PC začal být začátkem týdne velmi pomalý, spuštění jakéhokoliv programu provází dlouhé čekání, po restartu naskočí chybová hláška windows - správce úloh musel být ukončen, při spuštění internet explorer dochází k vytížení 50% procesoru
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-10-2014 01
Ran by vp2 (administrator) on KASA01 on 09-10-2014 11:59:11
Running from C:\Users\vp2\Desktop
Loaded Profiles: pc1 & vp2 (Available profiles: pc1 & vp1 & vp2 & fili)
Platform: Microsoft Windows 7 Professional (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SteelBytes) C:\Program Files\SteelBytes\PortTunnel\PortTunnel.exe
() C:\Windows\System32\SCForte.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(UltraVNC) C:\Program Files\UltraVNC\winvnc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
(UltraVNC) C:\Program Files\UltraVNC\winvnc.exe
() C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe
() C:\Users\pc1\AppData\Local\Temp\svchost.exe
(WinShop software s.r.o.) C:\Programy\Sklad\sklad.exe
(Microsoft Corporation) C:\Windows\System32\rdpclip.exe
() C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Mozilla Messaging) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-V5.16.exe
(Microsoft Corporation) C:\b7777993a4c6f12212f3528054d379fc\mrtstub.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(WinShop software s.r.o.) C:\Programy\Sklad\sklad.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(2GK Inc.) C:\Users\pc1\AppData\Roaming\BzCrdSLe\lUVxvlcL\FIddUUkk\vtZOpwKqj.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSYS] => C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe [36352 2014-01-24] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-09-22] (ESET)
HKLM Group Policy restriction on software: C:\Program Files\Panda Security <====== ATTENTION
HKU\S-1-5-21-1968554069-1297930875-3543694926-1000\...\Run: [MSYS] => C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe [36352 2014-01-24] ()
HKU\S-1-5-21-1968554069-1297930875-3543694926-1000\...\Run: [Java SE Platform Updater] => "C:\Users\pc1\AppData\Roaming\Java SE Platform Updater\jusched.exe"
HKU\S-1-5-21-1968554069-1297930875-3543694926-1000\...\Run: [xprghxms] => regsvr32.exe "C:\ProgramData\xprghxms.dat"
Startup: C:\Users\vp1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Toolbar: HKLM - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {336C9D79-263A-4D75-AA7C-60DAF945AE67} http://90.176.85.203:7000/classes/OvisLinkCamV_H264.cab
DPF: {87D48502-D1FF-4D25-B66C-9DA4F7CB2722} http://10.0.0.222/classes/CamV_H264.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\..\Interfaces\{4170E646-F686-42A3-8729-3D3B4192ADBF}: [NameServer] 10.1.20.20,10.1.2.10
FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
Chrome:
=======
CHR CustomProfile: C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-09]
CHR Extension: (Dokumenty Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-09]
CHR Extension: (Disk Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-09]
CHR Extension: (YouTube) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-09]
CHR Extension: (Vyhledávání Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-09]
CHR Extension: (Tabulky Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-09]
CHR Extension: (Peněženka Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-09]
CHR Extension: (Gmail) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-09]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1350112 2014-09-16] (ESET)
R2 PortTunnel; C:\Program Files\SteelBytes\PortTunnel\PortTunnel.exe [592392 2010-07-14] (SteelBytes) [File not signed]
R2 ServiceAceSpy; C:\Windows\system32\SCForte.exe [571904 2009-04-11] () [File not signed]
R3 TermService; C:\Windows\System32\termsrv.dll [543232 2010-04-16] (Microsoft Corporation) [File not signed]
R2 uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [1590216 2009-12-07] (UltraVNC)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1334784 2009-07-08] (Atheros Communications, Inc.) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-09-22] (ESET)
S0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [190368 2014-09-22] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-09-22] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2014-09-22] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2014-09-22] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51288 2014-09-22] (ESET)
S3 hipeer20; C:\Windows\System32\DRIVERS\remobo32.sys [26112 2009-04-22] (Windows (R) Codename Longhorn DDK provider)
R1 MpKsl02faed39; C:\Windows\system32\MpEngineStore\MpKsl02faed39.sys [39464 2014-10-09] (Microsoft Corporation)
S3 optousb; C:\Windows\System32\DRIVERS\optousb.sys [18432 2009-11-25] (OPTO ELECTRONICS CO.,LTD.)
S3 optovcm; C:\Windows\System32\DRIVERS\optovcm.sys [26368 2009-11-25] (OPTO ELECTRONICS CO.,LTD.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [602216 2013-03-13] (Realtek Semiconductor Corporation )
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2007-01-10] (Samsung Electronics) [File not signed]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-09 11:59 - 2014-10-09 12:00 - 00008535 _____ () C:\Users\vp2\Desktop\FRST.txt
2014-10-09 11:57 - 2014-10-09 11:59 - 00000000 ____D () C:\FRST
2014-10-09 11:57 - 2014-10-09 11:57 - 01101312 _____ (Farbar) C:\Users\vp2\Desktop\FRST.exe
2014-10-09 11:49 - 2014-10-09 11:49 - 00000000 ____D () C:\Windows\system32\MpEngineStore
2014-10-09 11:49 - 2014-10-09 11:49 - 00000000 ____D () C:\Users\vp2\AppData\Roaming\ESET
2014-10-09 11:49 - 2014-10-09 11:49 - 00000000 ____D () C:\Users\vp2\AppData\Local\ESET
2014-10-09 11:49 - 2014-10-09 11:49 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\ESET
2014-10-09 11:49 - 2014-10-09 11:49 - 00000000 ____D () C:\Users\pc1\AppData\Local\ESET
2014-10-09 11:47 - 2014-10-09 11:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-09 11:46 - 2014-10-09 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-10-09 11:46 - 2014-10-09 11:46 - 00000000 ____D () C:\ProgramData\ESET
2014-10-09 11:46 - 2014-10-09 11:46 - 00000000 ____D () C:\Program Files\ESET
2014-10-09 11:46 - 2014-10-09 11:46 - 00000000 ____D () C:\b7777993a4c6f12212f3528054d379fc
2014-10-09 11:46 - 2014-08-29 13:01 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-09 11:38 - 2012-06-03 00:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-09 11:38 - 2012-06-03 00:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-09 11:38 - 2012-06-03 00:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-09 11:38 - 2012-06-03 00:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-09 11:37 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-09 11:37 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-09 11:35 - 2014-10-09 11:35 - 00000000 ____D () C:\Windows\pss
2014-10-09 11:33 - 2014-10-09 11:33 - 00068072 _____ () C:\Users\vp2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-06 17:13 - 2014-10-06 17:13 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\BzCrdSLe
2014-10-03 18:39 - 2014-10-03 18:39 - 00010240 _____ () C:\Users\pc1\Desktop\docházka říjen 2014.xlt
2014-10-03 18:37 - 2014-10-03 18:37 - 00009728 _____ () C:\Users\pc1\Desktop\brigáda říjen 2014.xlt
2014-10-02 10:30 - 2014-10-02 10:30 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\fXCAEONo
2014-09-24 11:09 - 2014-10-09 09:10 - 00013824 _____ () C:\Users\pc1\Desktop\tržba říjen 2014.xls
2014-09-22 08:20 - 2014-09-22 08:20 - 00191928 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2014-09-22 08:20 - 2014-09-22 08:20 - 00190368 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2014-09-22 08:20 - 2014-09-22 08:20 - 00176448 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2014-09-22 08:20 - 2014-09-22 08:20 - 00135296 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2014-09-22 08:20 - 2014-09-22 08:20 - 00051288 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2014-09-22 08:20 - 2014-09-22 08:20 - 00037928 _____ (ESET) C:\Windows\system32\Drivers\EpfwLWF.sys
2014-09-20 09:02 - 2014-09-20 09:02 - 00000584 _____ () C:\Windows\PFRO.log
2014-09-17 14:41 - 2014-09-17 14:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-09-11 11:06 - 2014-09-11 11:09 - 00000000 ____D () C:\Users\pc1\Desktop\2014-09-11
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-09 11:57 - 2009-07-14 06:34 - 00014816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-09 11:57 - 2009-07-14 06:34 - 00014816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-09 11:50 - 2014-02-15 23:53 - 00000000 ___HD () C:\Users\pc1\AppData\Roaming\Java SE Platform Updater
2014-10-09 11:48 - 2014-07-01 09:32 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\AdobeChk
2014-10-09 11:47 - 2010-04-17 02:17 - 01101412 _____ () C:\Windows\WindowsUpdate.log
2014-10-09 11:35 - 2010-04-16 20:20 - 01445734 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-09 11:32 - 2014-05-06 10:14 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-09 11:30 - 2014-09-08 01:00 - 00001126 _____ () C:\Windows\setupact.log
2014-10-09 11:30 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-09 11:26 - 2013-04-22 09:53 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-09 11:25 - 2014-05-06 10:14 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-08 18:05 - 2010-04-28 20:01 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-10-08 04:31 - 2014-05-06 10:17 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-06 09:14 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-05 15:56 - 2012-03-08 22:52 - 00001397 _____ () C:\Users\vp2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-05 11:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-03 09:13 - 2012-05-04 16:45 - 00000000 ____D () C:\Users\pc1\Desktop\TRŽBY
2014-10-02 09:11 - 2012-05-04 16:44 - 00000000 ____D () C:\Users\pc1\Desktop\DOCHÁZKA
2014-09-30 09:11 - 2013-03-22 12:49 - 00000000 ____D () C:\Users\pc1\Desktop\faktury Fili
2014-09-24 15:26 - 2014-04-29 15:27 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-09-24 15:26 - 2013-04-22 09:53 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-24 15:26 - 2011-05-13 16:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-22 08:46 - 2010-04-16 20:53 - 00001417 _____ () C:\Users\vp1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-21 17:04 - 2014-08-27 13:52 - 00001397 _____ () C:\Users\fili\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-20 12:55 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-09-20 09:03 - 2010-04-16 20:20 - 00001417 _____ () C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-20 09:02 - 2010-04-17 03:08 - 00000000 ____D () C:\Windows\Panther
2014-09-15 09:06 - 2010-04-16 20:33 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\pc1\AppData\Local\Temp\svchost.exe
C:\Users\vp1\AppData\Local\Temp\CloudAntivirus.exe
C:\Users\vp1\AppData\Local\Temp\wcrash.exe
C:\Users\vp2\AppData\Local\Temp\InstHelper.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-06 00:42
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-10-2014 01
Ran by vp2 at 2014-10-09 12:00:55
Running from C:\Users\vp2\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Disabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Active WebCam (HKLM\...\Active WebCam) (Version: - )
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
APLS WinShop standard v9 CR (HKLM\...\{B7163E51-AD4D-43CA-9A9C-17D79E8A9A2A}) (Version: 9.00.0000 - APLS Praha s.r.o.)
Ask Toolbar (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.6.6.0 - Ask.com) <==== ATTENTION
BIXOLON SRP-350plus Windows Driver 3.0.6E (HKLM\...\BIXOLON_SRP-350plus) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform)
CutePDF Writer 2.3 (HKLM\...\CutePDF Writer Installation) (Version: - )
ESET Smart Security (HKLM\...\{3B6DC3E5-D0BA-4935-9B59-1EE79AB75446}) (Version: 8.0.301.4 - ESET, spol s r. o.)
Foxit Reader (HKLM\...\Foxit Reader) (Version: 3.2.0.303 - Foxit Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
IP Wizard II 3.0.0.7974 (HKLM\...\{CFDB3804-B6C4-4485-9D0E-ABBD3142E561}_is1) (Version: - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Thunderbird (3.1.20) (HKLM\...\Mozilla Thunderbird (3.1.20)) (Version: 3.1.20 (cs) - Mozilla)
odf-converter-integrator (HKLM\...\odf-converter-integrator) (Version: - )
OpenOffice.org 3.2 (HKLM\...\{5DE71D48-01EB-4BF2-A643-50FE6C9B6AC9}) (Version: 3.2.9483 - OpenOffice.org)
PortTunnel (HKLM\...\{7E7F99BC-5B21-4FAE-8C3C-5F692D758E36}) (Version: 2.0.25 - SteelBytes)
Samsung SCX-4500 Series (HKLM\...\Samsung SCX-4500 Series) (Version: - Samsung Electronics CO.,LTD)
TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.0.8232 - TeamViewer GmbH)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.50a - Ghisler Software GmbH)
TP-LINK Wireless Client Utility (HKLM\...\{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}) (Version: 7.0 - TP-LINK)
UltraVNC 1.0.8.2 (HKLM\...\Ultravnc2_is1) (Version: 1.0.8.2 - 1.0.8.2)
Unreal Commander v0.96 (HKLM\...\UnrealCommander_is1) (Version: - Max Diesel)
WinRAR 5.10 beta 3 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.3 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1968554069-1297930875-3543694926-1000_Classes\CLSID\{b388f3aa-ffde-5e58-8f8d-35d255c1e0f9}\InprocServer32 -> C:\Windows\System32\npBarcodeConnector.dll (Zasilkovna s.r.o.)
==================== Restore Points =========================
13-08-2014 22:00:06 Naplánovaný kontrolní bod
21-08-2014 22:00:02 Naplánovaný kontrolní bod
29-08-2014 22:00:07 Naplánovaný kontrolní bod
05-09-2014 17:21:44 Instalační služba modulů systému Windows
12-09-2014 22:00:00 Naplánovaný kontrolní bod
20-09-2014 10:54:28 Naplánovaný kontrolní bod
27-09-2014 18:33:37 Naplánovaný kontrolní bod
04-10-2014 18:38:10 Naplánovaný kontrolní bod
09-10-2014 09:37:31 Windows Update
09-10-2014 09:45:07 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1824D260-53FF-4CB6-A0AB-C7840721F69F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-06] (Google Inc.)
Task: {1BF2B6E6-6F49-43FC-B065-7868B2DB60FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-06] (Google Inc.)
Task: {3B73FE08-8571-4CBB-AFFB-7EAD507D5B5B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {58A9AD5D-99F4-4A9E-952C-AE7335733765} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {CE7A9D01-4A23-4A91-BAA5-41EF39DB7D13} - System32\Tasks\{22D9EEAB-100E-40D9-AD59-7A460D9434DD} => C:\Users\pc1\Downloads\pobocka.exe [2014-05-06] ()
Task: {E6212848-2305-448B-927E-5ED4124B6836} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {EC1A4EC3-5FAF-46E1-80B0-CD0CA7467D7A} - System32\Tasks\{21B76856-1932-741A-CB5A-304E8514275B} => C:\Users\pc1\AppData\Roaming\BzCrdSLe\lUVxvlcL\FIddUUkk\vtZOpwKqj.exe [2009-07-14] (2GK Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-04-22 14:26 - 2004-12-14 09:54 - 00081920 _____ () C:\Windows\System32\cpwmon2k.dll
2010-04-30 12:23 - 2007-01-11 21:28 - 00022723 _____ () C:\Windows\System32\sx450sl3.dll
2010-04-22 10:24 - 2009-04-11 11:09 - 00571904 _____ () C:\Windows\system32\SCForte.exe
2009-09-14 23:24 - 2009-09-14 23:24 - 00270336 _____ () C:\Windows\system32\SaMinDrv.dll
2013-09-07 16:15 - 2014-01-24 09:49 - 00036352 _____ () C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe
2014-10-09 11:25 - 2014-10-09 11:30 - 00182784 _____ () C:\Users\pc1\AppData\Local\Temp\svchost.exe
2012-12-31 19:09 - 2012-12-31 19:09 - 00065536 _____ () c:\programy\sklad\clrhost.dll
2012-12-31 19:09 - 2014-07-04 09:11 - 00055808 _____ () C:\Programy\Sklad\WinShopSTD_CLRhost.dll
2010-02-15 12:29 - 2010-04-16 23:52 - 00970752 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2010-04-28 20:01 - 2012-03-17 11:33 - 00848536 _____ () C:\Program Files\Mozilla Thunderbird\js3250.dll
2010-04-28 20:01 - 2012-03-17 11:33 - 00161944 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2010-04-28 20:01 - 2012-03-17 11:33 - 00021656 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-10-08 04:31 - 2014-10-01 07:54 - 01042760 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.101\libglesv2.dll
2014-10-08 04:31 - 2014-10-01 07:54 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.101\libegl.dll
2014-10-08 04:31 - 2014-10-01 07:54 - 08911176 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.101\pdf.dll
2014-10-08 04:31 - 2014-10-01 07:54 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.101\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\pc1\Desktop\Návody.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^vp2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupreg: Sidebar => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
========================= Accounts: ==========================
Administrator (S-1-5-21-1968554069-1297930875-3543694926-500 - Administrator - Disabled)
fili (S-1-5-21-1968554069-1297930875-3543694926-1005 - Administrator - Enabled) => C:\Users\fili
Guest (S-1-5-21-1968554069-1297930875-3543694926-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1968554069-1297930875-3543694926-1003 - Limited - Enabled)
pc1 (S-1-5-21-1968554069-1297930875-3543694926-1000 - Administrator - Enabled) => C:\Users\pc1
vp1 (S-1-5-21-1968554069-1297930875-3543694926-1001 - Administrator - Enabled) => C:\Users\vp1
vp2 (S-1-5-21-1968554069-1297930875-3543694926-1004 - Administrator - Enabled) => C:\Users\vp2
==================== Faulty Device Manager Devices =============
Name: Realtek RTL8188CU Wireless LAN 802.11n USB 2.0 Network Adapter
Description: Realtek RTL8188CU Wireless LAN 802.11n USB 2.0 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8192cu
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/09/2014 11:40:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.
Error: (10/09/2014 11:40:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.
Error: (10/09/2014 11:36:16 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.
Error: (10/09/2014 11:31:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: taskmgr.exe, verze: 6.1.7600.16385, časové razítko: 0x4a5bc13c
Název chybujícího modulu: kernel32.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdaad
Kód výjimky: 0xc0000005
Posun chyby: 0x0005123f
ID chybujícího procesu: 0xdc0
Čas spuštění chybující aplikace: 0xtaskmgr.exe0
Cesta k chybující aplikaci: taskmgr.exe1
Cesta k chybujícímu modulu: taskmgr.exe2
ID zprávy: taskmgr.exe3
Error: (10/09/2014 11:26:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: taskmgr.exe, verze: 6.1.7600.16385, časové razítko: 0x4a5bc13c
Název chybujícího modulu: kernel32.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdaad
Kód výjimky: 0xc0000005
Posun chyby: 0x0005123f
ID chybujícího procesu: 0xf0c
Čas spuštění chybující aplikace: 0xtaskmgr.exe0
Cesta k chybující aplikaci: taskmgr.exe1
Cesta k chybujícímu modulu: taskmgr.exe2
ID zprávy: taskmgr.exe3
Error: (10/09/2014 11:05:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: taskmgr.exe, verze: 6.1.7600.16385, časové razítko: 0x4a5bc13c
Název chybujícího modulu: kernel32.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdaad
Kód výjimky: 0xc0000005
Posun chyby: 0x00051241
ID chybujícího procesu: 0x484
Čas spuštění chybující aplikace: 0xtaskmgr.exe0
Cesta k chybující aplikaci: taskmgr.exe1
Cesta k chybujícímu modulu: taskmgr.exe2
ID zprávy: taskmgr.exe3
Error: (10/09/2014 10:11:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16561, časové razítko: 0x539247f9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x002e4b0a
ID chybujícího procesu: 0x3518
Čas spuštění chybující aplikace: 0xiexplore.exe0
Cesta k chybující aplikaci: iexplore.exe1
Cesta k chybujícímu modulu: iexplore.exe2
ID zprávy: iexplore.exe3
Error: (10/09/2014 10:09:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16561, časové razítko: 0x539247f9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x003554a5
ID chybujícího procesu: 0x2378
Čas spuštění chybující aplikace: 0xiexplore.exe0
Cesta k chybující aplikaci: iexplore.exe1
Cesta k chybujícímu modulu: iexplore.exe2
ID zprávy: iexplore.exe3
Error: (10/08/2014 08:01:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sklad.exe, verze: 12.2012.610.0, časové razítko: 0x47139f24
Název chybujícího modulu: mscorwks.dll, verze: 2.0.50727.4927, časové razítko: 0x4a275a68
Kód výjimky: 0xc0000005
Posun chyby: 0x00089779
ID chybujícího procesu: 0x%9
Čas spuštění chybující aplikace: 0xsklad.exe0
Cesta k chybující aplikaci: sklad.exe1
Cesta k chybujícímu modulu: sklad.exe2
ID zprávy: sklad.exe3
Error: (10/08/2014 08:01:09 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.4927 - Závažná chyba spouštěcího modulu (6D6C851A) (80131506)
System errors:
=============
Error: (10/09/2014 11:46:31 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba ESET Service je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (10/09/2014 11:36:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Defender byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (10/09/2014 11:30:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (10/09/2014 11:30:13 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk0\DR0.
Error: (10/09/2014 11:30:13 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk0\DR0.
Error: (10/09/2014 11:30:13 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk0\DR0.
Error: (10/09/2014 11:30:13 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk0\DR0.
Error: (10/09/2014 11:30:13 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk0\DR0.
Error: (10/09/2014 11:30:13 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk0\DR0.
Error: (10/09/2014 11:30:13 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk0\DR0.
Microsoft Office Sessions:
=========================
Error: (10/09/2014 11:40:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/m ... stl.cabPři ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
Error: (10/09/2014 11:40:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/m ... stl.cabPři ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
Error: (10/09/2014 11:36:16 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/m ... stl.cabPři ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
Error: (10/09/2014 11:31:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: taskmgr.exe6.1.7600.163854a5bc13ckernel32.dll6.1.7600.163854a5bdaadc00000050005123fdc001cfe3a3be145b75C:\Windows\system32\taskmgr.exeC:\Windows\system32\kernel32.dllfd000a5b-4f96-11e4-89db-6cf049572355
Error: (10/09/2014 11:26:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: taskmgr.exe6.1.7600.163854a5bc13ckernel32.dll6.1.7600.163854a5bdaadc00000050005123ff0c01cfe3a3156247d6C:\Windows\system32\taskmgr.exeC:\Windows\system32\kernel32.dll5440fe3b-4f96-11e4-8434-6cf049572355
Error: (10/09/2014 11:05:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: taskmgr.exe6.1.7600.163854a5bc13ckernel32.dll6.1.7600.163854a5bdaadc00000050005124148401cfe3a031d03dc0C:\Windows\system32\taskmgr.exeC:\Windows\system32\kernel32.dll708e2539-4f93-11e4-b743-6cf049572355
Error: (10/09/2014 10:11:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.16561539247f9unknown0.0.0.000000000c0000005002e4b0a351801cfe3986ccbe1c4C:\Program Files\Internet Explorer\iexplore.exeunknowne819e862-4f8b-11e4-9e79-6cf049572355
Error: (10/09/2014 10:09:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.16561539247f9unknown0.0.0.000000000c0000005003554a5237801cfe39723b17524C:\Program Files\Internet Explorer\iexplore.exeunknown9bccee20-4f8b-11e4-9e79-6cf049572355
Error: (10/08/2014 08:01:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sklad.exe12.2012.610.047139f24mscorwks.dll2.0.50727.49274a275a68c000000500089779
Error: (10/08/2014 08:01:09 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.4927 - Závažná chyba spouštěcího modulu (6D6C851A) (80131506)
CodeIntegrity Errors:
===================================
Date: 2014-10-09 11:57:45.185
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-10-09 11:33:00.338
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-10-09 11:14:05.383
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-10-09 09:05:00.541
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-10-09 08:51:29.498
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-10-08 10:28:02.716
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-10-07 12:05:32.848
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-10-07 11:23:01.697
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-10-07 09:38:15.710
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-10-06 09:33:20.287
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz
Percentage of memory in use: 79%
Total physical RAM: 2037.49 MB
Available physical RAM: 412.29 MB
Total Pagefile: 4074.98 MB
Available Pagefile: 2612.74 MB
Total Virtual: 2047.88 MB
Available Virtual: 1915.38 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:195.21 GB) (Free:157.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8565D414)
Partition 1: (Active) - (Size=195.2 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o pomoc - zpomalení počítače, chybové hlášky
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc - zpomalení počítače, chybové hlášky
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o pomoc - zpomalení počítače, chybové hlášky
Dal jsem sken, proběhl (pak jsem dal clean a objevila se windows chybová hláška že program přestal pracovat), zkusil jsem to znovu a vypnul jsem přitom dočasně ochranu ESET smart security a proběhl i CLEAN. Zde je report
# AdwCleaner v3.311 - Report created 09/10/2014 at 20:42:09
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Professional (32 bits)
# Username : vp2 - KASA01
# Running from : C:\Users\vp2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7EH63ZX4\adwcleaner_3.311.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : ServiceAceSpy
***** [ Files / Folders ] *****
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\pc1\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\vp1\AppData\LocalLow\AskToolbar
File Deleted : C:\Windows\system32\SCForte.exe
***** [ Scheduled Tasks ] *****
Task Deleted : Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16561
-\\ Google Chrome v38.0.2125.101
[ File : C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\vp1\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [3930 octets] - [09/10/2014 20:30:52]
AdwCleaner[R1].txt - [4049 octets] - [09/10/2014 20:38:36]
AdwCleaner[S0].txt - [354 octets] - [09/10/2014 20:33:55]
AdwCleaner[S1].txt - [4038 octets] - [09/10/2014 20:42:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4098 octets] ##########
# AdwCleaner v3.311 - Report created 09/10/2014 at 20:42:09
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Professional (32 bits)
# Username : vp2 - KASA01
# Running from : C:\Users\vp2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7EH63ZX4\adwcleaner_3.311.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : ServiceAceSpy
***** [ Files / Folders ] *****
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\pc1\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\vp1\AppData\LocalLow\AskToolbar
File Deleted : C:\Windows\system32\SCForte.exe
***** [ Scheduled Tasks ] *****
Task Deleted : Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16561
-\\ Google Chrome v38.0.2125.101
[ File : C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\vp1\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [3930 octets] - [09/10/2014 20:30:52]
AdwCleaner[R1].txt - [4049 octets] - [09/10/2014 20:38:36]
AdwCleaner[S0].txt - [354 octets] - [09/10/2014 20:33:55]
AdwCleaner[S1].txt - [4038 octets] - [09/10/2014 20:42:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4098 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc - zpomalení počítače, chybové hlášky
Zdravím!
Dejte nový log FRST.
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o pomoc - zpomalení počítače, chybové hlášky
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-10-2014 01
Ran by vp2 (administrator) on KASA01 on 09-10-2014 21:35:38
Running from C:\Users\vp2\Desktop
Loaded Profile: vp2 (Available profiles: pc1 & vp1 & vp2 & fili)
Platform: Microsoft Windows 7 Professional (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(SteelBytes) C:\Program Files\SteelBytes\PortTunnel\PortTunnel.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(UltraVNC) C:\Program Files\UltraVNC\winvnc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
(UltraVNC) C:\Program Files\UltraVNC\winvnc.exe
(Microsoft Corporation) C:\Windows\System32\rdpclip.exe
() C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSYS] => C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe [36352 2014-01-24] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-09-22] (ESET)
HKLM Group Policy restriction on software: C:\Program Files\Panda Security <====== ATTENTION
Startup: C:\Users\vp1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
DPF: {336C9D79-263A-4D75-AA7C-60DAF945AE67} http://90.176.85.203:7000/classes/OvisLinkCamV_H264.cab
DPF: {87D48502-D1FF-4D25-B66C-9DA4F7CB2722} http://10.0.0.222/classes/CamV_H264.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\..\Interfaces\{4170E646-F686-42A3-8729-3D3B4192ADBF}: [NameServer] 10.1.20.20,10.1.2.10
FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
Chrome:
=======
CHR HomePage: Default ->
CHR CustomProfile: C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-09]
CHR Extension: (Dokumenty Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-09]
CHR Extension: (Disk Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-09]
CHR Extension: (YouTube) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-09]
CHR Extension: (Vyhledávání Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-09]
CHR Extension: (Tabulky Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-09]
CHR Extension: (Peněženka Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-09]
CHR Extension: (Gmail) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-09]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1350112 2014-09-16] (ESET)
R2 PortTunnel; C:\Program Files\SteelBytes\PortTunnel\PortTunnel.exe [592392 2010-07-14] (SteelBytes) [File not signed]
R3 TermService; C:\Windows\System32\termsrv.dll [543232 2010-04-16] (Microsoft Corporation) [File not signed]
R2 uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [1590216 2009-12-07] (UltraVNC)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1334784 2009-07-08] (Atheros Communications, Inc.) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-09-22] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-09-22] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2014-09-22] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2014-09-22] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51288 2014-09-22] (ESET)
S3 hipeer20; C:\Windows\System32\DRIVERS\remobo32.sys [26112 2009-04-22] (Windows (R) Codename Longhorn DDK provider)
S3 optousb; C:\Windows\System32\DRIVERS\optousb.sys [18432 2009-11-25] (OPTO ELECTRONICS CO.,LTD.)
S3 optovcm; C:\Windows\System32\DRIVERS\optovcm.sys [26368 2009-11-25] (OPTO ELECTRONICS CO.,LTD.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [602216 2013-03-13] (Realtek Semiconductor Corporation )
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2007-01-10] (Samsung Electronics) [File not signed]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-09 21:35 - 2014-10-09 21:35 - 00006593 _____ () C:\Users\vp2\Desktop\FRST.txt
2014-10-09 20:37 - 2014-10-09 20:37 - 00003930 _____ () C:\sken.txt
2014-10-09 20:31 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-10-09 20:30 - 2014-10-09 20:42 - 00000000 ____D () C:\AdwCleaner
2014-10-09 18:15 - 2014-10-09 18:15 - 00009728 _____ () C:\Users\pc1\Desktop\brigáda říjen 2014.xlt
2014-10-09 15:23 - 2014-10-09 15:23 - 02675968 _____ (TeamViewer GmbH) C:\Users\vp2\Desktop\vzdalena-pomoc.exe
2014-10-09 14:57 - 2014-10-09 14:57 - 00000000 ____D () C:\Users\vp2\temp
2014-10-09 12:26 - 2014-10-09 12:26 - 00000000 ____D () C:\Users\fili\AppData\Roaming\ESET
2014-10-09 12:26 - 2014-10-09 12:26 - 00000000 ____D () C:\Users\fili\AppData\Local\ESET
2014-10-09 11:57 - 2014-10-09 21:35 - 00000000 ____D () C:\FRST
2014-10-09 11:57 - 2014-10-09 11:57 - 01101312 _____ (Farbar) C:\Users\vp2\Desktop\FRST.exe
2014-10-09 11:49 - 2014-10-09 11:49 - 00000000 ____D () C:\Users\vp2\AppData\Roaming\ESET
2014-10-09 11:49 - 2014-10-09 11:49 - 00000000 ____D () C:\Users\vp2\AppData\Local\ESET
2014-10-09 11:49 - 2014-10-09 11:49 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\ESET
2014-10-09 11:49 - 2014-10-09 11:49 - 00000000 ____D () C:\Users\pc1\AppData\Local\ESET
2014-10-09 11:47 - 2014-10-09 12:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-09 11:46 - 2014-10-09 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-10-09 11:46 - 2014-10-09 11:46 - 00000000 ____D () C:\ProgramData\ESET
2014-10-09 11:46 - 2014-10-09 11:46 - 00000000 ____D () C:\Program Files\ESET
2014-10-09 11:46 - 2014-08-29 13:01 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-09 11:45 - 2009-10-10 04:57 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2014-10-09 11:43 - 2011-04-09 08:13 - 03957632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-10-09 11:43 - 2011-04-09 08:13 - 03901824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-09 11:43 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-10-09 11:43 - 2010-12-18 07:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-10-09 11:43 - 2010-10-16 06:36 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-10-09 11:43 - 2010-08-21 07:36 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-09 11:43 - 2010-06-22 04:47 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-10-09 11:43 - 2010-06-22 04:47 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-10-09 11:43 - 2010-06-22 04:47 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-10-09 11:43 - 2010-04-07 09:10 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-10-09 11:43 - 2010-02-27 09:32 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-10-09 11:43 - 2010-02-27 09:32 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-10-09 11:43 - 2010-02-27 09:32 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-10-09 11:43 - 2010-01-09 08:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-10-09 11:43 - 2009-12-29 08:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-09 11:43 - 2009-09-26 07:58 - 00194488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-10-09 11:38 - 2012-06-03 00:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-09 11:38 - 2012-06-03 00:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-09 11:38 - 2012-06-03 00:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-09 11:38 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-09 11:38 - 2012-06-03 00:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-09 11:37 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-09 11:37 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-09 11:37 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-09 11:37 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-09 11:35 - 2014-10-09 11:35 - 00000000 ____D () C:\Windows\pss
2014-10-09 11:33 - 2014-10-09 11:33 - 00068072 _____ () C:\Users\vp2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-06 17:13 - 2014-10-06 17:13 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\BzCrdSLe
2014-10-03 18:39 - 2014-10-03 18:39 - 00010240 _____ () C:\Users\pc1\Desktop\docházka říjen 2014.xlt
2014-10-02 10:30 - 2014-10-02 10:30 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\fXCAEONo
2014-09-24 11:09 - 2014-10-09 20:02 - 00013824 _____ () C:\Users\pc1\Desktop\tržba říjen 2014.xls
2014-09-22 08:20 - 2014-09-22 08:20 - 00191928 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2014-09-22 08:20 - 2014-09-22 08:20 - 00176448 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2014-09-22 08:20 - 2014-09-22 08:20 - 00135296 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2014-09-22 08:20 - 2014-09-22 08:20 - 00051288 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2014-09-22 08:20 - 2014-09-22 08:20 - 00037928 _____ (ESET) C:\Windows\system32\Drivers\EpfwLWF.sys
2014-09-20 09:02 - 2014-10-09 20:43 - 00000898 _____ () C:\Windows\PFRO.log
2014-09-17 14:41 - 2014-09-17 14:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-09-11 11:06 - 2014-09-11 11:09 - 00000000 ____D () C:\Users\pc1\Desktop\2014-09-11
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-09 21:26 - 2013-04-22 09:53 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-09 21:25 - 2014-05-06 10:14 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-09 20:50 - 2009-07-14 06:34 - 00014816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-09 20:50 - 2009-07-14 06:34 - 00014816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-09 20:47 - 2010-04-16 20:20 - 01445734 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-09 20:43 - 2014-09-08 01:00 - 00001294 _____ () C:\Windows\setupact.log
2014-10-09 20:43 - 2014-05-06 10:14 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-09 20:43 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-09 20:42 - 2010-04-17 02:17 - 01128400 _____ () C:\Windows\WindowsUpdate.log
2014-10-09 20:27 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-10-09 18:15 - 2010-04-28 20:01 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-10-09 15:24 - 2012-08-28 21:02 - 00000000 ____D () C:\Users\vp2\AppData\Roaming\TeamViewer
2014-10-09 14:57 - 2012-03-08 22:52 - 00000000 ____D () C:\Users\vp2
2014-10-09 11:50 - 2014-02-15 23:53 - 00000000 ___HD () C:\Users\pc1\AppData\Roaming\Java SE Platform Updater
2014-10-09 11:48 - 2014-07-01 09:32 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\AdobeChk
2014-10-08 04:31 - 2014-05-06 10:17 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-06 09:14 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-05 15:56 - 2012-03-08 22:52 - 00001397 _____ () C:\Users\vp2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-05 11:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-03 09:13 - 2012-05-04 16:45 - 00000000 ____D () C:\Users\pc1\Desktop\TRŽBY
2014-10-02 09:11 - 2012-05-04 16:44 - 00000000 ____D () C:\Users\pc1\Desktop\DOCHÁZKA
2014-09-30 09:11 - 2013-03-22 12:49 - 00000000 ____D () C:\Users\pc1\Desktop\faktury Fili
2014-09-24 15:26 - 2014-04-29 15:27 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-09-24 15:26 - 2013-04-22 09:53 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-24 15:26 - 2011-05-13 16:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-22 08:46 - 2010-04-16 20:53 - 00001417 _____ () C:\Users\vp1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-21 17:04 - 2014-08-27 13:52 - 00001397 _____ () C:\Users\fili\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-20 09:03 - 2010-04-16 20:20 - 00001417 _____ () C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-20 09:02 - 2010-04-17 03:08 - 00000000 ____D () C:\Windows\Panther
2014-09-15 09:06 - 2010-04-16 20:33 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\pc1\AppData\Local\Temp\svchost.exe
C:\Users\vp1\AppData\Local\Temp\CloudAntivirus.exe
C:\Users\vp2\AppData\Local\Temp\InstHelper.exe
C:\Users\vp2\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-06 00:42
==================== End Of Log ============================
Ran by vp2 (administrator) on KASA01 on 09-10-2014 21:35:38
Running from C:\Users\vp2\Desktop
Loaded Profile: vp2 (Available profiles: pc1 & vp1 & vp2 & fili)
Platform: Microsoft Windows 7 Professional (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(SteelBytes) C:\Program Files\SteelBytes\PortTunnel\PortTunnel.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(UltraVNC) C:\Program Files\UltraVNC\winvnc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
(UltraVNC) C:\Program Files\UltraVNC\winvnc.exe
(Microsoft Corporation) C:\Windows\System32\rdpclip.exe
() C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSYS] => C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe [36352 2014-01-24] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-09-22] (ESET)
HKLM Group Policy restriction on software: C:\Program Files\Panda Security <====== ATTENTION
Startup: C:\Users\vp1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
DPF: {336C9D79-263A-4D75-AA7C-60DAF945AE67} http://90.176.85.203:7000/classes/OvisLinkCamV_H264.cab
DPF: {87D48502-D1FF-4D25-B66C-9DA4F7CB2722} http://10.0.0.222/classes/CamV_H264.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\..\Interfaces\{4170E646-F686-42A3-8729-3D3B4192ADBF}: [NameServer] 10.1.20.20,10.1.2.10
FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
Chrome:
=======
CHR HomePage: Default ->
CHR CustomProfile: C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-09]
CHR Extension: (Dokumenty Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-09]
CHR Extension: (Disk Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-09]
CHR Extension: (YouTube) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-09]
CHR Extension: (Vyhledávání Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-09]
CHR Extension: (Tabulky Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-09]
CHR Extension: (Peněženka Google) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-09]
CHR Extension: (Gmail) - C:\Users\vp2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-09]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1350112 2014-09-16] (ESET)
R2 PortTunnel; C:\Program Files\SteelBytes\PortTunnel\PortTunnel.exe [592392 2010-07-14] (SteelBytes) [File not signed]
R3 TermService; C:\Windows\System32\termsrv.dll [543232 2010-04-16] (Microsoft Corporation) [File not signed]
R2 uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [1590216 2009-12-07] (UltraVNC)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1334784 2009-07-08] (Atheros Communications, Inc.) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-09-22] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-09-22] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2014-09-22] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2014-09-22] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51288 2014-09-22] (ESET)
S3 hipeer20; C:\Windows\System32\DRIVERS\remobo32.sys [26112 2009-04-22] (Windows (R) Codename Longhorn DDK provider)
S3 optousb; C:\Windows\System32\DRIVERS\optousb.sys [18432 2009-11-25] (OPTO ELECTRONICS CO.,LTD.)
S3 optovcm; C:\Windows\System32\DRIVERS\optovcm.sys [26368 2009-11-25] (OPTO ELECTRONICS CO.,LTD.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [602216 2013-03-13] (Realtek Semiconductor Corporation )
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2007-01-10] (Samsung Electronics) [File not signed]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-09 21:35 - 2014-10-09 21:35 - 00006593 _____ () C:\Users\vp2\Desktop\FRST.txt
2014-10-09 20:37 - 2014-10-09 20:37 - 00003930 _____ () C:\sken.txt
2014-10-09 20:31 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-10-09 20:30 - 2014-10-09 20:42 - 00000000 ____D () C:\AdwCleaner
2014-10-09 18:15 - 2014-10-09 18:15 - 00009728 _____ () C:\Users\pc1\Desktop\brigáda říjen 2014.xlt
2014-10-09 15:23 - 2014-10-09 15:23 - 02675968 _____ (TeamViewer GmbH) C:\Users\vp2\Desktop\vzdalena-pomoc.exe
2014-10-09 14:57 - 2014-10-09 14:57 - 00000000 ____D () C:\Users\vp2\temp
2014-10-09 12:26 - 2014-10-09 12:26 - 00000000 ____D () C:\Users\fili\AppData\Roaming\ESET
2014-10-09 12:26 - 2014-10-09 12:26 - 00000000 ____D () C:\Users\fili\AppData\Local\ESET
2014-10-09 11:57 - 2014-10-09 21:35 - 00000000 ____D () C:\FRST
2014-10-09 11:57 - 2014-10-09 11:57 - 01101312 _____ (Farbar) C:\Users\vp2\Desktop\FRST.exe
2014-10-09 11:49 - 2014-10-09 11:49 - 00000000 ____D () C:\Users\vp2\AppData\Roaming\ESET
2014-10-09 11:49 - 2014-10-09 11:49 - 00000000 ____D () C:\Users\vp2\AppData\Local\ESET
2014-10-09 11:49 - 2014-10-09 11:49 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\ESET
2014-10-09 11:49 - 2014-10-09 11:49 - 00000000 ____D () C:\Users\pc1\AppData\Local\ESET
2014-10-09 11:47 - 2014-10-09 12:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-09 11:46 - 2014-10-09 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-10-09 11:46 - 2014-10-09 11:46 - 00000000 ____D () C:\ProgramData\ESET
2014-10-09 11:46 - 2014-10-09 11:46 - 00000000 ____D () C:\Program Files\ESET
2014-10-09 11:46 - 2014-08-29 13:01 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-09 11:45 - 2009-10-10 04:57 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2014-10-09 11:43 - 2011-04-09 08:13 - 03957632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-10-09 11:43 - 2011-04-09 08:13 - 03901824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-09 11:43 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-10-09 11:43 - 2010-12-18 07:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-10-09 11:43 - 2010-10-16 06:36 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-10-09 11:43 - 2010-08-21 07:36 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-09 11:43 - 2010-06-22 04:47 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-10-09 11:43 - 2010-06-22 04:47 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-10-09 11:43 - 2010-06-22 04:47 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-10-09 11:43 - 2010-04-07 09:10 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-10-09 11:43 - 2010-02-27 09:32 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-10-09 11:43 - 2010-02-27 09:32 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-10-09 11:43 - 2010-02-27 09:32 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-10-09 11:43 - 2010-01-09 08:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-10-09 11:43 - 2009-12-29 08:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-09 11:43 - 2009-09-26 07:58 - 00194488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-10-09 11:38 - 2012-06-03 00:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-09 11:38 - 2012-06-03 00:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-09 11:38 - 2012-06-03 00:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-09 11:38 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-09 11:38 - 2012-06-03 00:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-09 11:37 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-09 11:37 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-09 11:37 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-09 11:37 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-09 11:35 - 2014-10-09 11:35 - 00000000 ____D () C:\Windows\pss
2014-10-09 11:33 - 2014-10-09 11:33 - 00068072 _____ () C:\Users\vp2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-06 17:13 - 2014-10-06 17:13 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\BzCrdSLe
2014-10-03 18:39 - 2014-10-03 18:39 - 00010240 _____ () C:\Users\pc1\Desktop\docházka říjen 2014.xlt
2014-10-02 10:30 - 2014-10-02 10:30 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\fXCAEONo
2014-09-24 11:09 - 2014-10-09 20:02 - 00013824 _____ () C:\Users\pc1\Desktop\tržba říjen 2014.xls
2014-09-22 08:20 - 2014-09-22 08:20 - 00191928 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2014-09-22 08:20 - 2014-09-22 08:20 - 00176448 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2014-09-22 08:20 - 2014-09-22 08:20 - 00135296 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2014-09-22 08:20 - 2014-09-22 08:20 - 00051288 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2014-09-22 08:20 - 2014-09-22 08:20 - 00037928 _____ (ESET) C:\Windows\system32\Drivers\EpfwLWF.sys
2014-09-20 09:02 - 2014-10-09 20:43 - 00000898 _____ () C:\Windows\PFRO.log
2014-09-17 14:41 - 2014-09-17 14:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-09-11 11:06 - 2014-09-11 11:09 - 00000000 ____D () C:\Users\pc1\Desktop\2014-09-11
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-09 21:26 - 2013-04-22 09:53 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-09 21:25 - 2014-05-06 10:14 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-09 20:50 - 2009-07-14 06:34 - 00014816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-09 20:50 - 2009-07-14 06:34 - 00014816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-09 20:47 - 2010-04-16 20:20 - 01445734 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-09 20:43 - 2014-09-08 01:00 - 00001294 _____ () C:\Windows\setupact.log
2014-10-09 20:43 - 2014-05-06 10:14 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-09 20:43 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-09 20:42 - 2010-04-17 02:17 - 01128400 _____ () C:\Windows\WindowsUpdate.log
2014-10-09 20:27 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-10-09 18:15 - 2010-04-28 20:01 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-10-09 15:24 - 2012-08-28 21:02 - 00000000 ____D () C:\Users\vp2\AppData\Roaming\TeamViewer
2014-10-09 14:57 - 2012-03-08 22:52 - 00000000 ____D () C:\Users\vp2
2014-10-09 11:50 - 2014-02-15 23:53 - 00000000 ___HD () C:\Users\pc1\AppData\Roaming\Java SE Platform Updater
2014-10-09 11:48 - 2014-07-01 09:32 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\AdobeChk
2014-10-08 04:31 - 2014-05-06 10:17 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-06 09:14 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-05 15:56 - 2012-03-08 22:52 - 00001397 _____ () C:\Users\vp2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-05 11:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-03 09:13 - 2012-05-04 16:45 - 00000000 ____D () C:\Users\pc1\Desktop\TRŽBY
2014-10-02 09:11 - 2012-05-04 16:44 - 00000000 ____D () C:\Users\pc1\Desktop\DOCHÁZKA
2014-09-30 09:11 - 2013-03-22 12:49 - 00000000 ____D () C:\Users\pc1\Desktop\faktury Fili
2014-09-24 15:26 - 2014-04-29 15:27 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-09-24 15:26 - 2013-04-22 09:53 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-24 15:26 - 2011-05-13 16:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-22 08:46 - 2010-04-16 20:53 - 00001417 _____ () C:\Users\vp1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-21 17:04 - 2014-08-27 13:52 - 00001397 _____ () C:\Users\fili\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-20 09:03 - 2010-04-16 20:20 - 00001417 _____ () C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-20 09:02 - 2010-04-17 03:08 - 00000000 ____D () C:\Windows\Panther
2014-09-15 09:06 - 2010-04-16 20:33 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\pc1\AppData\Local\Temp\svchost.exe
C:\Users\vp1\AppData\Local\Temp\CloudAntivirus.exe
C:\Users\vp2\AppData\Local\Temp\InstHelper.exe
C:\Users\vp2\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-06 00:42
==================== End Of Log ============================
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc - zpomalení počítače, chybové hlášky
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\pc1\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o pomoc - zpomalení počítače, chybové hlášky
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-10-2014 01
Ran by vp2 at 2014-10-09 21:47:11 Run:1
Running from C:\Users\vp2\Desktop
Loaded Profile: vp2 (Available profiles: pc1 & vp1 & vp2 & fili)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\pc1\AppData\Local\Temp
End
*****************
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Users\pc1\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====
Ran by vp2 at 2014-10-09 21:47:11 Run:1
Running from C:\Users\vp2\Desktop
Loaded Profile: vp2 (Available profiles: pc1 & vp1 & vp2 & fili)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\pc1\AppData\Local\Temp
End
*****************
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Users\pc1\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc - zpomalení počítače, chybové hlášky
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o pomoc - zpomalení počítače, chybové hlášky
Děkuji. Systém se celkově zrychlil, v procesech to vypadá dobře - vytížení procesoru v klidovém stav 0-3%.
Večer vyzkouším ještě restart a nabíhání hlášky o ukončení správce úloh z důvodu že přestal pracovat.
Večer vyzkouším ještě restart a nabíhání hlášky o ukončení správce úloh z důvodu že přestal pracovat.
Re: Prosím o pomoc - zpomalení počítače, chybové hlášky
Systém zdá se vyčištěn, ale při přihlášení uživatele se vžy objeví chybová hláška viz příloha. Po odkliknutí systém normálně pracuje.
- Přílohy
-
- chybka-pri-startu.jpg (34.14 KiB) Zobrazeno 2070 x
Re: Prosím o pomoc - zpomalení počítače, chybové hlášky
šlo by s tím něco udělat?
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc - zpomalení počítače, chybové hlášky
Něco asi po té nákaze zbylo v registry. Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o pomoc - zpomalení počítače, chybové hlášky
Logfile of random's system information tool 1.10 (written by random/random)
Run by vp2 at 2014-10-12 14:03:10
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 169 GB (85%) free of 200 GB
Total RAM: 2037 MB (24% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:03:12, on 12.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16561)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\rdpclip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Programy\Sklad\sklad.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\OpenOffice.org 3\program\scalc.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\vp2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9LFMPOP3\RSIT.exe
C:\Program Files\trend micro\vp2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [MSYS] C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1968554069-1297930875-3543694926-1000\..\Run: [MSYS] C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe (User 'pc1')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {336C9D79-263A-4D75-AA7C-60DAF945AE67} (OvisLink IPCamera Control) - http://90.176.85.203:7000/classes/OvisLinkCamV_H264.cab
O16 - DPF: {87D48502-D1FF-4D25-B66C-9DA4F7CB2722} (IPCamera Control) - http://10.0.0.222/classes/CamV_H264.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4170E646-F686-42A3-8729-3D3B4192ADBF}: NameServer = 10.1.20.20,10.1.2.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{4170E646-F686-42A3-8729-3D3B4192ADBF}: NameServer = 10.1.20.20,10.1.2.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{4170E646-F686-42A3-8729-3D3B4192ADBF}: NameServer = 10.1.20.20,10.1.2.10
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: PortTunnel - Unknown owner - C:\Program Files\SteelBytes\PortTunnel\PortTunnel.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe
--
End of file - 5216 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSYS"=C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe [2014-01-24 36352]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-09-22 5088456]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\Sidebar.exe [2010-11-20 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^vp2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-02-16 384512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-10-12 13:58:28 ----D---- C:\Program Files\trend micro
2014-10-12 13:58:27 ----D---- C:\rsit
2014-10-10 13:46:05 ----A---- C:\Windows\system32\termsrv.dll.7601.1130.bak
2014-10-10 13:45:00 ----D---- C:\Win7RDP
2014-10-10 08:31:56 ----D---- C:\Windows\system32\Lang
2014-10-10 08:31:56 ----A---- C:\Windows\system32\TVWizudlg.exe
2014-10-10 08:31:56 ----A---- C:\Windows\system32\igfxtvcx.dll
2014-10-10 08:31:54 ----D---- C:\Program Files\Intel
2014-10-09 23:09:30 ----D---- C:\Windows\system32\x64
2014-10-09 23:09:30 ----A---- C:\Windows\system32\igxpun.exe
2014-10-09 23:03:13 ----D---- C:\Windows\system32\SPReview
2014-10-09 23:01:42 ----D---- C:\Windows\system32\EventProviders
2014-10-09 23:01:12 ----A---- C:\Windows\system32\browserchoice.exe
2014-10-09 22:54:55 ----A---- C:\Windows\system32\dfshim.dll
2014-10-09 22:54:51 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-09 22:54:51 ----A---- C:\Windows\system32\mstscax.dll
2014-10-09 22:54:51 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-10-09 22:54:48 ----A---- C:\Windows\system32\mfc40u.dll
2014-10-09 22:54:48 ----A---- C:\Windows\system32\mfc40.dll
2014-10-09 22:54:48 ----A---- C:\Windows\system32\d3d10warp.dll
2014-10-09 22:54:47 ----A---- C:\Windows\system32\XpsPrint.dll
2014-10-09 22:54:47 ----A---- C:\Windows\system32\sysmain.dll
2014-10-09 22:54:46 ----A---- C:\Windows\system32\shell32.dll
2014-10-09 22:54:46 ----A---- C:\Windows\system32\secproc_isv.dll
2014-10-09 22:54:46 ----A---- C:\Windows\system32\d2d1.dll
2014-10-09 22:54:45 ----A---- C:\Windows\system32\secproc.dll
2014-10-09 22:54:45 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-10-09 22:54:44 ----A---- C:\Windows\system32\RMActivate.exe
2014-10-09 22:54:43 ----A---- C:\Windows\system32\spwizui.dll
2014-10-09 22:54:43 ----A---- C:\Windows\system32\mscoree.dll
2014-10-09 22:54:42 ----A---- C:\Windows\system32\mf.dll
2014-10-09 22:54:42 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-10-09 22:54:41 ----A---- C:\Windows\system32\wmp.dll
2014-10-09 22:54:41 ----A---- C:\Windows\system32\mssrch.dll
2014-10-09 22:54:41 ----A---- C:\Windows\system32\CertEnroll.dll
2014-10-09 22:54:40 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-10-09 22:54:40 ----A---- C:\Windows\system32\PresentationHost.exe
2014-10-09 22:54:40 ----A---- C:\Windows\system32\esent.dll
2014-10-09 22:54:40 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-10-09 22:54:40 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2014-10-09 22:54:39 ----A---- C:\Windows\system32\tquery.dll
2014-10-09 22:54:39 ----A---- C:\Windows\system32\schedsvc.dll
2014-10-09 22:54:39 ----A---- C:\Windows\system32\RacEngn.dll
2014-10-09 22:54:38 ----A---- C:\Windows\system32\ntdll.dll
2014-10-09 22:54:38 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2014-10-09 22:54:37 ----A---- C:\Windows\system32\win32k.sys
2014-10-09 22:54:37 ----A---- C:\Windows\system32\rdpdd.dll
2014-10-09 22:54:37 ----A---- C:\Windows\system32\qmgr.dll
2014-10-09 22:54:36 ----A---- C:\Windows\system32\wevtsvc.dll
2014-10-09 22:54:36 ----A---- C:\Windows\system32\ole32.dll
2014-10-09 22:54:36 ----A---- C:\Windows\system32\ExplorerFrame.dll
2014-10-09 22:54:35 ----A---- C:\Windows\system32\vssapi.dll
2014-10-09 22:54:35 ----A---- C:\Windows\system32\SearchFolder.dll
2014-10-09 22:54:35 ----A---- C:\Windows\system32\DWrite.dll
2014-10-09 22:54:35 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-10-09 22:54:35 ----A---- C:\Windows\system32\d3d9.dll
2014-10-09 22:54:35 ----A---- C:\Windows\system32\CPFilters.dll
2014-10-09 22:54:34 ----A---- C:\Windows\system32\taskschd.dll
2014-10-09 22:54:34 ----A---- C:\Windows\system32\kernel32.dll
2014-10-09 22:54:34 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-10-09 22:54:34 ----A---- C:\Windows\system32\crypt32.dll
2014-10-09 22:54:34 ----A---- C:\Windows\explorer.exe
2014-10-09 22:54:33 ----A---- C:\Windows\system32\spreview.exe
2014-10-09 22:54:33 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2014-10-09 22:54:33 ----A---- C:\Windows\system32\mstsc.exe
2014-10-09 22:54:33 ----A---- C:\Windows\system32\FntCache.dll
2014-10-09 22:54:33 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-10-09 22:54:32 ----A---- C:\Windows\system32\wer.dll
2014-10-09 22:54:32 ----A---- C:\Windows\system32\termsrv.dll
2014-10-09 22:54:32 ----A---- C:\Windows\system32\spinstall.exe
2014-10-09 22:54:32 ----A---- C:\Windows\system32\rpcrt4.dll
2014-10-09 22:54:32 ----A---- C:\Windows\system32\msxml6.dll
2014-10-09 22:54:32 ----A---- C:\Windows\system32\lsasrv.dll
2014-10-09 22:54:32 ----A---- C:\Windows\system32\gpsvc.dll
2014-10-09 22:54:32 ----A---- C:\Windows\system32\certcli.dll
2014-10-09 22:54:31 ----A---- C:\Windows\system32\wbengine.exe
2014-10-09 22:54:31 ----A---- C:\Windows\system32\odbc32.dll
2014-10-09 22:54:31 ----A---- C:\Windows\system32\MPSSVC.dll
2014-10-09 22:54:31 ----A---- C:\Windows\system32\dwmcore.dll
2014-10-09 22:54:31 ----A---- C:\Windows\system32\diagperf.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\WinSAT.exe
2014-10-09 22:54:30 ----A---- C:\Windows\system32\umrdp.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\tsmf.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\scavengeui.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\quartz.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\localspl.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-10-09 22:54:30 ----A---- C:\Windows\system32\dot3api.dll
2014-10-09 22:54:29 ----A---- C:\Windows\system32\winhttp.dll
2014-10-09 22:54:29 ----A---- C:\Windows\system32\setupapi.dll
2014-10-09 22:54:29 ----A---- C:\Windows\system32\MSVidCtl.dll
2014-10-09 22:54:29 ----A---- C:\Windows\system32\drivers\nvstor.sys
2014-10-09 22:54:29 ----A---- C:\Windows\system32\apphelp.dll
2014-10-09 22:54:28 ----A---- C:\Windows\system32\winlogon.exe
2014-10-09 22:54:28 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-10-09 22:54:28 ----A---- C:\Windows\system32\VSSVC.exe
2014-10-09 22:54:28 ----A---- C:\Windows\system32\user32.dll
2014-10-09 22:54:28 ----A---- C:\Windows\system32\netlogon.dll
2014-10-09 22:54:28 ----A---- C:\Windows\system32\netcfgx.dll
2014-10-09 22:54:28 ----A---- C:\Windows\system32\dbgeng.dll
2014-10-09 22:54:28 ----A---- C:\Windows\system32\d3d11.dll
2014-10-09 22:54:27 ----A---- C:\Windows\system32\WsmSvc.dll
2014-10-09 22:54:27 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-10-09 22:54:27 ----A---- C:\Windows\system32\webio.dll
2014-10-09 22:54:27 ----A---- C:\Windows\system32\Query.dll
2014-10-09 22:54:27 ----A---- C:\Windows\system32\gpprefcl.dll
2014-10-09 22:54:27 ----A---- C:\Windows\system32\drivers\srv.sys
2014-10-09 22:54:27 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-09 22:54:27 ----A---- C:\Windows\system32\advapi32.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\upnp.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\schannel.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\netfxperf.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\msv1_0.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\msdrm.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\mmcndmgr.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\lsm.exe
2014-10-09 22:54:26 ----A---- C:\Windows\system32\imapi2fs.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-10-09 22:54:26 ----A---- C:\Windows\system32\drivers\nvraid.sys
2014-10-09 22:54:26 ----A---- C:\Windows\system32\drivers\csc.sys
2014-10-09 22:54:25 ----A---- C:\Windows\system32\usp10.dll
2014-10-09 22:54:25 ----A---- C:\Windows\system32\sppobjs.dll
2014-10-09 22:54:25 ----A---- C:\Windows\system32\shlwapi.dll
2014-10-09 22:54:25 ----A---- C:\Windows\system32\SessEnv.dll
2014-10-09 22:54:25 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2014-10-09 22:54:25 ----A---- C:\Windows\system32\mcbuilder.exe
2014-10-09 22:54:25 ----A---- C:\Windows\system32\KernelBase.dll
2014-10-09 22:54:25 ----A---- C:\Windows\system32\authui.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\xpsservices.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\winload.exe
2014-10-09 22:54:24 ----A---- C:\Windows\system32\WebClnt.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\userenv.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\umpnpmgr.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\drvstore.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\comdlg32.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\certmgr.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-09 22:54:23 ----A---- C:\Windows\system32\win32spl.dll
2014-10-09 22:54:23 ----A---- C:\Windows\system32\sppwinob.dll
2014-10-09 22:54:23 ----A---- C:\Windows\system32\rpcss.dll
2014-10-09 22:54:23 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-10-09 22:54:23 ----A---- C:\Windows\system32\framedynos.dll
2014-10-09 22:54:23 ----A---- C:\Windows\system32\dnsapi.dll
2014-10-09 22:54:23 ----A---- C:\Windows\system32\cmd.exe
2014-10-09 22:54:23 ----A---- C:\Windows\system32\BFE.DLL
2014-10-09 22:54:22 ----A---- C:\Windows\system32\wmicmiplugin.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\Wldap32.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\winresume.exe
2014-10-09 22:54:22 ----A---- C:\Windows\system32\samsrv.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\rdpendp.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\propsys.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\profsvc.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\nlasvc.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\mfds.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-10-09 22:54:22 ----A---- C:\Windows\system32\drivers\netio.sys
2014-10-09 22:54:22 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-10-09 22:54:22 ----A---- C:\Windows\system32\cscsvc.dll
2014-10-09 22:54:21 ----A---- C:\Windows\system32\werconcpl.dll
2014-10-09 22:54:21 ----A---- C:\Windows\system32\rdpclip.exe
2014-10-09 22:54:21 ----A---- C:\Windows\system32\ncsi.dll
2014-10-09 22:54:21 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2014-10-09 22:54:21 ----A---- C:\Windows\system32\azroles.dll
2014-10-09 22:54:21 ----A---- C:\Windows\system32\appmgr.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\wintrust.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\themeui.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\taskeng.exe
2014-10-09 22:54:20 ----A---- C:\Windows\system32\taskcomp.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\spp.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\msxml3.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\mswsock.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\mfreadwrite.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\inetcomm.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\dxgi.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\drivers\storport.sys
2014-10-09 22:54:20 ----A---- C:\Windows\system32\drivers\http.sys
2014-10-09 22:54:20 ----A---- C:\Windows\system32\dhcpcore.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\dbghelp.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\credui.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\basecsp.dll
2014-10-09 22:54:19 ----A---- C:\Windows\system32\evr.dll
2014-10-09 22:54:19 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2014-10-09 22:54:18 ----A---- C:\Windows\system32\WinSATAPI.dll
2014-10-09 22:54:18 ----A---- C:\Windows\system32\sqlsrv32.dll
2014-10-09 22:54:18 ----A---- C:\Windows\system32\spoolsv.exe
2014-10-09 22:54:18 ----A---- C:\Windows\system32\QAGENTRT.DLL
2014-10-09 22:54:18 ----A---- C:\Windows\system32\gdi32.dll
2014-10-09 22:54:18 ----A---- C:\Windows\system32\EncDec.dll
2014-10-09 22:54:18 ----A---- C:\Windows\system32\drivers\amdsata.sys
2014-10-09 22:54:18 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2014-10-09 22:54:18 ----A---- C:\Windows\system32\calc.exe
2014-10-09 22:54:17 ----A---- C:\Windows\system32\vpnike.dll
2014-10-09 22:54:17 ----A---- C:\Windows\system32\UIRibbon.dll
2014-10-09 22:54:17 ----A---- C:\Windows\system32\sxs.dll
2014-10-09 22:54:17 ----A---- C:\Windows\system32\srvsvc.dll
2014-10-09 22:54:17 ----A---- C:\Windows\system32\lpksetup.exe
2014-10-09 22:54:17 ----A---- C:\Windows\system32\fveapi.dll
2014-10-09 22:54:17 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\ws2_32.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\stobject.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\prncache.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\printui.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\netshell.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\msi.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\inetpp.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\hgprint.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\drivers\rdbss.sys
2014-10-09 22:54:16 ----A---- C:\Windows\system32\drivers\msdsm.sys
2014-10-09 22:54:16 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-10-09 22:54:16 ----A---- C:\Windows\system32\dps.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\comctl32.dll
2014-10-09 22:54:15 ----A---- C:\Windows\system32\WSDApi.dll
2014-10-09 22:54:15 ----A---- C:\Windows\system32\wmpeffects.dll
2014-10-09 22:54:15 ----A---- C:\Windows\system32\rpchttp.dll
2014-10-09 22:54:15 ----A---- C:\Windows\system32\net1.exe
2014-10-09 22:54:15 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-10-09 22:54:15 ----A---- C:\Windows\system32\ci.dll
2014-10-09 22:54:14 ----A---- C:\Windows\system32\vds.exe
2014-10-09 22:54:14 ----A---- C:\Windows\system32\scansetting.dll
2014-10-09 22:54:14 ----A---- C:\Windows\system32\MMDevAPI.dll
2014-10-09 22:54:14 ----A---- C:\Windows\system32\mfc42u.dll
2014-10-09 22:54:14 ----A---- C:\Windows\system32\FXSSVC.exe
2014-10-09 22:54:14 ----A---- C:\Windows\system32\drivers\vmbus.sys
2014-10-09 22:54:14 ----A---- C:\Windows\system32\drivers\pci.sys
2014-10-09 22:54:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-10-09 22:54:14 ----A---- C:\Windows\system32\davclnt.dll
2014-10-09 22:54:14 ----A---- C:\Windows\system32\cdd.dll
2014-10-09 22:54:14 ----A---- C:\Windows\system32\aitagent.exe
2014-10-09 22:54:14 ----A---- C:\Windows\system32\aepdu.dll
2014-10-09 22:54:13 ----A---- C:\Windows\system32\wpdshext.dll
2014-10-09 22:54:13 ----A---- C:\Windows\system32\WMVCORE.DLL
2014-10-09 22:54:13 ----A---- C:\Windows\system32\wlangpui.dll
2014-10-09 22:54:13 ----A---- C:\Windows\system32\t2embed.dll
2014-10-09 22:54:13 ----A---- C:\Windows\system32\QSHVHOST.DLL
2014-10-09 22:54:13 ----A---- C:\Windows\system32\pnidui.dll
2014-10-09 22:54:13 ----A---- C:\Windows\system32\IPSECSVC.DLL
2014-10-09 22:54:13 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-10-09 22:54:13 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-10-09 22:54:13 ----A---- C:\Windows\system32\consent.exe
2014-10-09 22:54:13 ----A---- C:\Windows\system32\aaclient.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\wscapi.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\webservices.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\vmicsvc.exe
2014-10-09 22:54:12 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\tscfgwmi.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\SyncCenter.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\sdengin2.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\scrptadm.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\netdiagfx.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\fde.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\drivers\termdd.sys
2014-10-09 22:54:12 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2014-10-09 22:54:12 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2014-10-09 22:54:12 ----A---- C:\Windows\system32\drivers\amdxata.sys
2014-10-09 22:54:11 ----A---- C:\Windows\system32\wisptis.exe
2014-10-09 22:54:11 ----A---- C:\Windows\system32\WinSCard.dll
2014-10-09 22:54:11 ----A---- C:\Windows\system32\WFS.exe
2014-10-09 22:54:11 ----A---- C:\Windows\system32\pla.dll
2014-10-09 22:54:11 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2014-10-09 22:54:11 ----A---- C:\Windows\system32\msasn1.dll
2014-10-09 22:54:11 ----A---- C:\Windows\system32\mcmde.dll
2014-10-09 22:54:11 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2014-10-09 22:54:11 ----A---- C:\Windows\system32\cscobj.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\winsta.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\wiaservc.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\setupcl.exe
2014-10-09 22:54:10 ----A---- C:\Windows\system32\rdpcore.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\ntshrui.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\imapi2.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\gameux.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\drivers\msahci.sys
2014-10-09 22:54:10 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-10-09 22:54:10 ----A---- C:\Windows\system32\conhost.exe
2014-10-09 22:54:10 ----A---- C:\Windows\system32\aeinv.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\WMPEncEn.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\winmm.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\shsvcs.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\rasmans.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\onex.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\mssvp.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\dwmredir.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\drivers\udfs.sys
2014-10-09 22:54:09 ----A---- C:\Windows\system32\drivers\acpi.sys
2014-10-09 22:54:08 ----A---- C:\Windows\system32\vaultsvc.dll
2014-10-09 22:54:08 ----A---- C:\Windows\system32\TabSvc.dll
2014-10-09 22:54:08 ----A---- C:\Windows\system32\samcli.dll
2014-10-09 22:54:08 ----A---- C:\Windows\system32\proquota.exe
2014-10-09 22:54:08 ----A---- C:\Windows\system32\netiohlp.dll
2014-10-09 22:54:08 ----A---- C:\Windows\system32\Narrator.exe
2014-10-09 22:54:08 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2014-10-09 22:54:08 ----A---- C:\Windows\system32\hbaapi.dll
2014-10-09 22:54:08 ----A---- C:\Windows\system32\bootres.dll
2014-10-09 22:54:08 ----A---- C:\Windows\system32\autochk.exe
2014-10-09 22:54:08 ----A---- C:\Windows\system32\autofmt.exe
2014-10-09 22:54:08 ----A---- C:\Windows\system32\audiodg.exe
2014-10-09 22:54:07 ----A---- C:\Windows\system32\thumbcache.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\tcpipcfg.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\srchadmin.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\schtasks.exe
2014-10-09 22:54:07 ----A---- C:\Windows\system32\sbe.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\regapi.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\powercpl.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\msutb.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\msinfo32.exe
2014-10-09 22:54:07 ----A---- C:\Windows\system32\mimefilt.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\ipsmsnap.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\halmacpi.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\hal.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\drivers\winusb.sys
2014-10-09 22:54:07 ----A---- C:\Windows\system32\autoconv.exe
2014-10-09 22:54:07 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\wcncsvc.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\sspicli.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\QAGENT.DLL
2014-10-09 22:54:06 ----A---- C:\Windows\system32\netid.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\msihnd.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\mscorier.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\FXSCOVER.exe
2014-10-09 22:54:06 ----A---- C:\Windows\system32\framedyn.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\eapphost.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\drivers\volmgr.sys
2014-10-09 22:54:06 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-10-09 22:54:06 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-10-09 22:54:06 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-10-09 22:54:06 ----A---- C:\Windows\system32\drivers\netbt.sys
2014-10-09 22:54:06 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2014-10-09 22:54:05 ----A---- C:\Windows\system32\wdc.dll
2014-10-09 22:54:05 ----A---- C:\Windows\system32\umpo.dll
2014-10-09 22:54:05 ----A---- C:\Windows\system32\StructuredQuery.dll
2014-10-09 22:54:05 ----A---- C:\Windows\system32\DXP.dll
2014-10-09 22:54:05 ----A---- C:\Windows\system32\actxprxy.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\WMNetMgr.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\wlanpref.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\Vault.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\untfs.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\sppsvc.exe
2014-10-09 22:54:04 ----A---- C:\Windows\system32\sdclt.exe
2014-10-09 22:54:04 ----A---- C:\Windows\system32\scesrv.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\RpcRtRemote.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\rastls.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\oleaut32.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\nci.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\ListSvc.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\drivers\ataport.sys
2014-10-09 22:54:03 ----A---- C:\Windows\system32\taskmgr.exe
2014-10-09 22:54:03 ----A---- C:\Windows\system32\Robocopy.exe
2014-10-09 22:54:03 ----A---- C:\Windows\system32\mtxclu.dll
2014-10-09 22:54:03 ----A---- C:\Windows\system32\DxpTaskSync.dll
2014-10-09 22:54:03 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-10-09 22:54:03 ----A---- C:\Windows\system32\Display.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\XpsRasterService.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\userinit.exe
2014-10-09 22:54:02 ----A---- C:\Windows\system32\termmgr.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\sharemediacpl.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\puiobj.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\mssphtb.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\msdri.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\eudcedit.exe
2014-10-09 22:54:02 ----A---- C:\Windows\system32\drivers\winhv.sys
2014-10-09 22:54:02 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-10-09 22:54:02 ----A---- C:\Windows\system32\drivers\scsiport.sys
2014-10-09 22:54:02 ----A---- C:\Windows\system32\drivers\mpio.sys
2014-10-09 22:54:02 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2014-10-09 22:54:02 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2014-10-09 22:54:02 ----A---- C:\Windows\system32\DiagCpl.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\cscui.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\atmfd.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\wiadefui.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\sppcomapi.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\shsetup.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\rasppp.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\msdtctm.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\msconfig.exe
2014-10-09 22:54:01 ----A---- C:\Windows\system32\logoncli.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\drivers\vmstorfl.sys
2014-10-09 22:54:01 ----A---- C:\Windows\system32\cabview.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\biocpl.dll
2014-10-09 22:54:00 ----A---- C:\Windows\system32\wpccpl.dll
2014-10-09 22:54:00 ----A---- C:\Windows\system32\themecpl.dll
2014-10-09 22:54:00 ----A---- C:\Windows\system32\SensorsCpl.dll
2014-10-09 22:54:00 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-10-09 22:54:00 ----A---- C:\Windows\system32\drivers\storvsc.sys
2014-10-09 22:54:00 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2014-10-09 22:54:00 ----A---- C:\Windows\system32\dnscmmc.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\winsrv.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\tapisrv.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\scecli.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2014-10-09 22:53:59 ----A---- C:\Windows\system32\mscories.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\mscms.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\mprddm.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\localsec.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\hgcpl.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\fontext.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-10-09 22:53:58 ----A---- C:\Windows\system32\wlanui.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\wkssvc.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\VAN.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\usercpl.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\srcore.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\SndVolSSO.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\SndVol.exe
2014-10-09 22:53:58 ----A---- C:\Windows\system32\qedit.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\qdvd.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\prntvpt.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\netcenter.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\mblctr.exe
2014-10-09 22:53:58 ----A---- C:\Windows\system32\KMSVC.DLL
2014-10-09 22:53:58 ----A---- C:\Windows\system32\iasacct.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-10-09 22:53:58 ----A---- C:\Windows\system32\bcdsrv.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\batmeter.dll
2014-10-09 22:53:57 ----A---- C:\Windows\system32\zipfldr.dll
2014-10-09 22:53:57 ----A---- C:\Windows\system32\wpdbusenum.dll
2014-10-09 22:53:57 ----A---- C:\Windows\system32\wksprt.exe
2014-10-09 22:53:57 ----A---- C:\Windows\system32\w32tm.exe
2014-10-09 22:53:57 ----A---- C:\Windows\system32\spwizeng.dll
2014-10-09 22:53:57 ----A---- C:\Windows\system32\fdeploy.dll
2014-10-09 22:53:57 ----A---- C:\Windows\system32\drivers\ks.sys
2014-10-09 22:53:57 ----A---- C:\Windows\system32\drivers\afd.sys
2014-10-09 22:53:57 ----A---- C:\Windows\system32\azroleui.dll
2014-10-09 22:53:57 ----A---- C:\Windows\system32\accessibilitycpl.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\wusa.exe
2014-10-09 22:53:56 ----A---- C:\Windows\system32\networkmap.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\netjoin.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\mspbda.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2014-10-09 22:53:56 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\Faultrep.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\cryptui.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\cfgmgr32.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\adsldp.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\taskhost.exe
2014-10-09 22:53:55 ----A---- C:\Windows\system32\taskbarcpl.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\sud.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\slui.exe
2014-10-09 22:53:55 ----A---- C:\Windows\system32\prnfldr.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\photowiz.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\msieftp.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\iprtrmgr.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\iasrad.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\credssp.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\ActionCenter.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\wpd_ci.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\sisbkup.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\shwebsvc.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\recovery.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\odbcjt32.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\ifsutil.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\halacpi.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\ftp.exe
2014-10-09 22:53:54 ----A---- C:\Windows\system32\efscore.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-10-09 22:53:54 ----A---- C:\Windows\system32\dot3cfg.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\wmpmde.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\syncui.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\sppnp.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\sdcpl.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\rdpwsx.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\ntlanman.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\dskquoui.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\DeviceCenter.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\bcdedit.exe
2014-10-09 22:53:53 ----A---- C:\Windows\system32\autoplay.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\vdsutil.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\systemcpl.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\sethc.exe
2014-10-09 22:53:52 ----A---- C:\Windows\system32\rtutils.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\rstrui.exe
2014-10-09 22:53:52 ----A---- C:\Windows\system32\riched20.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\recdisc.exe
2014-10-09 22:53:52 ----A---- C:\Windows\system32\OobeFldr.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\ntprint.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\nshwfp.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-10-09 22:53:52 ----A---- C:\Windows\system32\blackbox.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\bcdboot.exe
2014-10-09 22:53:52 ----A---- C:\Windows\system32\AxInstSv.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\wmpsrcwp.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\netplwiz.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\NAPHLPR.DLL
2014-10-09 22:53:51 ----A---- C:\Windows\system32\migisol.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\httpapi.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\fms.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-09 22:53:51 ----A---- C:\Windows\system32\dpx.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\dot3svc.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\cdosys.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\activeds.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\wvc.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\wtsapi32.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\wsqmcons.exe
2014-10-09 22:53:50 ----A---- C:\Windows\system32\wlanmsm.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\wavemsp.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\tzutil.exe
2014-10-09 22:53:50 ----A---- C:\Windows\system32\sysclass.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\ReAgent.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\provsvc.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\ocsetup.exe
2014-10-09 22:53:50 ----A---- C:\Windows\system32\nshipsec.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\nlaapi.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\msftedit.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\isoburn.exe
2014-10-09 22:53:50 ----A---- C:\Windows\system32\dsuiext.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2014-10-09 22:53:50 ----A---- C:\Windows\system32\dot3ui.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\dfrgui.exe
2014-10-09 22:53:50 ----A---- C:\Windows\system32\asycfilt.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\appinfo.dll
2014-10-09 22:53:49 ----A---- C:\Windows\twain_32.dll
2014-10-09 22:53:49 ----A---- C:\Windows\system32\wimgapi.dll
2014-10-09 22:53:49 ----A---- C:\Windows\system32\twext.dll
2014-10-09 22:53:49 ----A---- C:\Windows\system32\shdocvw.dll
2014-10-09 22:53:49 ----A---- C:\Windows\system32\setupugc.exe
2014-10-09 22:53:49 ----A---- C:\Windows\system32\qcap.dll
2014-10-09 22:53:49 ----A---- C:\Windows\system32\PkgMgr.exe
2014-10-09 22:53:49 ----A---- C:\Windows\system32\mstask.dll
2014-10-09 22:53:49 ----A---- C:\Windows\system32\certprop.dll
2014-10-09 22:53:49 ----A---- C:\Windows\system32\AdmTmpl.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\wwanconn.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\uxlib.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\ssText3d.scr
2014-10-09 22:53:48 ----A---- C:\Windows\system32\srrstr.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\SmiEngine.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\slwga.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\qasf.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\PresentationSettings.exe
2014-10-09 22:53:48 ----A---- C:\Windows\system32\msvfw32.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\imm32.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\wimserv.exe
2014-10-09 22:53:47 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\nslookup.exe
2014-10-09 22:53:47 ----A---- C:\Windows\system32\msscp.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\mciavi32.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\diskraid.exe
2014-10-09 22:53:47 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\clusapi.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\audiodev.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\wmpdxm.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-10-09 22:53:46 ----A---- C:\Windows\system32\vpnikeapi.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\sdrsvc.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\remotepg.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\rdpencom.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\raschap.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\QUTIL.DLL
2014-10-09 22:53:46 ----A---- C:\Windows\system32\perfmon.exe
2014-10-09 22:53:46 ----A---- C:\Windows\system32\olepro32.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\odbccp32.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\ocsetapi.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\nltest.exe
2014-10-09 22:53:46 ----A---- C:\Windows\system32\networkexplorer.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2014-10-09 22:53:46 ----A---- C:\Windows\system32\input.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\fontsub.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\browser.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\acppage.dll
2014-10-09 22:53:45 ----A---- C:\Windows\system32\wpdwcn.dll
2014-10-09 22:53:45 ----A---- C:\Windows\system32\vdsbas.dll
2014-10-09 22:53:45 ----A---- C:\Windows\system32\sspisrv.dll
2014-10-09 22:53:45 ----A---- C:\Windows\system32\runonce.exe
2014-10-09 22:53:45 ----A---- C:\Windows\system32\onexui.dll
2014-10-09 22:53:45 ----A---- C:\Windows\system32\Mcx2Svc.dll
2014-10-09 22:53:45 ----A---- C:\Windows\system32\logagent.exe
2014-10-09 22:53:45 ----A---- C:\Windows\system32\iTVData.dll
2014-10-09 22:53:45 ----A---- C:\Windows\system32\dxdiagn.dll
2014-10-09 22:53:45 ----A---- C:\Windows\bfsvc.exe
2014-10-09 22:53:44 ----A---- C:\Windows\system32\wmpshell.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\wmdrmdev.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\shacct.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\PnPUnattend.exe
2014-10-09 22:53:44 ----A---- C:\Windows\system32\msvidc32.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\msiexec.exe
2014-10-09 22:53:44 ----A---- C:\Windows\system32\MFPlay.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\lsmproxy.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\eapp3hst.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\drivers\rmcast.sys
2014-10-09 22:53:44 ----A---- C:\Windows\system32\d3d10level9.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\bitsadmin.exe
2014-10-09 22:53:43 ----A---- C:\Windows\system32\WPDSp.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\unimdmat.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\tabcal.exe
2014-10-09 22:53:43 ----A---- C:\Windows\system32\srvcli.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\sqlcese30.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\rdpd3d.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\pdh.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\OpcServices.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\ncryptui.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\mprapi.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\logman.exe
2014-10-09 22:53:43 ----A---- C:\Windows\system32\iscsium.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-10-09 22:53:43 ----A---- C:\Windows\system32\djoin.exe
2014-10-09 22:53:43 ----A---- C:\Windows\system32\cscapi.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\Bubbles.scr
2014-10-09 22:53:42 ----A---- C:\Windows\system32\wwanprotdim.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\WMPhoto.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\WMADMOD.DLL
2014-10-09 22:53:42 ----A---- C:\Windows\system32\utildll.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\tsgqec.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\Ribbons.scr
2014-10-09 22:53:42 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2014-10-09 22:53:42 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\olethk32.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\odbctrac.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\Mystify.scr
2014-10-09 22:53:42 ----A---- C:\Windows\system32\MdSched.exe
2014-10-09 22:53:42 ----A---- C:\Windows\system32\mapistub.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\mapi32.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\lpremove.exe
2014-10-09 22:53:42 ----A---- C:\Windows\system32\fphc.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\dot3msm.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\CscMig.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\avifil32.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\ActionQueue.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\WMVSDECD.DLL
2014-10-09 22:53:41 ----A---- C:\Windows\system32\wmdrmnet.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2014-10-09 22:53:41 ----A---- C:\Windows\system32\wiavideo.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-09 22:53:41 ----A---- C:\Windows\system32\takeown.exe
2014-10-09 22:53:41 ----A---- C:\Windows\system32\sqmapi.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\sppinst.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\qdv.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\iyuv_32.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\imagehlp.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\EhStorAPI.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\WUDFx.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\WUDFHost.exe
2014-10-09 22:53:40 ----A---- C:\Windows\system32\wsnmp32.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2014-10-09 22:53:40 ----A---- C:\Windows\system32\vfwwdm32.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\unattend.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\umb.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\setupcln.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\RelPost.exe
2014-10-09 22:53:40 ----A---- C:\Windows\system32\qprocess.exe
2014-10-09 22:53:40 ----A---- C:\Windows\system32\QCLIPROV.DLL
2014-10-09 22:53:40 ----A---- C:\Windows\system32\pdhui.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\MuiUnattend.exe
2014-10-09 22:53:40 ----A---- C:\Windows\system32\msyuv.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\msrle32.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\msg.exe
2014-10-09 22:53:40 ----A---- C:\Windows\system32\cmstp.exe
2014-10-09 22:53:40 ----A---- C:\Windows\system32\cca.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\basesrv.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\AzSqlExt.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\wkscli.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\WavDest.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\tsbyuv.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\sppuinotify.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\spbcd.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\relog.exe
2014-10-09 22:53:39 ----A---- C:\Windows\system32\qwinsta.exe
2014-10-09 22:53:39 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\netiougc.exe
2014-10-09 22:53:39 ----A---- C:\Windows\system32\mydocs.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\msorcl32.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\iscsicli.exe
2014-10-09 22:53:39 ----A---- C:\Windows\system32\iasrecst.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\chglogon.exe
2014-10-09 22:53:39 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2014-10-09 22:53:39 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2014-10-09 22:53:39 ----A---- C:\Windows\system32\amstream.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\wmpps.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\syssetup.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\resutils.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\rastapi.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\quser.exe
2014-10-09 22:53:38 ----A---- C:\Windows\system32\qappsrv.exe
2014-10-09 22:53:38 ----A---- C:\Windows\system32\nrpsrv.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\netbtugc.exe
2014-10-09 22:53:38 ----A---- C:\Windows\system32\MultiDigiMon.exe
2014-10-09 22:53:38 ----A---- C:\Windows\system32\itircl.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\chgusr.exe
2014-10-09 22:53:38 ----A---- C:\Windows\system32\chgport.exe
2014-10-09 22:53:38 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-10-09 22:53:38 ----A---- C:\Windows\system32\diskpart.exe
2014-10-09 22:53:38 ----A---- C:\Windows\system32\CertPolEng.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\wiarpc.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\WerFaultSecure.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\tskill.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\tsdiscon.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\tscon.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\tlscsp.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\shadow.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\secur32.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\rwinsta.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\ReAgentc.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\PrintBrmUi.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\netutils.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\netapi32.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\muifontsetup.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\mobsync.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\mciqtz32.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\logoff.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\findstr.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\eappgnui.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\dnscacheugc.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\cabinet.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\unlodctr.exe
2014-10-09 22:53:36 ----A---- C:\Windows\system32\sppc.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\spopk.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\shimgvw.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\repair-bde.exe
2014-10-09 22:53:36 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\prevhost.exe
2014-10-09 22:53:36 ----A---- C:\Windows\system32\netcfg.exe
2014-10-09 22:53:36 ----A---- C:\Windows\system32\msdmo.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\manage-bde.exe
2014-10-09 22:53:36 ----A---- C:\Windows\system32\luainstall.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\iccvid.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2014-10-09 22:53:36 ----A---- C:\Windows\system32\drivers\tdi.sys
2014-10-09 22:53:36 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2014-10-09 22:53:36 ----A---- C:\Windows\system32\dosx.exe
2014-10-09 22:53:35 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\vmstorfltres.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\vmicres.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\vmbusres.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\UIRibbonRes.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\reset.exe
2014-10-09 22:53:35 ----A---- C:\Windows\system32\query.exe
2014-10-09 22:53:35 ----A---- C:\Windows\system32\profprov.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\odbcconf.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\inetmib1.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\change.exe
2014-10-09 22:53:35 ----A---- C:\Windows\system32\drivers\cdrom.sys
2014-10-09 22:53:35 ----A---- C:\Windows\system32\browcli.dll
2014-10-09 22:53:34 ----A---- C:\Windows\system32\TRAPI.dll
2014-10-09 22:53:34 ----A---- C:\Windows\system32\perfts.dll
2014-10-09 22:53:34 ----A---- C:\Windows\system32\icaapi.dll
2014-10-09 22:53:34 ----A---- C:\Windows\system32\FXSMON.dll
2014-10-09 22:53:34 ----A---- C:\Windows\system32\elsTrans.dll
2014-10-09 22:53:34 ----A---- C:\Windows\system32\drivers\tunnel.sys
2014-10-09 22:53:34 ----A---- C:\Windows\system32\drivers\dfsc.sys
2014-10-09 22:53:33 ----A---- C:\Windows\system32\wshbth.dll
2014-10-09 22:53:33 ----A---- C:\Windows\system32\schedcli.dll
2014-10-09 22:53:33 ----A---- C:\Windows\system32\RDPENCDD.dll
2014-10-09 22:53:33 ----A---- C:\Windows\system32\napdsnap.dll
2014-10-09 22:53:33 ----A---- C:\Windows\system32\LogonUI.exe
2014-10-09 22:53:33 ----A---- C:\Windows\system32\dsauth.dll
2014-10-09 22:53:33 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2014-10-09 22:53:33 ----A---- C:\Windows\system32\cscdll.dll
2014-10-09 22:53:33 ----A---- C:\Windows\system32\bitsperf.dll
2014-10-09 22:53:33 ----A---- C:\Windows\system32\atmlib.dll
2014-10-09 22:53:32 ----A---- C:\Windows\system32\wsdchngr.dll
2014-10-09 22:53:32 ----A---- C:\Windows\system32\sscore.dll
2014-10-09 22:53:32 ----A---- C:\Windows\system32\shgina.dll
2014-10-09 22:53:32 ----A---- C:\Windows\system32\riched32.dll
2014-10-09 22:53:32 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2014-10-09 22:53:31 ----A---- C:\Windows\system32\rdpcfgex.dll
2014-10-09 22:53:31 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-10-09 22:53:31 ----A---- C:\Windows\system32\drivers\VMBusHID.sys
2014-10-09 22:53:31 ----A---- C:\Windows\system32\drivers\hidusb.sys
2014-10-09 22:53:31 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-09 22:53:30 ----A---- C:\Windows\system32\wshirda.dll
2014-10-09 22:53:30 ----A---- C:\Windows\system32\vmbuspipe.dll
2014-10-09 22:53:30 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2014-10-09 22:53:30 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2014-10-09 22:53:30 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-10-09 22:53:30 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2014-10-09 22:53:30 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2014-10-09 22:53:30 ----A---- C:\Windows\system32\browseui.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\vmictimeprovider.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\VmdCoinstall.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\VmbusCoinstaller.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\spwmp.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\shunimpl.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\RDPREFDD.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\IcCoinstall.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\wanarp.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\umbus.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\tdpipe.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\scfilter.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\RDPCDD.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\C_ISCII.DLL
2014-10-09 22:53:28 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-09 22:53:28 ----A---- C:\Windows\system32\KBDUS.DLL
2014-10-09 22:53:28 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2014-10-09 22:53:28 ----A---- C:\Windows\system32\KBDTURME.DLL
2014-10-09 22:53:28 ----A---- C:\Windows\system32\KBDINTEL.DLL
2014-10-09 22:53:28 ----A---- C:\Windows\system32\KBDINKAN.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\tzres.dll
2014-10-09 22:53:27 ----A---- C:\Windows\system32\pifmgr.dll
2014-10-09 22:53:27 ----A---- C:\Windows\system32\nlsbres.dll
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDTUQ.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDTUF.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDSG.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDSF.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDPO.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDNEPR.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDMON.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDMAORI.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDLT1.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\kbdlk41a.dll
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDINTAM.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDINORI.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDINMAR.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDINHIN.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDINBEN.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDGR1.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDGKL.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDGEO.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDCZ1.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDBULG.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDBLR.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\drivers\vms3cap.sys
2014-10-09 22:53:27 ----A---- C:\Windows\system32\dpnaddr.dll
2014-10-09 22:53:27 ----A---- C:\Windows\system32\BlbEvents.dll
2014-10-09 22:53:26 ----A---- C:\Windows\system32\spwizres.dll
2014-10-09 22:53:15 ----A---- C:\Windows\system32\wdscore.dll
2014-10-09 22:52:59 ----A---- C:\Windows\system32\wbemcomn.dll
2014-10-09 20:37:12 ----A---- C:\sken.txt
2014-10-09 20:31:51 ----A---- C:\Windows\system32\sqlite3.dll
2014-10-09 20:30:38 ----D---- C:\AdwCleaner
2014-10-09 11:57:45 ----D---- C:\FRST
2014-10-09 11:49:36 ----D---- C:\Users\vp2\AppData\Roaming\ESET
2014-10-09 11:47:01 ----D---- C:\Windows\system32\MRT
2014-10-09 11:46:58 ----A---- C:\Windows\system32\MRT.exe
2014-10-09 11:46:26 ----D---- C:\ProgramData\ESET
2014-10-09 11:46:26 ----D---- C:\Program Files\ESET
2014-10-09 11:43:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-09 11:43:14 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-10-09 11:43:08 ----A---- C:\Windows\system32\poqexec.exe
2014-10-09 11:43:08 ----A---- C:\Windows\system32\kerberos.dll
2014-10-09 11:38:23 ----A---- C:\Windows\system32\wups2.dll
2014-10-09 11:38:22 ----A---- C:\Windows\system32\wucltux.dll
2014-10-09 11:38:22 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-09 11:38:22 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-09 11:38:00 ----A---- C:\Windows\system32\wups.dll
2014-10-09 11:37:59 ----A---- C:\Windows\system32\wudriver.dll
2014-10-09 11:37:59 ----A---- C:\Windows\system32\wuapi.dll
2014-10-09 11:37:51 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-09 11:37:51 ----A---- C:\Windows\system32\wuapp.exe
2014-10-09 11:35:04 ----D---- C:\Windows\pss
2014-09-22 08:20:06 ----A---- C:\Windows\system32\drivers\epfwwfp.sys
2014-09-22 08:20:06 ----A---- C:\Windows\system32\drivers\EpfwLWF.sys
2014-09-22 08:20:06 ----A---- C:\Windows\system32\drivers\epfw.sys
2014-09-22 08:20:06 ----A---- C:\Windows\system32\drivers\ehdrv.sys
2014-09-22 08:20:06 ----A---- C:\Windows\system32\drivers\eamonm.sys
======List of files/folders modified in the last 1 month======
2014-10-12 14:03:12 ----D---- C:\Windows\Temp
2014-10-12 14:02:51 ----D---- C:\Windows\Prefetch
2014-10-12 13:58:28 ----RD---- C:\Program Files
2014-10-12 09:53:19 ----D---- C:\Program Files\Mozilla Thunderbird
2014-10-11 11:45:07 ----HD---- C:\ProgramData
2014-10-10 19:01:00 ----D---- C:\Windows\rescache
2014-10-10 14:05:56 ----D---- C:\Windows\System32
2014-10-10 14:05:56 ----D---- C:\Windows\inf
2014-10-10 14:05:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-10 10:06:45 ----D---- C:\Windows\Microsoft.NET
2014-10-10 10:06:36 ----RSD---- C:\Windows\assembly
2014-10-10 08:43:46 ----D---- C:\Windows\system32\config
2014-10-10 08:31:59 ----D---- C:\Windows\system32\Tasks
2014-10-10 08:31:29 ----D---- C:\Windows
2014-10-10 08:31:28 ----D---- C:\Windows\winsxs
2014-10-10 08:31:24 ----SHD---- C:\Boot
2014-10-10 08:30:32 ----D---- C:\Windows\system32\DriverStore
2014-10-10 08:28:25 ----D---- C:\Windows\system32\catroot
2014-10-10 08:27:34 ----D---- C:\Program Files\Windows Sidebar
2014-10-10 08:27:34 ----D---- C:\Program Files\Windows Portable Devices
2014-10-10 08:27:34 ----D---- C:\Program Files\Windows Mail
2014-10-10 08:27:34 ----D---- C:\Program Files\Internet Explorer
2014-10-10 08:27:34 ----D---- C:\Program Files\DVD Maker
2014-10-10 08:27:33 ----D---- C:\Program Files\Windows Photo Viewer
2014-10-10 08:27:33 ----D---- C:\Program Files\Windows Media Player
2014-10-10 08:27:33 ----D---- C:\Program Files\Windows Journal
2014-10-10 08:27:32 ----D---- C:\Program Files\Windows Defender
2014-10-10 08:27:31 ----D---- C:\Windows\servicing
2014-10-10 08:27:31 ----D---- C:\Windows\ehome
2014-10-10 08:27:25 ----D---- C:\Windows\system32\sysprep
2014-10-10 08:27:25 ----D---- C:\Windows\system32\oobe
2014-10-10 08:27:25 ----D---- C:\Windows\system32\en-US
2014-10-10 08:27:25 ----D---- C:\Windows\system32\da-DK
2014-10-10 08:27:25 ----D---- C:\Windows\PolicyDefinitions
2014-10-10 08:27:24 ----D---- C:\Windows\system32\Setup
2014-10-10 08:27:24 ----D---- C:\Windows\system32\migration
2014-10-10 08:27:24 ----D---- C:\Windows\system32\cs-CZ
2014-10-10 08:27:24 ----D---- C:\Windows\system32\cs
2014-10-10 08:27:24 ----D---- C:\Windows\system32\AdvancedInstallers
2014-10-10 08:27:23 ----D---- C:\Windows\system32\manifeststore
2014-10-10 08:27:22 ----D---- C:\Windows\system32\sppui
2014-10-10 08:27:22 ----D---- C:\Windows\system32\es-ES
2014-10-10 08:27:21 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-10-10 08:27:21 ----D---- C:\Windows\system32\drivers
2014-10-10 08:27:20 ----D---- C:\Windows\system32\wbem
2014-10-10 08:27:19 ----D---- C:\Windows\system32\migwiz
2014-10-10 08:27:19 ----D---- C:\Windows\system32\Dism
2014-10-10 08:26:55 ----RSD---- C:\Windows\Fonts
2014-10-10 08:26:53 ----D---- C:\Windows\AppPatch
2014-10-10 08:26:42 ----D---- C:\Windows\system32\Boot
2014-10-09 23:09:29 ----D---- C:\Windows\system32\catroot2
2014-10-09 23:07:35 ----A---- C:\Windows\system32\msclmd.dll
2014-10-09 23:02:20 ----SHD---- C:\System Volume Information
2014-10-09 21:47:11 ----D---- C:\Windows\Tasks
2014-10-09 15:24:11 ----D---- C:\Users\vp2\AppData\Roaming\TeamViewer
2014-10-09 14:57:11 ----SD---- C:\Users\vp2\AppData\Roaming\Microsoft
2014-10-09 11:48:19 ----SHD---- C:\Windows\Installer
2014-10-09 11:47:01 ----D---- C:\Windows\debug
2014-10-09 11:45:49 ----D---- C:\Windows\SoftwareDistribution
2014-10-09 11:42:00 ----D---- C:\Windows\Logs
2014-10-06 09:14:11 ----D---- C:\Windows\system32\FxsTmp
2014-10-05 11:29:59 ----D---- C:\Windows\system32\NDF
2014-09-24 15:26:12 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-09-24 15:26:10 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2014-09-20 09:02:40 ----D---- C:\Windows\Panther
2014-09-17 14:41:28 ----D---- C:\Windows\system32\drivers\UMDF
2014-09-15 09:06:04 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-09-22 51288]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-09-22 191928]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-09-22 135296]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-09-22 37928]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-09-22 176448]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-01-10 5120]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-14 50688]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2009-07-08 1334784]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 hipeer20;Remobo Instant Private Network; C:\Windows\system32\DRIVERS\remobo32.sys [2009-04-22 26112]
S3 optousb;OPTO ELECTRONICS optousb; C:\Windows\system32\DRIVERS\optousb.sys [2009-11-25 18432]
S3 optovcm;OPTO ELECTRONICS optovcm; C:\Windows\system32\DRIVERS\optovcm.sys [2009-11-25 26368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2013-03-13 602216]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2014-09-16 1350112]
R2 PortTunnel;PortTunnel; C:\Program Files\SteelBytes\PortTunnel\PortTunnel.exe [2010-07-14 592392]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-04-16 173352]
R2 uvnc_service;uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [2009-12-07 1590216]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-06 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-06 116648]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Run by vp2 at 2014-10-12 14:03:10
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 169 GB (85%) free of 200 GB
Total RAM: 2037 MB (24% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:03:12, on 12.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16561)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\rdpclip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Programy\Sklad\sklad.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\OpenOffice.org 3\program\scalc.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\vp2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9LFMPOP3\RSIT.exe
C:\Program Files\trend micro\vp2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [MSYS] C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1968554069-1297930875-3543694926-1000\..\Run: [MSYS] C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe (User 'pc1')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {336C9D79-263A-4D75-AA7C-60DAF945AE67} (OvisLink IPCamera Control) - http://90.176.85.203:7000/classes/OvisLinkCamV_H264.cab
O16 - DPF: {87D48502-D1FF-4D25-B66C-9DA4F7CB2722} (IPCamera Control) - http://10.0.0.222/classes/CamV_H264.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4170E646-F686-42A3-8729-3D3B4192ADBF}: NameServer = 10.1.20.20,10.1.2.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{4170E646-F686-42A3-8729-3D3B4192ADBF}: NameServer = 10.1.20.20,10.1.2.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{4170E646-F686-42A3-8729-3D3B4192ADBF}: NameServer = 10.1.20.20,10.1.2.10
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: PortTunnel - Unknown owner - C:\Program Files\SteelBytes\PortTunnel\PortTunnel.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe
--
End of file - 5216 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSYS"=C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe [2014-01-24 36352]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-09-22 5088456]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\Sidebar.exe [2010-11-20 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^vp2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-02-16 384512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-10-12 13:58:28 ----D---- C:\Program Files\trend micro
2014-10-12 13:58:27 ----D---- C:\rsit
2014-10-10 13:46:05 ----A---- C:\Windows\system32\termsrv.dll.7601.1130.bak
2014-10-10 13:45:00 ----D---- C:\Win7RDP
2014-10-10 08:31:56 ----D---- C:\Windows\system32\Lang
2014-10-10 08:31:56 ----A---- C:\Windows\system32\TVWizudlg.exe
2014-10-10 08:31:56 ----A---- C:\Windows\system32\igfxtvcx.dll
2014-10-10 08:31:54 ----D---- C:\Program Files\Intel
2014-10-09 23:09:30 ----D---- C:\Windows\system32\x64
2014-10-09 23:09:30 ----A---- C:\Windows\system32\igxpun.exe
2014-10-09 23:03:13 ----D---- C:\Windows\system32\SPReview
2014-10-09 23:01:42 ----D---- C:\Windows\system32\EventProviders
2014-10-09 23:01:12 ----A---- C:\Windows\system32\browserchoice.exe
2014-10-09 22:54:55 ----A---- C:\Windows\system32\dfshim.dll
2014-10-09 22:54:51 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-09 22:54:51 ----A---- C:\Windows\system32\mstscax.dll
2014-10-09 22:54:51 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-10-09 22:54:48 ----A---- C:\Windows\system32\mfc40u.dll
2014-10-09 22:54:48 ----A---- C:\Windows\system32\mfc40.dll
2014-10-09 22:54:48 ----A---- C:\Windows\system32\d3d10warp.dll
2014-10-09 22:54:47 ----A---- C:\Windows\system32\XpsPrint.dll
2014-10-09 22:54:47 ----A---- C:\Windows\system32\sysmain.dll
2014-10-09 22:54:46 ----A---- C:\Windows\system32\shell32.dll
2014-10-09 22:54:46 ----A---- C:\Windows\system32\secproc_isv.dll
2014-10-09 22:54:46 ----A---- C:\Windows\system32\d2d1.dll
2014-10-09 22:54:45 ----A---- C:\Windows\system32\secproc.dll
2014-10-09 22:54:45 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-10-09 22:54:44 ----A---- C:\Windows\system32\RMActivate.exe
2014-10-09 22:54:43 ----A---- C:\Windows\system32\spwizui.dll
2014-10-09 22:54:43 ----A---- C:\Windows\system32\mscoree.dll
2014-10-09 22:54:42 ----A---- C:\Windows\system32\mf.dll
2014-10-09 22:54:42 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-10-09 22:54:41 ----A---- C:\Windows\system32\wmp.dll
2014-10-09 22:54:41 ----A---- C:\Windows\system32\mssrch.dll
2014-10-09 22:54:41 ----A---- C:\Windows\system32\CertEnroll.dll
2014-10-09 22:54:40 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-10-09 22:54:40 ----A---- C:\Windows\system32\PresentationHost.exe
2014-10-09 22:54:40 ----A---- C:\Windows\system32\esent.dll
2014-10-09 22:54:40 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-10-09 22:54:40 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2014-10-09 22:54:39 ----A---- C:\Windows\system32\tquery.dll
2014-10-09 22:54:39 ----A---- C:\Windows\system32\schedsvc.dll
2014-10-09 22:54:39 ----A---- C:\Windows\system32\RacEngn.dll
2014-10-09 22:54:38 ----A---- C:\Windows\system32\ntdll.dll
2014-10-09 22:54:38 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2014-10-09 22:54:37 ----A---- C:\Windows\system32\win32k.sys
2014-10-09 22:54:37 ----A---- C:\Windows\system32\rdpdd.dll
2014-10-09 22:54:37 ----A---- C:\Windows\system32\qmgr.dll
2014-10-09 22:54:36 ----A---- C:\Windows\system32\wevtsvc.dll
2014-10-09 22:54:36 ----A---- C:\Windows\system32\ole32.dll
2014-10-09 22:54:36 ----A---- C:\Windows\system32\ExplorerFrame.dll
2014-10-09 22:54:35 ----A---- C:\Windows\system32\vssapi.dll
2014-10-09 22:54:35 ----A---- C:\Windows\system32\SearchFolder.dll
2014-10-09 22:54:35 ----A---- C:\Windows\system32\DWrite.dll
2014-10-09 22:54:35 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-10-09 22:54:35 ----A---- C:\Windows\system32\d3d9.dll
2014-10-09 22:54:35 ----A---- C:\Windows\system32\CPFilters.dll
2014-10-09 22:54:34 ----A---- C:\Windows\system32\taskschd.dll
2014-10-09 22:54:34 ----A---- C:\Windows\system32\kernel32.dll
2014-10-09 22:54:34 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-10-09 22:54:34 ----A---- C:\Windows\system32\crypt32.dll
2014-10-09 22:54:34 ----A---- C:\Windows\explorer.exe
2014-10-09 22:54:33 ----A---- C:\Windows\system32\spreview.exe
2014-10-09 22:54:33 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2014-10-09 22:54:33 ----A---- C:\Windows\system32\mstsc.exe
2014-10-09 22:54:33 ----A---- C:\Windows\system32\FntCache.dll
2014-10-09 22:54:33 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-10-09 22:54:32 ----A---- C:\Windows\system32\wer.dll
2014-10-09 22:54:32 ----A---- C:\Windows\system32\termsrv.dll
2014-10-09 22:54:32 ----A---- C:\Windows\system32\spinstall.exe
2014-10-09 22:54:32 ----A---- C:\Windows\system32\rpcrt4.dll
2014-10-09 22:54:32 ----A---- C:\Windows\system32\msxml6.dll
2014-10-09 22:54:32 ----A---- C:\Windows\system32\lsasrv.dll
2014-10-09 22:54:32 ----A---- C:\Windows\system32\gpsvc.dll
2014-10-09 22:54:32 ----A---- C:\Windows\system32\certcli.dll
2014-10-09 22:54:31 ----A---- C:\Windows\system32\wbengine.exe
2014-10-09 22:54:31 ----A---- C:\Windows\system32\odbc32.dll
2014-10-09 22:54:31 ----A---- C:\Windows\system32\MPSSVC.dll
2014-10-09 22:54:31 ----A---- C:\Windows\system32\dwmcore.dll
2014-10-09 22:54:31 ----A---- C:\Windows\system32\diagperf.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\WinSAT.exe
2014-10-09 22:54:30 ----A---- C:\Windows\system32\umrdp.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\tsmf.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\scavengeui.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\quartz.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\localspl.dll
2014-10-09 22:54:30 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-10-09 22:54:30 ----A---- C:\Windows\system32\dot3api.dll
2014-10-09 22:54:29 ----A---- C:\Windows\system32\winhttp.dll
2014-10-09 22:54:29 ----A---- C:\Windows\system32\setupapi.dll
2014-10-09 22:54:29 ----A---- C:\Windows\system32\MSVidCtl.dll
2014-10-09 22:54:29 ----A---- C:\Windows\system32\drivers\nvstor.sys
2014-10-09 22:54:29 ----A---- C:\Windows\system32\apphelp.dll
2014-10-09 22:54:28 ----A---- C:\Windows\system32\winlogon.exe
2014-10-09 22:54:28 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-10-09 22:54:28 ----A---- C:\Windows\system32\VSSVC.exe
2014-10-09 22:54:28 ----A---- C:\Windows\system32\user32.dll
2014-10-09 22:54:28 ----A---- C:\Windows\system32\netlogon.dll
2014-10-09 22:54:28 ----A---- C:\Windows\system32\netcfgx.dll
2014-10-09 22:54:28 ----A---- C:\Windows\system32\dbgeng.dll
2014-10-09 22:54:28 ----A---- C:\Windows\system32\d3d11.dll
2014-10-09 22:54:27 ----A---- C:\Windows\system32\WsmSvc.dll
2014-10-09 22:54:27 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-10-09 22:54:27 ----A---- C:\Windows\system32\webio.dll
2014-10-09 22:54:27 ----A---- C:\Windows\system32\Query.dll
2014-10-09 22:54:27 ----A---- C:\Windows\system32\gpprefcl.dll
2014-10-09 22:54:27 ----A---- C:\Windows\system32\drivers\srv.sys
2014-10-09 22:54:27 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-09 22:54:27 ----A---- C:\Windows\system32\advapi32.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\upnp.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\schannel.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\netfxperf.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\msv1_0.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\msdrm.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\mmcndmgr.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\lsm.exe
2014-10-09 22:54:26 ----A---- C:\Windows\system32\imapi2fs.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2014-10-09 22:54:26 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-10-09 22:54:26 ----A---- C:\Windows\system32\drivers\nvraid.sys
2014-10-09 22:54:26 ----A---- C:\Windows\system32\drivers\csc.sys
2014-10-09 22:54:25 ----A---- C:\Windows\system32\usp10.dll
2014-10-09 22:54:25 ----A---- C:\Windows\system32\sppobjs.dll
2014-10-09 22:54:25 ----A---- C:\Windows\system32\shlwapi.dll
2014-10-09 22:54:25 ----A---- C:\Windows\system32\SessEnv.dll
2014-10-09 22:54:25 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2014-10-09 22:54:25 ----A---- C:\Windows\system32\mcbuilder.exe
2014-10-09 22:54:25 ----A---- C:\Windows\system32\KernelBase.dll
2014-10-09 22:54:25 ----A---- C:\Windows\system32\authui.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\xpsservices.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\winload.exe
2014-10-09 22:54:24 ----A---- C:\Windows\system32\WebClnt.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\userenv.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\umpnpmgr.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\drvstore.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\comdlg32.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\certmgr.dll
2014-10-09 22:54:24 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-09 22:54:23 ----A---- C:\Windows\system32\win32spl.dll
2014-10-09 22:54:23 ----A---- C:\Windows\system32\sppwinob.dll
2014-10-09 22:54:23 ----A---- C:\Windows\system32\rpcss.dll
2014-10-09 22:54:23 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-10-09 22:54:23 ----A---- C:\Windows\system32\framedynos.dll
2014-10-09 22:54:23 ----A---- C:\Windows\system32\dnsapi.dll
2014-10-09 22:54:23 ----A---- C:\Windows\system32\cmd.exe
2014-10-09 22:54:23 ----A---- C:\Windows\system32\BFE.DLL
2014-10-09 22:54:22 ----A---- C:\Windows\system32\wmicmiplugin.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\Wldap32.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\winresume.exe
2014-10-09 22:54:22 ----A---- C:\Windows\system32\samsrv.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\rdpendp.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\propsys.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\profsvc.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\nlasvc.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\mfds.dll
2014-10-09 22:54:22 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-10-09 22:54:22 ----A---- C:\Windows\system32\drivers\netio.sys
2014-10-09 22:54:22 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-10-09 22:54:22 ----A---- C:\Windows\system32\cscsvc.dll
2014-10-09 22:54:21 ----A---- C:\Windows\system32\werconcpl.dll
2014-10-09 22:54:21 ----A---- C:\Windows\system32\rdpclip.exe
2014-10-09 22:54:21 ----A---- C:\Windows\system32\ncsi.dll
2014-10-09 22:54:21 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2014-10-09 22:54:21 ----A---- C:\Windows\system32\azroles.dll
2014-10-09 22:54:21 ----A---- C:\Windows\system32\appmgr.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\wintrust.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\themeui.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\taskeng.exe
2014-10-09 22:54:20 ----A---- C:\Windows\system32\taskcomp.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\spp.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\msxml3.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\mswsock.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\mfreadwrite.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\inetcomm.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\dxgi.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\drivers\storport.sys
2014-10-09 22:54:20 ----A---- C:\Windows\system32\drivers\http.sys
2014-10-09 22:54:20 ----A---- C:\Windows\system32\dhcpcore.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\dbghelp.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\credui.dll
2014-10-09 22:54:20 ----A---- C:\Windows\system32\basecsp.dll
2014-10-09 22:54:19 ----A---- C:\Windows\system32\evr.dll
2014-10-09 22:54:19 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2014-10-09 22:54:18 ----A---- C:\Windows\system32\WinSATAPI.dll
2014-10-09 22:54:18 ----A---- C:\Windows\system32\sqlsrv32.dll
2014-10-09 22:54:18 ----A---- C:\Windows\system32\spoolsv.exe
2014-10-09 22:54:18 ----A---- C:\Windows\system32\QAGENTRT.DLL
2014-10-09 22:54:18 ----A---- C:\Windows\system32\gdi32.dll
2014-10-09 22:54:18 ----A---- C:\Windows\system32\EncDec.dll
2014-10-09 22:54:18 ----A---- C:\Windows\system32\drivers\amdsata.sys
2014-10-09 22:54:18 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2014-10-09 22:54:18 ----A---- C:\Windows\system32\calc.exe
2014-10-09 22:54:17 ----A---- C:\Windows\system32\vpnike.dll
2014-10-09 22:54:17 ----A---- C:\Windows\system32\UIRibbon.dll
2014-10-09 22:54:17 ----A---- C:\Windows\system32\sxs.dll
2014-10-09 22:54:17 ----A---- C:\Windows\system32\srvsvc.dll
2014-10-09 22:54:17 ----A---- C:\Windows\system32\lpksetup.exe
2014-10-09 22:54:17 ----A---- C:\Windows\system32\fveapi.dll
2014-10-09 22:54:17 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\ws2_32.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\stobject.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\prncache.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\printui.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\netshell.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\msi.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\inetpp.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\hgprint.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\drivers\rdbss.sys
2014-10-09 22:54:16 ----A---- C:\Windows\system32\drivers\msdsm.sys
2014-10-09 22:54:16 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-10-09 22:54:16 ----A---- C:\Windows\system32\dps.dll
2014-10-09 22:54:16 ----A---- C:\Windows\system32\comctl32.dll
2014-10-09 22:54:15 ----A---- C:\Windows\system32\WSDApi.dll
2014-10-09 22:54:15 ----A---- C:\Windows\system32\wmpeffects.dll
2014-10-09 22:54:15 ----A---- C:\Windows\system32\rpchttp.dll
2014-10-09 22:54:15 ----A---- C:\Windows\system32\net1.exe
2014-10-09 22:54:15 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-10-09 22:54:15 ----A---- C:\Windows\system32\ci.dll
2014-10-09 22:54:14 ----A---- C:\Windows\system32\vds.exe
2014-10-09 22:54:14 ----A---- C:\Windows\system32\scansetting.dll
2014-10-09 22:54:14 ----A---- C:\Windows\system32\MMDevAPI.dll
2014-10-09 22:54:14 ----A---- C:\Windows\system32\mfc42u.dll
2014-10-09 22:54:14 ----A---- C:\Windows\system32\FXSSVC.exe
2014-10-09 22:54:14 ----A---- C:\Windows\system32\drivers\vmbus.sys
2014-10-09 22:54:14 ----A---- C:\Windows\system32\drivers\pci.sys
2014-10-09 22:54:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-10-09 22:54:14 ----A---- C:\Windows\system32\davclnt.dll
2014-10-09 22:54:14 ----A---- C:\Windows\system32\cdd.dll
2014-10-09 22:54:14 ----A---- C:\Windows\system32\aitagent.exe
2014-10-09 22:54:14 ----A---- C:\Windows\system32\aepdu.dll
2014-10-09 22:54:13 ----A---- C:\Windows\system32\wpdshext.dll
2014-10-09 22:54:13 ----A---- C:\Windows\system32\WMVCORE.DLL
2014-10-09 22:54:13 ----A---- C:\Windows\system32\wlangpui.dll
2014-10-09 22:54:13 ----A---- C:\Windows\system32\t2embed.dll
2014-10-09 22:54:13 ----A---- C:\Windows\system32\QSHVHOST.DLL
2014-10-09 22:54:13 ----A---- C:\Windows\system32\pnidui.dll
2014-10-09 22:54:13 ----A---- C:\Windows\system32\IPSECSVC.DLL
2014-10-09 22:54:13 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-10-09 22:54:13 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-10-09 22:54:13 ----A---- C:\Windows\system32\consent.exe
2014-10-09 22:54:13 ----A---- C:\Windows\system32\aaclient.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\wscapi.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\webservices.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\vmicsvc.exe
2014-10-09 22:54:12 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\tscfgwmi.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\SyncCenter.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\sdengin2.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\scrptadm.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\netdiagfx.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\fde.dll
2014-10-09 22:54:12 ----A---- C:\Windows\system32\drivers\termdd.sys
2014-10-09 22:54:12 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2014-10-09 22:54:12 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2014-10-09 22:54:12 ----A---- C:\Windows\system32\drivers\amdxata.sys
2014-10-09 22:54:11 ----A---- C:\Windows\system32\wisptis.exe
2014-10-09 22:54:11 ----A---- C:\Windows\system32\WinSCard.dll
2014-10-09 22:54:11 ----A---- C:\Windows\system32\WFS.exe
2014-10-09 22:54:11 ----A---- C:\Windows\system32\pla.dll
2014-10-09 22:54:11 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2014-10-09 22:54:11 ----A---- C:\Windows\system32\msasn1.dll
2014-10-09 22:54:11 ----A---- C:\Windows\system32\mcmde.dll
2014-10-09 22:54:11 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2014-10-09 22:54:11 ----A---- C:\Windows\system32\cscobj.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\winsta.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\wiaservc.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\setupcl.exe
2014-10-09 22:54:10 ----A---- C:\Windows\system32\rdpcore.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\ntshrui.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\imapi2.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\gameux.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2014-10-09 22:54:10 ----A---- C:\Windows\system32\drivers\msahci.sys
2014-10-09 22:54:10 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-10-09 22:54:10 ----A---- C:\Windows\system32\conhost.exe
2014-10-09 22:54:10 ----A---- C:\Windows\system32\aeinv.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\WMPEncEn.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\winmm.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\shsvcs.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\rasmans.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\onex.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\mssvp.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\dwmredir.dll
2014-10-09 22:54:09 ----A---- C:\Windows\system32\drivers\udfs.sys
2014-10-09 22:54:09 ----A---- C:\Windows\system32\drivers\acpi.sys
2014-10-09 22:54:08 ----A---- C:\Windows\system32\vaultsvc.dll
2014-10-09 22:54:08 ----A---- C:\Windows\system32\TabSvc.dll
2014-10-09 22:54:08 ----A---- C:\Windows\system32\samcli.dll
2014-10-09 22:54:08 ----A---- C:\Windows\system32\proquota.exe
2014-10-09 22:54:08 ----A---- C:\Windows\system32\netiohlp.dll
2014-10-09 22:54:08 ----A---- C:\Windows\system32\Narrator.exe
2014-10-09 22:54:08 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2014-10-09 22:54:08 ----A---- C:\Windows\system32\hbaapi.dll
2014-10-09 22:54:08 ----A---- C:\Windows\system32\bootres.dll
2014-10-09 22:54:08 ----A---- C:\Windows\system32\autochk.exe
2014-10-09 22:54:08 ----A---- C:\Windows\system32\autofmt.exe
2014-10-09 22:54:08 ----A---- C:\Windows\system32\audiodg.exe
2014-10-09 22:54:07 ----A---- C:\Windows\system32\thumbcache.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\tcpipcfg.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\srchadmin.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\schtasks.exe
2014-10-09 22:54:07 ----A---- C:\Windows\system32\sbe.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\regapi.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\powercpl.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\msutb.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\msinfo32.exe
2014-10-09 22:54:07 ----A---- C:\Windows\system32\mimefilt.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\ipsmsnap.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\halmacpi.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\hal.dll
2014-10-09 22:54:07 ----A---- C:\Windows\system32\drivers\winusb.sys
2014-10-09 22:54:07 ----A---- C:\Windows\system32\autoconv.exe
2014-10-09 22:54:07 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\wcncsvc.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\sspicli.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\QAGENT.DLL
2014-10-09 22:54:06 ----A---- C:\Windows\system32\netid.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\msihnd.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\mscorier.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\FXSCOVER.exe
2014-10-09 22:54:06 ----A---- C:\Windows\system32\framedyn.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\eapphost.dll
2014-10-09 22:54:06 ----A---- C:\Windows\system32\drivers\volmgr.sys
2014-10-09 22:54:06 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-10-09 22:54:06 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-10-09 22:54:06 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-10-09 22:54:06 ----A---- C:\Windows\system32\drivers\netbt.sys
2014-10-09 22:54:06 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2014-10-09 22:54:05 ----A---- C:\Windows\system32\wdc.dll
2014-10-09 22:54:05 ----A---- C:\Windows\system32\umpo.dll
2014-10-09 22:54:05 ----A---- C:\Windows\system32\StructuredQuery.dll
2014-10-09 22:54:05 ----A---- C:\Windows\system32\DXP.dll
2014-10-09 22:54:05 ----A---- C:\Windows\system32\actxprxy.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\WMNetMgr.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\wlanpref.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\Vault.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\untfs.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\sppsvc.exe
2014-10-09 22:54:04 ----A---- C:\Windows\system32\sdclt.exe
2014-10-09 22:54:04 ----A---- C:\Windows\system32\scesrv.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\RpcRtRemote.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\rastls.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\oleaut32.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\nci.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\ListSvc.dll
2014-10-09 22:54:04 ----A---- C:\Windows\system32\drivers\ataport.sys
2014-10-09 22:54:03 ----A---- C:\Windows\system32\taskmgr.exe
2014-10-09 22:54:03 ----A---- C:\Windows\system32\Robocopy.exe
2014-10-09 22:54:03 ----A---- C:\Windows\system32\mtxclu.dll
2014-10-09 22:54:03 ----A---- C:\Windows\system32\DxpTaskSync.dll
2014-10-09 22:54:03 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-10-09 22:54:03 ----A---- C:\Windows\system32\Display.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\XpsRasterService.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\userinit.exe
2014-10-09 22:54:02 ----A---- C:\Windows\system32\termmgr.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\sharemediacpl.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\puiobj.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\mssphtb.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\msdri.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\eudcedit.exe
2014-10-09 22:54:02 ----A---- C:\Windows\system32\drivers\winhv.sys
2014-10-09 22:54:02 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-10-09 22:54:02 ----A---- C:\Windows\system32\drivers\scsiport.sys
2014-10-09 22:54:02 ----A---- C:\Windows\system32\drivers\mpio.sys
2014-10-09 22:54:02 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2014-10-09 22:54:02 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2014-10-09 22:54:02 ----A---- C:\Windows\system32\DiagCpl.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\cscui.dll
2014-10-09 22:54:02 ----A---- C:\Windows\system32\atmfd.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\wiadefui.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\sppcomapi.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\shsetup.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\rasppp.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\msdtctm.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\msconfig.exe
2014-10-09 22:54:01 ----A---- C:\Windows\system32\logoncli.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\drivers\vmstorfl.sys
2014-10-09 22:54:01 ----A---- C:\Windows\system32\cabview.dll
2014-10-09 22:54:01 ----A---- C:\Windows\system32\biocpl.dll
2014-10-09 22:54:00 ----A---- C:\Windows\system32\wpccpl.dll
2014-10-09 22:54:00 ----A---- C:\Windows\system32\themecpl.dll
2014-10-09 22:54:00 ----A---- C:\Windows\system32\SensorsCpl.dll
2014-10-09 22:54:00 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-10-09 22:54:00 ----A---- C:\Windows\system32\drivers\storvsc.sys
2014-10-09 22:54:00 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2014-10-09 22:54:00 ----A---- C:\Windows\system32\dnscmmc.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\winsrv.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\tapisrv.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\scecli.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2014-10-09 22:53:59 ----A---- C:\Windows\system32\mscories.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\mscms.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\mprddm.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\localsec.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\hgcpl.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\fontext.dll
2014-10-09 22:53:59 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-10-09 22:53:58 ----A---- C:\Windows\system32\wlanui.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\wkssvc.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\VAN.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\usercpl.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\srcore.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\SndVolSSO.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\SndVol.exe
2014-10-09 22:53:58 ----A---- C:\Windows\system32\qedit.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\qdvd.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\prntvpt.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\netcenter.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\mblctr.exe
2014-10-09 22:53:58 ----A---- C:\Windows\system32\KMSVC.DLL
2014-10-09 22:53:58 ----A---- C:\Windows\system32\iasacct.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-10-09 22:53:58 ----A---- C:\Windows\system32\bcdsrv.dll
2014-10-09 22:53:58 ----A---- C:\Windows\system32\batmeter.dll
2014-10-09 22:53:57 ----A---- C:\Windows\system32\zipfldr.dll
2014-10-09 22:53:57 ----A---- C:\Windows\system32\wpdbusenum.dll
2014-10-09 22:53:57 ----A---- C:\Windows\system32\wksprt.exe
2014-10-09 22:53:57 ----A---- C:\Windows\system32\w32tm.exe
2014-10-09 22:53:57 ----A---- C:\Windows\system32\spwizeng.dll
2014-10-09 22:53:57 ----A---- C:\Windows\system32\fdeploy.dll
2014-10-09 22:53:57 ----A---- C:\Windows\system32\drivers\ks.sys
2014-10-09 22:53:57 ----A---- C:\Windows\system32\drivers\afd.sys
2014-10-09 22:53:57 ----A---- C:\Windows\system32\azroleui.dll
2014-10-09 22:53:57 ----A---- C:\Windows\system32\accessibilitycpl.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\wusa.exe
2014-10-09 22:53:56 ----A---- C:\Windows\system32\networkmap.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\netjoin.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\mspbda.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2014-10-09 22:53:56 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\Faultrep.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\cryptui.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\cfgmgr32.dll
2014-10-09 22:53:56 ----A---- C:\Windows\system32\adsldp.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\taskhost.exe
2014-10-09 22:53:55 ----A---- C:\Windows\system32\taskbarcpl.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\sud.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\slui.exe
2014-10-09 22:53:55 ----A---- C:\Windows\system32\prnfldr.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\photowiz.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\msieftp.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\iprtrmgr.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\iasrad.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\credssp.dll
2014-10-09 22:53:55 ----A---- C:\Windows\system32\ActionCenter.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\wpd_ci.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\sisbkup.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\shwebsvc.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\recovery.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\odbcjt32.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\ifsutil.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\halacpi.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\ftp.exe
2014-10-09 22:53:54 ----A---- C:\Windows\system32\efscore.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-10-09 22:53:54 ----A---- C:\Windows\system32\dot3cfg.dll
2014-10-09 22:53:54 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\wmpmde.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\syncui.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\sppnp.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\sdcpl.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\rdpwsx.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\ntlanman.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\dskquoui.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\DeviceCenter.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\bcdedit.exe
2014-10-09 22:53:53 ----A---- C:\Windows\system32\autoplay.dll
2014-10-09 22:53:53 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\vdsutil.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\systemcpl.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\sethc.exe
2014-10-09 22:53:52 ----A---- C:\Windows\system32\rtutils.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\rstrui.exe
2014-10-09 22:53:52 ----A---- C:\Windows\system32\riched20.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\recdisc.exe
2014-10-09 22:53:52 ----A---- C:\Windows\system32\OobeFldr.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\ntprint.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\nshwfp.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-10-09 22:53:52 ----A---- C:\Windows\system32\blackbox.dll
2014-10-09 22:53:52 ----A---- C:\Windows\system32\bcdboot.exe
2014-10-09 22:53:52 ----A---- C:\Windows\system32\AxInstSv.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\wmpsrcwp.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\netplwiz.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\NAPHLPR.DLL
2014-10-09 22:53:51 ----A---- C:\Windows\system32\migisol.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\httpapi.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\fms.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-09 22:53:51 ----A---- C:\Windows\system32\dpx.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\dot3svc.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\cdosys.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2014-10-09 22:53:51 ----A---- C:\Windows\system32\activeds.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\wvc.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\wtsapi32.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\wsqmcons.exe
2014-10-09 22:53:50 ----A---- C:\Windows\system32\wlanmsm.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\wavemsp.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\tzutil.exe
2014-10-09 22:53:50 ----A---- C:\Windows\system32\sysclass.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\ReAgent.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\provsvc.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\ocsetup.exe
2014-10-09 22:53:50 ----A---- C:\Windows\system32\nshipsec.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\nlaapi.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\msftedit.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\isoburn.exe
2014-10-09 22:53:50 ----A---- C:\Windows\system32\dsuiext.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2014-10-09 22:53:50 ----A---- C:\Windows\system32\dot3ui.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\dfrgui.exe
2014-10-09 22:53:50 ----A---- C:\Windows\system32\asycfilt.dll
2014-10-09 22:53:50 ----A---- C:\Windows\system32\appinfo.dll
2014-10-09 22:53:49 ----A---- C:\Windows\twain_32.dll
2014-10-09 22:53:49 ----A---- C:\Windows\system32\wimgapi.dll
2014-10-09 22:53:49 ----A---- C:\Windows\system32\twext.dll
2014-10-09 22:53:49 ----A---- C:\Windows\system32\shdocvw.dll
2014-10-09 22:53:49 ----A---- C:\Windows\system32\setupugc.exe
2014-10-09 22:53:49 ----A---- C:\Windows\system32\qcap.dll
2014-10-09 22:53:49 ----A---- C:\Windows\system32\PkgMgr.exe
2014-10-09 22:53:49 ----A---- C:\Windows\system32\mstask.dll
2014-10-09 22:53:49 ----A---- C:\Windows\system32\certprop.dll
2014-10-09 22:53:49 ----A---- C:\Windows\system32\AdmTmpl.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\wwanconn.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\uxlib.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\ssText3d.scr
2014-10-09 22:53:48 ----A---- C:\Windows\system32\srrstr.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\SmiEngine.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\slwga.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\qasf.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\PresentationSettings.exe
2014-10-09 22:53:48 ----A---- C:\Windows\system32\msvfw32.dll
2014-10-09 22:53:48 ----A---- C:\Windows\system32\imm32.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\wimserv.exe
2014-10-09 22:53:47 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\nslookup.exe
2014-10-09 22:53:47 ----A---- C:\Windows\system32\msscp.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\mciavi32.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\diskraid.exe
2014-10-09 22:53:47 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\clusapi.dll
2014-10-09 22:53:47 ----A---- C:\Windows\system32\audiodev.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\wmpdxm.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-10-09 22:53:46 ----A---- C:\Windows\system32\vpnikeapi.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\sdrsvc.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\remotepg.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\rdpencom.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\raschap.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\QUTIL.DLL
2014-10-09 22:53:46 ----A---- C:\Windows\system32\perfmon.exe
2014-10-09 22:53:46 ----A---- C:\Windows\system32\olepro32.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\odbccp32.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\ocsetapi.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\nltest.exe
2014-10-09 22:53:46 ----A---- C:\Windows\system32\networkexplorer.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2014-10-09 22:53:46 ----A---- C:\Windows\system32\input.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\fontsub.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\browser.dll
2014-10-09 22:53:46 ----A---- C:\Windows\system32\acppage.dll
2014-10-09 22:53:45 ----A---- C:\Windows\system32\wpdwcn.dll
2014-10-09 22:53:45 ----A---- C:\Windows\system32\vdsbas.dll
2014-10-09 22:53:45 ----A---- C:\Windows\system32\sspisrv.dll
2014-10-09 22:53:45 ----A---- C:\Windows\system32\runonce.exe
2014-10-09 22:53:45 ----A---- C:\Windows\system32\onexui.dll
2014-10-09 22:53:45 ----A---- C:\Windows\system32\Mcx2Svc.dll
2014-10-09 22:53:45 ----A---- C:\Windows\system32\logagent.exe
2014-10-09 22:53:45 ----A---- C:\Windows\system32\iTVData.dll
2014-10-09 22:53:45 ----A---- C:\Windows\system32\dxdiagn.dll
2014-10-09 22:53:45 ----A---- C:\Windows\bfsvc.exe
2014-10-09 22:53:44 ----A---- C:\Windows\system32\wmpshell.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\wmdrmdev.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\shacct.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\PnPUnattend.exe
2014-10-09 22:53:44 ----A---- C:\Windows\system32\msvidc32.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\msiexec.exe
2014-10-09 22:53:44 ----A---- C:\Windows\system32\MFPlay.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\lsmproxy.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\eapp3hst.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\drivers\rmcast.sys
2014-10-09 22:53:44 ----A---- C:\Windows\system32\d3d10level9.dll
2014-10-09 22:53:44 ----A---- C:\Windows\system32\bitsadmin.exe
2014-10-09 22:53:43 ----A---- C:\Windows\system32\WPDSp.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\unimdmat.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\tabcal.exe
2014-10-09 22:53:43 ----A---- C:\Windows\system32\srvcli.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\sqlcese30.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\rdpd3d.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\pdh.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\OpcServices.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\ncryptui.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\mprapi.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\logman.exe
2014-10-09 22:53:43 ----A---- C:\Windows\system32\iscsium.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-10-09 22:53:43 ----A---- C:\Windows\system32\djoin.exe
2014-10-09 22:53:43 ----A---- C:\Windows\system32\cscapi.dll
2014-10-09 22:53:43 ----A---- C:\Windows\system32\Bubbles.scr
2014-10-09 22:53:42 ----A---- C:\Windows\system32\wwanprotdim.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\WMPhoto.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\WMADMOD.DLL
2014-10-09 22:53:42 ----A---- C:\Windows\system32\utildll.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\tsgqec.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\Ribbons.scr
2014-10-09 22:53:42 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2014-10-09 22:53:42 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\olethk32.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\odbctrac.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\Mystify.scr
2014-10-09 22:53:42 ----A---- C:\Windows\system32\MdSched.exe
2014-10-09 22:53:42 ----A---- C:\Windows\system32\mapistub.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\mapi32.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\lpremove.exe
2014-10-09 22:53:42 ----A---- C:\Windows\system32\fphc.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\dot3msm.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\CscMig.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\avifil32.dll
2014-10-09 22:53:42 ----A---- C:\Windows\system32\ActionQueue.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\WMVSDECD.DLL
2014-10-09 22:53:41 ----A---- C:\Windows\system32\wmdrmnet.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2014-10-09 22:53:41 ----A---- C:\Windows\system32\wiavideo.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-09 22:53:41 ----A---- C:\Windows\system32\takeown.exe
2014-10-09 22:53:41 ----A---- C:\Windows\system32\sqmapi.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\sppinst.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\qdv.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\iyuv_32.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\imagehlp.dll
2014-10-09 22:53:41 ----A---- C:\Windows\system32\EhStorAPI.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\WUDFx.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\WUDFHost.exe
2014-10-09 22:53:40 ----A---- C:\Windows\system32\wsnmp32.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2014-10-09 22:53:40 ----A---- C:\Windows\system32\vfwwdm32.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\unattend.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\umb.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\setupcln.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\RelPost.exe
2014-10-09 22:53:40 ----A---- C:\Windows\system32\qprocess.exe
2014-10-09 22:53:40 ----A---- C:\Windows\system32\QCLIPROV.DLL
2014-10-09 22:53:40 ----A---- C:\Windows\system32\pdhui.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\MuiUnattend.exe
2014-10-09 22:53:40 ----A---- C:\Windows\system32\msyuv.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\msrle32.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\msg.exe
2014-10-09 22:53:40 ----A---- C:\Windows\system32\cmstp.exe
2014-10-09 22:53:40 ----A---- C:\Windows\system32\cca.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\basesrv.dll
2014-10-09 22:53:40 ----A---- C:\Windows\system32\AzSqlExt.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\wkscli.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\WavDest.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\tsbyuv.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\sppuinotify.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\spbcd.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\relog.exe
2014-10-09 22:53:39 ----A---- C:\Windows\system32\qwinsta.exe
2014-10-09 22:53:39 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\netiougc.exe
2014-10-09 22:53:39 ----A---- C:\Windows\system32\mydocs.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\msorcl32.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\iscsicli.exe
2014-10-09 22:53:39 ----A---- C:\Windows\system32\iasrecst.dll
2014-10-09 22:53:39 ----A---- C:\Windows\system32\chglogon.exe
2014-10-09 22:53:39 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2014-10-09 22:53:39 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2014-10-09 22:53:39 ----A---- C:\Windows\system32\amstream.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\wmpps.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\syssetup.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\resutils.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\rastapi.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\quser.exe
2014-10-09 22:53:38 ----A---- C:\Windows\system32\qappsrv.exe
2014-10-09 22:53:38 ----A---- C:\Windows\system32\nrpsrv.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\netbtugc.exe
2014-10-09 22:53:38 ----A---- C:\Windows\system32\MultiDigiMon.exe
2014-10-09 22:53:38 ----A---- C:\Windows\system32\itircl.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\chgusr.exe
2014-10-09 22:53:38 ----A---- C:\Windows\system32\chgport.exe
2014-10-09 22:53:38 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-10-09 22:53:38 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-10-09 22:53:38 ----A---- C:\Windows\system32\diskpart.exe
2014-10-09 22:53:38 ----A---- C:\Windows\system32\CertPolEng.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\wiarpc.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\WerFaultSecure.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\tskill.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\tsdiscon.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\tscon.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\tlscsp.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\shadow.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\secur32.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\rwinsta.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\ReAgentc.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\PrintBrmUi.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\netutils.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\netapi32.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\muifontsetup.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\mobsync.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\mciqtz32.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\logoff.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\findstr.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\eappgnui.dll
2014-10-09 22:53:37 ----A---- C:\Windows\system32\dnscacheugc.exe
2014-10-09 22:53:37 ----A---- C:\Windows\system32\cabinet.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\unlodctr.exe
2014-10-09 22:53:36 ----A---- C:\Windows\system32\sppc.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\spopk.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\shimgvw.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\repair-bde.exe
2014-10-09 22:53:36 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\prevhost.exe
2014-10-09 22:53:36 ----A---- C:\Windows\system32\netcfg.exe
2014-10-09 22:53:36 ----A---- C:\Windows\system32\msdmo.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\manage-bde.exe
2014-10-09 22:53:36 ----A---- C:\Windows\system32\luainstall.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\iccvid.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2014-10-09 22:53:36 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2014-10-09 22:53:36 ----A---- C:\Windows\system32\drivers\tdi.sys
2014-10-09 22:53:36 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2014-10-09 22:53:36 ----A---- C:\Windows\system32\dosx.exe
2014-10-09 22:53:35 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\vmstorfltres.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\vmicres.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\vmbusres.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\UIRibbonRes.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\reset.exe
2014-10-09 22:53:35 ----A---- C:\Windows\system32\query.exe
2014-10-09 22:53:35 ----A---- C:\Windows\system32\profprov.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\odbcconf.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\inetmib1.dll
2014-10-09 22:53:35 ----A---- C:\Windows\system32\change.exe
2014-10-09 22:53:35 ----A---- C:\Windows\system32\drivers\cdrom.sys
2014-10-09 22:53:35 ----A---- C:\Windows\system32\browcli.dll
2014-10-09 22:53:34 ----A---- C:\Windows\system32\TRAPI.dll
2014-10-09 22:53:34 ----A---- C:\Windows\system32\perfts.dll
2014-10-09 22:53:34 ----A---- C:\Windows\system32\icaapi.dll
2014-10-09 22:53:34 ----A---- C:\Windows\system32\FXSMON.dll
2014-10-09 22:53:34 ----A---- C:\Windows\system32\elsTrans.dll
2014-10-09 22:53:34 ----A---- C:\Windows\system32\drivers\tunnel.sys
2014-10-09 22:53:34 ----A---- C:\Windows\system32\drivers\dfsc.sys
2014-10-09 22:53:33 ----A---- C:\Windows\system32\wshbth.dll
2014-10-09 22:53:33 ----A---- C:\Windows\system32\schedcli.dll
2014-10-09 22:53:33 ----A---- C:\Windows\system32\RDPENCDD.dll
2014-10-09 22:53:33 ----A---- C:\Windows\system32\napdsnap.dll
2014-10-09 22:53:33 ----A---- C:\Windows\system32\LogonUI.exe
2014-10-09 22:53:33 ----A---- C:\Windows\system32\dsauth.dll
2014-10-09 22:53:33 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2014-10-09 22:53:33 ----A---- C:\Windows\system32\cscdll.dll
2014-10-09 22:53:33 ----A---- C:\Windows\system32\bitsperf.dll
2014-10-09 22:53:33 ----A---- C:\Windows\system32\atmlib.dll
2014-10-09 22:53:32 ----A---- C:\Windows\system32\wsdchngr.dll
2014-10-09 22:53:32 ----A---- C:\Windows\system32\sscore.dll
2014-10-09 22:53:32 ----A---- C:\Windows\system32\shgina.dll
2014-10-09 22:53:32 ----A---- C:\Windows\system32\riched32.dll
2014-10-09 22:53:32 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2014-10-09 22:53:31 ----A---- C:\Windows\system32\rdpcfgex.dll
2014-10-09 22:53:31 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-10-09 22:53:31 ----A---- C:\Windows\system32\drivers\VMBusHID.sys
2014-10-09 22:53:31 ----A---- C:\Windows\system32\drivers\hidusb.sys
2014-10-09 22:53:31 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-09 22:53:30 ----A---- C:\Windows\system32\wshirda.dll
2014-10-09 22:53:30 ----A---- C:\Windows\system32\vmbuspipe.dll
2014-10-09 22:53:30 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2014-10-09 22:53:30 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2014-10-09 22:53:30 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-10-09 22:53:30 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2014-10-09 22:53:30 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2014-10-09 22:53:30 ----A---- C:\Windows\system32\browseui.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\vmictimeprovider.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\VmdCoinstall.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\VmbusCoinstaller.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\spwmp.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\shunimpl.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\RDPREFDD.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\IcCoinstall.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\wanarp.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\umbus.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\tdpipe.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\scfilter.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\RDPCDD.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2014-10-09 22:53:29 ----A---- C:\Windows\system32\C_ISCII.DLL
2014-10-09 22:53:28 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-09 22:53:28 ----A---- C:\Windows\system32\KBDUS.DLL
2014-10-09 22:53:28 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2014-10-09 22:53:28 ----A---- C:\Windows\system32\KBDTURME.DLL
2014-10-09 22:53:28 ----A---- C:\Windows\system32\KBDINTEL.DLL
2014-10-09 22:53:28 ----A---- C:\Windows\system32\KBDINKAN.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\tzres.dll
2014-10-09 22:53:27 ----A---- C:\Windows\system32\pifmgr.dll
2014-10-09 22:53:27 ----A---- C:\Windows\system32\nlsbres.dll
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDTUQ.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDTUF.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDSG.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDSF.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDPO.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDNEPR.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDMON.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDMAORI.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDLT1.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\kbdlk41a.dll
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDINTAM.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDINORI.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDINMAR.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDINHIN.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDINBEN.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDGR1.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDGKL.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDGEO.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDCZ1.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDBULG.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDBLR.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-10-09 22:53:27 ----A---- C:\Windows\system32\drivers\vms3cap.sys
2014-10-09 22:53:27 ----A---- C:\Windows\system32\dpnaddr.dll
2014-10-09 22:53:27 ----A---- C:\Windows\system32\BlbEvents.dll
2014-10-09 22:53:26 ----A---- C:\Windows\system32\spwizres.dll
2014-10-09 22:53:15 ----A---- C:\Windows\system32\wdscore.dll
2014-10-09 22:52:59 ----A---- C:\Windows\system32\wbemcomn.dll
2014-10-09 20:37:12 ----A---- C:\sken.txt
2014-10-09 20:31:51 ----A---- C:\Windows\system32\sqlite3.dll
2014-10-09 20:30:38 ----D---- C:\AdwCleaner
2014-10-09 11:57:45 ----D---- C:\FRST
2014-10-09 11:49:36 ----D---- C:\Users\vp2\AppData\Roaming\ESET
2014-10-09 11:47:01 ----D---- C:\Windows\system32\MRT
2014-10-09 11:46:58 ----A---- C:\Windows\system32\MRT.exe
2014-10-09 11:46:26 ----D---- C:\ProgramData\ESET
2014-10-09 11:46:26 ----D---- C:\Program Files\ESET
2014-10-09 11:43:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-09 11:43:14 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-10-09 11:43:08 ----A---- C:\Windows\system32\poqexec.exe
2014-10-09 11:43:08 ----A---- C:\Windows\system32\kerberos.dll
2014-10-09 11:38:23 ----A---- C:\Windows\system32\wups2.dll
2014-10-09 11:38:22 ----A---- C:\Windows\system32\wucltux.dll
2014-10-09 11:38:22 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-09 11:38:22 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-09 11:38:00 ----A---- C:\Windows\system32\wups.dll
2014-10-09 11:37:59 ----A---- C:\Windows\system32\wudriver.dll
2014-10-09 11:37:59 ----A---- C:\Windows\system32\wuapi.dll
2014-10-09 11:37:51 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-09 11:37:51 ----A---- C:\Windows\system32\wuapp.exe
2014-10-09 11:35:04 ----D---- C:\Windows\pss
2014-09-22 08:20:06 ----A---- C:\Windows\system32\drivers\epfwwfp.sys
2014-09-22 08:20:06 ----A---- C:\Windows\system32\drivers\EpfwLWF.sys
2014-09-22 08:20:06 ----A---- C:\Windows\system32\drivers\epfw.sys
2014-09-22 08:20:06 ----A---- C:\Windows\system32\drivers\ehdrv.sys
2014-09-22 08:20:06 ----A---- C:\Windows\system32\drivers\eamonm.sys
======List of files/folders modified in the last 1 month======
2014-10-12 14:03:12 ----D---- C:\Windows\Temp
2014-10-12 14:02:51 ----D---- C:\Windows\Prefetch
2014-10-12 13:58:28 ----RD---- C:\Program Files
2014-10-12 09:53:19 ----D---- C:\Program Files\Mozilla Thunderbird
2014-10-11 11:45:07 ----HD---- C:\ProgramData
2014-10-10 19:01:00 ----D---- C:\Windows\rescache
2014-10-10 14:05:56 ----D---- C:\Windows\System32
2014-10-10 14:05:56 ----D---- C:\Windows\inf
2014-10-10 14:05:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-10 10:06:45 ----D---- C:\Windows\Microsoft.NET
2014-10-10 10:06:36 ----RSD---- C:\Windows\assembly
2014-10-10 08:43:46 ----D---- C:\Windows\system32\config
2014-10-10 08:31:59 ----D---- C:\Windows\system32\Tasks
2014-10-10 08:31:29 ----D---- C:\Windows
2014-10-10 08:31:28 ----D---- C:\Windows\winsxs
2014-10-10 08:31:24 ----SHD---- C:\Boot
2014-10-10 08:30:32 ----D---- C:\Windows\system32\DriverStore
2014-10-10 08:28:25 ----D---- C:\Windows\system32\catroot
2014-10-10 08:27:34 ----D---- C:\Program Files\Windows Sidebar
2014-10-10 08:27:34 ----D---- C:\Program Files\Windows Portable Devices
2014-10-10 08:27:34 ----D---- C:\Program Files\Windows Mail
2014-10-10 08:27:34 ----D---- C:\Program Files\Internet Explorer
2014-10-10 08:27:34 ----D---- C:\Program Files\DVD Maker
2014-10-10 08:27:33 ----D---- C:\Program Files\Windows Photo Viewer
2014-10-10 08:27:33 ----D---- C:\Program Files\Windows Media Player
2014-10-10 08:27:33 ----D---- C:\Program Files\Windows Journal
2014-10-10 08:27:32 ----D---- C:\Program Files\Windows Defender
2014-10-10 08:27:31 ----D---- C:\Windows\servicing
2014-10-10 08:27:31 ----D---- C:\Windows\ehome
2014-10-10 08:27:25 ----D---- C:\Windows\system32\sysprep
2014-10-10 08:27:25 ----D---- C:\Windows\system32\oobe
2014-10-10 08:27:25 ----D---- C:\Windows\system32\en-US
2014-10-10 08:27:25 ----D---- C:\Windows\system32\da-DK
2014-10-10 08:27:25 ----D---- C:\Windows\PolicyDefinitions
2014-10-10 08:27:24 ----D---- C:\Windows\system32\Setup
2014-10-10 08:27:24 ----D---- C:\Windows\system32\migration
2014-10-10 08:27:24 ----D---- C:\Windows\system32\cs-CZ
2014-10-10 08:27:24 ----D---- C:\Windows\system32\cs
2014-10-10 08:27:24 ----D---- C:\Windows\system32\AdvancedInstallers
2014-10-10 08:27:23 ----D---- C:\Windows\system32\manifeststore
2014-10-10 08:27:22 ----D---- C:\Windows\system32\sppui
2014-10-10 08:27:22 ----D---- C:\Windows\system32\es-ES
2014-10-10 08:27:21 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-10-10 08:27:21 ----D---- C:\Windows\system32\drivers
2014-10-10 08:27:20 ----D---- C:\Windows\system32\wbem
2014-10-10 08:27:19 ----D---- C:\Windows\system32\migwiz
2014-10-10 08:27:19 ----D---- C:\Windows\system32\Dism
2014-10-10 08:26:55 ----RSD---- C:\Windows\Fonts
2014-10-10 08:26:53 ----D---- C:\Windows\AppPatch
2014-10-10 08:26:42 ----D---- C:\Windows\system32\Boot
2014-10-09 23:09:29 ----D---- C:\Windows\system32\catroot2
2014-10-09 23:07:35 ----A---- C:\Windows\system32\msclmd.dll
2014-10-09 23:02:20 ----SHD---- C:\System Volume Information
2014-10-09 21:47:11 ----D---- C:\Windows\Tasks
2014-10-09 15:24:11 ----D---- C:\Users\vp2\AppData\Roaming\TeamViewer
2014-10-09 14:57:11 ----SD---- C:\Users\vp2\AppData\Roaming\Microsoft
2014-10-09 11:48:19 ----SHD---- C:\Windows\Installer
2014-10-09 11:47:01 ----D---- C:\Windows\debug
2014-10-09 11:45:49 ----D---- C:\Windows\SoftwareDistribution
2014-10-09 11:42:00 ----D---- C:\Windows\Logs
2014-10-06 09:14:11 ----D---- C:\Windows\system32\FxsTmp
2014-10-05 11:29:59 ----D---- C:\Windows\system32\NDF
2014-09-24 15:26:12 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-09-24 15:26:10 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2014-09-20 09:02:40 ----D---- C:\Windows\Panther
2014-09-17 14:41:28 ----D---- C:\Windows\system32\drivers\UMDF
2014-09-15 09:06:04 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-09-22 51288]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-09-22 191928]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-09-22 135296]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-09-22 37928]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-09-22 176448]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-01-10 5120]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-14 50688]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2009-07-08 1334784]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 hipeer20;Remobo Instant Private Network; C:\Windows\system32\DRIVERS\remobo32.sys [2009-04-22 26112]
S3 optousb;OPTO ELECTRONICS optousb; C:\Windows\system32\DRIVERS\optousb.sys [2009-11-25 18432]
S3 optovcm;OPTO ELECTRONICS optovcm; C:\Windows\system32\DRIVERS\optovcm.sys [2009-11-25 26368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2013-03-13 602216]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2014-09-16 1350112]
R2 PortTunnel;PortTunnel; C:\Program Files\SteelBytes\PortTunnel\PortTunnel.exe [2010-07-14 592392]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-04-16 173352]
R2 uvnc_service;uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [2009-12-07 1590216]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-06 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-06 116648]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc - zpomalení počítače, chybové hlášky
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSYS"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o pomoc - zpomalení počítače, chybové hlášky
All processes killed
========== FILES ==========
C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MSYS deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 188012 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: fili
->Temp folder emptied: 150805 bytes
->Temporary Internet Files folder emptied: 788896 bytes
User: pc1
->Temp folder emptied: 4660277 bytes
->Temporary Internet Files folder emptied: 150333791 bytes
->Google Chrome cache emptied: 391649937 bytes
->Flash cache emptied: 506 bytes
User: Public
User: vp1
->Temp folder emptied: 81061536 bytes
->Temporary Internet Files folder emptied: 67408421 bytes
->Google Chrome cache emptied: 819568 bytes
->Flash cache emptied: 1179 bytes
User: vp2
->Temp folder emptied: 14741334 bytes
->Temporary Internet Files folder emptied: 24435303 bytes
->Google Chrome cache emptied: 9109099 bytes
->Flash cache emptied: 655 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 622993 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 137192 bytes
RecycleBin emptied: 42257 bytes
Total Files Cleaned = 712,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
User: Default User
User: fili
User: pc1
->Flash cache emptied: 0 bytes
User: Public
User: vp1
->Flash cache emptied: 0 bytes
User: vp2
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 10122014_191836
Files moved on Reboot...
C:\Windows\temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\FXSTIFFDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
========== FILES ==========
C:\Users\pc1\AppData\Roaming\Microsoft\MSYS\svchost.exe moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MSYS deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 188012 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: fili
->Temp folder emptied: 150805 bytes
->Temporary Internet Files folder emptied: 788896 bytes
User: pc1
->Temp folder emptied: 4660277 bytes
->Temporary Internet Files folder emptied: 150333791 bytes
->Google Chrome cache emptied: 391649937 bytes
->Flash cache emptied: 506 bytes
User: Public
User: vp1
->Temp folder emptied: 81061536 bytes
->Temporary Internet Files folder emptied: 67408421 bytes
->Google Chrome cache emptied: 819568 bytes
->Flash cache emptied: 1179 bytes
User: vp2
->Temp folder emptied: 14741334 bytes
->Temporary Internet Files folder emptied: 24435303 bytes
->Google Chrome cache emptied: 9109099 bytes
->Flash cache emptied: 655 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 622993 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 137192 bytes
RecycleBin emptied: 42257 bytes
Total Files Cleaned = 712,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
User: Default User
User: fili
User: pc1
->Flash cache emptied: 0 bytes
User: Public
User: vp1
->Flash cache emptied: 0 bytes
User: vp2
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 10122014_191836
Files moved on Reboot...
C:\Windows\temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\FXSTIFFDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
Přispějete na provoz fóra?