY_USERS\S-1-5-21-1452769194-1412962965-539194677-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v70pp\UserChoice]
@Denied: (2) (S-1-5-21-1452769194-1412962965-539194677-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 7.v70pp"
.
[HKEY_USERS\S-1-5-21-1452769194-1412962965-539194677-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v70ppf\UserChoice]
@Denied: (2) (S-1-5-21-1452769194-1412962965-539194677-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 7.v70ppf"
.
[HKEY_USERS\S-1-5-21-1452769194-1412962965-539194677-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (S-1-5-21-1452769194-1412962965-539194677-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 7.xmp"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-06-01 14:39:03
ComboFix-quarantined-files.txt 2014-06-01 12:39
.
Před spuštěním: Volných bajtů: 845 202 649 088
Po spuštění: Volných bajtů: 845 531 975 680
.
- - End Of File - - E283610A3F777923F8350D5FE570C34B

[vyosek]

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

• Ulozte nejlepe na Plochu a rozbalte
• Spustte kliknutim na mbar
• Nyni postupne kliknete na Next a Update
• Po dokonceni update (aktualizace) databaze kliknete opet na Next
• Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
• Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
• Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
• Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
• PC bude restartovan
• Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

[murons2]

Provedeno, naslo to dva kousky.

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17107

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 3.093000 GHz
Memory total: 17132724224, free: 14308974592

Downloaded database version: v2014.06.02.03
Downloaded database version: v2014.05.21.01
Initializing...
======================
------------ Kernel report ------------
06/02/2014 09:22:48
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\AppleCharger.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\System32\Drivers\EtronXHCI.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\EtronHub3.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\viahduaa.sys
\SystemRoot\system32\DRIVERS\wachidrouter.sys
\SystemRoot\system32\DRIVERS\hidkmdf.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\wacomrouterfilter.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\drivers\usbccgp.sys
\SystemRoot\system32\DRIVERS\dc3d.sys
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\kbdhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\difxapi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\sechost.dll
\Windows\System32\shlwapi.dll
\Windows\System32\imm32.dll
\Windows\System32\psapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\user32.dll
\Windows\System32\gdi32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\nsi.dll
\Windows\System32\lpk.dll
\Windows\System32\clbcatq.dll
\Windows\System32\msctf.dll
\Windows\System32\ole32.dll
\Windows\System32\setupapi.dll
\Windows\System32\normaliz.dll
\Windows\System32\kernel32.dll
\Windows\System32\wininet.dll
\Windows\System32\iertutil.dll
\Windows\System32\Wldap32.dll
\Windows\System32\shell32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\usp10.dll
\Windows\System32\ws2_32.dll
\Windows\System32\advapi32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\comctl32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa800d828060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-2\
Lower Device Object: 0xfffffa800d4c8050
Lower Device Driver Name: \Driver\iaStor\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800d827060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa800d4c4050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800d827060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d827b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d827060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d4bfb10, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800d4c4050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 6C52F4CF

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 3815964005
GPT Header CurrentLba = 1 BackupLba 1953525167
GPT Header FirstUsableLba 34 LastUsableLba 1953525134
GPT Header Guid 35d8d8b7-e4ea-466f-8ceb-ad5fd52c5c5d
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 3815964005
Backup GPT header CurrentLba = 1953525167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134
Backup GPT header Guid 35d8d8b7-e4ea-466f-8ceb-ad5fd52c5c5d
Backup GPT header Contains 128 partition entries starting at LBA 1953525135
Backup GPT header Partition entry size = 128

Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID 711b198a-c286-4e66-b7c4-3f6e637dd90
FirstLBA 2048 Last LBA 206847
Attributes 0
Partition Name EFI system partition

GPT Partition 0 is bootable
Partition 1 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 848c2ad7-79ea-44ee-a52d-87df4eea3f2
FirstLBA 206848 Last LBA 468991
Attributes 0
Partition Name Microsoft reserved partition

Partition 2 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID d6a26b2d-14c1-439e-87e4-42e067dc4cb5
FirstLBA 468992 Last LBA 1953523711
Attributes 0
Partition Name Basic data partition

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800d828060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d828b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d828060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d4bf910, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800d4c8050, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: F41CE82

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 2264899741
GPT Header CurrentLba = 1 BackupLba 3907029167
GPT Header FirstUsableLba 34 LastUsableLba 3907029134
GPT Header Guid 1ea4aa94-a576-40a2-b3da-1244d5c1b497
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 2264899741
Backup GPT header CurrentLba = 3907029167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 3907029134
Backup GPT header Guid 1ea4aa94-a576-40a2-b3da-1244d5c1b497
Backup GPT header Contains 128 partition entries starting at LBA 3907029135
Backup GPT header Partition entry size = 128

Partition 0 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 64f80b70-bd79-4bfd-81cc-f818a246f444
FirstLBA 34 Last LBA 262177
Attributes 0
Partition Name Microsoft reserved partition

Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID cda363f1-c8b9-46b2-80c-86fcbe1df6d4
FirstLBA 264192 Last LBA 1859028991
Attributes 0
Partition Name Basic data partition

Partition 2 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 8f0589a1-ba85-458f-b814-789018e0b3bb
FirstLBA 1859028992 Last LBA 3907026943
Attributes 0
Partition Name Basic data partition

Disk Size: 2000398934016 bytes
Sector size: 512 bytes

Done!
Infected: C:\Users\rdx\AppData\Local\Math Problem Solver\Uninstall.exe --> [Trojan.Agent]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Math Problem Solver --> [Trojan.Agent]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  File::
  C:\Windows\tasks\Adobe Flash Player Updater.job
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  
  Collect::
  C:\Users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system.vbs
  
  Registry::
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "NvBackend"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "system"=-
  "AdobeBridge"=-
  "icq"=-
  "Skype"=-
  "12ce4e06a81e8d54fd01d9b762f1b1bb"=-
  "946589f7f847301f8eee827f12194b9e"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\12ce4e06a81e8d54fd01d9b762f1b1bb]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\946589f7f847301f8eee827f12194b9e]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACPW07EN]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^rdx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^1717.exe]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^rdx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^6.exe]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^rdx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^66666 clen.exe]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^rdx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^77 clen.exe]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^rdx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^7a7.exe]
  [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
  "SwitchBoard"=-
  "AdobeCS6ServiceManager"=-
  ""=-
  "Acrobat Assistant 8.0"=-
  
  Driver::
  c2cautoupdatesvc
  c2cpnrsvc
  
  Folder::
  c:\program files (x86)\Skype\Toolbars
  
  RegLock::
  [HKEY_USERS\S-1-5-21-1452769194-1412962965-539194677-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v70po\UserChoice]
  [HKEY_USERS\S-1-5-21-1452769194-1412962965-539194677-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v70pp\UserChoice]
  [HKEY_USERS\S-1-5-21-1452769194-1412962965-539194677-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v70ppf\UserChoice]
  [HKEY_USERS\S-1-5-21-1452769194-1412962965-539194677-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  
  ClearJavaCache::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[murons2]

Vše probehlo standartne bez chybovych hlasek. Po restartu vytvoril program log:

ComboFix 14-05-29.01 - rdx 02.06.2014 10:30:06.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.16339.14047 [GMT 2:00]
Spuštěný z: c:\users\rdx\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\downloads\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Toolbars
c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
c:\program files (x86)\Skype\Toolbars\FirefoxAddOn\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
c:\program files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx
c:\program files (x86)\Skype\Toolbars\Internet Explorer x64\icon.ico
c:\program files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll
c:\program files (x86)\Skype\Toolbars\Internet Explorer\icon.ico
c:\program files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
c:\program files (x86)\Skype\Toolbars\Shared x64\SkypeBrowserOptions.dll
c:\program files (x86)\Skype\Toolbars\Shared x64\SkypePnr.dll
c:\program files (x86)\Skype\Toolbars\Shared\root.pem
c:\program files (x86)\Skype\Toolbars\Shared\SkypeBrowserOptions.dll
c:\program files (x86)\Skype\Toolbars\Shared\SkypePnr.dll
c:\users\rdx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system.vbs
c:\windows\tasks\Adobe Flash Player Updater.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_c2cautoupdatesvc
-------\Service_c2cpnrsvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-02 do 2014-06-02 )))))))))))))))))))))))))))))))
.
.
2014-06-02 08:35 . 2014-06-02 08:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-02 07:22 . 2014-06-02 07:22 -------- d-----w- c:\programdata\Malwarebytes
2014-06-02 07:22 . 2014-06-02 07:22 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-02 07:22 . 2014-06-02 07:22 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-02 05:53 . 2014-04-30 14:20 10702536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D48132C2-08F3-4D3B-A451-A45C082CE8BC}\mpengine.dll
2014-06-01 13:40 . 2014-03-06 08:15 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-06-01 12:43 . 2014-04-30 14:20 10702536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-01 08:14 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll
2014-06-01 08:14 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-06-01 08:14 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-06-01 08:14 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-06-01 05:26 . 2014-06-01 05:26 -------- d-----w- C:\rsit
2014-06-01 05:26 . 2014-06-01 05:26 -------- d-----w- c:\program files\trend micro
2014-06-01 01:35 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-06-01 01:35 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-06-01 01:35 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-06-01 01:35 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2014-06-01 01:35 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2014-06-01 01:35 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-06-01 01:35 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-06-01 01:35 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2014-06-01 01:34 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-06-01 01:34 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-06-01 01:34 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-06-01 01:34 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-05-31 22:29 . 2014-05-31 22:29 -------- d-----w- c:\program files (x86)\CCleaner
2014-05-31 22:21 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-31 22:20 . 2014-05-31 22:22 -------- d-----w- C:\AdwCleaner
2014-05-31 19:26 . 2014-05-31 19:26 -------- d-----w- c:\program files\VideoLAN
2014-05-31 16:18 . 2014-05-31 16:18 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-31 09:12 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-05-31 09:12 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-05-31 09:12 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-05-31 09:12 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-05-31 09:12 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-05-31 09:07 . 2014-05-31 09:07 -------- d-----w- c:\windows\Migration
2014-05-31 09:04 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-05-31 09:00 . 2014-05-31 09:00 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-31 08:37 . 2014-05-31 08:37 -------- d-----w- c:\programdata\Line 6
2014-05-31 08:33 . 2014-05-31 08:33 -------- d-----w- c:\program files (x86)\Line6
2014-05-31 08:00 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
2014-05-31 07:59 . 2013-09-08 02:27 327168 ----a-w- c:\windows\system32\mswsock.dll
2014-05-31 07:54 . 2014-05-31 07:54 -------- d-----w- c:\program files (x86)\TCX Converter
2014-05-31 07:53 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2014-05-31 07:53 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-05-31 07:53 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2014-05-31 07:53 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2014-05-31 07:53 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2014-05-31 07:53 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2014-05-30 17:27 . 2014-05-30 17:27 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-05-30 17:27 . 2014-06-02 08:34 -------- d-----r- c:\program files (x86)\Skype
2014-05-30 17:27 . 2014-05-30 17:27 -------- d-----w- c:\programdata\Skype
2014-05-30 11:23 . 2014-05-30 11:23 -------- d-----w- c:\windows\system32\SPReview
2014-05-30 11:23 . 2014-05-30 11:23 -------- d-----w- c:\windows\system32\EventProviders
2014-05-30 11:01 . 2010-11-20 13:27 68096 ----a-w- c:\windows\system32\vfwwdm32.dll
2014-05-30 10:48 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2014-05-30 10:48 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2014-05-30 10:48 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2014-05-30 10:48 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2014-05-30 10:48 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2014-05-30 10:48 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2014-05-30 10:48 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2014-05-30 10:48 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2014-05-30 10:48 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2014-05-30 10:48 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2014-05-30 09:54 . 2014-05-30 09:54 -------- d-----w- c:\program files (x86)\Google
2014-05-30 05:38 . 2014-05-30 05:38 -------- d-----w- c:\windows\SysWow64\Wat
2014-05-30 05:38 . 2014-05-30 05:38 -------- d-----w- c:\windows\system32\Wat
2014-05-30 00:19 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2014-05-30 00:19 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-05-30 00:19 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2014-05-30 00:10 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-05-29 23:55 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-05-29 23:55 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-05-29 23:55 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-05-29 23:55 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-05-29 23:55 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-05-29 23:55 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-05-29 23:55 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-05-29 23:47 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-05-29 23:47 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2014-05-29 23:47 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2014-05-29 17:21 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2014-05-29 17:20 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll
2014-05-29 17:19 . 2010-12-23 10:42 961024 ----a-w- c:\windows\system32\CPFilters.dll
2014-05-29 17:18 . 2011-03-11 06:34 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2014-05-29 17:18 . 2011-03-11 06:34 1395712 ----a-w- c:\windows\system32\mfc42.dll
2014-05-29 17:18 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2014-05-29 17:18 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2014-05-29 17:18 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2014-05-29 17:18 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2014-05-29 17:18 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-05-29 17:18 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2014-05-29 17:18 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2014-05-29 17:18 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2014-05-29 17:18 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2014-05-29 17:18 . 2010-11-20 13:27 33792 ----a-w- c:\windows\system32\profprov.dll
2014-05-29 17:16 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2014-05-29 17:16 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2014-05-29 17:16 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2014-05-29 17:16 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2014-05-29 17:16 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2014-05-29 17:16 . 2011-02-05 17:10 642944 ----a-w- c:\windows\system32\winload.efi
2014-05-29 17:16 . 2011-02-05 17:06 605552 ----a-w- c:\windows\system32\winload.exe
2014-05-29 17:16 . 2011-02-05 17:06 566208 ----a-w- c:\windows\system32\winresume.efi
2014-05-29 17:16 . 2011-02-05 17:06 518672 ----a-w- c:\windows\system32\winresume.exe
2014-05-29 17:16 . 2011-02-05 17:10 20352 ----a-w- c:\windows\system32\kdusb.dll
2014-05-29 17:16 . 2011-02-05 17:10 19328 ----a-w- c:\windows\system32\kd1394.dll
2014-05-29 17:16 . 2011-02-05 17:10 17792 ----a-w- c:\windows\system32\kdcom.dll
2014-05-29 17:16 . 2010-11-20 13:27 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2014-05-29 17:13 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2014-05-29 17:13 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2014-05-29 13:13 . 2014-05-31 19:19 -------- d-----w- c:\program files (x86)\Common Files\Steam
2014-05-29 13:13 . 2014-06-02 08:35 -------- d-----w- c:\program files (x86)\Steam
2014-05-29 07:11 . 2014-05-29 07:12 25640 ----a-w- c:\windows\etdrv.sys
2014-05-29 07:11 . 2014-05-29 07:11 25640 ----a-w- c:\windows\gdrv.sys
2014-05-29 06:44 . 2014-05-29 06:44 -------- d-----w- C:\Suitcase
2014-05-29 06:44 . 2014-05-29 06:44 -------- d-----w- c:\program files\Suitcase
2014-05-29 06:43 . 2014-05-29 06:43 -------- d-----w- c:\windows\system32\appmgmt
2014-05-29 06:29 . 2014-05-29 06:29 -------- d-----w- c:\programdata\Package Cache
2014-05-29 06:22 . 2014-01-09 09:06 661448 ----a-w- c:\windows\SysWow64\msvcp110.dll
2014-05-29 06:05 . 2014-05-29 06:05 -------- d-----w- c:\programdata\Extensis
2014-05-29 06:05 . 2014-05-29 06:05 -------- d-----w- c:\program files (x86)\Extensis
2014-05-28 23:56 . 2014-05-28 23:56 -------- d-----w- c:\programdata\ACD Systems
2014-05-28 23:55 . 2014-05-28 23:55 -------- d-----w- c:\program files\Common Files\ACD Systems
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-31 09:01 . 2014-05-31 09:01 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-05-31 09:01 . 2014-05-31 09:01 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-05-30 12:11 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-05-30 12:11 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-03-17 16:13 . 2014-05-30 20:59 95032 ----a-w- c:\windows\system32\drivers\wachidrouter.sys
2014-03-11 07:52 . 2014-03-11 07:52 133928 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-04 09:17 . 2014-05-31 07:59 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\rdx\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\rdx\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\rdx\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-05-23 5120144]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 L6TPortA;Service - Line 6 TonePort UX1;c:\windows\system32\Drivers\L6TPortA64.sys;c:\windows\SYSNATIVE\Drivers\L6TPortA64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S2 WTabletServicePro;Wacom Professional Service;c:\program files\Tablet\Wacom\WTabletServicePro.exe;c:\program files\Tablet\Wacom\WTabletServicePro.exe [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-30 09:54 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\rdx\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\rdx\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\rdx\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\rdx\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\rdx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.rdx\
FF - prefs.js: browser.startup.homepage - about:blank
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files\Tablet\Wacom\WacomHost.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-06-02 10:40:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-06-02 08:40
ComboFix2.txt 2014-06-01 12:39
.
Před spuštěním: Volných bajtů: 833 549 377 536
Po spuštění: Volných bajtů: 833 337 974 784
.
- - End Of File - - EB3598D2134607C02FCB1481E09D4017

[vyosek]

Jak se chova PC

[murons2]

Počítač běží standartně, možná se mi zdá, že spuštění je o něco rychlejší. Bude ještě potřeba nějaká doktořina?

[vyosek]

Tak jeste uklidime

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse