eset jlásí trojana v karanténě

[Horst_Fuchs]

Ahoj,
chtěl bych vás požádat, zda byste se mi mohli mrknout na log?
Mám dva dny nový disk s win 7 a po instalaci win zipu a win raru z Uložto.cz mi začal Eset hlásit trojského koně v karanténě.
Věděli byste, jak to odstranit?
Nerad bych po dvou dnech nového disku, měl hned nějaký bordel a problémy v PC.
Předem vám mnohokrát děkuji za vstřícnost a pomoc.
S pozdravem,
Marek

[Márty84]

Zdravim

V karantene ceho? Co treba vymazat karantenu?

Napiste presny nazev a umisteni nakazeneho souboru.

[Horst_Fuchs]

Toto mám v karanténě Esetu

[Horst_Fuchs]

02

[Márty84]

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=30&t=130787

[Horst_Fuchs]

Logfile of random's system information tool 1.10 (written by random/random)
Run by 1 at 2014-06-29 20:10:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 869 GB (91%) free of 954 GB
Total RAM: 3988 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:10:02, on 29.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\1\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8344 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-06-29 20:10:01 ----D---- C:\rsit
2014-06-29 20:10:01 ----D---- C:\Program Files (x86)\trend micro
2014-06-26 06:24:12 ----A---- C:\Windows\SysWOW64\authuitu.dll
2014-06-26 06:24:02 ----D---- C:\Users\1\AppData\Roaming\AVG
2014-06-26 06:23:30 ----D---- C:\Program Files (x86)\AVG
2014-06-26 06:22:34 ----D---- C:\ProgramData\AVG
2014-06-26 06:22:25 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-26 06:22:24 ----HD---- C:\ProgramData\Common Files
2014-06-26 06:22:09 ----D---- C:\Users\1\AppData\Roaming\OpenCandy
2014-06-26 06:22:09 ----D---- C:\Users\1\AppData\Roaming\DVDVideoSoft
2014-06-26 06:22:09 ----D---- C:\Program Files (x86)\DVDVideoSoft
2014-06-26 06:22:09 ----D---- C:\Program Files (x86)\Common Files\DVDVideoSoft
2014-06-22 22:09:53 ----D---- C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free
2014-06-22 21:58:39 ----D---- C:\INSTALAČKY
2014-06-22 10:39:10 ----D---- C:\Program Files (x86)\Common Files\Adobe
2014-06-22 10:39:10 ----D---- C:\Program Files (x86)\Adobe
2014-06-22 10:38:59 ----D---- C:\ProgramData\Adobe
2014-06-18 01:37:07 ----D---- C:\Program Files (x86)\Microsoft Works
2014-06-18 01:36:56 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2014-06-18 01:36:56 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2014-06-18 01:36:45 ----D---- C:\Windows\PCHEALTH
2014-06-18 01:35:13 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-06-18 01:34:53 ----D---- C:\Program Files (x86)\Microsoft Office
2014-06-18 01:34:52 ----D---- C:\ProgramData\Microsoft Help
2014-06-18 01:34:40 ----RHD---- C:\MSOCache
2014-06-18 00:35:36 ----D---- C:\ProgramData\Creative
2014-06-18 00:30:35 ----A---- C:\Windows\SysWOW64\CmdRtr.DLL
2014-06-18 00:30:35 ----A---- C:\Windows\SysWOW64\APOMngr.DLL
2014-06-18 00:30:13 ----N---- C:\Windows\SysWOW64\Sens_oal.dll
2014-06-18 00:30:13 ----A---- C:\Windows\SysWOW64\wrap_oal.dll
2014-06-18 00:30:13 ----A---- C:\Windows\SysWOW64\OpenAL32.dll
2014-06-18 00:29:57 ----D---- C:\Program Files (x86)\Common Files\Creative
2014-06-18 00:29:56 ----HD---- C:\Program Files (x86)\Creative Installation Information
2014-06-18 00:29:47 ----D---- C:\Program Files (x86)\Common Files\Creative Labs Shared
2014-06-18 00:29:34 ----D---- C:\Program Files (x86)\Creative
2014-06-18 00:29:12 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2014-06-18 00:11:14 ----D---- C:\Users\1\AppData\Roaming\WinRAR
2014-06-17 23:16:26 ----D---- C:\Windows\Downloaded Installations
2014-06-17 23:10:11 ----AS---- C:\Windows\SysWOW64\lcpmncmhkrsn.exe
2014-06-17 23:10:11 ----AS---- C:\Windows\SysWOW64\dcgmncmhkrsn.exe
2014-06-17 23:10:10 ----D---- C:\Windows\SysWOW64\bitstreams
2014-06-17 23:10:10 ----AS---- C:\Windows\SysWOW64\zlib1.dll
2014-06-17 23:10:10 ----AS---- C:\Windows\SysWOW64\ssleay32.dll
2014-06-17 23:10:10 ----AS---- C:\Windows\SysWOW64\pthreadVC2.dll
2014-06-17 23:10:10 ----AS---- C:\Windows\SysWOW64\pthreadGC2.dll
2014-06-17 23:10:10 ----AS---- C:\Windows\SysWOW64\libssh2.dll
2014-06-17 23:10:10 ----AS---- C:\Windows\SysWOW64\librtmp.dll
2014-06-17 23:10:10 ----AS---- C:\Windows\SysWOW64\libidn-11.dll
2014-06-17 23:10:10 ----AS---- C:\Windows\SysWOW64\acumncmhkrsn.exe
2014-06-17 23:10:09 ----AS---- C:\Windows\SysWOW64\libeay32.dll
2014-06-17 23:10:09 ----AS---- C:\Windows\SysWOW64\libcurl-4.dll
2014-06-17 23:10:09 ----AS---- C:\Windows\SysWOW64\cudart32_50_35.dll
2014-06-17 23:10:05 ----D---- C:\Program Files (x86)\Minecraft 1.4 Free Full Download
2014-06-16 18:29:49 ----A---- C:\Windows\SysWOW64\WMPhoto.dll
2014-06-16 18:29:49 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2014-06-16 18:29:49 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-16 18:29:49 ----A---- C:\Windows\SysWOW64\explorer.exe
2014-06-16 18:29:49 ----A---- C:\Windows\explorer.exe
2014-06-16 18:29:48 ----A---- C:\Windows\SysWOW64\urlmon.dll
2014-06-16 18:29:48 ----A---- C:\Windows\SysWOW64\mshtml.dll
2014-06-16 18:29:48 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2014-06-16 18:29:48 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2014-06-16 18:29:48 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-16 18:29:48 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2014-06-16 18:29:47 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2014-06-16 18:29:47 ----A---- C:\Windows\SysWOW64\ieui.dll
2014-06-16 18:29:47 ----A---- C:\Windows\SysWOW64\iesetup.dll
2014-06-16 18:29:47 ----A---- C:\Windows\SysWOW64\iertutil.dll
2014-06-16 18:29:47 ----A---- C:\Windows\SysWOW64\iernonce.dll
2014-06-16 18:29:47 ----A---- C:\Windows\SysWOW64\ieframe.dll
2014-06-16 18:29:47 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2014-06-16 18:29:45 ----A---- C:\Windows\SysWOW64\wininet.dll
2014-06-16 18:29:45 ----A---- C:\Windows\SysWOW64\vbscript.dll
2014-06-16 18:29:45 ----A---- C:\Windows\SysWOW64\msrating.dll
2014-06-16 18:29:45 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-16 18:29:45 ----A---- C:\Windows\SysWOW64\jscript9.dll
2014-06-16 18:29:45 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2014-06-16 18:29:45 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2014-06-16 18:29:35 ----A---- C:\Windows\SysWOW64\d3d10warp.dll
2014-06-16 18:29:35 ----A---- C:\Windows\SysWOW64\d2d1.dll
2014-06-16 18:29:34 ----A---- C:\Windows\splwow64.exe
2014-06-16 18:29:33 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll
2014-06-16 18:29:33 ----A---- C:\Windows\SysWOW64\qedit.dll
2014-06-16 04:13:40 ----D---- C:\Users\1\AppData\Roaming\Adobe
2014-06-16 03:52:06 ----A---- C:\Windows\SysWOW64\wmploc.DLL
2014-06-16 03:52:06 ----A---- C:\Windows\SysWOW64\wmp.dll
2014-06-16 03:46:52 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-16 03:45:18 ----D---- C:\Windows\Migration
2014-06-16 03:35:02 ----A---- C:\Windows\SysWOW64\elshyph.dll
2014-06-16 03:35:01 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-16 03:35:01 ----A---- C:\Windows\SysWOW64\msls31.dll
2014-06-16 03:35:01 ----A---- C:\Windows\SysWOW64\jsIntl.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\wextract.exe
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\webcheck.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\url.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\pngfilt.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\occache.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\mshtmler.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\mshta.exe
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\jscript.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\inseng.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\imgutil.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\iexpress.exe
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\iepeers.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\ieapfltr.dat
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-16 03:35:00 ----A---- C:\Windows\SysWOW64\icardie.dll
2014-06-16 03:33:45 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-16 03:33:45 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-16 03:33:45 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-16 03:33:45 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-16 03:33:45 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-16 03:33:45 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-16 03:33:45 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-16 03:33:45 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-16 03:33:45 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-16 03:33:45 ----A---- C:\Windows\SysWOW64\XpsPrint.dll
2014-06-16 03:33:45 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-16 03:33:45 ----A---- C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-06-16 03:33:45 ----A---- C:\Windows\SysWOW64\DWrite.dll
2014-06-16 03:33:44 ----A---- C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-06-16 03:33:44 ----A---- C:\Windows\SysWOW64\d3d10level9.dll
2014-06-16 03:33:44 ----A---- C:\Windows\SysWOW64\d3d10core.dll
2014-06-16 03:33:44 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll
2014-06-16 03:33:44 ----A---- C:\Windows\SysWOW64\d3d10_1.dll
2014-06-16 03:33:44 ----A---- C:\Windows\SysWOW64\d3d10.dll
2014-06-16 03:33:43 ----A---- C:\Windows\SysWOW64\UIAnimation.dll
2014-06-16 03:33:43 ----A---- C:\Windows\SysWOW64\dxgi.dll
2014-06-15 23:33:16 ----A---- C:\Windows\SysWOW64\msieftp.dll
2014-06-15 23:33:04 ----A---- C:\Windows\SysWOW64\comctl32.dll
2014-06-15 23:33:02 ----A---- C:\Windows\SysWOW64\wintrust.dll
2014-06-15 23:32:41 ----A---- C:\Windows\SysWOW64\dhcpcore6.dll
2014-06-15 23:32:40 ----A---- C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-06-15 23:32:34 ----A---- C:\Windows\SysWOW64\shell32.dll
2014-06-15 23:32:13 ----A---- C:\Windows\SysWOW64\usp10.dll
2014-06-15 23:32:09 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2014-06-15 23:32:09 ----A---- C:\Windows\SysWOW64\cryptnet.dll
2014-06-15 23:32:09 ----A---- C:\Windows\SysWOW64\crypt32.dll
2014-06-15 23:32:00 ----A---- C:\Windows\SysWOW64\wer.dll
2014-06-15 23:31:59 ----A---- C:\Windows\SysWOW64\imagehlp.dll
2014-06-15 23:31:56 ----A---- C:\Windows\SysWOW64\tzres.dll
2014-06-15 23:31:47 ----A---- C:\Windows\SysWOW64\msxml6.dll
2014-06-15 23:31:47 ----A---- C:\Windows\SysWOW64\msxml3.dll
2014-06-15 23:31:46 ----A---- C:\Windows\SysWOW64\msxml6r.dll
2014-06-15 23:31:46 ----A---- C:\Windows\SysWOW64\msxml3r.dll
2014-06-15 23:31:27 ----A---- C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-06-15 23:31:27 ----A---- C:\Windows\SysWOW64\credui.dll
2014-06-15 23:31:27 ----A---- C:\Windows\SysWOW64\authui.dll
2014-06-15 23:31:20 ----A---- C:\Windows\SysWOW64\lpk.dll
2014-06-15 23:31:20 ----A---- C:\Windows\SysWOW64\fontsub.dll
2014-06-15 23:31:20 ----A---- C:\Windows\SysWOW64\dciman32.dll
2014-06-15 23:31:20 ----A---- C:\Windows\SysWOW64\atmlib.dll
2014-06-15 23:31:20 ----A---- C:\Windows\SysWOW64\atmfd.dll
2014-06-15 23:31:18 ----A---- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-06-15 23:31:18 ----A---- C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-06-15 23:31:18 ----A---- C:\Windows\SysWOW64\RMActivate_isv.exe
2014-06-15 23:31:18 ----A---- C:\Windows\SysWOW64\RMActivate.exe
2014-06-15 23:31:17 ----A---- C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-06-15 23:31:17 ----A---- C:\Windows\SysWOW64\secproc_ssp.dll
2014-06-15 23:31:17 ----A---- C:\Windows\SysWOW64\secproc_isv.dll
2014-06-15 23:31:17 ----A---- C:\Windows\SysWOW64\secproc.dll
2014-06-15 23:31:17 ----A---- C:\Windows\SysWOW64\msdrm.dll
2014-06-15 23:31:12 ----A---- C:\Windows\SysWOW64\d3d11.dll
2014-06-15 23:30:57 ----A---- C:\Windows\SysWOW64\WMVDECOD.DLL
2014-06-15 23:30:55 ----A---- C:\Windows\SysWOW64\rpcrt4.dll
2014-06-15 23:30:51 ----A---- C:\Windows\SysWOW64\nlaapi.dll
2014-06-15 23:30:51 ----A---- C:\Windows\SysWOW64\netevent.dll
2014-06-15 23:30:51 ----A---- C:\Windows\SysWOW64\netcorehc.dll
2014-06-15 23:30:51 ----A---- C:\Windows\SysWOW64\ncsi.dll
2014-06-15 23:30:42 ----A---- C:\Windows\SysWOW64\WebClnt.dll
2014-06-15 23:30:42 ----A---- C:\Windows\SysWOW64\davclnt.dll
2014-06-15 23:30:37 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-15 23:30:37 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-15 23:30:37 ----A---- C:\Windows\SysWOW64\kerberos.dll
2014-06-15 23:30:36 ----A---- C:\Windows\SysWOW64\schannel.dll
2014-06-15 23:30:36 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2014-06-15 23:30:35 ----A---- C:\Windows\SysWOW64\objsel.dll
2014-06-15 23:30:34 ----A---- C:\Windows\SysWOW64\wdigest.dll
2014-06-15 23:30:34 ----A---- C:\Windows\SysWOW64\ncrypt.dll
2014-06-15 23:30:34 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2014-06-15 23:30:33 ----A---- C:\Windows\SysWOW64\wincredprovider.dll
2014-06-15 23:30:33 ----A---- C:\Windows\SysWOW64\TSpkg.dll
2014-06-15 23:30:33 ----A---- C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-15 23:30:33 ----A---- C:\Windows\SysWOW64\dimsroam.dll
2014-06-15 23:30:33 ----A---- C:\Windows\SysWOW64\cngprovider.dll
2014-06-15 23:30:33 ----A---- C:\Windows\SysWOW64\capiprovider.dll
2014-06-15 23:30:33 ----A---- C:\Windows\SysWOW64\adprovider.dll
2014-06-15 23:30:32 ----A---- C:\Windows\SysWOW64\sspicli.dll
2014-06-15 23:30:32 ----A---- C:\Windows\SysWOW64\secur32.dll
2014-06-15 23:30:32 ----A---- C:\Windows\SysWOW64\credssp.dll
2014-06-15 23:30:32 ----A---- C:\Windows\SysWOW64\apisetschema.dll
2014-06-15 23:27:52 ----A---- C:\Windows\SysWOW64\mswsock.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-06-15 23:27:49 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-06-15 23:27:49 ----A---- C:\Windows\SysWOW64\wow32.dll
2014-06-15 23:27:49 ----A---- C:\Windows\SysWOW64\user.exe
2014-06-15 23:27:49 ----A---- C:\Windows\SysWOW64\setup16.exe
2014-06-15 23:27:49 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2014-06-15 23:27:49 ----A---- C:\Windows\SysWOW64\kernel32.dll
2014-06-15 23:27:49 ----A---- C:\Windows\SysWOW64\instnm.exe
2014-06-15 23:27:47 ----A---- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-15 23:27:47 ----A---- C:\Windows\SysWOW64\gdi32.dll
2014-06-15 23:27:30 ----A---- C:\Windows\SysWOW64\tdh.dll
2014-06-15 23:27:30 ----A---- C:\Windows\SysWOW64\ntdll.dll
2014-06-15 23:27:30 ----A---- C:\Windows\SysWOW64\advapi32.dll
2014-06-15 23:27:24 ----A---- C:\Windows\SysWOW64\iologmsg.dll
2014-06-15 23:27:16 ----A---- C:\Windows\SysWOW64\shdocvw.dll
2014-06-15 23:27:02 ----A---- C:\Windows\SysWOW64\wscript.exe
2014-06-15 23:27:02 ----A---- C:\Windows\SysWOW64\scrrun.dll
2014-06-15 23:27:02 ----A---- C:\Windows\SysWOW64\cscript.exe
2014-06-15 23:27:00 ----A---- C:\Windows\SysWOW64\win32spl.dll
2014-06-15 23:26:53 ----A---- C:\Windows\SysWOW64\cryptdlg.dll
2014-06-15 23:26:10 ----A---- C:\Windows\SysWOW64\certutil.exe
2014-06-15 23:26:09 ----A---- C:\Windows\SysWOW64\certenc.dll
2014-06-15 23:12:52 ----A---- C:\Windows\SysWOW64\nshwfp.dll
2014-06-15 23:12:52 ----A---- C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-06-15 22:54:37 ----D---- C:\Users\1\AppData\Roaming\ESET
2014-06-15 22:53:32 ----D---- C:\ProgramData\ESET
2014-06-15 22:45:04 ----D---- C:\Users\1\AppData\Roaming\Zoner
2014-06-15 22:44:58 ----D---- C:\Program Files (x86)\Zoner
2014-06-15 22:26:09 ----D---- C:\Program Files (x86)\Google
2014-06-15 21:01:08 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-06-15 20:20:23 ----A---- C:\Windows\SysWOW64\dfshim.dll
2014-06-15 20:20:18 ----A---- C:\Windows\SysWOW64\mfc40u.dll
2014-06-15 20:20:18 ----A---- C:\Windows\SysWOW64\mfc40.dll
2014-06-15 20:20:13 ----A---- C:\Windows\SysWOW64\mscoree.dll
2014-06-15 20:20:12 ----A---- C:\Windows\SysWOW64\mf.dll
2014-06-15 20:20:12 ----A---- C:\Windows\SysWOW64\CertEnroll.dll
2014-06-15 20:20:10 ----A---- C:\Windows\SysWOW64\PresentationHostProxy.dll
2014-06-15 20:20:10 ----A---- C:\Windows\SysWOW64\PresentationHost.exe
2014-06-15 20:20:09 ----A---- C:\Windows\SysWOW64\RacEngn.dll
2014-06-15 20:20:08 ----A---- C:\Windows\SysWOW64\AuthFWSnapin.dll
2014-06-15 20:20:07 ----A---- C:\Windows\SysWOW64\ole32.dll
2014-06-15 20:20:07 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll
2014-06-15 20:20:06 ----A---- C:\Windows\SysWOW64\vssapi.dll
2014-06-15 20:20:06 ----A---- C:\Windows\SysWOW64\SearchFolder.dll
2014-06-15 20:20:06 ----A---- C:\Windows\SysWOW64\d3d9.dll
2014-06-15 20:20:05 ----A---- C:\Windows\SysWOW64\taskschd.dll
2014-06-15 20:20:05 ----A---- C:\Windows\SysWOW64\mstsc.exe
2014-06-15 20:20:04 ----A---- C:\Windows\SysWOW64\dwmcore.dll
2014-06-15 20:20:04 ----A---- C:\Windows\SysWOW64\certcli.dll
2014-06-15 20:20:03 ----A---- C:\Windows\SysWOW64\TSWorkspace.dll
2014-06-15 20:20:03 ----A---- C:\Windows\SysWOW64\tcpmonui.dll
2014-06-15 20:20:03 ----A---- C:\Windows\SysWOW64\odbc32.dll
2014-06-15 20:20:02 ----A---- C:\Windows\SysWOW64\winhttp.dll
2014-06-15 20:20:02 ----A---- C:\Windows\SysWOW64\tsmf.dll
2014-06-15 20:20:02 ----A---- C:\Windows\SysWOW64\setupapi.dll
2014-06-15 20:20:02 ----A---- C:\Windows\SysWOW64\MSVidCtl.dll
2014-06-15 20:20:02 ----A---- C:\Windows\SysWOW64\dot3api.dll
2014-06-15 20:20:02 ----A---- C:\Windows\SysWOW64\dbgeng.dll
2014-06-15 20:20:02 ----A---- C:\Windows\SysWOW64\apphelp.dll
2014-06-15 20:20:01 ----A---- C:\Windows\SysWOW64\WsmSvc.dll
2014-06-15 20:20:01 ----A---- C:\Windows\SysWOW64\Query.dll
2014-06-15 20:20:01 ----A---- C:\Windows\SysWOW64\netlogon.dll
2014-06-15 20:20:01 ----A---- C:\Windows\SysWOW64\netcfgx.dll
2014-06-15 20:20:00 ----A---- C:\Windows\SysWOW64\upnp.dll
2014-06-15 20:20:00 ----A---- C:\Windows\SysWOW64\SessEnv.dll
2014-06-15 20:20:00 ----A---- C:\Windows\SysWOW64\netfxperf.dll
2014-06-15 20:20:00 ----A---- C:\Windows\SysWOW64\mmcndmgr.dll
2014-06-15 20:20:00 ----A---- C:\Windows\SysWOW64\imapi2fs.dll
2014-06-15 20:20:00 ----A---- C:\Windows\SysWOW64\DShowRdpFilter.dll
2014-06-15 20:19:59 ----A---- C:\Windows\SysWOW64\xpsservices.dll
2014-06-15 20:19:59 ----A---- C:\Windows\SysWOW64\userenv.dll
2014-06-15 20:19:59 ----A---- C:\Windows\SysWOW64\shlwapi.dll
2014-06-15 20:19:59 ----A---- C:\Windows\SysWOW64\PortableDeviceApi.dll
2014-06-15 20:19:59 ----A---- C:\Windows\SysWOW64\mcbuilder.exe
2014-06-15 20:19:59 ----A---- C:\Windows\SysWOW64\drvstore.dll
2014-06-15 20:19:59 ----A---- C:\Windows\SysWOW64\certmgr.dll
2014-06-15 20:19:58 ----A---- C:\Windows\SysWOW64\comdlg32.dll
2014-06-15 20:19:58 ----A---- C:\Windows\SysWOW64\cmd.exe
2014-06-15 20:19:57 ----A---- C:\Windows\SysWOW64\Wldap32.dll
2014-06-15 20:19:57 ----A---- C:\Windows\SysWOW64\user32.dll
2014-06-15 20:19:57 ----A---- C:\Windows\SysWOW64\propsys.dll
2014-06-15 20:19:57 ----A---- C:\Windows\SysWOW64\mfds.dll
2014-06-15 20:19:57 ----A---- C:\Windows\SysWOW64\framedynos.dll
2014-06-15 20:19:57 ----A---- C:\Windows\SysWOW64\azroles.dll
2014-06-15 20:19:56 ----A---- C:\Windows\SysWOW64\themeui.dll
2014-06-15 20:19:53 ----A---- C:\Windows\SysWOW64\taskeng.exe
2014-06-15 20:19:53 ----A---- C:\Windows\SysWOW64\spp.dll
2014-06-15 20:19:53 ----A---- C:\Windows\SysWOW64\mfreadwrite.dll
2014-06-15 20:19:53 ----A---- C:\Windows\SysWOW64\dhcpcore.dll
2014-06-15 20:19:53 ----A---- C:\Windows\SysWOW64\dbghelp.dll
2014-06-15 20:19:53 ----A---- C:\Windows\SysWOW64\basecsp.dll
2014-06-15 20:19:52 ----A---- C:\Windows\SysWOW64\WinSATAPI.dll
2014-06-15 20:19:52 ----A---- C:\Windows\SysWOW64\taskcomp.dll
2014-06-15 20:19:52 ----A---- C:\Windows\SysWOW64\sqlsrv32.dll
2014-06-15 20:19:52 ----A---- C:\Windows\SysWOW64\NaturalLanguage6.dll
2014-06-15 20:19:52 ----A---- C:\Windows\SysWOW64\evr.dll
2014-06-15 20:19:52 ----A---- C:\Windows\SysWOW64\calc.exe
2014-06-15 20:19:51 ----A---- C:\Windows\SysWOW64\ws2_32.dll
2014-06-15 20:19:51 ----A---- C:\Windows\SysWOW64\UIRibbon.dll
2014-06-15 20:19:51 ----A---- C:\Windows\SysWOW64\sxs.dll
2014-06-15 20:19:51 ----A---- C:\Windows\SysWOW64\stobject.dll
2014-06-15 20:19:51 ----A---- C:\Windows\SysWOW64\netshell.dll
2014-06-15 20:19:50 ----A---- C:\Windows\SysWOW64\WSDApi.dll
2014-06-15 20:19:50 ----A---- C:\Windows\SysWOW64\wmpeffects.dll
2014-06-15 20:19:50 ----A---- C:\Windows\SysWOW64\rpchttp.dll
2014-06-15 20:19:50 ----A---- C:\Windows\SysWOW64\prncache.dll
2014-06-15 20:19:50 ----A---- C:\Windows\SysWOW64\printui.dll
2014-06-15 20:19:50 ----A---- C:\Windows\SysWOW64\net1.exe
2014-06-15 20:19:49 ----A---- C:\Windows\SysWOW64\wpdshext.dll
2014-06-15 20:19:49 ----A---- C:\Windows\SysWOW64\WMVCORE.DLL
2014-06-15 20:19:49 ----A---- C:\Windows\SysWOW64\wlangpui.dll
2014-06-15 20:19:49 ----A---- C:\Windows\SysWOW64\t2embed.dll
2014-06-15 20:19:49 ----A---- C:\Windows\SysWOW64\scansetting.dll
2014-06-15 20:19:49 ----A---- C:\Windows\SysWOW64\QSHVHOST.DLL
2014-06-15 20:19:49 ----A---- C:\Windows\SysWOW64\pnidui.dll
2014-06-15 20:19:49 ----A---- C:\Windows\SysWOW64\MMDevAPI.dll
2014-06-15 20:19:48 ----A---- C:\Windows\SysWOW64\wuapi.dll
2014-06-15 20:19:48 ----A---- C:\Windows\SysWOW64\wscapi.dll
2014-06-15 20:19:48 ----A---- C:\Windows\SysWOW64\webservices.dll
2014-06-15 20:19:48 ----A---- C:\Windows\SysWOW64\SyncCenter.dll
2014-06-15 20:19:48 ----A---- C:\Windows\SysWOW64\netdiagfx.dll
2014-06-15 20:19:48 ----A---- C:\Windows\SysWOW64\fde.dll
2014-06-15 20:19:47 ----A---- C:\Windows\SysWOW64\winsta.dll
2014-06-15 20:19:47 ----A---- C:\Windows\SysWOW64\WinSCard.dll
2014-06-15 20:19:47 ----A---- C:\Windows\SysWOW64\pla.dll
2014-06-15 20:19:47 ----A---- C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2014-06-15 20:19:47 ----A---- C:\Windows\SysWOW64\msasn1.dll
2014-06-15 20:19:47 ----A---- C:\Windows\SysWOW64\imapi2.dll
2014-06-15 20:19:47 ----A---- C:\Windows\SysWOW64\DXPTaskRingtone.dll
2014-06-15 20:19:46 ----A---- C:\Windows\SysWOW64\WMPEncEn.dll
2014-06-15 20:19:46 ----A---- C:\Windows\SysWOW64\winmm.dll
2014-06-15 20:19:46 ----A---- C:\Windows\SysWOW64\shsvcs.dll
2014-06-15 20:19:46 ----A---- C:\Windows\SysWOW64\onex.dll
2014-06-15 20:19:46 ----A---- C:\Windows\SysWOW64\hbaapi.dll
2014-06-15 20:19:46 ----A---- C:\Windows\SysWOW64\autofmt.exe
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\wcncsvc.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\thumbcache.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\tcpipcfg.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\srchadmin.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\schtasks.exe
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\samcli.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\regapi.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\proquota.exe
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\powercpl.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\netiohlp.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\msutb.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\msinfo32.exe
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\msihnd.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\mscorier.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\mimefilt.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\ipsmsnap.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\IPHLPAPI.DLL
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\framedyn.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\eapphost.dll
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\autochk.exe
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\autoconv.exe
2014-06-15 20:19:45 ----A---- C:\Windows\SysWOW64\AudioSes.dll
2014-06-15 20:19:44 ----A---- C:\Windows\SysWOW64\wdc.dll
2014-06-15 20:19:44 ----A---- C:\Windows\SysWOW64\untfs.dll
2014-06-15 20:19:44 ----A---- C:\Windows\SysWOW64\StructuredQuery.dll
2014-06-15 20:19:44 ----A---- C:\Windows\SysWOW64\scesrv.dll
2014-06-15 20:19:44 ----A---- C:\Windows\SysWOW64\rastls.dll
2014-06-15 20:19:44 ----A---- C:\Windows\SysWOW64\QAGENT.DLL
2014-06-15 20:19:44 ----A---- C:\Windows\SysWOW64\netid.dll
2014-06-15 20:19:44 ----A---- C:\Windows\SysWOW64\nci.dll
2014-06-15 20:19:44 ----A---- C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
2014-06-15 20:19:44 ----A---- C:\Windows\SysWOW64\actxprxy.dll
2014-06-15 20:19:43 ----A---- C:\Windows\SysWOW64\WMNetMgr.dll
2014-06-15 20:19:43 ----A---- C:\Windows\SysWOW64\wlanpref.dll
2014-06-15 20:19:43 ----A---- C:\Windows\SysWOW64\Vault.dll
2014-06-15 20:19:43 ----A---- C:\Windows\SysWOW64\taskmgr.exe
2014-06-15 20:19:43 ----A---- C:\Windows\SysWOW64\RpcRtRemote.dll
2014-06-15 20:19:43 ----A---- C:\Windows\SysWOW64\Robocopy.exe
2014-06-15 20:19:43 ----A---- C:\Windows\SysWOW64\DxpTaskSync.dll
2014-06-15 20:19:42 ----A---- C:\Windows\SysWOW64\XpsRasterService.dll
2014-06-15 20:19:42 ----A---- C:\Windows\SysWOW64\userinit.exe
2014-06-15 20:19:42 ----A---- C:\Windows\SysWOW64\termmgr.dll
2014-06-15 20:19:42 ----A---- C:\Windows\SysWOW64\puiobj.dll
2014-06-15 20:19:42 ----A---- C:\Windows\SysWOW64\mtxclu.dll
2014-06-15 20:19:42 ----A---- C:\Windows\SysWOW64\eudcedit.exe
2014-06-15 20:19:42 ----A---- C:\Windows\SysWOW64\Display.dll
2014-06-15 20:19:41 ----A---- C:\Windows\SysWOW64\wiadefui.dll
2014-06-15 20:19:41 ----A---- C:\Windows\SysWOW64\themecpl.dll
2014-06-15 20:19:41 ----A---- C:\Windows\SysWOW64\sppcomapi.dll
2014-06-15 20:19:41 ----A---- C:\Windows\SysWOW64\shsetup.dll
2014-06-15 20:19:41 ----A---- C:\Windows\SysWOW64\SensorsCpl.dll
2014-06-15 20:19:41 ----A---- C:\Windows\SysWOW64\rasppp.dll
2014-06-15 20:19:41 ----A---- C:\Windows\SysWOW64\PhotoScreensaver.scr
2014-06-15 20:19:41 ----A---- C:\Windows\SysWOW64\logoncli.dll
2014-06-15 20:19:41 ----A---- C:\Windows\SysWOW64\hgcpl.dll
2014-06-15 20:19:41 ----A---- C:\Windows\SysWOW64\FirewallControlPanel.dll
2014-06-15 20:19:41 ----A---- C:\Windows\SysWOW64\dnscmmc.dll
2014-06-15 20:19:41 ----A---- C:\Windows\SysWOW64\cabview.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\wlanui.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\VAN.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\usercpl.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\tapisrv.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\SndVolSSO.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\SndVol.exe
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\scecli.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\prntvpt.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\PerfCenterCPL.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\netcenter.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\mscories.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\mscms.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\mprddm.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\localsec.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\iasacct.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\fontext.dll
2014-06-15 20:19:40 ----A---- C:\Windows\SysWOW64\batmeter.dll
2014-06-15 20:19:39 ----A---- C:\Windows\SysWOW64\zipfldr.dll
2014-06-15 20:19:39 ----A---- C:\Windows\SysWOW64\w32tm.exe
2014-06-15 20:19:39 ----A---- C:\Windows\SysWOW64\spwizeng.dll
2014-06-15 20:19:39 ----A---- C:\Windows\SysWOW64\netjoin.dll
2014-06-15 20:19:39 ----A---- C:\Windows\SysWOW64\MSAC3ENC.DLL
2014-06-15 20:19:39 ----A---- C:\Windows\SysWOW64\fdeploy.dll
2014-06-15 20:19:39 ----A---- C:\Windows\SysWOW64\cryptui.dll
2014-06-15 20:19:39 ----A---- C:\Windows\SysWOW64\azroleui.dll
2014-06-15 20:19:39 ----A---- C:\Windows\SysWOW64\adsldp.dll
2014-06-15 20:19:39 ----A---- C:\Windows\SysWOW64\accessibilitycpl.dll
2014-06-15 20:19:38 ----A---- C:\Windows\SysWOW64\wusa.exe
2014-06-15 20:19:38 ----A---- C:\Windows\SysWOW64\sud.dll
2014-06-15 20:19:38 ----A---- C:\Windows\SysWOW64\prnfldr.dll
2014-06-15 20:19:38 ----A---- C:\Windows\SysWOW64\photowiz.dll
2014-06-15 20:19:38 ----A---- C:\Windows\SysWOW64\OnLineIDCpl.dll
2014-06-15 20:19:38 ----A---- C:\Windows\SysWOW64\networkmap.dll
2014-06-15 20:19:38 ----A---- C:\Windows\SysWOW64\MediaMetadataHandler.dll
2014-06-15 20:19:38 ----A---- C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2014-06-15 20:19:38 ----A---- C:\Windows\SysWOW64\Faultrep.dll
2014-06-15 20:19:38 ----A---- C:\Windows\SysWOW64\ActionCenter.dll
2014-06-15 20:19:37 ----A---- C:\Windows\SysWOW64\syncui.dll
2014-06-15 20:19:37 ----A---- C:\Windows\SysWOW64\sisbkup.dll
2014-06-15 20:19:37 ----A---- C:\Windows\SysWOW64\shwebsvc.dll
2014-06-15 20:19:37 ----A---- C:\Windows\SysWOW64\iprtrmgr.dll
2014-06-15 20:19:37 ----A---- C:\Windows\SysWOW64\ifsutil.dll
2014-06-15 20:19:37 ----A---- C:\Windows\SysWOW64\iasrad.dll
2014-06-15 20:19:37 ----A---- C:\Windows\SysWOW64\ftp.exe
2014-06-15 20:19:37 ----A---- C:\Windows\SysWOW64\efscore.dll
2014-06-15 20:19:37 ----A---- C:\Windows\SysWOW64\dot3cfg.dll
2014-06-15 20:19:37 ----A---- C:\Windows\SysWOW64\defaultlocationcpl.dll
2014-06-15 20:19:37 ----A---- C:\Windows\SysWOW64\autoplay.dll
2014-06-15 20:19:37 ----A---- C:\Windows\SysWOW64\ActionCenterCPL.dll
2014-06-15 20:19:36 ----A---- C:\Windows\SysWOW64\wmpmde.dll
2014-06-15 20:19:36 ----A---- C:\Windows\SysWOW64\systemcpl.dll
2014-06-15 20:19:36 ----A---- C:\Windows\SysWOW64\sethc.exe
2014-06-15 20:19:36 ----A---- C:\Windows\SysWOW64\rtutils.dll
2014-06-15 20:19:36 ----A---- C:\Windows\SysWOW64\riched20.dll
2014-06-15 20:19:36 ----A---- C:\Windows\SysWOW64\OobeFldr.dll
2014-06-15 20:19:36 ----A---- C:\Windows\SysWOW64\ntprint.dll
2014-06-15 20:19:36 ----A---- C:\Windows\SysWOW64\ntlanman.dll
2014-06-15 20:19:36 ----A---- C:\Windows\SysWOW64\NAPHLPR.DLL
2014-06-15 20:19:36 ----A---- C:\Windows\SysWOW64\dskquoui.dll
2014-06-15 20:19:36 ----A---- C:\Windows\SysWOW64\DeviceCenter.dll
2014-06-15 20:19:36 ----A---- C:\Windows\SysWOW64\blackbox.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\wuwebv.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\wmpsrcwp.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\wlanmsm.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\wavemsp.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\tzutil.exe
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\ReAgent.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\provsvc.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\nshipsec.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\netplwiz.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\msftedit.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\migisol.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\isoburn.exe
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\httpapi.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\fms.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\dsuiext.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\dpx.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\dot3ui.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\dfrgui.exe
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\asycfilt.dll
2014-06-15 20:19:35 ----A---- C:\Windows\SysWOW64\activeds.dll
2014-06-15 20:19:34 ----A---- C:\Windows\twain_32.dll
2014-06-15 20:19:34 ----A---- C:\Windows\SysWOW64\wvc.dll
2014-06-15 20:19:34 ----A---- C:\Windows\SysWOW64\wtsapi32.dll
2014-06-15 20:19:34 ----A---- C:\Windows\SysWOW64\wimgapi.dll
2014-06-15 20:19:34 ----A---- C:\Windows\SysWOW64\twext.dll
2014-06-15 20:19:34 ----A---- C:\Windows\SysWOW64\setupugc.exe
2014-06-15 20:19:34 ----A---- C:\Windows\SysWOW64\qcap.dll
2014-06-15 20:19:34 ----A---- C:\Windows\SysWOW64\qasf.dll
2014-06-15 20:19:34 ----A---- C:\Windows\SysWOW64\PkgMgr.exe
2014-06-15 20:19:34 ----A---- C:\Windows\SysWOW64\ocsetup.exe
2014-06-15 20:19:34 ----A---- C:\Windows\SysWOW64\mstask.dll
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\WPDShServiceObj.dll
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\wmdrmsdk.dll
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\wimserv.exe
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\uxlib.dll
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\ssText3d.scr
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\slwga.dll
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\rdpencom.dll
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\perfmon.exe
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\nslookup.exe
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\msvfw32.dll
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\msscp.dll
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\mciavi32.dll
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\diskraid.exe
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\DevicePairingFolder.dll
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\clusapi.dll
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\audiodev.dll
2014-06-15 20:19:33 ----A---- C:\Windows\SysWOW64\acppage.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\wpdwcn.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\wmpdxm.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\vpnikeapi.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\vdsbas.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\UserAccountControlSettings.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\runonce.exe
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\remotepg.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\raschap.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\QUTIL.DLL
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\onexui.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\olepro32.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\ocsetapi.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\networkexplorer.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\NAPCRYPT.DLL
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\iTVData.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\input.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\dxdiagn.dll
2014-06-15 20:19:32 ----A---- C:\Windows\SysWOW64\drmmgrtn.dll
2014-06-15 20:19:32 ----A---- C:\Windows\bfsvc.exe
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\wudriver.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\wmpshell.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\wmdrmdev.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\unimdmat.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\sqlcese30.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\shacct.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\rdpd3d.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\pdh.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\OpcServices.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\msvidc32.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\msiexec.exe
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\mprapi.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\MFPlay.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\lsmproxy.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\logagent.exe
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\iscsium.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\eapp3hst.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\cscapi.dll
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\Bubbles.scr
2014-06-15 20:19:31 ----A---- C:\Windows\SysWOW64\bitsadmin.exe
2014-06-15 20:19:30 ----A---- C:\Windows\SysWOW64\WPDSp.dll
2014-06-15 20:19:30 ----A---- C:\Windows\SysWOW64\srvcli.dll
2014-06-15 20:19:30 ----A---- C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll
2014-06-15 20:19:30 ----A---- C:\Windows\SysWOW64\ncryptui.dll
2014-06-15 20:19:30 ----A---- C:\Windows\SysWOW64\logman.exe
2014-06-15 20:19:28 ----A---- C:\Windows\SysWOW64\PortableDeviceStatus.dll
2014-06-15 20:19:28 ----A---- C:\Windows\SysWOW64\olethk32.dll
2014-06-15 20:19:27 ----A---- C:\Windows\SysWOW64\WMADMOD.DLL
2014-06-15 20:19:27 ----A---- C:\Windows\SysWOW64\wiavideo.dll
2014-06-15 20:19:27 ----A---- C:\Windows\SysWOW64\utildll.dll
2014-06-15 20:19:27 ----A---- C:\Windows\SysWOW64\takeown.exe
2014-06-15 20:19:27 ----A---- C:\Windows\SysWOW64\Ribbons.scr
2014-06-15 20:19:27 ----A---- C:\Windows\SysWOW64\QSVRMGMT.DLL
2014-06-15 20:19:27 ----A---- C:\Windows\SysWOW64\Mystify.scr
2014-06-15 20:19:27 ----A---- C:\Windows\SysWOW64\mapistub.dll
2014-06-15 20:19:27 ----A---- C:\Windows\SysWOW64\mapi32.dll
2014-06-15 20:19:27 ----A---- C:\Windows\SysWOW64\fphc.dll
2014-06-15 20:19:27 ----A---- C:\Windows\SysWOW64\dot3msm.dll
2014-06-15 20:19:27 ----A---- C:\Windows\SysWOW64\avifil32.dll
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\wsnmp32.dll
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\WMVSDECD.DLL
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\WMSPDMOD.DLL
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\wmdrmnet.dll
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\vfwwdm32.dll
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\sppinst.dll
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\setupcln.dll
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\qdv.dll
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\QCLIPROV.DLL
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\pdhui.dll
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\MuiUnattend.exe
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\msyuv.dll
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\msrle32.dll
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\msnetobj.dll
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\iyuv_32.dll
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\EhStorAPI.dll
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\cmstp.exe
2014-06-15 20:19:26 ----A---- C:\Windows\SysWOW64\cca.dll
2014-06-15 20:19:25 ----A---- C:\Windows\SysWOW64\wkscli.dll
2014-06-15 20:19:25 ----A---- C:\Windows\SysWOW64\tsbyuv.dll
2014-06-15 20:19:25 ----A---- C:\Windows\SysWOW64\spbcd.dll
2014-06-15 20:19:25 ----A---- C:\Windows\SysWOW64\relog.exe
2014-06-15 20:19:25 ----A---- C:\Windows\SysWOW64\rastapi.dll
2014-06-15 20:19:25 ----A---- C:\Windows\SysWOW64\netiougc.exe
2014-06-15 20:19:25 ----A---- C:\Windows\SysWOW64\netbtugc.exe
2014-06-15 20:19:25 ----A---- C:\Windows\SysWOW64\mydocs.dll
2014-06-15 20:19:25 ----A---- C:\Windows\SysWOW64\msorcl32.dll
2014-06-15 20:19:25 ----A---- C:\Windows\SysWOW64\iscsicli.exe
2014-06-15 20:19:25 ----A---- C:\Windows\SysWOW64\iasrecst.dll
2014-06-15 20:19:25 ----A---- C:\Windows\SysWOW64\diskpart.exe
2014-06-15 20:19:25 ----A---- C:\Windows\SysWOW64\AzSqlExt.dll
2014-06-15 20:19:25 ----A---- C:\Windows\SysWOW64\amstream.dll
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\wuapp.exe
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\wmpps.dll
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\WerFaultSecure.exe
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\tlscsp.dll
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\syssetup.dll
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\resutils.dll
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\ReAgentc.exe
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\netutils.dll
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\muifontsetup.dll
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\mobsync.exe
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\mciqtz32.dll
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\itircl.dll
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\findstr.exe
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\eappgnui.dll
2014-06-15 20:19:24 ----A---- C:\Windows\SysWOW64\CertPolEng.dll
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\wups.dll
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\unlodctr.exe
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\UIRibbonRes.dll
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\sppc.dll
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\spopk.dll
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\shimgvw.dll
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\rdprefdrvapi.dll
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\perfts.dll
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\odbcconf.dll
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\msdmo.dll
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\luainstall.dll
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\inetmib1.dll
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\imm32.dll
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\iccvid.dll
2014-06-15 20:19:23 ----A---- C:\Windows\SysWOW64\cabinet.dll
2014-06-15 20:19:22 ----A---- C:\Windows\SysWOW64\wshbth.dll
2014-06-15 20:19:22 ----A---- C:\Windows\SysWOW64\wsdchngr.dll
2014-06-15 20:19:22 ----A---- C:\Windows\SysWOW64\TRAPI.dll
2014-06-15 20:19:22 ----A---- C:\Windows\SysWOW64\sscore.dll
2014-06-15 20:19:22 ----A---- C:\Windows\SysWOW64\schedcli.dll
2014-06-15 20:19:22 ----A---- C:\Windows\SysWOW64\shgina.dll
2014-06-15 20:19:22 ----A---- C:\Windows\SysWOW64\riched32.dll
2014-06-15 20:19:22 ----A---- C:\Windows\SysWOW64\napdsnap.dll
2014-06-15 20:19:22 ----A---- C:\Windows\SysWOW64\elsTrans.dll
2014-06-15 20:19:22 ----A---- C:\Windows\SysWOW64\dsauth.dll
2014-06-15 20:19:22 ----A---- C:\Windows\SysWOW64\cscdll.dll
2014-06-15 20:19:22 ----A---- C:\Windows\SysWOW64\bitsperf.dll
2014-06-15 20:19:21 ----A---- C:\Windows\SysWOW64\wshirda.dll
2014-06-15 20:19:21 ----A---- C:\Windows\SysWOW64\spwmp.dll
2014-06-15 20:19:21 ----A---- C:\Windows\SysWOW64\C_ISCII.DLL
2014-06-15 20:19:21 ----A---- C:\Windows\SysWOW64\browseui.dll
2014-06-15 20:19:20 ----A---- C:\Windows\SysWOW64\shunimpl.dll
2014-06-15 20:19:20 ----A---- C:\Windows\SysWOW64\KBDTUQ.DLL
2014-06-15 20:19:20 ----A---- C:\Windows\SysWOW64\KBDTUF.DLL
2014-06-15 20:19:20 ----A---- C:\Windows\SysWOW64\KBDSG.DLL
2014-06-15 20:19:20 ----A---- C:\Windows\SysWOW64\kbdlk41a.dll
2014-06-15 20:19:20 ----A---- C:\Windows\SysWOW64\KBDGR1.DLL
2014-06-15 20:19:20 ----A---- C:\Windows\SysWOW64\KBDGKL.DLL
2014-06-15 20:19:20 ----A---- C:\Windows\SysWOW64\dxmasf.dll
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\spwizres.dll
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\pifmgr.dll
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\nlsbres.dll
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDUS.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDUGHR1.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDTURME.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDTAJIK.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDSF.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDPO.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDNEPR.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDMON.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDMAORI.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDLT1.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDINTEL.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDINTAM.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDINORI.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDINMAR.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDINKAN.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDINHIN.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDINBEN.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDGEO.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDCZ1.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDBULG.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDBLR.DLL
2014-06-15 20:19:19 ----A---- C:\Windows\SysWOW64\KBDBASH.DLL
2014-06-15 20:19:13 ----A---- C:\Windows\SysWOW64\wdscore.dll
2014-06-15 20:19:10 ----A---- C:\Windows\SysWOW64\sqmapi.dll
2014-06-15 20:19:08 ----A---- C:\Windows\SysWOW64\wbemcomn.dll
2014-06-15 20:07:29 ----A---- C:\Windows\SysWOW64\esent.dll
2014-06-15 20:07:28 ----A---- C:\Windows\SysWOW64\fsutil.exe
2014-06-15 20:02:55 ----D---- C:\Windows\SysWOW64\Wat
2014-06-15 19:11:20 ----D---- C:\Windows\Panther
2014-06-15 19:02:17 ----A---- C:\Windows\SysWOW64\wmi.dll
2014-06-15 18:58:09 ----A---- C:\Windows\SysWOW64\tquery.dll
2014-06-15 18:58:09 ----A---- C:\Windows\SysWOW64\mssrch.dll
2014-06-15 18:58:08 ----A---- C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-06-15 18:58:08 ----A---- C:\Windows\SysWOW64\SearchIndexer.exe
2014-06-15 18:58:08 ----A---- C:\Windows\SysWOW64\SearchFilterHost.exe
2014-06-15 18:58:08 ----A---- C:\Windows\SysWOW64\mssvp.dll
2014-06-15 18:58:08 ----A---- C:\Windows\SysWOW64\mssphtb.dll
2014-06-15 18:58:08 ----A---- C:\Windows\SysWOW64\mssph.dll
2014-06-15 18:58:08 ----A---- C:\Windows\SysWOW64\msscntrs.dll
2014-06-15 18:58:02 ----A---- C:\Windows\SysWOW64\ntshrui.dll
2014-06-15 18:57:54 ----A---- C:\Windows\SysWOW64\xmllite.dll
2014-06-15 18:57:50 ----A---- C:\Windows\SysWOW64\webio.dll
2014-06-15 18:57:35 ----A---- C:\Windows\SysWOW64\quartz.dll
2014-06-15 18:57:35 ----A---- C:\Windows\SysWOW64\qdvd.dll
2014-06-15 18:57:32 ----A---- C:\Windows\SysWOW64\odbctrac.dll
2014-06-15 18:57:32 ----A---- C:\Windows\SysWOW64\odbcjt32.dll
2014-06-15 18:57:32 ----A---- C:\Windows\SysWOW64\odbccu32.dll
2014-06-15 18:57:32 ----A---- C:\Windows\SysWOW64\odbccr32.dll
2014-06-15 18:57:32 ----A---- C:\Windows\SysWOW64\odbccp32.dll
2014-06-15 18:56:25 ----A---- C:\Windows\SysWOW64\tsgqec.dll
2014-06-15 18:56:25 ----A---- C:\Windows\SysWOW64\mstscax.dll
2014-06-15 18:56:25 ----A---- C:\Windows\SysWOW64\aaclient.dll
2014-06-15 18:55:59 ----A---- C:\Windows\SysWOW64\sbe.dll
2014-06-15 18:55:59 ----A---- C:\Windows\SysWOW64\CPFilters.dll
2014-06-15 18:55:58 ----A---- C:\Windows\SysWOW64\poqexec.exe
2014-06-15 18:55:38 ----A---- C:\Windows\SysWOW64\mfc42u.dll
2014-06-15 18:55:38 ----A---- C:\Windows\SysWOW64\mfc42.dll
2014-06-15 18:55:29 ----A---- C:\Windows\SysWOW64\dpnet.dll
2014-06-15 18:55:29 ----A---- C:\Windows\SysWOW64\dpnaddr.dll
2014-06-15 18:55:13 ----A---- C:\Windows\SysWOW64\dnscacheugc.exe
2014-06-15 18:55:13 ----A---- C:\Windows\SysWOW64\dnsapi.dll
2014-06-15 18:54:53 ----A---- C:\Windows\SysWOW64\Wpc.dll
2014-06-15 18:54:53 ----A---- C:\Windows\SysWOW64\gameux.dll
2014-06-15 18:54:45 ----A---- C:\Windows\SysWOW64\psisdecd.dll
2014-06-15 18:53:36 ----A---- C:\Windows\SysWOW64\prevhost.exe
2014-06-15 18:53:25 ----A---- C:\Windows\SysWOW64\synceng.dll
2014-06-15 18:53:14 ----A---- C:\Windows\SysWOW64\netapi32.dll
2014-06-15 18:53:14 ----A---- C:\Windows\SysWOW64\browcli.dll
2014-06-15 18:53:12 ----A---- C:\Windows\SysWOW64\msi.dll
2014-06-15 18:52:17 ----A---- C:\Windows\SysWOW64\drvinst.exe
2014-06-15 18:52:17 ----A---- C:\Windows\SysWOW64\devrtl.dll
2014-06-15 18:52:17 ----A---- C:\Windows\SysWOW64\devobj.dll
2014-06-15 18:52:17 ----A---- C:\Windows\SysWOW64\cfgmgr32.dll
2014-06-15 18:45:54 ----A---- C:\Windows\SysWOW64\srclient.dll
2014-06-15 18:45:39 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2014-06-15 18:45:39 ----A---- C:\Windows\SysWOW64\oleacc.dll
2014-06-15 18:45:14 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2014-06-15 18:45:11 ----A---- C:\Windows\SysWOW64\msvcrt.dll
2014-06-15 18:45:06 ----A---- C:\Windows\SysWOW64\cdosys.dll
2014-06-15 18:44:58 ----A---- C:\Windows\SysWOW64\EncDec.dll
2014-06-15 18:41:10 ----A---- C:\Windows\SysWOW64\packager.dll
2014-06-15 18:35:40 ----A---- C:\Windows\SysWOW64\OpenCL.DLL
2014-06-15 18:35:13 ----D---- C:\Program Files (x86)\Common Files\Intel
2014-06-15 18:32:47 ----A---- C:\Windows\SysWOW64\rdpcore.dll
2014-06-15 18:23:10 ----D---- C:\Program Files (x86)\Realtek
2014-06-15 18:21:32 ----D---- C:\ProgramData\Intel
2014-06-15 18:21:11 ----SHD---- C:\Windows\Installer
2014-06-15 18:21:04 ----D---- C:\Program Files (x86)\Common Files\postureAgent
2014-06-15 18:20:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-06-15 18:20:47 ----D---- C:\Users\1\AppData\Roaming\InstallShield
2014-06-15 18:20:16 ----D---- C:\Program Files (x86)\Intel
2014-06-15 18:20:16 ----A---- C:\Windows\SysWOW64\CSVer.dll
2014-06-15 18:19:41 ----D---- C:\gigabyte-H61M-DS2 DVI
2014-06-15 18:17:04 ----D---- C:\Users\1\AppData\Roaming\Identities
2014-06-15 18:16:47 ----SD---- C:\Users\1\AppData\Roaming\Microsoft
2014-06-15 18:16:47 ----D---- C:\Users\1\AppData\Roaming\Media Center Programs
2014-06-15 18:16:37 ----SHD---- C:\Recovery
2014-06-15 18:16:37 ----SHD---- C:\ProgramData\Šablony
2014-06-15 18:16:37 ----SHD---- C:\ProgramData\Plocha
2014-06-15 18:16:37 ----SHD---- C:\ProgramData\Oblíbené položky
2014-06-15 18:16:37 ----SHD---- C:\ProgramData\Nabídka Start
2014-06-15 18:16:37 ----SHD---- C:\ProgramData\Dokumenty
2014-06-15 18:16:37 ----SHD---- C:\ProgramData\Data aplikací
2014-06-15 18:16:34 ----D---- C:\Windows\SoftwareDistribution
2014-06-15 18:11:51 ----D---- C:\Windows\Prefetch
2014-06-15 18:11:38 ----SHD---- C:\System Volume Information
2014-06-15 18:11:38 ----ASH---- C:\pagefile.sys
2014-06-15 18:11:38 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 month======

2014-06-29 20:10:01 ----RD---- C:\Program Files (x86)
2014-06-29 20:10:01 ----D---- C:\Windows\Temp
2014-06-26 06:24:15 ----D---- C:\Windows\System32
2014-06-26 06:24:12 ----D---- C:\Windows\SysWOW64
2014-06-26 06:22:34 ----HD---- C:\ProgramData
2014-06-26 06:22:27 ----D---- C:\Windows
2014-06-26 06:22:10 ----RSD---- C:\Windows\assembly
2014-06-26 06:22:09 ----D---- C:\Program Files (x86)\Common Files
2014-06-23 22:35:38 ----D---- C:\Windows\inf
2014-06-22 22:24:46 ----RD---- C:\Program Files
2014-06-22 10:39:27 ----D---- C:\Windows\winsxs
2014-06-22 00:59:51 ----SHD---- C:\$Recycle.Bin
2014-06-19 07:50:46 ----D---- C:\Windows\rescache
2014-06-18 18:59:19 ----D---- C:\Windows\SysWOW64\cs-CZ
2014-06-18 01:37:06 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2014-06-18 01:37:00 ----D---- C:\Program Files (x86)\MSBuild
2014-06-18 01:36:55 ----D---- C:\Windows\ShellNew
2014-06-18 01:36:48 ----RSD---- C:\Windows\Fonts
2014-06-18 01:36:45 ----SD---- C:\ProgramData\Microsoft
2014-06-18 01:35:04 ----A---- C:\Windows\win.ini
2014-06-18 01:35:03 ----D---- C:\Program Files (x86)\Common Files\System
2014-06-17 03:31:51 ----D---- C:\Windows\Microsoft.NET
2014-06-17 03:21:37 ----D---- C:\Windows\SysWOW64\en-US
2014-06-17 03:21:37 ----D---- C:\Windows\PolicyDefinitions
2014-06-17 03:21:37 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-16 04:09:55 ----D---- C:\Program Files (x86)\Windows Media Player
2014-06-16 04:09:52 ----D---- C:\Windows\SysWOW64\migration
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\zh-TW
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\zh-HK
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\zh-CN
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\tr-TR
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\sv-SE
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\ru-RU
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\pt-PT
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\pt-BR
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\pl-PL
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\nl-NL
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\nb-NO
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\ko-KR
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\ja-JP
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\it-IT
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\hu-HU
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\fr-FR
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\fi-FI
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\es-ES
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\el-GR
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\de-DE
2014-06-16 04:09:51 ----D---- C:\Windows\SysWOW64\da-DK
2014-06-16 04:09:50 ----D---- C:\Windows\AppPatch
2014-06-16 04:09:49 ----D---- C:\Program Files (x86)\Windows Defender
2014-06-16 03:39:26 ----D---- C:\Windows\Logs
2014-06-15 22:26:12 ----D---- C:\Windows\Tasks
2014-06-15 20:53:43 ----D---- C:\Program Files (x86)\Windows Sidebar
2014-06-15 20:53:43 ----D---- C:\Program Files (x86)\Windows Portable Devices
2014-06-15 20:53:43 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2014-06-15 20:53:43 ----D---- C:\Program Files (x86)\Windows Mail
2014-06-15 20:53:42 ----D---- C:\Windows\servicing
2014-06-15 20:53:42 ----D---- C:\Windows\ehome
2014-06-15 20:53:39 ----D---- C:\Windows\SysWOW64\wbem
2014-06-15 20:53:39 ----D---- C:\Windows\SysWOW64\sppui
2014-06-15 20:53:39 ----D---- C:\Windows\SysWOW64\Setup
2014-06-15 20:53:39 ----D---- C:\Windows\SysWOW64\oobe
2014-06-15 20:53:39 ----D---- C:\Windows\SysWOW64\migwiz
2014-06-15 20:53:39 ----D---- C:\Windows\SysWOW64\manifeststore
2014-06-15 20:53:39 ----D---- C:\Windows\SysWOW64\Dism
2014-06-15 20:53:39 ----D---- C:\Windows\SysWOW64\cs
2014-06-15 20:53:39 ----D---- C:\Windows\SysWOW64\AdvancedInstallers
2014-06-15 20:51:48 ----A---- C:\Windows\SysWOW64\msclmd.dll
2014-06-15 19:51:11 ----D---- C:\Windows\debug
2014-06-15 19:10:57 ----D---- C:\Windows\Setup
2014-06-15 18:16:46 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys []
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 ksaud;Creative USB Audio Driver; C:\Windows\system32\drivers\ksaud.sys []
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-02-10 14112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-02-24 1343408]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe []
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-03-22 2183992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-15 116648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-05-21 278344]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2014-06-18 79360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-15 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Márty84]

Mate 64bit system, takze potrebuji log z tohoto RSIT http://images.malwareremoval.com/random/RSITx64.exe


Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


Udelejte kontrolu s MBAM podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Horst_Fuchs]

# AdwCleaner v3.214 - Report created 30/06/2014 at 11:36:48
# Updated 29/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : 1 - 1-PC
# Running from : C:\Users\1\Desktop\adwcleaner_3.214.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\1\AppData\Roaming\OpenCandy

***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [804 octets] - [30/06/2014 10:48:00]
AdwCleaner[R1].txt - [863 octets] - [30/06/2014 11:35:19]
AdwCleaner[S0].txt - [787 octets] - [30/06/2014 11:36:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [846 octets] ##########

[Horst_Fuchs]

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 30.6.2014
Scan Time: 11:49:07
Logfile: mwb.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.30.05
Rootkit Database: v2014.06.23.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: 1

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 262766
Time Elapsed: 5 min, 15 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],

Files: 25
PUP.Optional.Bitcoin, C:\Windows\SysWOW64\acumncmhkrsn.exe, , [900d5727a7d4c175f4426533758cfa06],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmncmhkrsn.exe, , [b9e488f62c4f8caa68cc8f1a41c0da26],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmncmhkrsn.exe, , [613c621c8bf070c6e1a963b0b24f8d73],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\diablo130302.cl, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\diakgcn121016.cl, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\libcurl.dll, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\libeay32.dll, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\libidn-11.dll, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\librtmp.dll, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\libssh2.dll, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\libusb-1.0.dll, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\mnccagdv.exe, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\phatk121016.cl, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\poclbm130302.cl, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\scrypt130511.cl, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\ssleay32.dll, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\zlib1.dll, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\ztex_ufm1_15b1.bit, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\ztex_ufm1_15d1.bit, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\ztex_ufm1_15d3.bit, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\ztex_ufm1_15d4.bin, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\ztex_ufm1_15d4.bit, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\ztex_ufm1_15y1.bin, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\ztex_ufm1_15y1.bit, , [d4c9b9c5fe7d94a2ba80a3f442c05aa6],

Physical Sectors: 0
(No malicious items detected)


(end)

[Márty84]

Vsechny nalezy MBAM nechte odstranit (do karanteny). Po odstraneni a restartu pc udelejte novou kontrolu, ale tentokrat tu, co jsem chtel, cili podle navodu. Musite nastavit vlastni skenovani a vsechny disky. Vy jste udelal jen sken hrozeb. Ten je sice fajn, ale neni tak podrobny. Napiste vysledek testu a podle nej zvolim dalsi postup.

[Horst_Fuchs]

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 30.6.2014
Scan Time: 21:33:08
Logfile: scan.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.30.09
Rootkit Database: v2014.06.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: 1

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 399722
Time Elapsed: 40 min, 52 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams, , [7e23b1cd72095fd7d5bac4d338ca19e7],

Files: 26
BitcoinMiner, C:\Windows\inf\mnccagdv\mnccagdv.exe, , [f5ac2f4fb3c82e082c792fd3758c5da3],
BitcoinMiner, C:\Windows\inf\mncepkp\mncepkp.exe, , [851c1965601b5bdb2085847e02ffd52b],
PUP.Optional.Bitcoin, C:\Windows\SysWOW64\acumncmhkrsn.exe, , [d5ccf7876e0d270fbbbe8612639eef11],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmncmhkrsn.exe, , [ebb6acd2f289b18506711495ef12d927],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmncmhkrsn.exe, , [237e710d5427ad89bee455be4eb3ff01],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\diablo130302.cl, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\diakgcn121016.cl, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\libcurl.dll, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\libeay32.dll, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\libidn-11.dll, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\librtmp.dll, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\libssh2.dll, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\libusb-1.0.dll, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\phatk121016.cl, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\poclbm130302.cl, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\scrypt130511.cl, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\ssleay32.dll, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\zlib1.dll, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\ztex_ufm1_15b1.bit, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\ztex_ufm1_15d1.bit, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\ztex_ufm1_15d3.bit, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\ztex_ufm1_15d4.bin, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\ztex_ufm1_15d4.bit, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\ztex_ufm1_15y1.bin, , [7e23b1cd72095fd7d5bac4d338ca19e7],
Trojan.Agent.BCM, C:\Windows\inf\mnccagdv\bitstreams\ztex_ufm1_15y1.bit, , [7e23b1cd72095fd7d5bac4d338ca19e7],

Physical Sectors: 0
(No malicious items detected)


(end)

[Márty84]

Odstranil jste to predtim? Je tam zase vsechno

Postupujte presne v tomto poradi.
1) MBAM nezavirejte, jen minimalizujte.
2) Vymazte/Vypnete vytvareni bodu obnovy http://forum.viry.cz/viewtopic.php?f=46&t=47040 , ale nerestartujte pc.
3) Ted nechte nalezy MBAM odstranit a restartujte pc.
4) Udelejte novy test s MBAM a dejte sem vysledky.

[Horst_Fuchs]

Dobrý den,
omlouvám se, jsem jelito.
Odstranil jsem vše do karantény, alespoň myslím.
Nyní jsem to udělal tak jak píšete.
Vybral všechny disky - spustil scan.
Nyní mi program nenabídl restart ani odstranění do karantény.
Zde je tedy log, který mi to vyplivlo.
Snad je to správně?

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1.7.2014
Scan Time: 12:40:31
Logfile: log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.01.03
Rootkit Database: v2014.07.01.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: 1

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 400790
Time Elapsed: 44 min, 55 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

[Márty84]

Jo, ted uz je to spravne


Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[Horst_Fuchs]

ComboFix 14-07-03.01 - 1 06.07.2014 23:50:09.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3990.2376 [GMT 2:00]
Spuštěný z: c:\users\1\Downloads\ComboFix.exe
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-06 do 2014-07-06 )))))))))))))))))))))))))))))))
.
.
2014-07-06 21:53 . 2014-07-06 21:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-06 21:44 . 2014-07-06 21:44 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{850218A7-0995-40B5-A930-83AE58ED7475}\offreg.dll
2014-07-06 16:20 . 2014-06-17 22:10 1941352 ----a-w- c:\program files\Win rar.exe
2014-07-06 16:19 . 2014-07-06 16:20 -------- d-----w- c:\program files\Creative zvukovka
2014-07-06 16:18 . 2014-06-22 20:09 4622781 ----a-w- c:\program files\screen hunter.exe
2014-07-06 16:17 . 2014-06-15 20:52 1595776 ----a-w- c:\program files\eset smart.exe
2014-07-06 16:15 . 2014-07-06 16:15 -------- d-----w- c:\program files\Microsoft.Office.2007.CZ.Full+KEY
2014-07-06 16:14 . 2014-07-06 16:15 -------- d-----w- c:\program files\Adobe Photoshop CS
2014-07-05 17:22 . 2014-07-05 17:22 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2014-07-05 17:03 . 2014-07-05 17:03 -------- d-----w- c:\windows\Adobe Illustrator CS
2014-07-05 17:02 . 2014-07-05 17:03 -------- d-----w- c:\program files\Adobe Illustrator CS
2014-07-05 14:59 . 2014-07-05 14:59 -------- d-----w- c:\programdata\Martau
2014-07-05 14:59 . 2014-07-05 15:25 -------- d-----w- c:\program files\Total Uninstall 6
2014-07-04 10:34 . 2014-07-04 10:34 -------- d-----w- c:\programdata\FLEXnet
2014-07-04 09:42 . 2014-07-04 09:42 -------- d-----w- c:\windows\SysWow64\spool
2014-07-04 09:42 . 2014-07-04 09:42 -------- d-----w- c:\windows\SysWow64\Macromed
2014-07-04 06:12 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{850218A7-0995-40B5-A930-83AE58ED7475}\mpengine.dll
2014-06-30 09:44 . 2014-07-01 10:40 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-30 09:44 . 2014-06-30 09:44 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-06-30 09:44 . 2014-06-30 09:44 -------- d-----w- c:\programdata\Malwarebytes
2014-06-30 09:44 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-30 09:44 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-30 09:44 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-30 08:48 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-30 08:47 . 2014-06-30 09:36 -------- d-----w- C:\AdwCleaner
2014-06-29 22:00 . 2014-06-29 22:00 -------- d-----w- c:\windows\SysWow64\Adobe
2014-06-29 22:00 . 2001-10-26 21:16 16384 ----a-w- c:\windows\SysWow64\FileOps.exe
2014-06-26 04:22 . 2014-06-27 11:33 -------- d-----w- c:\programdata\AVG
2014-06-26 04:22 . 2014-06-29 10:19 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-26 04:22 . 2014-06-26 04:22 -------- d--h--w- c:\programdata\Common Files
2014-06-26 04:22 . 2014-07-05 17:22 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2014-06-22 20:09 . 2014-06-22 20:09 -------- d-----w- c:\program files (x86)\Wisdom-soft ScreenHunter 5 Free
2014-06-22 17:49 . 2014-07-06 16:17 -------- d-----w- c:\program files\ostatky
2014-06-22 08:39 . 2014-07-06 16:11 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-06-17 23:37 . 2014-06-17 23:37 -------- d-----w- c:\program files (x86)\Microsoft Works
2014-06-17 23:36 . 2014-06-17 23:36 -------- d-----w- c:\windows\PCHEALTH
2014-06-17 23:35 . 2014-06-17 23:35 -------- d-----w- c:\program files\Microsoft Office
2014-06-17 23:35 . 2014-06-17 23:35 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2014-06-17 23:34 . 2014-06-17 23:38 -------- d-----w- c:\programdata\Microsoft Help
2014-06-17 23:34 . 2014-06-17 23:34 -------- d-----r- C:\MSOCache
2014-06-17 22:35 . 2014-06-17 23:21 -------- d-----w- c:\programdata\Creative
2014-06-17 22:30 . 2009-12-08 13:52 230912 ----a-w- c:\windows\system32\APOMgr64.DLL
2014-06-17 22:30 . 2009-12-08 13:50 177664 ----a-w- c:\windows\SysWow64\APOMngr.DLL
2014-06-17 22:30 . 2009-11-30 16:54 89088 ----a-w- c:\windows\system32\CmdRtr64.DLL
2014-06-17 22:30 . 2009-11-30 16:53 73728 ----a-w- c:\windows\SysWow64\CmdRtr.DLL
2014-06-17 22:30 . 2007-12-11 16:47 23292 ----a-w- c:\windows\ksaudENG.reg
2014-06-17 22:30 . 2007-07-05 08:27 2630 ----a-w- c:\windows\MixerName.reg
2014-06-17 22:30 . 2014-06-17 22:30 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2014-06-17 22:30 . 2014-06-17 22:30 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2014-06-17 22:30 . 2014-06-17 22:30 123480 ----a-w- c:\windows\system32\OpenAL32.dll
2014-06-17 22:30 . 2014-06-17 22:30 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2014-06-17 22:30 . 2012-01-13 09:23 1944064 ------w- c:\windows\system32\Sens_oal.dll
2014-06-17 22:30 . 2012-01-13 09:21 2906586 ------w- c:\windows\SysWow64\Sens_oal.dll
2014-06-17 22:29 . 2014-06-17 22:29 -------- d-----w- c:\program files (x86)\Common Files\Creative
2014-06-17 22:29 . 2014-06-17 22:29 -------- d--h--w- c:\program files (x86)\Creative Installation Information
2014-06-17 22:29 . 2014-06-17 22:29 -------- d-----w- c:\program files (x86)\Common Files\Creative Labs Shared
2014-06-17 22:29 . 2014-06-17 23:20 -------- d-----w- c:\program files (x86)\Creative
2014-06-17 22:29 . 2014-06-30 07:29 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2014-06-17 22:10 . 2014-06-17 22:10 -------- d-----w- c:\program files\WinRAR
2014-06-17 21:16 . 2014-06-17 21:16 -------- d-----w- c:\windows\Downloaded Installations
2014-06-17 21:10 . 2014-06-17 21:10 -------- d-----w- c:\windows\SysWow64\bitstreams
2014-06-17 21:10 . 2013-10-26 18:30 364544 --s-a-w- c:\windows\SysWow64\ssleay32.dll
2014-06-17 21:10 . 2013-10-26 18:30 192512 --s-a-w- c:\windows\SysWow64\libidn-11.dll
2014-06-17 21:10 . 2013-10-26 18:30 171008 --s-a-w- c:\windows\SysWow64\libssh2.dll
2014-06-17 21:10 . 2013-10-26 18:30 133632 --s-a-w- c:\windows\SysWow64\librtmp.dll
2014-06-17 21:10 . 2013-06-12 13:15 119888 --s-a-w- c:\windows\SysWow64\pthreadGC2.dll
2014-06-17 21:10 . 2013-06-12 13:15 100864 --s-a-w- c:\windows\SysWow64\zlib1.dll
2014-06-17 21:10 . 2012-05-26 23:36 55808 --s-a-w- c:\windows\SysWow64\pthreadVC2.dll
2014-06-17 21:10 . 2013-10-26 18:30 538126 --s-a-w- c:\windows\SysWow64\libcurl-4.dll
2014-06-17 21:10 . 2013-10-26 18:30 1704448 --s-a-w- c:\windows\SysWow64\libeay32.dll
2014-06-17 21:10 . 2012-09-25 21:46 472424 --s-a-w- c:\windows\SysWow64\cudart32_50_35.dll
2014-06-17 21:10 . 2014-06-17 22:35 -------- d-----w- c:\program files (x86)\Minecraft 1.4 Free Full Download
2014-06-16 02:09 . 2014-06-16 02:09 -------- d-s---w- c:\windows\system32\CompatTel
2014-06-16 01:52 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-06-16 01:52 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-06-16 01:52 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-06-16 01:52 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-06-16 01:52 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-06-16 01:45 . 2014-06-16 01:45 -------- d-----w- c:\windows\Migration
2014-06-16 01:39 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-06-16 01:34 . 2014-06-16 01:34 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-06-16 01:33 . 2014-06-16 01:33 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-15 21:33 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2014-06-15 21:33 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2014-06-15 21:33 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-06-15 21:33 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2014-06-15 21:33 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2014-06-15 21:33 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2014-06-15 21:33 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2014-06-15 21:33 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2014-06-15 21:31 . 2014-04-05 02:47 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-06-15 21:30 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2014-06-15 21:27 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2014-06-15 21:26 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-15 21:12 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2014-06-15 21:12 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-06-15 21:12 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2014-06-15 21:12 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2014-06-15 21:12 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2014-06-15 21:12 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2014-06-15 20:53 . 2014-06-15 20:53 -------- d-----w- c:\program files\ESET
2014-06-15 20:26 . 2014-06-15 20:26 -------- d-----w- c:\program files (x86)\Google
2014-06-15 19:01 . 2014-06-17 23:36 -------- d-----w- c:\program files (x86)\Microsoft.NET
2014-06-15 18:21 . 2014-06-15 18:21 -------- d-----w- c:\windows\system32\SPReview
2014-06-15 18:21 . 2014-06-15 18:21 -------- d-----w- c:\windows\system32\EventProviders
2014-06-15 18:19 . 2010-11-20 13:34 295808 ----a-w- c:\windows\system32\drivers\volsnap.sys
2014-06-15 18:18 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2014-06-15 18:18 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2014-06-15 18:18 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2014-06-15 18:07 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2014-06-15 18:07 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2014-06-15 18:07 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2014-06-15 18:07 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2014-06-15 18:07 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2014-06-15 18:07 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2014-06-15 18:07 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2014-06-15 18:07 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2014-06-15 18:07 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2014-06-15 18:07 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2014-06-15 18:02 . 2014-06-15 18:02 -------- d-----w- c:\windows\SysWow64\Wat
2014-06-15 18:02 . 2014-06-15 18:02 -------- d-----w- c:\windows\system32\Wat
2014-06-15 18:00 . 2014-06-15 18:00 144 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-06-15 17:51 . 2014-06-15 17:51 -------- d-----w- c:\windows\system32\MRT
2014-06-15 17:18 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-06-15 17:11 . 2014-06-15 16:16 -------- d-----w- c:\windows\Panther
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-16 01:35 . 2014-06-16 01:35 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-06-16 01:34 . 2014-06-16 01:34 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-06-15 18:51 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-06-15 18:51 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-05-20 22:33 . 2014-05-20 22:33 734208 ----a-w- c:\windows\system32\MetroIntelGenericUIFramework.dll
2014-05-20 22:33 . 2014-05-20 22:33 64000 ----a-w- c:\windows\system32\Intel_OpenCL_ICD64.dll
2014-05-20 22:33 . 2014-05-20 22:33 60416 ----a-w- c:\windows\SysWow64\Intel_OpenCL_ICD32.dll
2014-05-20 22:33 . 2014-05-20 22:33 358912 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2014-05-20 22:33 . 2014-05-20 22:33 294912 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2014-05-20 22:33 . 2014-05-20 22:33 278344 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2014-05-20 22:33 . 2014-05-20 22:33 182784 ----a-w- c:\windows\system32\igfxCoIn_v3621.dll
2014-05-20 22:33 . 2014-05-20 22:33 5120 ----a-w- c:\windows\system32\igfxLHMLibv2_0.dll
2014-05-20 22:33 . 2014-05-20 22:33 5120 ----a-w- c:\windows\system32\igfxLHMLib.dll
2014-05-20 22:33 . 2014-05-20 22:33 443720 ----a-w- c:\windows\system32\igfxTray.exe
2014-05-20 22:33 . 2014-05-20 22:33 373248 ----a-w- c:\windows\system32\igfxOSP.dll
2014-05-20 22:33 . 2014-05-20 22:33 31408 ----a-w- c:\windows\system32\igfxexps.dll
2014-05-20 22:33 . 2014-05-20 22:33 30720 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2014-05-20 22:33 . 2014-05-20 22:33 249856 ----a-w- c:\windows\system32\igfxLHM.dll
2014-05-20 22:33 . 2014-05-20 22:33 243528 ----a-w- c:\windows\system32\igfxHK.exe
2014-05-20 22:33 . 2014-05-20 22:33 218808 ----a-w- c:\windows\system32\iglhcp64.dll
2014-05-20 22:33 . 2014-05-20 22:33 190792 ----a-w- c:\windows\system32\igfxext.exe
2014-05-20 22:33 . 2014-05-20 22:33 183800 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2014-05-20 22:33 . 2014-05-20 22:33 1137080 ----a-w- c:\windows\system32\iglhsip64.dll
2014-05-20 22:33 . 2014-05-20 22:33 1132960 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2014-05-20 22:33 . 2014-05-20 22:33 70144 ----a-w- c:\windows\system32\igfxCUIServicePS.dll
2014-05-20 22:33 . 2014-05-20 22:33 69632 ----a-w- c:\windows\system32\igfxDHLibv2_0.dll
2014-05-20 22:33 . 2014-05-20 22:33 655360 ----a-w- c:\windows\system32\igfxDH.dll
2014-05-20 22:33 . 2014-05-20 22:33 57856 ----a-w- c:\windows\system32\igfxDHLib.dll
2014-05-20 22:33 . 2014-05-20 22:33 501064 ----a-w- c:\windows\system32\igfxEM.exe
2014-05-20 22:33 . 2014-05-20 22:33 314696 ----a-w- c:\windows\system32\igfxCUIService.exe
2014-05-20 22:33 . 2014-05-20 22:33 267264 ----a-w- c:\windows\system32\igfxDI.dll
2014-05-20 22:33 . 2014-05-20 22:33 212992 ----a-w- c:\windows\system32\igfxDTCM.dll
2014-05-20 22:33 . 2014-05-20 22:33 10752 ----a-w- c:\windows\system32\igfxDILib.dll
2014-05-20 22:33 . 2014-05-20 22:33 10240 ----a-w- c:\windows\system32\igfxEMLibv2_0.dll
2014-05-20 22:33 . 2014-05-20 22:33 10240 ----a-w- c:\windows\system32\igfxEMLib.dll
2014-05-20 22:33 . 2014-05-20 22:33 10240 ----a-w- c:\windows\system32\igfxDILibv2_0.dll
2014-05-20 22:33 . 2014-05-20 22:33 4590152 ----a-w- c:\windows\system32\igdusc64.dll
2014-05-20 22:33 . 2014-05-20 22:33 3658520 ----a-w- c:\windows\SysWow64\igdusc32.dll
2014-05-20 22:33 . 2014-05-20 22:33 254976 ----a-w- c:\windows\system32\igfxCPL.cpl
2014-05-20 22:33 . 2014-05-20 22:33 2023936 ----a-w- c:\windows\system32\igfxcmjit64.dll
2014-05-20 22:33 . 2014-05-20 22:33 187408 ----a-w- c:\windows\system32\igfxcmrt64.dll
2014-05-20 22:33 . 2014-05-20 22:33 182784 ----a-w- c:\windows\system32\igfx11cmrt64.dll
2014-05-20 22:33 . 2014-05-20 22:33 1755648 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2014-05-20 22:33 . 2014-05-20 22:33 158032 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2014-05-20 22:33 . 2014-05-20 22:33 155136 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll
2014-05-20 22:33 . 2014-05-20 22:33 16586584 ----a-w- c:\windows\system32\igdumdim64.dll
2014-05-20 22:33 . 2014-05-20 22:33 433560 ----a-w- c:\windows\system32\igdmd64.dll
2014-05-20 22:33 . 2014-05-20 22:33 348088 ----a-w- c:\windows\SysWow64\igdmd32.dll
2014-05-20 22:33 . 2014-05-20 22:33 1673216 ----a-w- c:\windows\system32\igdrcl64.dll
2014-05-20 22:33 . 2014-05-20 22:33 16114320 ----a-w- c:\windows\SysWow64\igdumdim32.dll
2014-05-20 22:33 . 2014-05-20 22:33 1551872 ----a-w- c:\windows\SysWow64\igdrcl32.dll
2014-05-20 22:33 . 2014-05-20 22:33 3791872 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2014-05-20 22:33 . 2014-05-20 22:33 23048704 ----a-w- c:\windows\system32\igdfcl64.dll
2014-05-20 22:33 . 2014-05-20 22:33 18032640 ----a-w- c:\windows\SysWow64\igdfcl32.dll
2014-05-20 22:33 . 2014-05-20 22:33 330240 ----a-w- c:\windows\system32\igdbcl64.dll
2014-05-20 22:33 . 2014-05-20 22:33 291328 ----a-w- c:\windows\SysWow64\igdbcl32.dll
2014-05-20 22:33 . 2014-05-20 22:33 223744 ----a-w- c:\windows\system32\igdde64.dll
2014-05-20 22:33 . 2014-05-20 22:33 183808 ----a-w- c:\windows\SysWow64\igdde32.dll
2014-05-20 22:33 . 2014-05-20 22:33 160256 ----a-w- c:\windows\system32\igdail64.dll
2014-05-20 22:33 . 2014-05-20 22:33 142848 ----a-w- c:\windows\SysWow64\igdail32.dll
2014-05-20 22:33 . 2014-05-20 22:33 17791136 ----a-w- c:\windows\system32\igd10iumd64.dll
2014-05-20 22:33 . 2014-05-20 22:33 8120320 ----a-w- c:\windows\system32\ig7icd64.dll
2014-05-20 22:33 . 2014-05-20 22:33 6364672 ----a-w- c:\windows\SysWow64\ig7icd32.dll
2014-05-20 22:33 . 2014-05-20 22:33 17409536 ----a-w- c:\windows\SysWow64\igd10iumd32.dll
2014-05-20 22:33 . 2014-05-20 22:33 94208 ----a-w- c:\windows\system32\IccLibDll_x64.dll
2014-05-20 22:33 . 2014-05-20 22:33 4342088 ----a-w- c:\windows\system32\Gfxv4_0.exe
2014-05-20 22:33 . 2014-05-20 22:33 4338504 ----a-w- c:\windows\system32\Gfxv2_0.exe
2014-05-20 22:33 . 2014-05-20 22:33 929608 ----a-w- c:\windows\system32\GfxUIEx.exe
2014-05-20 22:33 . 2014-05-20 22:33 543560 ----a-w- c:\windows\system32\DPTopologyApp.exe
2014-05-20 22:33 . 2014-05-20 22:33 543048 ----a-w- c:\windows\system32\DPTopologyAppv2_0.exe
2014-05-20 22:33 . 2014-05-20 22:33 392520 ----a-w- c:\windows\system32\CustomModeApp.exe
2014-05-20 22:33 . 2014-05-20 22:33 392008 ----a-w- c:\windows\system32\CustomModeAppv2_0.exe
2014-05-20 22:33 . 2014-05-20 22:33 152392 ----a-w- c:\windows\system32\difx64.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2014-7-5 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"MSStp"=c:\windows\inf\msstp.vbe
"mncmhkrsnSrv"=c:\windows\system32\mncmhkrsn.vbe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S3 ksaud;Creative USB Audio Driver;c:\windows\system32\drivers\ksaud.sys;c:\windows\SYSNATIVE\drivers\ksaud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-15 20:26 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-15 20:26]
.
2014-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-15 20:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2014-02-24 5581888]
"Creative SB Monitoring Utility"="sbavmon.dll" [2009-12-16 109056]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.default-search.net?sid=503&aid=101& ... 57&src=hmp
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-07-06 23:55:20
ComboFix-quarantined-files.txt 2014-07-06 21:55
.
Před spuštěním: Volných bajtů: 912 969 150 464
Po spuštění: Volných bajtů: 912 875 479 040
.
- - End Of File - - FAC2EEF297D9C71234DFF16CF1806C9E
A36C5E4F47E84449FF07ED3517B43A31