Log

[ferenc77]

Dosť mi seká Youtube, neviem prečo, lebo vždy mi šiel normálne.

Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2014-10-31 20:12:09
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 12 GB (24%) free of 51 GB
Total RAM: 1023 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:12:16, on 31. 10. 2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\Explorer.EXE
C:\WINDOWS.0\system32\spoolsv.exe
C:\WINDOWS.0\system32\svchost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS.0\system32\nvsvc32.exe
C:\WINDOWS.0\system32\svchost.exe
C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
C:\WINDOWS.0\system32\RunDLL32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\user\Desktop\RSIT.exe
C:\Program Files\trend micro\user.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.0\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS.0\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.0\system32\ctfmon.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS.0\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5204719224
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS.0\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS.0\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS.0\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS.0\system32\nvsvc32.exe

--
End of file - 5797 bytes

======Scheduled tasks folder======

C:\WINDOWS.0\tasks\Adobe Flash Player Updater.job - C:\WINDOWS.0\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS.0\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS.0\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\9pmm0c8i.default

prefs.js - "browser.startup.homepage" - "www.google.sk"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS.0\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\WINDOWS.0\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=D:\Picasa 3\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS.0\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
flashplayer.xpt

C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll

C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\9pmm0c8i.default\extensions\
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-31 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-31 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS.0\system32\NvCpl.dll [2013-06-21 15677728]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]
"MSConfig"=C:\WINDOWS.0\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-14 169984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS.0\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\WINDOWS.0\AutoKMS.exe [2014-07-08 615936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2014-10-30 4826904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS.0\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DFX]
C:\Program Files\DFX\DFX.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup]
C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-01-06 3619096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-03-23 1982312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber]
C:\Documents and Settings\user\Local Settings\Application Data\Viber\Viber.exe StartMinimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2007-02-13 35328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS.0^Start Menu^Programs^Startup^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS.0\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=schannel.dll, credssp.dll, digest.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS.0\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS.0\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"msacm.vorbis"=vorbis.acm

======List of files/folders created in the last 1 month======

2014-10-31 18:39:36 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Oracle
2014-10-31 18:03:01 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\DFX
2014-10-31 16:45:25 ----D---- C:\Program Files\Mozilla Firefox
2014-10-25 20:21:50 ----D---- C:\Documents and Settings\user\Application Data\Apple Computer
2014-10-25 20:19:50 ----D---- C:\Program Files\QuickTime
2014-10-25 20:19:18 ----D---- C:\Program Files\Common Files\Apple
2014-10-25 20:18:35 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Apple
2014-10-16 11:50:23 ----D---- C:\Program Files\MSECache
2014-10-11 16:00:13 ----D---- C:\Program Files\Defraggler

======List of files/folders modified in the last 1 month======

2014-10-31 20:12:11 ----D---- C:\Program Files\trend micro
2014-10-31 20:06:17 ----RASH---- C:\boot.ini
2014-10-31 20:06:17 ----A---- C:\WINDOWS.0\win.ini
2014-10-31 20:06:17 ----A---- C:\WINDOWS.0\system.ini
2014-10-31 20:04:46 ----D---- C:\WINDOWS.0\Temp
2014-10-31 20:04:46 ----D---- C:\WINDOWS.0
2014-10-31 20:04:29 ----D---- C:\Program Files\CCleaner
2014-10-31 20:00:14 ----RD---- C:\Program Files
2014-10-31 19:59:44 ----D---- C:\Program Files\Common Files\DFX
2014-10-31 19:59:31 ----D---- C:\WINDOWS.0\system32
2014-10-31 19:59:31 ----D---- C:\Program Files\Internet Explorer
2014-10-31 19:59:19 ----D---- C:\Program Files\Google
2014-10-31 19:52:05 ----A---- C:\WINDOWS.0\system32\FlashPlayerApp.exe
2014-10-31 19:00:41 ----A---- C:\WINDOWS.0\system32\PerfStringBackup.INI
2014-10-31 18:55:46 ----N---- C:\WINDOWS.0\SchedLgU.Txt
2014-10-31 18:52:57 ----SHD---- C:\Config.Msi
2014-10-31 18:52:57 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-10-31 18:45:26 ----SHD---- C:\WINDOWS.0\Installer
2014-10-31 18:43:39 ----SD---- C:\WINDOWS.0\Tasks
2014-10-31 18:39:55 ----A---- C:\WINDOWS.0\system32\WindowsAccessBridge.dll
2014-10-31 18:39:26 ----D---- C:\Program Files\Java
2014-10-31 18:02:50 ----D---- C:\Program Files\Winamp
2014-10-31 18:02:50 ----D---- C:\Documents and Settings
2014-10-26 15:01:02 ----D---- C:\Documents and Settings\user\Application Data\vlc
2014-10-25 20:19:26 ----D---- C:\WINDOWS.0\WinSxS
2014-10-25 18:04:04 ----D---- C:\WINDOWS.0\Debug
2014-10-25 15:25:03 ----D---- C:\WINDOWS.0\Prefetch
2014-10-16 15:02:46 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Microsoft Help
2014-10-16 15:01:29 ----D---- C:\WINDOWS.0\system32\MRT
2014-10-16 14:49:24 ----A---- C:\WINDOWS.0\system32\mrt.exe
2014-10-16 12:17:52 ----D---- C:\Program Files\Microsoft Office

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide;amdide; C:\WINDOWS.0\system32\DRIVERS\amdide.sys [2010-06-30 11832]
R0 mv61xxmm;mv61xxmm; C:\WINDOWS.0\system32\drivers\mv61xxmm.sys [2011-09-14 13616]
R0 mv64xxmm;mv64xxmm; C:\WINDOWS.0\system32\drivers\mv64xxmm.sys [2011-09-14 5632]
R0 mvxxmm;mvxxmm; C:\WINDOWS.0\system32\drivers\mvxxmm.sys [2011-09-14 13616]
R0 PxHelp20;PxHelp20; C:\WINDOWS.0\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS.0\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS.0\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 eamon;eamon; C:\WINDOWS.0\system32\DRIVERS\eamon.sys [2013-09-17 184664]
R1 ehdrv;ehdrv; C:\WINDOWS.0\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 epfwtdi;epfwtdi; C:\WINDOWS.0\system32\DRIVERS\epfwtdi.sys [2013-09-17 61600]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS.0\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS.0\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 epfw;epfw; C:\WINDOWS.0\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS.0\system32\DRIVERS\rspndr.sys [2011-09-14 62848]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS.0\system32\DRIVERS\Epfwndis.sys [2013-09-17 38952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS.0\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS.0\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS.0\system32\DRIVERS\mouhid.sys [2011-09-14 12160]
R3 nv;nv; C:\WINDOWS.0\system32\DRIVERS\nv4_mini.sys [2013-06-21 10973504]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS.0\system32\drivers\nvhda32.sys [2013-02-25 128672]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS.0\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS.0\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS.0\system32\drivers\Ambfilt.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS.0\system32\drivers\RtkHDAud.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS.0\system32\drivers\MBAMSwissArmy.sys []
S3 Monfilt;Monfilt; C:\WINDOWS.0\system32\drivers\Monfilt.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS.0\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;USB Scanner Driver; C:\WINDOWS.0\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS.0\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS.0\System32\Drivers\wpdusb.sys [2009-01-30 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS.0\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 exFat;exFat; C:\WINDOWS.0\system32\drivers\exFat.sys [2011-09-14 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-08-28 182696]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS.0\system32\nvsvc32.exe [2013-06-21 156960]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS.0\system32\svchost.exe [2008-04-14 14336]
R3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-17 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS.0\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-31 267440]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-17 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-31 114288]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS.0\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-30 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-23 1259296]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[ferenc77]

# AdwCleaner v3.311 - Report created 01/11/2014 at 12:49:36
# Updated 30/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : user - USER-D55BF56392
# Running from : C:\Documents and Settings\user\Desktop\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users.WINDOWS.0\Application Data\NCH Software
Folder Deleted : C:\Program Files\NCH Software
Folder Deleted : C:\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\Peter\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Peter\Local Settings\Application Data\OpenCandy
Folder Deleted : C:\Documents and Settings\Peter\Application Data\GrabPro
Folder Deleted : C:\Documents and Settings\peter1\Local Settings\Application Data\eSupport.com
Folder Deleted : C:\Documents and Settings\user\Application Data\NCH Software
Folder Deleted : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\mhah0ywi.default\ICQToolbarData
Folder Deleted : C:\Documents and Settings\peter1\Application Data\Mozilla\Firefox\Profiles\3b6bt19t.default\ICQToolbarData
Folder Deleted : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\bookmarkbackups\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\extensions\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\minidumps\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
File Deleted : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\mhah0ywi.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
File Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\.autoreg
File Deleted : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\mhah0ywi.default\.autoreg
File Deleted : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\mhah0ywi.default\searchplugins\daemon-search.xml
File Deleted : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\bookmarkbackups\searchplugins\icqplugin.xml
File Deleted : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\extensions\searchplugins\icqplugin.xml
File Deleted : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\mhah0ywi.default\searchplugins\icqplugin.xml
File Deleted : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\minidumps\searchplugins\icqplugin.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v33.0.2 (x86 sk)

[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\prefs.js ]


[ File : C:\Documents and Settings\Administrator.PETER\Application Data\Mozilla\Firefox\Profiles\7wq6f7xo.default\prefs.js ]


[ File : C:\Documents and Settings\Administrator.USER-D55BF56392\Application Data\Mozilla\Firefox\Profiles\ybmyotlx.default\prefs.js ]


[ File : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\bookmarkbackups\prefs.js ]

Line Deleted : user_pref("icqtoolbar.skip_default_search", "yes");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");
Line Deleted : user_pref("icqtoolbar.installsource", "1");

[ File : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\extensions\prefs.js ]

Line Deleted : user_pref("icqtoolbar.skip_default_search", "yes");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");
Line Deleted : user_pref("icqtoolbar.installsource", "1");

[ File : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\mhah0ywi.default\prefs.js ]

Line Deleted : user_pref("extentions.y2layers.installId", "cfc50dd5-f326-4b25-9b73-12ff8d4d3ab2");

[ File : C:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\minidumps\prefs.js ]

Line Deleted : user_pref("icqtoolbar.skip_default_search", "yes");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");
Line Deleted : user_pref("icqtoolbar.installsource", "1");

[ File : C:\Documents and Settings\peter1\Application Data\Mozilla\Firefox\Profiles\3b6bt19t.default\prefs.js ]

Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2012082322");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "HJfox000");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "F147A9C2-5EBF-42FD-9046-1D99C70272AC");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1345753473745");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");

[ File : C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\9pmm0c8i.default\prefs.js ]


*************************

AdwCleaner[R6].txt - [6313 octets] - [01/11/2014 12:48:00]
AdwCleaner[S3].txt - [6326 octets] - [01/11/2014 12:49:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [6386 octets] ##########

[Rudy]

Dejte nový log RSIT.

[ferenc77]

Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2014-11-06 19:09:11
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 12 GB (24%) free of 51 GB
Total RAM: 1023 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:09:16, on 6. 11. 2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\Explorer.EXE
C:\WINDOWS.0\system32\spoolsv.exe
C:\WINDOWS.0\system32\svchost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS.0\system32\nvsvc32.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\system32\RunDLL32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\user\Desktop\RSIT.exe
C:\Program Files\trend micro\user.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.0\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.0\system32\ctfmon.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS.0\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5204719224
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS.0\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS.0\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS.0\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS.0\system32\nvsvc32.exe

--
End of file - 5630 bytes

======Scheduled tasks folder======

C:\WINDOWS.0\tasks\Adobe Flash Player Updater.job - C:\WINDOWS.0\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS.0\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS.0\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\9pmm0c8i.default

prefs.js - "browser.startup.homepage" - "www.google.sk"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS.0\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\WINDOWS.0\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=D:\Picasa 3\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS.0\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
flashplayer.xpt

C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll

C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\9pmm0c8i.default\extensions\
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-31 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-31 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS.0\system32\NvCpl.dll [2013-06-21 15677728]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS.0\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\WINDOWS.0\AutoKMS.exe [2014-07-08 615936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2014-10-30 4826904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS.0\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DFX]
C:\Program Files\DFX\DFX.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup]
C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-01-06 3619096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-03-23 1982312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber]
C:\Documents and Settings\user\Local Settings\Application Data\Viber\Viber.exe StartMinimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2007-02-13 35328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS.0^Start Menu^Programs^Startup^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS.0\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=schannel.dll, credssp.dll, digest.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS.0\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS.0\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"msacm.vorbis"=vorbis.acm

======List of files/folders created in the last 1 month======

2014-11-01 12:47:56 ----D---- C:\AdwCleaner
2014-11-01 10:51:42 ----D---- C:\Documents and Settings\user\Application Data\RHEng
2014-10-31 20:28:52 ----A---- C:\WINDOWS.0\system32\javaws.exe
2014-10-31 20:28:43 ----A---- C:\WINDOWS.0\system32\WindowsAccessBridge.dll
2014-10-31 20:28:29 ----D---- C:\Program Files\Java
2014-10-31 18:39:36 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Oracle
2014-10-31 18:03:01 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\DFX
2014-10-31 16:45:25 ----D---- C:\Program Files\Mozilla Firefox
2014-10-25 20:21:50 ----D---- C:\Documents and Settings\user\Application Data\Apple Computer
2014-10-25 20:19:50 ----D---- C:\Program Files\QuickTime
2014-10-16 11:50:23 ----D---- C:\Program Files\MSECache
2014-10-11 16:00:13 ----D---- C:\Program Files\Defraggler

======List of files/folders modified in the last 1 month======

2014-11-06 19:09:14 ----D---- C:\Program Files\trend micro
2014-11-06 19:07:43 ----D---- C:\Documents and Settings\user\Application Data\vlc
2014-11-06 17:16:43 ----D---- C:\WINDOWS.0\Temp
2014-11-03 22:22:33 ----A---- C:\WINDOWS.0\SchedLgU.Txt
2014-11-03 22:07:33 ----D---- C:\The KMPlayer
2014-11-03 21:45:26 ----D---- C:\WINDOWS.0\system32
2014-11-03 21:45:25 ----A---- C:\WINDOWS.0\system32\PerfStringBackup.INI
2014-11-02 21:24:03 ----D---- C:\WINDOWS.0\Prefetch
2014-11-02 19:45:00 ----D---- C:\Documents and Settings\user\Application Data\Winamp
2014-11-01 18:10:30 ----D---- C:\WINDOWS.0\Debug
2014-11-01 12:49:38 ----RD---- C:\Program Files
2014-11-01 11:00:10 ----SHD---- C:\WINDOWS.0\Installer
2014-11-01 11:00:09 ----SHD---- C:\Config.Msi
2014-11-01 10:54:24 ----SHD---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-11-01 10:54:24 ----D---- C:\WINDOWS.0
2014-11-01 10:54:14 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TuneUp Software
2014-11-01 10:51:47 ----D---- C:\Program Files\Youtube Downloader HD
2014-11-01 10:49:38 ----D---- C:\WINDOWS.0\WinSxS
2014-11-01 10:49:31 ----D---- C:\Program Files\Common Files
2014-11-01 10:47:50 ----D---- C:\Program Files\Google
2014-10-31 20:28:32 ----A---- C:\WINDOWS.0\system32\javaw.exe
2014-10-31 20:28:32 ----A---- C:\WINDOWS.0\system32\java.exe
2014-10-31 20:06:17 ----RASH---- C:\boot.ini
2014-10-31 20:06:17 ----A---- C:\WINDOWS.0\win.ini
2014-10-31 20:06:17 ----A---- C:\WINDOWS.0\system.ini
2014-10-31 20:04:29 ----D---- C:\Program Files\CCleaner
2014-10-31 19:59:31 ----D---- C:\Program Files\Internet Explorer
2014-10-31 19:52:05 ----A---- C:\WINDOWS.0\system32\FlashPlayerApp.exe
2014-10-31 18:52:57 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-10-31 18:43:39 ----SD---- C:\WINDOWS.0\Tasks
2014-10-31 18:02:50 ----D---- C:\Program Files\Winamp
2014-10-31 18:02:50 ----D---- C:\Documents and Settings
2014-10-16 15:02:46 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Microsoft Help
2014-10-16 15:01:29 ----D---- C:\WINDOWS.0\system32\MRT
2014-10-16 14:49:24 ----A---- C:\WINDOWS.0\system32\mrt.exe
2014-10-16 12:17:52 ----D---- C:\Program Files\Microsoft Office

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide;amdide; C:\WINDOWS.0\system32\DRIVERS\amdide.sys [2010-06-30 11832]
R0 mv61xxmm;mv61xxmm; C:\WINDOWS.0\system32\drivers\mv61xxmm.sys [2011-09-14 13616]
R0 mv64xxmm;mv64xxmm; C:\WINDOWS.0\system32\drivers\mv64xxmm.sys [2011-09-14 5632]
R0 mvxxmm;mvxxmm; C:\WINDOWS.0\system32\drivers\mvxxmm.sys [2011-09-14 13616]
R0 PxHelp20;PxHelp20; C:\WINDOWS.0\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS.0\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS.0\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 eamon;eamon; C:\WINDOWS.0\system32\DRIVERS\eamon.sys [2013-09-17 184664]
R1 ehdrv;ehdrv; C:\WINDOWS.0\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 epfwtdi;epfwtdi; C:\WINDOWS.0\system32\DRIVERS\epfwtdi.sys [2013-09-17 61600]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS.0\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS.0\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 epfw;epfw; C:\WINDOWS.0\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS.0\system32\DRIVERS\rspndr.sys [2011-09-14 62848]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS.0\system32\DRIVERS\Epfwndis.sys [2013-09-17 38952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS.0\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS.0\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS.0\system32\DRIVERS\mouhid.sys [2011-09-14 12160]
R3 nv;nv; C:\WINDOWS.0\system32\DRIVERS\nv4_mini.sys [2013-06-21 10973504]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS.0\system32\drivers\nvhda32.sys [2013-02-25 128672]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS.0\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS.0\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS.0\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS.0\system32\drivers\Ambfilt.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS.0\system32\drivers\RtkHDAud.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS.0\system32\drivers\MBAMSwissArmy.sys []
S3 Monfilt;Monfilt; C:\WINDOWS.0\system32\drivers\Monfilt.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS.0\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;USB Scanner Driver; C:\WINDOWS.0\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 WpdUsb;WpdUsb; C:\WINDOWS.0\System32\Drivers\wpdusb.sys [2009-01-30 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS.0\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 exFat;exFat; C:\WINDOWS.0\system32\drivers\exFat.sys [2011-09-14 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-10-31 182696]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS.0\system32\nvsvc32.exe [2013-06-21 156960]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS.0\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-17 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS.0\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-31 267440]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-17 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-31 114288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS.0\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-30 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-23 1259296]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS.0\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS.0\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS.0\AutoKMS.exe

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[ferenc77]

OTM:

All processes killed
========== FILES ==========
C:\WINDOWS.0\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS.0\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS.0\AutoKMS.exe moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Administrator.PETER
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Administrator.USER-D55BF56392
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: All Users.WINDOWS.0

User: All Users.WINDOWS1

User: ASPNET

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User.WINDOWS.0
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User.WINDOWS1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest

User: HelpAssistant

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Peter
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: peter1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: SUPPORT_388945a0

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: UpdatusUser.PETER
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: UpdatusUser.USER-D55BF56392
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: user
->Temp folder emptied: 31089073 bytes
->Temporary Internet Files folder emptied: 10024195 bytes
->FireFox cache emptied: 175509 bytes
->Flash cache emptied: 523 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 40,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: Administrator.PETER
->Flash cache emptied: 0 bytes

User: Administrator.USER-D55BF56392
->Flash cache emptied: 0 bytes

User: All Users

User: All Users.WINDOWS.0

User: All Users.WINDOWS1

User: ASPNET

User: Default User
->Flash cache emptied: 0 bytes

User: Default User.WINDOWS.0

User: Default User.WINDOWS1
->Flash cache emptied: 0 bytes

User: Guest

User: HelpAssistant

User: LocalService

User: LocalService.NT AUTHORITY

User: LocalService.NT AUTHORITY.000

User: NetworkService

User: NetworkService.NT AUTHORITY

User: NetworkService.NT AUTHORITY.000

User: Peter
->Flash cache emptied: 0 bytes

User: peter1
->Flash cache emptied: 0 bytes

User: SUPPORT_388945a0

User: UpdatusUser
->Flash cache emptied: 0 bytes

User: UpdatusUser.PETER

User: UpdatusUser.USER-D55BF56392

User: user
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 11142014_164716

Files moved on Reboot...

Registry entries deleted on Reboot...

[ferenc77]

Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2014-11-14 16:50:48
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 11 GB (22%) free of 51 GB
Total RAM: 1023 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:51:05, on 14. 11. 2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\Explorer.EXE
C:\WINDOWS.0\system32\spoolsv.exe
C:\WINDOWS.0\system32\svchost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS.0\system32\nvsvc32.exe
C:\WINDOWS.0\system32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS.0\system32\wuauclt.exe
C:\WINDOWS.0\system32\RunDLL32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS.0\system32\wuauclt.exe
C:\Documents and Settings\user\Desktop\RSIT.exe
C:\Program Files\trend micro\user.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.0\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.0\system32\ctfmon.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS.0\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5204719224
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS.0\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS.0\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS.0\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS.0\system32\nvsvc32.exe

--
End of file - 5589 bytes

======Scheduled tasks folder======

C:\WINDOWS.0\tasks\Adobe Flash Player Updater.job - C:\WINDOWS.0\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\9pmm0c8i.default

prefs.js - "browser.startup.homepage" - "www.google.sk"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS.0\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\WINDOWS.0\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=D:\Picasa 3\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS.0\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
flashplayer.xpt

C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll

C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\9pmm0c8i.default\extensions\
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-31 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-31 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS.0\system32\NvCpl.dll [2013-06-21 15677728]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS.0\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2014-10-30 4826904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS.0\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DFX]
C:\Program Files\DFX\DFX.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup]
C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-01-06 3619096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-03-23 1982312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber]
C:\Documents and Settings\user\Local Settings\Application Data\Viber\Viber.exe StartMinimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2007-02-13 35328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS.0^Start Menu^Programs^Startup^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS.0\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=schannel.dll, credssp.dll, digest.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS.0\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS.0\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"msacm.vorbis"=vorbis.acm

======List of files/folders created in the last 1 month======

2014-11-14 16:47:16 ----D---- C:\_OTM
2014-11-10 22:16:43 ----D---- C:\Program Files\Mozilla Firefox
2014-11-01 12:47:56 ----D---- C:\AdwCleaner
2014-11-01 10:51:42 ----D---- C:\Documents and Settings\user\Application Data\RHEng
2014-10-31 20:28:52 ----A---- C:\WINDOWS.0\system32\javaws.exe
2014-10-31 20:28:43 ----A---- C:\WINDOWS.0\system32\WindowsAccessBridge.dll
2014-10-31 20:28:29 ----D---- C:\Program Files\Java
2014-10-31 18:39:36 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Oracle
2014-10-31 18:03:01 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\DFX
2014-10-25 20:21:50 ----D---- C:\Documents and Settings\user\Application Data\Apple Computer
2014-10-25 20:19:50 ----D---- C:\Program Files\QuickTime
2014-10-16 11:50:23 ----D---- C:\Program Files\MSECache

======List of files/folders modified in the last 1 month======

2014-11-14 16:50:58 ----D---- C:\Program Files\trend micro
2014-11-14 16:49:06 ----D---- C:\WINDOWS.0\Temp
2014-11-14 16:47:29 ----A---- C:\WINDOWS.0\SchedLgU.Txt
2014-11-14 16:47:16 ----SD---- C:\WINDOWS.0\Tasks
2014-11-14 16:47:16 ----D---- C:\WINDOWS.0
2014-11-14 16:40:13 ----A---- C:\WINDOWS.0\system32\FlashPlayerApp.exe
2014-11-14 16:40:09 ----A---- C:\WINDOWS.0\system32\FlashPlayerInstaller.exe
2014-11-11 17:48:28 ----D---- C:\WINDOWS.0\Prefetch
2014-11-11 17:42:11 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-11-10 22:36:10 ----RD---- C:\Program Files
2014-11-09 21:15:43 ----D---- C:\Documents and Settings\user\Application Data\vlc
2014-11-08 14:19:41 ----D---- C:\Documents and Settings\user\Application Data\Youtube Downloader HD
2014-11-08 13:51:12 ----D---- C:\WINDOWS.0\system32\CatRoot2
2014-11-03 22:07:33 ----D---- C:\The KMPlayer
2014-11-03 21:45:26 ----D---- C:\WINDOWS.0\system32
2014-11-03 21:45:25 ----A---- C:\WINDOWS.0\system32\PerfStringBackup.INI
2014-11-02 19:45:00 ----D---- C:\Documents and Settings\user\Application Data\Winamp
2014-11-01 18:10:30 ----D---- C:\WINDOWS.0\Debug
2014-11-01 11:00:10 ----SHD---- C:\WINDOWS.0\Installer
2014-11-01 11:00:09 ----SHD---- C:\Config.Msi
2014-11-01 10:54:24 ----SHD---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-11-01 10:54:14 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TuneUp Software
2014-11-01 10:51:47 ----D---- C:\Program Files\Youtube Downloader HD
2014-11-01 10:49:38 ----D---- C:\WINDOWS.0\WinSxS
2014-11-01 10:49:31 ----D---- C:\Program Files\Common Files
2014-11-01 10:47:50 ----D---- C:\Program Files\Google
2014-10-31 20:28:32 ----A---- C:\WINDOWS.0\system32\javaw.exe
2014-10-31 20:28:32 ----A---- C:\WINDOWS.0\system32\java.exe
2014-10-31 20:06:17 ----RASH---- C:\boot.ini
2014-10-31 20:06:17 ----A---- C:\WINDOWS.0\win.ini
2014-10-31 20:06:17 ----A---- C:\WINDOWS.0\system.ini
2014-10-31 20:04:29 ----D---- C:\Program Files\CCleaner
2014-10-31 19:59:31 ----D---- C:\Program Files\Internet Explorer
2014-10-31 18:02:50 ----D---- C:\Program Files\Winamp
2014-10-31 18:02:50 ----D---- C:\Documents and Settings
2014-10-16 15:02:46 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Microsoft Help
2014-10-16 15:01:29 ----D---- C:\WINDOWS.0\system32\MRT
2014-10-16 14:49:24 ----A---- C:\WINDOWS.0\system32\mrt.exe
2014-10-16 12:17:52 ----D---- C:\Program Files\Microsoft Office

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide;amdide; C:\WINDOWS.0\system32\DRIVERS\amdide.sys [2010-06-30 11832]
R0 mv61xxmm;mv61xxmm; C:\WINDOWS.0\system32\drivers\mv61xxmm.sys [2011-09-14 13616]
R0 mv64xxmm;mv64xxmm; C:\WINDOWS.0\system32\drivers\mv64xxmm.sys [2011-09-14 5632]
R0 mvxxmm;mvxxmm; C:\WINDOWS.0\system32\drivers\mvxxmm.sys [2011-09-14 13616]
R0 PxHelp20;PxHelp20; C:\WINDOWS.0\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS.0\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS.0\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 eamon;eamon; C:\WINDOWS.0\system32\DRIVERS\eamon.sys [2013-09-17 184664]
R1 ehdrv;ehdrv; C:\WINDOWS.0\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 epfwtdi;epfwtdi; C:\WINDOWS.0\system32\DRIVERS\epfwtdi.sys [2013-09-17 61600]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS.0\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS.0\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 epfw;epfw; C:\WINDOWS.0\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS.0\system32\DRIVERS\rspndr.sys [2011-09-14 62848]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS.0\system32\DRIVERS\Epfwndis.sys [2013-09-17 38952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS.0\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS.0\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS.0\system32\DRIVERS\mouhid.sys [2011-09-14 12160]
R3 nv;nv; C:\WINDOWS.0\system32\DRIVERS\nv4_mini.sys [2013-06-21 10973504]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS.0\system32\drivers\nvhda32.sys [2013-02-25 128672]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS.0\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS.0\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS.0\system32\drivers\Ambfilt.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS.0\system32\drivers\RtkHDAud.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS.0\system32\drivers\MBAMSwissArmy.sys []
S3 Monfilt;Monfilt; C:\WINDOWS.0\system32\drivers\Monfilt.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS.0\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;USB Scanner Driver; C:\WINDOWS.0\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS.0\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS.0\System32\Drivers\wpdusb.sys [2009-01-30 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS.0\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 exFat;exFat; C:\WINDOWS.0\system32\drivers\exFat.sys [2011-09-14 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-10-31 182696]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS.0\system32\nvsvc32.exe [2013-06-21 156960]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS.0\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-17 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS.0\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-14 267440]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-17 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-10 114288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS.0\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-30 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-23 1259296]

-----------------EOF-----------------

[Rudy]

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

[ferenc77]

Je to lepšie, ale stále badať nejaké nedostatky, ale to bude asi aj tým, že to nie je práve najnovší počítač.

[Rudy]

Ještě udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[ferenc77]

Malwarebytes Anti-Malware
www.malwarebytes.org

Dátum skenovania: 17. 11. 2014
Scan čas: 15:21:02
Logfile: mb.txt
Správca: áno

Verzia: 2.00.3.1025
Malware databázy: v2014.11.17.03
Rootkit databázy: v2014.11.12.01
Licencia: ?????????
Ochrana pred škodlivým softvérom: Telesne
Škodlivých webových stránok Ochrana: Telesne
Sebaobrany: Telesne

OS: Windows XP Service Pack 3
CPU: x86
Systém súborov: NTFS
Používateľ: user

Typ skenu: Hrozba Scan
Výsledok: Dokončené
Objekty naskenované: 945360
Uplynulý čas: 1 hr, 3 min 53 sekúnd

Pamäť: Povolené
Pri spustení: Povolené
Súborový systém: Povolené
Archív: Povolené
Rootkity: Telesne
Heuristiky: Povolené
ŠTEŇA: Povolené
VYKUROVAC: Povolené

Procesy: 0
(Žiadne zákernej položky neboli zistené)

Moduly: 0
(Žiadne zákernej položky neboli zistené)

Kľúče databázy Registry: 0
(Žiadne zákernej položky neboli zistené)

Hodnoty databázy Registry: 0
(Žiadne zákernej položky neboli zistené)

Údaje databázy Registry: 0
(Žiadne zákernej položky neboli zistené)

Priečinky: 8
PUP.Optional.GamesPlaylabs.A, C:\Documents and Settings\Peter\Local Settings\Application Data\Browser Plugin, , [ab2c52ea3a42a690a9c365f8e1221ce4],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com, , [5186c17bdca0f93d9b8832df6c97a858],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com\chrome, , [5186c17bdca0f93d9b8832df6c97a858],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com\chrome\content, , [5186c17bdca0f93d9b8832df6c97a858],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com\chrome\locale, , [5186c17bdca0f93d9b8832df6c97a858],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com\chrome\locale\en-US, , [5186c17bdca0f93d9b8832df6c97a858],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com\defaults, , [5186c17bdca0f93d9b8832df6c97a858],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com\defaults\preferences, , [5186c17bdca0f93d9b8832df6c97a858],

Súbory: 16
Trojan.BitMiner, C:\WINDOWS.0\system32\dcgmncoxbfhr.exe, , [a13696a6c0bc39fdf7568f782ad8837d],
PUP.BitCoinMiner, C:\WINDOWS.0\system32\lcpmncoxbfhr.exe, , [884f77c599e345f1bbc10e19d13026da],
PUP.Optional.Bitcoin, C:\WINDOWS.0\system32\acumncoxbfhr.exe, , [00d764d86b1150e6f45c13e3669b0bf5],
PUP.Optional.Bitcoin, C:\WINDOWS.0\system32\acumncvulqrq.exe, , [29ae7dbf85f7d462aea2d2249c65b947],
PUP.Optional.GamesPlaylabs.A, C:\Documents and Settings\Peter\Local Settings\Application Data\Browser Plugin\gplplugin.xpi, , [ab2c52ea3a42a690a9c365f8e1221ce4],
PUP.Optional.GamesPlaylabs.A, C:\Documents and Settings\Peter\Local Settings\Application Data\Browser Plugin\gplplugin.crx, , [ab2c52ea3a42a690a9c365f8e1221ce4],
PUP.Optional.GamesPlaylabs.A, C:\Documents and Settings\Peter\Local Settings\Application Data\Browser Plugin\setup.ini, , [ab2c52ea3a42a690a9c365f8e1221ce4],
PUP.Optional.GamesPlaylabs.A, C:\Documents and Settings\Peter\Local Settings\Application Data\Browser Plugin\Uninstall.exe, , [ab2c52ea3a42a690a9c365f8e1221ce4],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com\chrome.manifest, , [5186c17bdca0f93d9b8832df6c97a858],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com\install.rdf, , [5186c17bdca0f93d9b8832df6c97a858],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com\setup.ini, , [5186c17bdca0f93d9b8832df6c97a858],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com\chrome\content\ff-overlay.xul, , [5186c17bdca0f93d9b8832df6c97a858],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com\chrome\content\icon.png, , [5186c17bdca0f93d9b8832df6c97a858],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com\chrome\content\overlay.js, , [5186c17bdca0f93d9b8832df6c97a858],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com\chrome\locale\en-US\overlay.properties, , [5186c17bdca0f93d9b8832df6c97a858],
PUP.Optional.GamePlayLabs.A, C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zlp3xmv0.default\extensions\plugin@gameplaylabs.com\defaults\preferences\prefs.js, , [5186c17bdca0f93d9b8832df6c97a858],

Fyzický sektory: 0
(Žiadne zákernej položky neboli zistené)


(end)

[Rudy]

Vše, co MBAM nalezl, smažte.

[ferenc77]

Medzičasom som preinštaloval windows a dal som som WINDOWS 7. Problém je ten, že mi sekajú YT videá, keď mám na ďalšej karte otvorenú inú stránku, preto dávam log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Adam at 2014-12-17 17:54:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 31 GB (61%) free of 51 GB
Total RAM: 1023 MB (9% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:55:49, on 17. 12. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Users\Adam\Desktop\RSIT.exe
C:\Program Files\trend micro\Adam.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 3529 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\fhja01w2.default

prefs.js - "browser.startup.homepage" - "www.google.sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\fhja01w2.default\extensions\
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-11-30 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-30 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-08-19 1795872]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-10-01 5088456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2014-11-21 5282584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-17 17:54:17 ----D---- C:\Program Files\trend micro
2014-12-17 17:54:13 ----D---- C:\rsit
2014-12-12 19:41:06 ----D---- C:\Program Files\CCleaner
2014-12-11 23:26:01 ----D---- C:\Windows\system32\appraiser
2014-12-11 21:43:36 ----A---- C:\Windows\system32\mfps.dll
2014-12-11 21:43:36 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-11 21:43:36 ----A---- C:\Windows\system32\mferror.dll
2014-12-11 21:43:35 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-11 21:43:35 ----A---- C:\Windows\system32\mf.dll
2014-12-11 21:15:05 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-11 21:13:10 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-11 21:13:03 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-11 21:13:02 ----A---- C:\Windows\system32\appraiser.dll
2014-12-11 21:13:02 ----A---- C:\Windows\system32\aepic.dll
2014-12-11 21:13:02 ----A---- C:\Windows\system32\aeinv.dll
2014-12-11 21:13:01 ----A---- C:\Windows\system32\invagent.dll
2014-12-11 21:12:59 ----A---- C:\Windows\system32\generaltel.dll
2014-12-11 21:12:59 ----A---- C:\Windows\system32\devinv.dll
2014-12-11 21:12:58 ----A---- C:\Windows\system32\aepdu.dll
2014-12-11 21:10:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 21:10:06 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-11 21:10:06 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-11 21:10:05 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 21:10:05 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-11 21:10:04 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-11 21:10:03 ----A---- C:\Windows\system32\vbscript.dll
2014-12-11 21:10:03 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-11 21:10:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 21:10:03 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-11 21:10:02 ----A---- C:\Windows\system32\wininet.dll
2014-12-11 21:10:01 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-11 21:10:00 ----A---- C:\Windows\system32\ieui.dll
2014-12-11 21:09:59 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-11 21:09:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-11 21:09:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-11 21:09:56 ----A---- C:\Windows\system32\iertutil.dll
2014-12-11 21:09:54 ----A---- C:\Windows\system32\jscript9.dll
2014-12-11 21:09:52 ----A---- C:\Windows\system32\mshtml.dll
2014-12-11 21:09:47 ----A---- C:\Windows\system32\urlmon.dll
2014-12-11 21:09:47 ----A---- C:\Windows\system32\iernonce.dll
2014-12-11 21:09:47 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-11 21:09:47 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-11 21:09:46 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-11 21:09:46 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-11 21:09:42 ----A---- C:\Windows\system32\msrating.dll
2014-12-11 21:09:42 ----A---- C:\Windows\system32\iesetup.dll
2014-12-11 21:09:40 ----A---- C:\Windows\system32\ieframe.dll
2014-12-11 21:05:21 ----A---- C:\Windows\system32\tzres.dll
2014-12-11 21:04:32 ----A---- C:\Windows\system32\charmap.exe
2014-12-11 21:04:29 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-11 21:04:28 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-11 21:04:28 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-11 21:04:28 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 21:04:28 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-05 21:57:46 ----D---- C:\Users\Adam\AppData\Roaming\vlc
2014-12-03 23:03:37 ----A---- C:\Windows\system32\rdpcorets.dll
2014-12-03 23:01:45 ----A---- C:\Windows\system32\mstscax.dll
2014-12-03 22:27:57 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-12-03 22:16:53 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2014-12-03 22:16:50 ----A---- C:\Windows\system32\rdpudd.dll
2014-12-03 22:16:49 ----A---- C:\Windows\system32\rdpendp_winip.dll
2014-12-03 22:16:03 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-12-03 22:15:54 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-12-03 22:15:53 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-12-03 22:15:50 ----A---- C:\Windows\system32\wksprtPS.dll
2014-12-03 22:15:50 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-12-03 22:15:50 ----A---- C:\Windows\system32\tsgqec.dll
2014-12-03 22:15:50 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2014-12-03 22:15:49 ----A---- C:\Windows\system32\wksprt.exe
2014-12-03 22:15:49 ----A---- C:\Windows\system32\TSWbPrxy.exe
2014-12-03 22:15:49 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-12-03 22:15:49 ----A---- C:\Windows\system32\mstsc.exe
2014-12-03 21:56:20 ----D---- C:\Windows\Migration
2014-12-03 21:51:23 ----A---- C:\Windows\system32\esent.dll
2014-12-03 21:51:23 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2014-12-03 21:51:22 ----A---- C:\Windows\system32\fsutil.exe
2014-12-03 21:51:22 ----A---- C:\Windows\system32\drivers\nvstor.sys
2014-12-03 21:51:22 ----A---- C:\Windows\system32\drivers\nvraid.sys
2014-12-03 21:51:22 ----A---- C:\Windows\system32\drivers\amdxata.sys
2014-12-03 21:51:22 ----A---- C:\Windows\system32\drivers\amdsata.sys
2014-12-03 21:51:21 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-12-03 21:50:04 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-12-03 21:50:04 ----A---- C:\Windows\system32\KBDRU.DLL
2014-12-03 21:50:03 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-12-03 21:50:03 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-12-03 21:50:03 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-12-03 21:49:56 ----A---- C:\Windows\explorer.exe
2014-12-03 21:49:37 ----A---- C:\Windows\system32\spoolsv.exe
2014-12-03 20:04:38 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-12-03 19:46:53 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-12-03 19:46:53 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-12-03 19:46:52 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-12-03 19:46:52 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-12-03 19:46:51 ----A---- C:\Windows\system32\WUDFx.dll
2014-12-03 19:46:51 ----A---- C:\Windows\system32\WUDFHost.exe
2014-12-03 19:46:51 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-12-03 19:45:11 ----A---- C:\Windows\system32\infocardapi.dll
2014-12-03 19:45:08 ----A---- C:\Windows\system32\icardres.dll
2014-12-03 19:45:00 ----A---- C:\Windows\system32\icardagt.exe
2014-12-03 19:44:48 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-12-03 19:44:01 ----A---- C:\Windows\system32\wmi.dll
2014-12-03 19:44:01 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2014-12-03 19:31:36 ----A---- C:\Windows\system32\wmp.dll
2014-12-03 19:31:34 ----A---- C:\Windows\system32\wmploc.DLL
2014-12-03 19:10:00 ----A---- C:\Windows\system32\WMPhoto.dll
2014-12-03 19:09:58 ----A---- C:\Windows\system32\DWrite.dll
2014-12-03 18:51:41 ----A---- C:\Windows\system32\d3d10warp.dll
2014-12-03 18:42:18 ----A---- C:\Windows\system32\d2d1.dll
2014-12-02 21:58:41 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-02 21:58:41 ----A---- C:\Windows\system32\msls31.dll
2014-12-02 21:58:41 ----A---- C:\Windows\system32\jsIntl.dll
2014-12-02 21:58:41 ----A---- C:\Windows\system32\elshyph.dll
2014-12-02 21:58:40 ----A---- C:\Windows\system32\ieapfltr.dat
2014-12-02 21:58:39 ----A---- C:\Windows\system32\webcheck.dll
2014-12-02 21:58:39 ----A---- C:\Windows\system32\url.dll
2014-12-02 21:58:39 ----A---- C:\Windows\system32\licmgr10.dll
2014-12-02 21:58:39 ----A---- C:\Windows\system32\icardie.dll
2014-12-02 21:58:38 ----A---- C:\Windows\system32\inseng.dll
2014-12-02 21:58:36 ----A---- C:\Windows\system32\wextract.exe
2014-12-02 21:58:36 ----A---- C:\Windows\system32\iexpress.exe
2014-12-02 21:58:34 ----A---- C:\Windows\system32\pngfilt.dll
2014-12-02 21:58:34 ----A---- C:\Windows\system32\occache.dll
2014-12-02 21:58:33 ----A---- C:\Windows\system32\mshta.exe
2014-12-02 21:58:33 ----A---- C:\Windows\system32\msfeedssync.exe
2014-12-02 21:58:33 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-12-02 21:58:33 ----A---- C:\Windows\system32\jscript.dll
2014-12-02 21:58:33 ----A---- C:\Windows\system32\imgutil.dll
2014-12-02 21:58:33 ----A---- C:\Windows\system32\iepeers.dll
2014-12-02 21:58:33 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-12-02 21:58:32 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-12-02 21:58:32 ----A---- C:\Windows\system32\mshtmler.dll
2014-12-02 21:58:32 ----A---- C:\Windows\system32\iesysprep.dll
2014-12-02 21:57:24 ----A---- C:\Windows\system32\tdh.dll
2014-12-02 21:57:24 ----A---- C:\Windows\system32\smss.exe
2014-12-02 21:57:24 ----A---- C:\Windows\system32\ntdll.dll
2014-12-02 21:57:24 ----A---- C:\Windows\system32\csrsrv.dll
2014-12-02 21:57:24 ----A---- C:\Windows\system32\advapi32.dll
2014-12-02 21:57:01 ----A---- C:\Windows\system32\mswsock.dll
2014-12-02 21:56:43 ----A---- C:\Windows\system32\taskhost.exe
2014-12-02 21:53:36 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-12-02 21:53:36 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-12-02 21:53:36 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-12-02 21:53:36 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-12-02 21:53:36 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-12-02 21:53:36 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-12-02 21:53:36 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-12-02 21:53:36 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-12-02 21:53:35 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-12-02 21:53:35 ----A---- C:\Windows\system32\XpsPrint.dll
2014-12-02 21:53:35 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-12-02 21:53:35 ----A---- C:\Windows\system32\FntCache.dll
2014-12-02 21:53:34 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2014-12-02 21:53:34 ----A---- C:\Windows\system32\d3d10core.dll
2014-12-02 21:53:34 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-12-02 21:53:34 ----A---- C:\Windows\system32\d3d10_1.dll
2014-12-02 21:53:34 ----A---- C:\Windows\system32\d3d10.dll
2014-12-02 21:53:33 ----A---- C:\Windows\system32\UIAnimation.dll
2014-12-02 21:53:33 ----A---- C:\Windows\system32\dxgi.dll
2014-12-02 21:53:33 ----A---- C:\Windows\system32\d3d10level9.dll
2014-12-02 21:50:56 ----A---- C:\Windows\system32\d3d11.dll
2014-12-01 23:34:21 ----A---- C:\Windows\system32\psisdecd.dll
2014-12-01 23:34:18 ----A---- C:\Windows\system32\drivers\afd.sys
2014-12-01 23:34:13 ----A---- C:\Windows\system32\drivers\usbcir.sys
2014-12-01 23:32:56 ----A---- C:\Windows\system32\kernel32.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-12-01 23:32:55 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-12-01 23:32:55 ----A---- C:\Windows\system32\winsrv.dll
2014-12-01 23:32:55 ----A---- C:\Windows\system32\conhost.exe
2014-12-01 23:32:54 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-12-01 23:32:54 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-12-01 23:32:54 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-12-01 23:32:54 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-12-01 23:32:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-12-01 23:32:54 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-12-01 23:32:54 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-12-01 23:32:54 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-12-01 23:32:54 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-12-01 23:32:54 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-12-01 23:32:54 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-12-01 23:32:54 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-12-01 23:32:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-12-01 23:32:38 ----A---- C:\Windows\system32\cryptsvc.dll
2014-12-01 23:32:38 ----A---- C:\Windows\system32\cryptnet.dll
2014-12-01 23:32:38 ----A---- C:\Windows\system32\crypt32.dll
2014-12-01 23:30:18 ----A---- C:\Windows\system32\certutil.exe
2014-12-01 23:30:18 ----A---- C:\Windows\system32\certenc.dll
2014-12-01 23:28:13 ----A---- C:\Windows\system32\osk.exe
2014-12-01 23:26:59 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-12-01 23:26:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-12-01 23:26:57 ----A---- C:\Windows\system32\objsel.dll
2014-12-01 23:26:57 ----A---- C:\Windows\system32\KernelBase.dll
2014-12-01 23:26:56 ----A---- C:\Windows\system32\wincredprovider.dll
2014-12-01 23:26:56 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-12-01 23:26:56 ----A---- C:\Windows\system32\dimsroam.dll
2014-12-01 23:26:56 ----A---- C:\Windows\system32\cngprovider.dll
2014-12-01 23:26:56 ----A---- C:\Windows\system32\capiprovider.dll
2014-12-01 23:26:56 ----A---- C:\Windows\system32\adprovider.dll
2014-12-01 23:24:51 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-12-01 23:24:30 ----A---- C:\Windows\system32\Wpc.dll
2014-12-01 23:24:30 ----A---- C:\Windows\system32\gameux.dll
2014-12-01 23:23:57 ----A---- C:\Windows\system32\webio.dll
2014-12-01 23:22:28 ----A---- C:\Windows\system32\nlasvc.dll
2014-12-01 23:22:28 ----A---- C:\Windows\system32\netcorehc.dll
2014-12-01 23:22:28 ----A---- C:\Windows\system32\ncsi.dll
2014-12-01 23:22:28 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-12-01 23:22:27 ----A---- C:\Windows\system32\nlaapi.dll
2014-12-01 23:22:27 ----A---- C:\Windows\system32\netevent.dll
2014-12-01 23:22:27 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2014-12-01 23:22:05 ----A---- C:\Windows\system32\EncDec.dll
2014-12-01 23:21:52 ----A---- C:\Windows\system32\msi.dll
2014-12-01 23:21:29 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-12-01 23:21:25 ----A---- C:\Windows\system32\rastls.dll
2014-12-01 23:21:22 ----A---- C:\Windows\system32\quartz.dll
2014-12-01 23:21:16 ----A---- C:\Windows\system32\WebClnt.dll
2014-12-01 23:21:16 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2014-12-01 23:21:16 ----A---- C:\Windows\system32\davclnt.dll
2014-12-01 23:21:14 ----A---- C:\Windows\system32\qedit.dll
2014-12-01 23:21:12 ----A---- C:\Windows\system32\comctl32.dll
2014-12-01 23:21:08 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-12-01 23:21:08 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2014-12-01 23:21:08 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-12-01 23:21:04 ----A---- C:\Windows\system32\localspl.dll
2014-12-01 23:21:02 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-12-01 23:21:02 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-12-01 23:21:02 ----A---- C:\Windows\system32\cdd.dll
2014-12-01 23:20:57 ----A---- C:\Windows\system32\cdosys.dll
2014-12-01 23:20:50 ----A---- C:\Windows\system32\packager.dll
2014-12-01 23:20:46 ----A---- C:\Windows\system32\nshwfp.dll
2014-12-01 23:20:46 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-12-01 23:20:46 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-12-01 23:20:26 ----A---- C:\Windows\system32\srcore.dll
2014-12-01 23:20:23 ----A---- C:\Windows\system32\rpcrt4.dll
2014-12-01 23:20:16 ----A---- C:\Windows\system32\drivers\storport.sys
2014-12-01 23:20:16 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-12-01 23:20:16 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-12-01 23:20:15 ----A---- C:\Windows\system32\iologmsg.dll
2014-12-01 23:20:05 ----A---- C:\Windows\system32\gdi32.dll
2014-12-01 23:20:02 ----A---- C:\Windows\system32\msvcrt.dll
2014-12-01 23:19:59 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-12-01 23:19:45 ----A---- C:\Windows\system32\msihnd.dll
2014-12-01 23:19:45 ----A---- C:\Windows\system32\consent.exe
2014-12-01 23:19:45 ----A---- C:\Windows\system32\authui.dll
2014-12-01 23:19:06 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-12-01 23:19:03 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2014-12-01 23:18:55 ----A---- C:\Windows\system32\scavengeui.dll
2014-12-01 23:18:32 ----A---- C:\Windows\system32\wdigest.dll
2014-12-01 23:18:32 ----A---- C:\Windows\system32\TSpkg.dll
2014-12-01 23:18:32 ----A---- C:\Windows\system32\schannel.dll
2014-12-01 23:18:32 ----A---- C:\Windows\system32\ncrypt.dll
2014-12-01 23:18:32 ----A---- C:\Windows\system32\msv1_0.dll
2014-12-01 23:18:31 ----A---- C:\Windows\system32\credssp.dll
2014-12-01 23:18:14 ----A---- C:\Windows\system32\msxml3r.dll
2014-12-01 23:18:14 ----A---- C:\Windows\system32\msxml3.dll
2014-12-01 23:18:10 ----A---- C:\Windows\system32\tquery.dll
2014-12-01 23:18:10 ----A---- C:\Windows\system32\SearchIndexer.exe
2014-12-01 23:18:10 ----A---- C:\Windows\system32\mssrch.dll
2014-12-01 23:18:09 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2014-12-01 23:18:09 ----A---- C:\Windows\system32\mssph.dll
2014-12-01 23:18:08 ----A---- C:\Windows\system32\SearchFilterHost.exe
2014-12-01 23:18:08 ----A---- C:\Windows\system32\mssvp.dll
2014-12-01 23:18:08 ----A---- C:\Windows\system32\mssphtb.dll
2014-12-01 23:18:08 ----A---- C:\Windows\system32\msscntrs.dll
2014-12-01 23:18:05 ----A---- C:\Windows\system32\lpk.dll
2014-12-01 23:18:05 ----A---- C:\Windows\system32\fontsub.dll
2014-12-01 23:18:05 ----A---- C:\Windows\system32\dciman32.dll
2014-12-01 23:18:05 ----A---- C:\Windows\system32\atmlib.dll
2014-12-01 23:18:05 ----A---- C:\Windows\system32\atmfd.dll
2014-12-01 23:17:58 ----A---- C:\Windows\system32\msxml6r.dll
2014-12-01 23:17:58 ----A---- C:\Windows\system32\msxml6.dll
2014-12-01 23:17:56 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-12-01 23:17:46 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-12-01 23:17:34 ----A---- C:\Windows\system32\qdvd.dll
2014-12-01 23:17:31 ----A---- C:\Windows\system32\msieftp.dll
2014-12-01 23:17:29 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-12-01 23:17:22 ----A---- C:\Windows\system32\OxpsConverter.exe
2014-12-01 23:17:07 ----A---- C:\Windows\system32\oleacc.dll
2014-12-01 23:17:04 ----A---- C:\Windows\system32\prevhost.exe
2014-12-01 23:16:54 ----A---- C:\Windows\system32\shdocvw.dll
2014-12-01 23:16:24 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2014-12-01 23:16:24 ----A---- C:\Windows\system32\credui.dll
2014-12-01 23:16:07 ----A---- C:\Windows\system32\wwansvc.dll
2014-12-01 23:16:07 ----A---- C:\Windows\system32\wwanprotdim.dll
2014-12-01 23:16:04 ----A---- C:\Windows\system32\sbe.dll
2014-12-01 23:16:04 ----A---- C:\Windows\system32\CPFilters.dll
2014-12-01 23:16:00 ----A---- C:\Windows\system32\synceng.dll
2014-12-01 23:15:57 ----A---- C:\Windows\system32\umpnpmgr.dll
2014-12-01 23:15:42 ----A---- C:\Windows\system32\wintrust.dll
2014-12-01 23:15:19 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-12-01 23:15:18 ----A---- C:\Windows\system32\drivers\netio.sys
2014-12-01 23:15:18 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-12-01 23:15:16 ----A---- C:\Windows\system32\drivers\portcls.sys
2014-12-01 23:15:16 ----A---- C:\Windows\system32\drivers\drmk.sys
2014-12-01 23:15:14 ----A---- C:\Windows\system32\imagehlp.dll
2014-12-01 23:15:12 ----A---- C:\Windows\system32\drivers\hidparse.sys
2014-12-01 23:15:12 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-12-01 23:15:07 ----A---- C:\Windows\system32\wscript.exe
2014-12-01 23:15:07 ----A---- C:\Windows\system32\scrrun.dll
2014-12-01 23:15:07 ----A---- C:\Windows\system32\cscript.exe
2014-12-01 23:15:02 ----A---- C:\Windows\system32\dpnet.dll
2014-12-01 23:14:32 ----A---- C:\Windows\system32\winlogon.exe
2014-12-01 23:14:30 ----A---- C:\Windows\system32\winsta.dll
2014-12-01 23:14:30 ----A---- C:\Windows\system32\rdrmemptylst.exe
2014-12-01 23:14:30 ----A---- C:\Windows\system32\rdpwsx.dll
2014-12-01 23:14:30 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-12-01 23:14:30 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-12-01 23:14:29 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-12-01 23:12:56 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-12-01 23:12:53 ----A---- C:\Windows\system32\win32spl.dll
2014-12-01 23:12:51 ----A---- C:\Windows\system32\EncDump.dll
2014-12-01 23:12:51 ----A---- C:\Windows\system32\audiosrv.dll
2014-12-01 23:12:51 ----A---- C:\Windows\system32\AudioSes.dll
2014-12-01 23:12:51 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-12-01 23:12:51 ----A---- C:\Windows\system32\AudioEng.dll
2014-12-01 23:12:48 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-12-01 23:12:34 ----A---- C:\Windows\system32\kerberos.dll
2014-12-01 23:12:33 ----A---- C:\Windows\system32\pku2u.dll
2014-12-01 23:12:12 ----A---- C:\Windows\system32\mscories.dll
2014-12-01 23:12:12 ----A---- C:\Windows\system32\mscorier.dll
2014-12-01 23:12:12 ----A---- C:\Windows\system32\dfshim.dll
2014-12-01 23:12:04 ----A---- C:\Windows\system32\drivers\ataport.sys
2014-12-01 23:12:00 ----A---- C:\Windows\system32\oleaut32.dll
2014-12-01 23:11:49 ----A---- C:\Windows\system32\shell32.dll
2014-12-01 23:11:19 ----A---- C:\Windows\system32\win32k.sys
2014-12-01 23:11:13 ----A---- C:\Windows\system32\ntshrui.dll
2014-12-01 23:11:10 ----A---- C:\Windows\system32\mfc42u.dll
2014-12-01 23:11:10 ----A---- C:\Windows\system32\mfc42.dll
2014-12-01 23:11:02 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2014-12-01 23:11:02 ----A---- C:\Windows\system32\dhcpcore6.dll
2014-12-01 23:10:41 ----A---- C:\Windows\system32\cryptdlg.dll
2014-12-01 23:10:24 ----A---- C:\Windows\system32\profsvc.dll
2014-12-01 23:10:21 ----A---- C:\Windows\system32\wer.dll
2014-12-01 23:10:06 ----A---- C:\Windows\system32\inetcomm.dll
2014-12-01 23:10:01 ----A---- C:\Windows\system32\drivers\bowser.sys
2014-12-01 23:09:55 ----A---- C:\Windows\system32\FXSCOVER.exe
2014-12-01 23:09:52 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-12-01 23:09:52 ----A---- C:\Windows\system32\dnscacheugc.exe
2014-12-01 23:09:52 ----A---- C:\Windows\system32\dnsapi.dll
2014-12-01 23:09:49 ----A---- C:\Windows\system32\xmllite.dll
2014-12-01 23:09:46 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-12-01 23:09:46 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-12-01 23:09:46 ----A---- C:\Windows\system32\drivers\srv.sys
2014-12-01 23:09:37 ----A---- C:\Windows\system32\odbcjt32.dll
2014-12-01 23:09:37 ----A---- C:\Windows\system32\odbccu32.dll
2014-12-01 23:09:37 ----A---- C:\Windows\system32\odbccr32.dll
2014-12-01 23:09:37 ----A---- C:\Windows\system32\odbccp32.dll
2014-12-01 23:09:36 ----A---- C:\Windows\system32\odbctrac.dll
2014-12-01 23:09:33 ----A---- C:\Windows\system32\Wdfres.dll
2014-12-01 23:09:33 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-12-01 23:09:33 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-12-01 23:09:26 ----A---- C:\Windows\system32\netapi32.dll
2014-12-01 23:09:26 ----A---- C:\Windows\system32\browser.dll
2014-12-01 23:09:26 ----A---- C:\Windows\system32\browcli.dll
2014-12-01 23:09:23 ----A---- C:\Windows\system32\usp10.dll
2014-12-01 22:40:29 ----A---- C:\Windows\system32\lsasrv.dll
2014-12-01 22:40:28 ----A---- C:\Windows\system32\drivers\cng.sys
2014-12-01 22:40:27 ----A---- C:\Windows\system32\termsrv.dll
2014-12-01 22:40:27 ----A---- C:\Windows\system32\sspicli.dll
2014-12-01 22:40:27 ----A---- C:\Windows\system32\secur32.dll
2014-12-01 22:40:27 ----A---- C:\Windows\system32\msaudite.dll
2014-12-01 22:40:27 ----A---- C:\Windows\system32\lsass.exe
2014-12-01 22:40:27 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-12-01 22:40:27 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-12-01 22:40:27 ----A---- C:\Windows\system32\adtschema.dll
2014-12-01 22:40:26 ----A---- C:\Windows\system32\sspisrv.dll
2014-12-01 22:39:37 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-12-01 22:39:37 ----A---- C:\Windows\system32\RMActivate.exe
2014-12-01 22:39:36 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-12-01 22:39:36 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-12-01 22:39:36 ----A---- C:\Windows\system32\secproc_isv.dll
2014-12-01 22:39:36 ----A---- C:\Windows\system32\secproc.dll
2014-12-01 22:39:36 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-12-01 22:39:36 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-12-01 22:39:36 ----A---- C:\Windows\system32\msdrm.dll
2014-12-01 22:23:09 ----A---- C:\Windows\system32\appinfo.dll
2014-12-01 22:19:36 ----A---- C:\Windows\system32\rdpcore.dll
2014-12-01 22:19:35 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-12-01 22:19:27 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-12-01 22:19:27 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-12-01 22:19:27 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-12-01 22:19:27 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-12-01 22:19:27 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-12-01 22:19:27 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-12-01 22:19:26 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-12-01 22:04:16 ----D---- C:\Program Files\VideoLAN
2014-12-01 22:03:11 ----A---- C:\Windows\system32\wups2.dll
2014-12-01 22:03:11 ----A---- C:\Windows\system32\wucltux.dll
2014-12-01 22:03:11 ----A---- C:\Windows\system32\wuaueng.dll
2014-12-01 22:03:11 ----A---- C:\Windows\system32\wuauclt.exe
2014-12-01 22:02:19 ----A---- C:\Windows\system32\wups.dll
2014-12-01 22:02:19 ----A---- C:\Windows\system32\wudriver.dll
2014-12-01 22:02:19 ----A---- C:\Windows\system32\wuapi.dll
2014-12-01 22:01:54 ----A---- C:\Windows\system32\wuwebv.dll
2014-12-01 22:01:54 ----A---- C:\Windows\system32\wuapp.exe
2014-12-01 22:01:28 ----D---- C:\Users\Adam\AppData\Roaming\WinRAR
2014-12-01 22:00:52 ----D---- C:\Program Files\WinRAR
2014-12-01 21:41:10 ----D---- C:\Program Files\Mozilla Firefox
2014-11-30 20:14:39 ----D---- C:\Windows\system32\SPReview
2014-11-30 20:14:04 ----D---- C:\Windows\system32\EventProviders
2014-11-30 19:43:48 ----A---- C:\Windows\system32\mfc40u.dll
2014-11-30 19:43:48 ----A---- C:\Windows\system32\mfc40.dll
2014-11-30 19:43:46 ----A---- C:\Windows\system32\sysmain.dll
2014-11-30 19:43:39 ----A---- C:\Windows\system32\spwizui.dll
2014-11-30 19:43:39 ----A---- C:\Windows\system32\mscoree.dll
2014-11-30 19:43:36 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-11-30 19:43:36 ----A---- C:\Windows\system32\CertEnroll.dll
2014-11-30 19:43:34 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-11-30 19:43:34 ----A---- C:\Windows\system32\PresentationHost.exe
2014-11-30 19:43:33 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2014-11-30 19:43:32 ----A---- C:\Windows\system32\schedsvc.dll
2014-11-30 19:43:32 ----A---- C:\Windows\system32\RacEngn.dll
2014-11-30 19:43:30 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2014-11-30 19:43:29 ----A---- C:\Windows\system32\rdpdd.dll
2014-11-30 19:43:29 ----A---- C:\Windows\system32\qmgr.dll
2014-11-30 19:43:28 ----A---- C:\Windows\system32\ExplorerFrame.dll
2014-11-30 19:43:26 ----A---- C:\Windows\system32\wevtsvc.dll
2014-11-30 19:43:26 ----A---- C:\Windows\system32\ole32.dll
2014-11-30 19:43:24 ----A---- C:\Windows\system32\vssapi.dll
2014-11-30 19:43:23 ----A---- C:\Windows\system32\SearchFolder.dll
2014-11-30 19:43:23 ----A---- C:\Windows\system32\d3d9.dll
2014-11-30 19:43:21 ----A---- C:\Windows\system32\taskschd.dll
2014-11-30 19:43:20 ----A---- C:\Windows\system32\spreview.exe
2014-11-30 19:43:19 ----A---- C:\Windows\system32\spinstall.exe
2014-11-30 19:43:19 ----A---- C:\Windows\system32\certcli.dll
2014-11-30 19:43:18 ----A---- C:\Windows\system32\odbc32.dll
2014-11-30 19:43:18 ----A---- C:\Windows\system32\gpsvc.dll
2014-11-30 19:43:18 ----A---- C:\Windows\system32\dwmcore.dll
2014-11-30 19:43:17 ----A---- C:\Windows\system32\MPSSVC.dll
2014-11-30 19:43:17 ----A---- C:\Windows\system32\diagperf.dll
2014-11-30 19:43:16 ----A---- C:\Windows\system32\WinSAT.exe
2014-11-30 19:43:16 ----A---- C:\Windows\system32\wbengine.exe
2014-11-30 19:43:15 ----A---- C:\Windows\system32\tsmf.dll
2014-11-30 19:43:15 ----A---- C:\Windows\system32\dot3api.dll
2014-11-30 19:43:14 ----A---- C:\Windows\system32\winhttp.dll
2014-11-30 19:43:14 ----A---- C:\Windows\system32\setupapi.dll
2014-11-30 19:43:14 ----A---- C:\Windows\system32\apphelp.dll
2014-11-30 19:43:13 ----A---- C:\Windows\system32\MSVidCtl.dll
2014-11-30 19:43:13 ----A---- C:\Windows\system32\dbgeng.dll
2014-11-30 19:43:12 ----A---- C:\Windows\system32\VSSVC.exe
2014-11-30 19:43:12 ----A---- C:\Windows\system32\user32.dll
2014-11-30 19:43:12 ----A---- C:\Windows\system32\netlogon.dll
2014-11-30 19:43:12 ----A---- C:\Windows\system32\netcfgx.dll
2014-11-30 19:43:11 ----A---- C:\Windows\system32\Query.dll
2014-11-30 19:43:10 ----A---- C:\Windows\system32\upnp.dll
2014-11-30 19:43:10 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2014-11-30 19:43:09 ----A---- C:\Windows\system32\mmcndmgr.dll
2014-11-30 19:43:08 ----A---- C:\Windows\system32\netfxperf.dll
2014-11-30 19:43:08 ----A---- C:\Windows\system32\lsm.exe
2014-11-30 19:43:07 ----A---- C:\Windows\system32\sppobjs.dll
2014-11-30 19:43:07 ----A---- C:\Windows\system32\imapi2fs.dll
2014-11-30 19:43:06 ----A---- C:\Windows\system32\shlwapi.dll
2014-11-30 19:43:06 ----A---- C:\Windows\system32\SessEnv.dll
2014-11-30 19:43:06 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2014-11-30 19:43:05 ----A---- C:\Windows\system32\mcbuilder.exe
2014-11-30 19:43:04 ----A---- C:\Windows\system32\userenv.dll
2014-11-30 19:43:04 ----A---- C:\Windows\system32\drvstore.dll
2014-11-30 19:43:04 ----A---- C:\Windows\system32\certmgr.dll
2014-11-30 19:43:03 ----A---- C:\Windows\system32\xpsservices.dll
2014-11-30 19:43:03 ----A---- C:\Windows\system32\winload.exe
2014-11-30 19:43:02 ----A---- C:\Windows\system32\sppwinob.dll
2014-11-30 19:43:02 ----A---- C:\Windows\system32\comdlg32.dll
2014-11-30 19:43:01 ----A---- C:\Windows\system32\rpcss.dll
2014-11-30 19:43:01 ----A---- C:\Windows\system32\cmd.exe
2014-11-30 19:43:00 ----A---- C:\Windows\system32\Wldap32.dll
2014-11-30 19:43:00 ----A---- C:\Windows\system32\propsys.dll
2014-11-30 19:43:00 ----A---- C:\Windows\system32\mfds.dll
2014-11-30 19:43:00 ----A---- C:\Windows\system32\framedynos.dll
2014-11-30 19:43:00 ----A---- C:\Windows\system32\BFE.DLL
2014-11-30 19:42:59 ----A---- C:\Windows\system32\samsrv.dll
2014-11-30 19:42:59 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-11-30 19:42:58 ----A---- C:\Windows\system32\wmicmiplugin.dll
2014-11-30 19:42:58 ----A---- C:\Windows\system32\winresume.exe
2014-11-30 19:42:58 ----A---- C:\Windows\system32\werconcpl.dll
2014-11-30 19:42:58 ----A---- C:\Windows\system32\azroles.dll
2014-11-30 19:42:57 ----A---- C:\Windows\system32\themeui.dll
2014-11-30 19:42:56 ----A---- C:\Windows\system32\taskeng.exe
2014-11-30 19:42:56 ----A---- C:\Windows\system32\spp.dll
2014-11-30 19:42:56 ----A---- C:\Windows\system32\dhcpcore.dll
2014-11-30 19:42:55 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2014-11-30 19:42:55 ----A---- C:\Windows\system32\mfreadwrite.dll
2014-11-30 19:42:55 ----A---- C:\Windows\system32\drivers\http.sys
2014-11-30 19:42:55 ----A---- C:\Windows\system32\dbghelp.dll
2014-11-30 19:42:55 ----A---- C:\Windows\system32\basecsp.dll
2014-11-30 19:42:54 ----A---- C:\Windows\system32\WinSATAPI.dll
2014-11-30 19:42:54 ----A---- C:\Windows\system32\taskcomp.dll
2014-11-30 19:42:54 ----A---- C:\Windows\system32\evr.dll
2014-11-30 19:42:54 ----A---- C:\Windows\system32\calc.exe
2014-11-30 19:42:53 ----A---- C:\Windows\system32\sqlsrv32.dll
2014-11-30 19:42:53 ----A---- C:\Windows\system32\QAGENTRT.DLL
2014-11-30 19:42:53 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2014-11-30 19:42:52 ----A---- C:\Windows\system32\vpnike.dll
2014-11-30 19:42:52 ----A---- C:\Windows\system32\srvsvc.dll
2014-11-30 19:42:51 ----A---- C:\Windows\system32\UIRibbon.dll
2014-11-30 19:42:51 ----A---- C:\Windows\system32\lpksetup.exe
2014-11-30 19:42:51 ----A---- C:\Windows\system32\fveapi.dll
2014-11-30 19:42:49 ----A---- C:\Windows\system32\sxs.dll
2014-11-30 19:42:48 ----A---- C:\Windows\system32\ws2_32.dll
2014-11-30 19:42:48 ----A---- C:\Windows\system32\netshell.dll
2014-11-30 19:42:47 ----A---- C:\Windows\system32\stobject.dll
2014-11-30 19:42:47 ----A---- C:\Windows\system32\hgprint.dll
2014-11-30 19:42:46 ----A---- C:\Windows\system32\drivers\rdbss.sys
2014-11-30 19:42:46 ----A---- C:\Windows\system32\drivers\msdsm.sys
2014-11-30 19:42:45 ----A---- C:\Windows\system32\prncache.dll
2014-11-30 19:42:45 ----A---- C:\Windows\system32\printui.dll
2014-11-30 19:42:45 ----A---- C:\Windows\system32\inetpp.dll
2014-11-30 19:42:44 ----A---- C:\Windows\system32\wmpeffects.dll
2014-11-30 19:42:44 ----A---- C:\Windows\system32\dps.dll
2014-11-30 19:42:42 ----A---- C:\Windows\system32\WSDApi.dll
2014-11-30 19:42:42 ----A---- C:\Windows\system32\rpchttp.dll
2014-11-30 19:42:42 ----A---- C:\Windows\system32\net1.exe
2014-11-30 19:42:42 ----A---- C:\Windows\system32\ci.dll
2014-11-30 19:42:42 ----A---- C:\Windows\system32\aitagent.exe
2014-11-30 19:42:41 ----A---- C:\Windows\system32\vds.exe
2014-11-30 19:42:41 ----A---- C:\Windows\system32\scansetting.dll
2014-11-30 19:42:41 ----A---- C:\Windows\system32\FXSSVC.exe
2014-11-30 19:42:41 ----A---- C:\Windows\system32\drivers\pci.sys
2014-11-30 19:42:40 ----A---- C:\Windows\system32\WMVCORE.DLL
2014-11-30 19:42:40 ----A---- C:\Windows\system32\wlangpui.dll
2014-11-30 19:42:40 ----A---- C:\Windows\system32\MMDevAPI.dll
2014-11-30 19:42:39 ----A---- C:\Windows\system32\QSHVHOST.DLL
2014-11-30 19:42:38 ----A---- C:\Windows\system32\t2embed.dll
2014-11-30 19:42:38 ----A---- C:\Windows\system32\pnidui.dll
2014-11-30 19:42:38 ----A---- C:\Windows\system32\IPSECSVC.DLL
2014-11-30 19:42:37 ----A---- C:\Windows\system32\wpdshext.dll
2014-11-30 19:42:37 ----A---- C:\Windows\system32\webservices.dll
2014-11-30 19:42:37 ----A---- C:\Windows\system32\drivers\termdd.sys
2014-11-30 19:42:36 ----A---- C:\Windows\system32\fde.dll
2014-11-30 19:42:35 ----A---- C:\Windows\system32\netdiagfx.dll
2014-11-30 19:42:35 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2014-11-30 19:42:34 ----A---- C:\Windows\system32\SyncCenter.dll
2014-11-30 19:42:33 ----A---- C:\Windows\system32\wscapi.dll
2014-11-30 19:42:33 ----A---- C:\Windows\system32\sdengin2.dll
2014-11-30 19:42:31 ----A---- C:\Windows\system32\WFS.exe
2014-11-30 19:42:29 ----A---- C:\Windows\system32\wisptis.exe
2014-11-30 19:42:29 ----A---- C:\Windows\system32\WinSCard.dll
2014-11-30 19:42:29 ----A---- C:\Windows\system32\pla.dll
2014-11-30 19:42:29 ----A---- C:\Windows\system32\msasn1.dll
2014-11-30 19:42:28 ----A---- C:\Windows\system32\mcmde.dll
2014-11-30 19:42:27 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2014-11-30 19:42:27 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2014-11-30 19:42:27 ----A---- C:\Windows\system32\drivers\msahci.sys
2014-11-30 19:42:26 ----A---- C:\Windows\system32\setupcl.exe
2014-11-30 19:42:26 ----A---- C:\Windows\system32\imapi2.dll
2014-11-30 19:42:25 ----A---- C:\Windows\system32\wiaservc.dll
2014-11-30 19:42:24 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2014-11-30 19:42:19 ----A---- C:\Windows\system32\onex.dll
2014-11-30 19:42:19 ----A---- C:\Windows\system32\dwmredir.dll
2014-11-30 19:42:18 ----A---- C:\Windows\system32\WMPEncEn.dll
2014-11-30 19:42:18 ----A---- C:\Windows\system32\shsvcs.dll
2014-11-30 19:42:18 ----A---- C:\Windows\system32\rasmans.dll
2014-11-30 19:42:18 ----A---- C:\Windows\system32\drivers\acpi.sys
2014-11-30 19:42:17 ----A---- C:\Windows\system32\winmm.dll
2014-11-30 19:42:17 ----A---- C:\Windows\system32\vaultsvc.dll
2014-11-30 19:42:17 ----A---- C:\Windows\system32\TabSvc.dll
2014-11-30 19:42:17 ----A---- C:\Windows\system32\hbaapi.dll
2014-11-30 19:42:17 ----A---- C:\Windows\system32\drivers\udfs.sys
2014-11-30 19:42:16 ----A---- C:\Windows\system32\samcli.dll
2014-11-30 19:42:16 ----A---- C:\Windows\system32\proquota.exe
2014-11-30 19:42:16 ----A---- C:\Windows\system32\netiohlp.dll
2014-11-30 19:42:16 ----A---- C:\Windows\system32\Narrator.exe
2014-11-30 19:42:16 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2014-11-30 19:42:16 ----A---- C:\Windows\system32\halmacpi.dll
2014-11-30 19:42:16 ----A---- C:\Windows\system32\hal.dll
2014-11-30 19:42:16 ----A---- C:\Windows\system32\bootres.dll
2014-11-30 19:42:16 ----A---- C:\Windows\system32\autochk.exe
2014-11-30 19:42:16 ----A---- C:\Windows\system32\autofmt.exe
2014-11-30 19:42:16 ----A---- C:\Windows\system32\audiodg.exe
2014-11-30 19:42:15 ----A---- C:\Windows\system32\thumbcache.dll
2014-11-30 19:42:15 ----A---- C:\Windows\system32\srchadmin.dll
2014-11-30 19:42:15 ----A---- C:\Windows\system32\schtasks.exe
2014-11-30 19:42:15 ----A---- C:\Windows\system32\regapi.dll
2014-11-30 19:42:15 ----A---- C:\Windows\system32\msutb.dll
2014-11-30 19:42:15 ----A---- C:\Windows\system32\msinfo32.exe
2014-11-30 19:42:15 ----A---- C:\Windows\system32\mimefilt.dll
2014-11-30 19:42:15 ----A---- C:\Windows\system32\ipsmsnap.dll
2014-11-30 19:42:15 ----A---- C:\Windows\system32\autoconv.exe
2014-11-30 19:42:14 ----A---- C:\Windows\system32\wcncsvc.dll
2014-11-30 19:42:14 ----A---- C:\Windows\system32\tcpipcfg.dll
2014-11-30 19:42:14 ----A---- C:\Windows\system32\powercpl.dll
2014-11-30 19:42:14 ----A---- C:\Windows\system32\framedyn.dll
2014-11-30 19:42:14 ----A---- C:\Windows\system32\eapphost.dll
2014-11-30 19:42:14 ----A---- C:\Windows\system32\drivers\winusb.sys
2014-11-30 19:42:14 ----A---- C:\Windows\system32\drivers\volmgr.sys
2014-11-30 19:42:13 ----A---- C:\Windows\system32\QAGENT.DLL
2014-11-30 19:42:13 ----A---- C:\Windows\system32\netid.dll
2014-11-30 19:42:13 ----A---- C:\Windows\system32\drivers\netbt.sys
2014-11-30 19:42:13 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2014-11-30 19:42:12 ----A---- C:\Windows\system32\umpo.dll
2014-11-30 19:42:12 ----A---- C:\Windows\system32\DXP.dll
2014-11-30 19:42:12 ----A---- C:\Windows\system32\actxprxy.dll
2014-11-30 19:42:11 ----A---- C:\Windows\system32\wdc.dll
2014-11-30 19:42:11 ----A---- C:\Windows\system32\StructuredQuery.dll
2014-11-30 19:42:11 ----A---- C:\Windows\system32\scesrv.dll
2014-11-30 19:42:10 ----A---- C:\Windows\system32\untfs.dll
2014-11-30 19:42:09 ----A---- C:\Windows\system32\Vault.dll
2014-11-30 19:42:09 ----A---- C:\Windows\system32\sdclt.exe
2014-11-30 19:42:09 ----A---- C:\Windows\system32\nci.dll
2014-11-30 19:42:08 ----A---- C:\Windows\system32\wlanpref.dll
2014-11-30 19:42:08 ----A---- C:\Windows\system32\sppsvc.exe
2014-11-30 19:42:07 ----A---- C:\Windows\system32\RpcRtRemote.dll
2014-11-30 19:42:07 ----A---- C:\Windows\system32\ListSvc.dll
2014-11-30 19:42:06 ----A---- C:\Windows\system32\WMNetMgr.dll
2014-11-30 19:42:06 ----A---- C:\Windows\system32\Robocopy.exe
2014-11-30 19:42:05 ----A---- C:\Windows\system32\taskmgr.exe
2014-11-30 19:42:05 ----A---- C:\Windows\system32\mtxclu.dll
2014-11-30 19:42:05 ----A---- C:\Windows\system32\DxpTaskSync.dll
2014-11-30 19:42:05 ----A---- C:\Windows\system32\Display.dll
2014-11-30 19:42:04 ----A---- C:\Windows\system32\msdri.dll
2014-11-30 19:42:04 ----A---- C:\Windows\system32\drivers\mpio.sys
2014-11-30 19:42:04 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2014-11-30 19:42:03 ----A---- C:\Windows\system32\XpsRasterService.dll
2014-11-30 19:42:03 ----A---- C:\Windows\system32\userinit.exe
2014-11-30 19:42:03 ----A---- C:\Windows\system32\sharemediacpl.dll
2014-11-30 19:42:03 ----A---- C:\Windows\system32\puiobj.dll
2014-11-30 19:42:02 ----A---- C:\Windows\system32\termmgr.dll
2014-11-30 19:42:02 ----A---- C:\Windows\system32\drivers\scsiport.sys
2014-11-30 19:42:02 ----A---- C:\Windows\system32\DiagCpl.dll
2014-11-30 19:42:01 ----A---- C:\Windows\system32\eudcedit.exe
2014-11-30 19:41:59 ----A---- C:\Windows\system32\wiadefui.dll
2014-11-30 19:41:59 ----A---- C:\Windows\system32\sppcomapi.dll
2014-11-30 19:41:59 ----A---- C:\Windows\system32\shsetup.dll
2014-11-30 19:41:59 ----A---- C:\Windows\system32\rasppp.dll
2014-11-30 19:41:59 ----A---- C:\Windows\system32\msdtctm.dll
2014-11-30 19:41:59 ----A---- C:\Windows\system32\msconfig.exe
2014-11-30 19:41:59 ----A---- C:\Windows\system32\logoncli.dll
2014-11-30 19:41:59 ----A---- C:\Windows\system32\cabview.dll
2014-11-30 19:41:59 ----A---- C:\Windows\system32\biocpl.dll
2014-11-30 19:41:58 ----A---- C:\Windows\system32\SensorsCpl.dll
2014-11-30 19:41:58 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2014-11-30 19:41:57 ----A---- C:\Windows\system32\wpccpl.dll
2014-11-30 19:41:57 ----A---- C:\Windows\system32\themecpl.dll
2014-11-30 19:41:57 ----A---- C:\Windows\system32\dnscmmc.dll
2014-11-30 19:41:56 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2014-11-30 19:41:54 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2014-11-30 19:41:54 ----A---- C:\Windows\system32\hgcpl.dll
2014-11-30 19:41:53 ----A---- C:\Windows\system32\tapisrv.dll
2014-11-30 19:41:53 ----A---- C:\Windows\system32\scecli.dll
2014-11-30 19:41:53 ----A---- C:\Windows\system32\mscms.dll
2014-11-30 19:41:53 ----A---- C:\Windows\system32\fontext.dll
2014-11-30 19:41:52 ----A---- C:\Windows\system32\SndVolSSO.dll
2014-11-30 19:41:52 ----A---- C:\Windows\system32\mprddm.dll
2014-11-30 19:41:52 ----A---- C:\Windows\system32\localsec.dll
2014-11-30 19:41:52 ----A---- C:\Windows\system32\iasacct.dll
2014-11-30 19:41:52 ----A---- C:\Windows\system32\bcdsrv.dll
2014-11-30 19:41:51 ----A---- C:\Windows\system32\wlanui.dll
2014-11-30 19:41:51 ----A---- C:\Windows\system32\wkssvc.dll
2014-11-30 19:41:51 ----A---- C:\Windows\system32\usercpl.dll
2014-11-30 19:41:51 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2014-11-30 19:41:51 ----A---- C:\Windows\system32\KMSVC.DLL
2014-11-30 19:41:50 ----A---- C:\Windows\system32\VAN.dll
2014-11-30 19:41:50 ----A---- C:\Windows\system32\prntvpt.dll
2014-11-30 19:41:50 ----A---- C:\Windows\system32\mblctr.exe
2014-11-30 19:41:50 ----A---- C:\Windows\system32\batmeter.dll
2014-11-30 19:41:49 ----A---- C:\Windows\system32\wpdbusenum.dll
2014-11-30 19:41:49 ----A---- C:\Windows\system32\w32tm.exe
2014-11-30 19:41:49 ----A---- C:\Windows\system32\spwizeng.dll
2014-11-30 19:41:49 ----A---- C:\Windows\system32\SndVol.exe
2014-11-30 19:41:49 ----A---- C:\Windows\system32\netcenter.dll
2014-11-30 19:41:49 ----A---- C:\Windows\system32\azroleui.dll
2014-11-30 19:41:49 ----A---- C:\Windows\system32\accessibilitycpl.dll
2014-11-30 19:41:48 ----A---- C:\Windows\system32\zipfldr.dll
2014-11-30 19:41:48 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2014-11-30 19:41:48 ----A---- C:\Windows\system32\fdeploy.dll
2014-11-30 19:41:48 ----A---- C:\Windows\system32\drivers\ks.sys
2014-11-30 19:41:47 ----A---- C:\Windows\system32\wusa.exe
2014-11-30 19:41:47 ----A---- C:\Windows\system32\networkmap.dll
2014-11-30 19:41:47 ----A---- C:\Windows\system32\netjoin.dll
2014-11-30 19:41:47 ----A---- C:\Windows\system32\mspbda.dll
2014-11-30 19:41:47 ----A---- C:\Windows\system32\Faultrep.dll
2014-11-30 19:41:47 ----A---- C:\Windows\system32\cryptui.dll
2014-11-30 19:41:47 ----A---- C:\Windows\system32\adsldp.dll
2014-11-30 19:41:46 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2014-11-30 19:41:46 ----A---- C:\Windows\system32\cfgmgr32.dll
2014-11-30 19:41:45 ----A---- C:\Windows\system32\taskbarcpl.dll
2014-11-30 19:41:45 ----A---- C:\Windows\system32\sud.dll
2014-11-30 19:41:45 ----A---- C:\Windows\system32\prnfldr.dll
2014-11-30 19:41:45 ----A---- C:\Windows\system32\photowiz.dll
2014-11-30 19:41:45 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2014-11-30 19:41:45 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2014-11-30 19:41:45 ----A---- C:\Windows\system32\ActionCenter.dll
2014-11-30 19:41:44 ----A---- C:\Windows\system32\slui.exe
2014-11-30 19:41:44 ----A---- C:\Windows\system32\iprtrmgr.dll
2014-11-30 19:41:44 ----A---- C:\Windows\system32\iasrad.dll
2014-11-30 19:41:44 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2014-11-30 19:41:43 ----A---- C:\Windows\system32\halacpi.dll
2014-11-30 19:41:43 ----A---- C:\Windows\system32\ftp.exe
2014-11-30 19:41:43 ----A---- C:\Windows\system32\dot3cfg.dll
2014-11-30 19:41:42 ----A---- C:\Windows\system32\wpd_ci.dll
2014-11-30 19:41:42 ----A---- C:\Windows\system32\sisbkup.dll
2014-11-30 19:41:42 ----A---- C:\Windows\system32\shwebsvc.dll
2014-11-30 19:41:42 ----A---- C:\Windows\system32\ifsutil.dll
2014-11-30 19:41:42 ----A---- C:\Windows\system32\efscore.dll
2014-11-30 19:41:41 ----A---- C:\Windows\system32\syncui.dll
2014-11-30 19:41:41 ----A---- C:\Windows\system32\sdcpl.dll
2014-11-30 19:41:41 ----A---- C:\Windows\system32\recovery.dll
2014-11-30 19:41:41 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2014-11-30 19:41:40 ----A---- C:\Windows\system32\DeviceCenter.dll
2014-11-30 19:41:40 ----A---- C:\Windows\system32\bcdedit.exe
2014-11-30 19:41:40 ----A---- C:\Windows\system32\autoplay.dll
2014-11-30 19:41:39 ----A---- C:\Windows\system32\wmpmde.dll
2014-11-30 19:41:39 ----A---- C:\Windows\system32\vdsutil.dll
2014-11-30 19:41:39 ----A---- C:\Windows\system32\sppnp.dll
2014-11-30 19:41:39 ----A---- C:\Windows\system32\rtutils.dll
2014-11-30 19:41:39 ----A---- C:\Windows\system32\OobeFldr.dll
2014-11-30 19:41:39 ----A---- C:\Windows\system32\ntlanman.dll
2014-11-30 19:41:39 ----A---- C:\Windows\system32\dskquoui.dll
2014-11-30 19:41:38 ----A---- C:\Windows\system32\systemcpl.dll
2014-11-30 19:41:38 ----A---- C:\Windows\system32\recdisc.exe
2014-11-30 19:41:38 ----A---- C:\Windows\system32\ntprint.dll
2014-11-30 19:41:38 ----A---- C:\Windows\system32\bcdboot.exe
2014-11-30 19:41:36 ----A---- C:\Windows\system32\sethc.exe
2014-11-30 19:41:36 ----A---- C:\Windows\system32\rstrui.exe
2014-11-30 19:41:36 ----A---- C:\Windows\system32\riched20.dll
2014-11-30 19:41:35 ----A---- C:\Windows\system32\blackbox.dll
2014-11-30 19:41:35 ----A---- C:\Windows\system32\AxInstSv.dll
2014-11-30 19:41:34 ----A---- C:\Windows\system32\wmpsrcwp.dll
2014-11-30 19:41:34 ----A---- C:\Windows\system32\netplwiz.dll
2014-11-30 19:41:34 ----A---- C:\Windows\system32\NAPHLPR.DLL
2014-11-30 19:41:34 ----A---- C:\Windows\system32\migisol.dll
2014-11-30 19:41:34 ----A---- C:\Windows\system32\fms.dll
2014-11-30 19:41:34 ----A---- C:\Windows\system32\activeds.dll
2014-11-30 19:41:33 ----A---- C:\Windows\system32\httpapi.dll
2014-11-30 19:41:33 ----A---- C:\Windows\system32\dpx.dll
2014-11-30 19:41:33 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2014-11-30 19:41:32 ----A---- C:\Windows\system32\dot3svc.dll
2014-11-30 19:41:32 ----A---- C:\Windows\system32\asycfilt.dll
2014-11-30 19:41:31 ----A---- C:\Windows\system32\wsqmcons.exe
2014-11-30 19:41:31 ----A---- C:\Windows\system32\wavemsp.dll
2014-11-30 19:41:31 ----A---- C:\Windows\system32\ReAgent.dll
2014-11-30 19:41:31 ----A---- C:\Windows\system32\nshipsec.dll
2014-11-30 19:41:31 ----A---- C:\Windows\system32\msftedit.dll
2014-11-30 19:41:31 ----A---- C:\Windows\system32\isoburn.exe
2014-11-30 19:41:30 ----A---- C:\Windows\system32\wvc.dll
2014-11-30 19:41:30 ----A---- C:\Windows\system32\wtsapi32.dll
2014-11-30 19:41:30 ----A---- C:\Windows\system32\wlanmsm.dll
2014-11-30 19:41:30 ----A---- C:\Windows\system32\tzutil.exe
2014-11-30 19:41:30 ----A---- C:\Windows\system32\sysclass.dll
2014-11-30 19:41:30 ----A---- C:\Windows\system32\provsvc.dll
2014-11-30 19:41:30 ----A---- C:\Windows\system32\ocsetup.exe
2014-11-30 19:41:30 ----A---- C:\Windows\system32\dsuiext.dll
2014-11-30 19:41:30 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2014-11-30 19:41:30 ----A---- C:\Windows\system32\dot3ui.dll
2014-11-30 19:41:30 ----A---- C:\Windows\system32\dfrgui.exe
2014-11-30 19:41:29 ----A---- C:\Windows\system32\wimgapi.dll
2014-11-30 19:41:28 ----A---- C:\Windows\system32\twext.dll
2014-11-30 19:41:28 ----A---- C:\Windows\system32\PkgMgr.exe
2014-11-30 19:41:28 ----A---- C:\Windows\system32\mstask.dll
2014-11-30 19:41:28 ----A---- C:\Windows\system32\certprop.dll
2014-11-30 19:41:26 ----A---- C:\Windows\twain_32.dll
2014-11-30 19:41:26 ----A---- C:\Windows\system32\SmiEngine.dll
2014-11-30 19:41:26 ----A---- C:\Windows\system32\setupugc.exe
2014-11-30 19:41:26 ----A---- C:\Windows\system32\qcap.dll
2014-11-30 19:41:26 ----A---- C:\Windows\system32\qasf.dll
2014-11-30 19:41:25 ----A---- C:\Windows\system32\uxlib.dll
2014-11-30 19:41:25 ----A---- C:\Windows\system32\ssText3d.scr
2014-11-30 19:41:25 ----A---- C:\Windows\system32\srrstr.dll
2014-11-30 19:41:25 ----A---- C:\Windows\system32\slwga.dll
2014-11-30 19:41:25 ----A---- C:\Windows\system32\imm32.dll
2014-11-30 19:41:24 ----A---- C:\Windows\system32\wwanconn.dll
2014-11-30 19:41:24 ----A---- C:\Windows\system32\msvfw32.dll
2014-11-30 19:41:23 ----A---- C:\Windows\system32\nslookup.exe
2014-11-30 19:41:23 ----A---- C:\Windows\system32\mciavi32.dll
2014-11-30 19:41:23 ----A---- C:\Windows\system32\audiodev.dll
2014-11-30 19:41:22 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2014-11-30 19:41:22 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-11-30 19:41:22 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2014-11-30 19:41:22 ----A---- C:\Windows\system32\clusapi.dll
2014-11-30 19:41:21 ----A---- C:\Windows\system32\msscp.dll
2014-11-30 19:41:20 ----A---- C:\Windows\system32\wimserv.exe
2014-11-30 19:41:20 ----A---- C:\Windows\system32\rdpencom.dll
2014-11-30 19:41:20 ----A---- C:\Windows\system32\diskraid.exe
2014-11-30 19:41:20 ----A---- C:\Windows\system32\acppage.dll
2014-11-30 19:41:19 ----A---- C:\Windows\system32\remotepg.dll
2014-11-30 19:41:19 ----A---- C:\Windows\system32\raschap.dll
2014-11-30 19:41:19 ----A---- C:\Windows\system32\QUTIL.DLL
2014-11-30 19:41:19 ----A---- C:\Windows\system32\perfmon.exe
2014-11-30 19:41:19 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2014-11-30 19:41:19 ----A---- C:\Windows\system32\input.dll
2014-11-30 19:41:19 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-11-30 19:41:18 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-11-30 19:41:18 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2014-11-30 19:41:18 ----A---- C:\Windows\system32\sdrsvc.dll
2014-11-30 19:41:18 ----A---- C:\Windows\system32\olepro32.dll
2014-11-30 19:41:18 ----A---- C:\Windows\system32\ocsetapi.dll
2014-11-30 19:41:18 ----A---- C:\Windows\system32\networkexplorer.dll
2014-11-30 19:41:17 ----A---- C:\Windows\system32\wpdwcn.dll
2014-11-30 19:41:17 ----A---- C:\Windows\system32\wmpdxm.dll
2014-11-30 19:41:17 ----A---- C:\Windows\system32\vpnikeapi.dll
2014-11-30 19:41:17 ----A---- C:\Windows\system32\vdsbas.dll
2014-11-30 19:41:17 ----A---- C:\Windows\system32\runonce.exe
2014-11-30 19:41:17 ----A---- C:\Windows\system32\onexui.dll
2014-11-30 19:41:17 ----A---- C:\Windows\system32\nltest.exe
2014-11-30 19:41:17 ----A---- C:\Windows\system32\iTVData.dll
2014-11-30 19:41:17 ----A---- C:\Windows\bfsvc.exe
2014-11-30 19:41:16 ----A---- C:\Windows\system32\Mcx2Svc.dll
2014-11-30 19:41:16 ----A---- C:\Windows\system32\dxdiagn.dll
2014-11-30 19:41:15 ----A---- C:\Windows\system32\logagent.exe
2014-11-30 19:41:14 ----A---- C:\Windows\system32\wmpshell.dll
2014-11-30 19:41:14 ----A---- C:\Windows\system32\wmdrmdev.dll
2014-11-30 19:41:14 ----A---- C:\Windows\system32\shacct.dll
2014-11-30 19:41:14 ----A---- C:\Windows\system32\PnPUnattend.exe
2014-11-30 19:41:14 ----A---- C:\Windows\system32\msvidc32.dll
2014-11-30 19:41:14 ----A---- C:\Windows\system32\msiexec.exe
2014-11-30 19:41:14 ----A---- C:\Windows\system32\MFPlay.dll
2014-11-30 19:41:14 ----A---- C:\Windows\system32\eapp3hst.dll
2014-11-30 19:41:14 ----A---- C:\Windows\system32\drivers\rmcast.sys
2014-11-30 19:41:13 ----A---- C:\Windows\system32\unimdmat.dll
2014-11-30 19:41:13 ----A---- C:\Windows\system32\tabcal.exe
2014-11-30 19:41:13 ----A---- C:\Windows\system32\sqlcese30.dll
2014-11-30 19:41:13 ----A---- C:\Windows\system32\rdpd3d.dll
2014-11-30 19:41:13 ----A---- C:\Windows\system32\mprapi.dll
2014-11-30 19:41:13 ----A---- C:\Windows\system32\lsmproxy.dll
2014-11-30 19:41:13 ----A---- C:\Windows\system32\iscsium.dll
2014-11-30 19:41:13 ----A---- C:\Windows\system32\Bubbles.scr
2014-11-30 19:41:13 ----A---- C:\Windows\system32\bitsadmin.exe
2014-11-30 19:41:12 ----A---- C:\Windows\system32\WPDSp.dll
2014-11-30 19:41:12 ----A---- C:\Windows\system32\srvcli.dll
2014-11-30 19:41:12 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2014-11-30 19:41:12 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2014-11-30 19:41:12 ----A---- C:\Windows\system32\pdh.dll
2014-11-30 19:41:12 ----A---- C:\Windows\system32\OpcServices.dll
2014-11-30 19:41:12 ----A---- C:\Windows\system32\olethk32.dll
2014-11-30 19:41:12 ----A---- C:\Windows\system32\ncryptui.dll
2014-11-30 19:41:12 ----A---- C:\Windows\system32\MdSched.exe
2014-11-30 19:41:12 ----A---- C:\Windows\system32\logman.exe
2014-11-30 19:41:12 ----A---- C:\Windows\system32\djoin.exe
2014-11-30 19:41:12 ----A---- C:\Windows\system32\cscapi.dll
2014-11-30 19:41:11 ----A---- C:\Windows\system32\Ribbons.scr
2014-11-30 19:41:11 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2014-11-30 19:41:11 ----A---- C:\Windows\system32\Mystify.scr
2014-11-30 19:41:11 ----A---- C:\Windows\system32\mapistub.dll
2014-11-30 19:41:11 ----A---- C:\Windows\system32\mapi32.dll
2014-11-30 19:41:11 ----A---- C:\Windows\system32\lpremove.exe
2014-11-30 19:41:11 ----A---- C:\Windows\system32\ActionQueue.dll
2014-11-30 19:41:10 ----A---- C:\Windows\system32\WMADMOD.DLL
2014-11-30 19:41:10 ----A---- C:\Windows\system32\wiavideo.dll
2014-11-30 19:41:10 ----A---- C:\Windows\system32\utildll.dll
2014-11-30 19:41:10 ----A---- C:\Windows\system32\takeown.exe
2014-11-30 19:41:10 ----A---- C:\Windows\system32\fphc.dll
2014-11-30 19:41:10 ----A---- C:\Windows\system32\dot3msm.dll
2014-11-30 19:41:10 ----A---- C:\Windows\system32\avifil32.dll
2014-11-30 19:41:09 ----A---- C:\Windows\system32\WMVSDECD.DLL
2014-11-30 19:41:09 ----A---- C:\Windows\system32\wmdrmnet.dll
2014-11-30 19:41:09 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2014-11-30 19:41:09 ----A---- C:\Windows\system32\sqmapi.dll
2014-11-30 19:41:09 ----A---- C:\Windows\system32\qdv.dll
2014-11-30 19:41:09 ----A---- C:\Windows\system32\iyuv_32.dll
2014-11-30 19:41:09 ----A---- C:\Windows\system32\EhStorAPI.dll
2014-11-30 19:41:08 ----A---- C:\Windows\system32\unattend.dll
2014-11-30 19:41:08 ----A---- C:\Windows\system32\sppinst.dll
2014-11-30 19:41:08 ----A---- C:\Windows\system32\QCLIPROV.DLL
2014-11-30 19:41:08 ----A---- C:\Windows\system32\msyuv.dll
2014-11-30 19:41:08 ----A---- C:\Windows\system32\msrle32.dll
2014-11-30 19:41:08 ----A---- C:\Windows\system32\msnetobj.dll
2014-11-30 19:41:08 ----A---- C:\Windows\system32\cmstp.exe
2014-11-30 19:41:08 ----A---- C:\Windows\system32\cca.dll
2014-11-30 19:41:07 ----A---- C:\Windows\system32\wsnmp32.dll
2014-11-30 19:41:07 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2014-11-30 19:41:07 ----A---- C:\Windows\system32\vfwwdm32.dll
2014-11-30 19:41:07 ----A---- C:\Windows\system32\umb.dll
2014-11-30 19:41:07 ----A---- C:\Windows\system32\setupcln.dll
2014-11-30 19:41:07 ----A---- C:\Windows\system32\RelPost.exe
2014-11-30 19:41:07 ----A---- C:\Windows\system32\pdhui.dll
2014-11-30 19:41:07 ----A---- C:\Windows\system32\MuiUnattend.exe
2014-11-30 19:41:07 ----A---- C:\Windows\system32\basesrv.dll
2014-11-30 19:41:07 ----A---- C:\Windows\system32\AzSqlExt.dll
2014-11-30 19:41:06 ----A---- C:\Windows\system32\tsbyuv.dll
2014-11-30 19:41:06 ----A---- C:\Windows\system32\relog.exe
2014-11-30 19:41:06 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2014-11-30 19:41:06 ----A---- C:\Windows\system32\msorcl32.dll
2014-11-30 19:41:06 ----A---- C:\Windows\system32\iasrecst.dll
2014-11-30 19:41:06 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2014-11-30 19:41:05 ----A---- C:\Windows\system32\wkscli.dll
2014-11-30 19:41:05 ----A---- C:\Windows\system32\WavDest.dll
2014-11-30 19:41:05 ----A---- C:\Windows\system32\sppuinotify.dll
2014-11-30 19:41:05 ----A---- C:\Windows\system32\spbcd.dll
2014-11-30 19:41:05 ----A---- C:\Windows\system32\netiougc.exe
2014-11-30 19:41:05 ----A---- C:\Windows\system32\mydocs.dll
2014-11-30 19:41:05 ----A---- C:\Windows\system32\iscsicli.exe
2014-11-30 19:41:05 ----A---- C:\Windows\system32\amstream.dll
2014-11-30 19:41:04 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-11-30 19:41:04 ----A---- C:\Windows\system32\resutils.dll
2014-11-30 19:41:04 ----A---- C:\Windows\system32\rastapi.dll
2014-11-30 19:41:04 ----A---- C:\Windows\system32\nrpsrv.dll
2014-11-30 19:41:04 ----A---- C:\Windows\system32\netbtugc.exe
2014-11-30 19:41:04 ----A---- C:\Windows\system32\MultiDigiMon.exe
2014-11-30 19:41:04 ----A---- C:\Windows\system32\itircl.dll
2014-11-30 19:41:04 ----A---- C:\Windows\system32\diskpart.exe
2014-11-30 19:41:03 ----A---- C:\Windows\system32\wmpps.dll
2014-11-30 19:41:03 ----A---- C:\Windows\system32\WerFaultSecure.exe
2014-11-30 19:41:03 ----A---- C:\Windows\system32\syssetup.dll
2014-11-30 19:41:03 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-11-30 19:41:03 ----A---- C:\Windows\system32\CertPolEng.dll
2014-11-30 19:41:02 ----A---- C:\Windows\system32\wiarpc.dll
2014-11-30 19:41:02 ----A---- C:\Windows\system32\tlscsp.dll
2014-11-30 19:41:02 ----A---- C:\Windows\system32\ReAgentc.exe
2014-11-30 19:41:02 ----A---- C:\Windows\system32\netutils.dll
2014-11-30 19:41:02 ----A---- C:\Windows\system32\mciqtz32.dll
2014-11-30 19:41:02 ----A---- C:\Windows\system32\findstr.exe
2014-11-30 19:41:02 ----A---- C:\Windows\system32\eappgnui.dll
2014-11-30 19:41:01 ----A---- C:\Windows\system32\muifontsetup.dll
2014-11-30 19:41:01 ----A---- C:\Windows\system32\mobsync.exe
2014-11-30 19:41:01 ----A---- C:\Windows\system32\iccvid.dll
2014-11-30 19:41:01 ----A---- C:\Windows\system32\cabinet.dll
2014-11-30 19:41:00 ----A---- C:\Windows\system32\sppc.dll
2014-11-30 19:41:00 ----A---- C:\Windows\system32\spopk.dll
2014-11-30 19:41:00 ----A---- C:\Windows\system32\shimgvw.dll
2014-11-30 19:41:00 ----A---- C:\Windows\system32\drivers\tdi.sys
2014-11-30 19:41:00 ----A---- C:\Windows\system32\dosx.exe
2014-11-30 19:40:59 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2014-11-30 19:40:59 ----A---- C:\Windows\system32\unlodctr.exe
2014-11-30 19:40:59 ----A---- C:\Windows\system32\repair-bde.exe
2014-11-30 19:40:59 ----A---- C:\Windows\system32\luainstall.dll
2014-11-30 19:40:59 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2014-11-30 19:40:59 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2014-11-30 19:40:59 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2014-11-30 19:40:58 ----A---- C:\Windows\system32\netcfg.exe
2014-11-30 19:40:58 ----A---- C:\Windows\system32\msdmo.dll
2014-11-30 19:40:58 ----A---- C:\Windows\system32\manage-bde.exe
2014-11-30 19:40:57 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2014-11-30 19:40:57 ----A---- C:\Windows\system32\inetmib1.dll
2014-11-30 19:40:55 ----A---- C:\Windows\system32\profprov.dll
2014-11-30 19:40:55 ----A---- C:\Windows\system32\odbcconf.dll
2014-11-30 19:40:55 ----A---- C:\Windows\system32\drivers\cdrom.sys
2014-11-30 19:40:54 ----A---- C:\Windows\system32\UIRibbonRes.dll
2014-11-30 19:40:53 ----A---- C:\Windows\system32\perfts.dll
2014-11-30 19:40:52 ----A---- C:\Windows\system32\icaapi.dll
2014-11-30 19:40:51 ----A---- C:\Windows\system32\FXSMON.dll
2014-11-30 19:40:51 ----A---- C:\Windows\system32\drivers\dfsc.sys
2014-11-30 19:40:50 ----A---- C:\Windows\system32\TRAPI.dll
2014-11-30 19:40:50 ----A---- C:\Windows\system32\RDPENCDD.dll
2014-11-30 19:40:50 ----A---- C:\Windows\system32\elsTrans.dll
2014-11-30 19:40:50 ----A---- C:\Windows\system32\drivers\tunnel.sys
2014-11-30 19:40:49 ----A---- C:\Windows\system32\wshbth.dll
2014-11-30 19:40:49 ----A---- C:\Windows\system32\schedcli.dll
2014-11-30 19:40:49 ----A---- C:\Windows\system32\napdsnap.dll
2014-11-30 19:40:49 ----A---- C:\Windows\system32\LogonUI.exe
2014-11-30 19:40:49 ----A---- C:\Windows\system32\dsauth.dll
2014-11-30 19:40:49 ----A---- C:\Windows\system32\cscdll.dll
2014-11-30 19:40:49 ----A---- C:\Windows\system32\bitsperf.dll
2014-11-30 19:40:47 ----A---- C:\Windows\system32\sscore.dll
2014-11-30 19:40:47 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2014-11-30 19:40:46 ----A---- C:\Windows\system32\wsdchngr.dll
2014-11-30 19:40:46 ----A---- C:\Windows\system32\shgina.dll
2014-11-30 19:40:46 ----A---- C:\Windows\system32\riched32.dll
2014-11-30 19:40:46 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2014-11-30 19:40:45 ----A---- C:\Windows\system32\rdpcfgex.dll
2014-11-30 19:40:45 ----A---- C:\Windows\system32\drivers\hidusb.sys
2014-11-30 19:40:44 ----A---- C:\Windows\system32\drivers\appid.sys
2014-11-30 19:40:43 ----A---- C:\Windows\system32\wshirda.dll
2014-11-30 19:40:43 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2014-11-30 19:40:41 ----A---- C:\Windows\system32\spwmp.dll
2014-11-30 19:40:41 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2014-11-30 19:40:41 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2014-11-30 19:40:41 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2014-11-30 19:40:41 ----A---- C:\Windows\system32\browseui.dll
2014-11-30 19:40:40 ----A---- C:\Windows\system32\drivers\wanarp.sys
2014-11-30 19:40:40 ----A---- C:\Windows\system32\drivers\tdpipe.sys
2014-11-30 19:40:40 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2014-11-30 19:40:39 ----A---- C:\Windows\system32\RDPREFDD.dll
2014-11-30 19:40:39 ----A---- C:\Windows\system32\dxmasf.dll
2014-11-30 19:40:39 ----A---- C:\Windows\system32\drivers\umbus.sys
2014-11-30 19:40:39 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2014-11-30 19:40:39 ----A---- C:\Windows\system32\drivers\scfilter.sys
2014-11-30 19:40:39 ----A---- C:\Windows\system32\drivers\RDPCDD.sys
2014-11-30 19:40:39 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2014-11-30 19:40:39 ----A---- C:\Windows\system32\C_ISCII.DLL
2014-11-30 19:40:38 ----A---- C:\Windows\system32\shunimpl.dll
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDUS.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDTURME.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDTUQ.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDSF.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDNEPR.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDMON.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDMAORI.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDLT1.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\kbdlk41a.dll
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDINTEL.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDINTAM.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDINORI.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDINMAR.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDINKAN.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDINHIN.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDINBEN.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDGR1.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDGEO.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDBULG.DLL
2014-11-30 19:40:35 ----A---- C:\Windows\system32\KBDBLR.DLL
2014-11-30 19:40:34 ----A---- C:\Windows\system32\pifmgr.dll
2014-11-30 19:40:34 ----A---- C:\Windows\system32\nlsbres.dll
2014-11-30 19:40:34 ----A---- C:\Windows\system32\KBDTUF.DLL
2014-11-30 19:40:34 ----A---- C:\Windows\system32\KBDSG.DLL
2014-11-30 19:40:34 ----A---- C:\Windows\system32\KBDPO.DLL
2014-11-30 19:40:34 ----A---- C:\Windows\system32\KBDGKL.DLL
2014-11-30 19:40:34 ----A---- C:\Windows\system32\KBDCZ1.DLL
2014-11-30 19:40:34 ----A---- C:\Windows\system32\dpnaddr.dll
2014-11-30 19:40:33 ----A---- C:\Windows\system32\spwizres.dll
2014-11-30 19:40:33 ----A---- C:\Windows\system32\BlbEvents.dll
2014-11-30 19:40:18 ----A---- C:\Windows\system32\wdscore.dll
2014-11-30 19:39:56 ----A---- C:\Windows\system32\wbemcomn.dll
2014-11-30 19:14:35 ----D---- C:\Users\Adam\AppData\Roaming\Macromedia
2014-11-30 19:00:35 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-11-30 19:00:20 ----D---- C:\Windows\system32\Macromed
2014-11-30 18:11:05 ----D---- C:\Windows\Sun
2014-11-30 17:42:57 ----D---- C:\ProgramData\Sun
2014-11-30 17:42:55 ----D---- C:\Program Files\Common Files\Java
2014-11-30 17:42:31 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-11-30 17:40:20 ----D---- C:\ProgramData\Oracle
2014-11-30 17:40:07 ----D---- C:\Program Files\Java
2014-11-30 17:35:19 ----A---- C:\Windows\system32\D3DX9_42.dll
2014-11-30 17:35:17 ----A---- C:\Windows\system32\d3dx9_31.dll
2014-11-30 17:34:06 ----D---- C:\Program Files\Common Files\PX Storage Engine
2014-11-30 17:33:55 ----D---- C:\Users\Adam\AppData\Roaming\Winamp
2014-11-30 17:33:55 ----D---- C:\Program Files\Winamp
2014-11-30 17:27:55 ----D---- C:\Users\Adam\AppData\Roaming\Adobe
2014-11-30 17:09:59 ----D---- C:\Users\Adam\AppData\Roaming\ESET
2014-11-30 17:07:45 ----D---- C:\ProgramData\ESET
2014-11-30 17:07:45 ----D---- C:\Program Files\ESET
2014-11-30 16:33:41 ----A---- C:\Windows\system32\RtkAPO.dll
2014-11-30 16:14:45 ----D---- C:\Program Files\Lavalys
2014-11-30 16:12:49 ----D---- C:\Program Files\Microsoft.NET
2014-11-30 16:01:43 ----SD---- C:\Windows\system32\CompatTel
2014-11-30 16:00:14 ----HD---- C:\Program Files\Temp
2014-11-30 16:00:09 ----D---- C:\Program Files\Common Files\InstallShield
2014-11-30 15:53:21 ----D---- C:\Users\Adam\AppData\Roaming\Mozilla
2014-11-30 15:53:14 ----D---- C:\ProgramData\Mozilla
2014-11-30 15:53:14 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-11-30 15:45:58 ----A---- C:\Windows\system32\nvStreaming.exe
2014-11-30 15:44:12 ----A---- C:\Windows\system32\OpenCL.dll
2014-11-30 15:43:01 ----D---- C:\ProgramData\NVIDIA Corporation
2014-11-30 15:41:07 ----N---- C:\Windows\system32\MpSigStub.exe
2014-11-30 15:40:35 ----A---- C:\Windows\system32\browserchoice.exe
2014-11-30 15:38:31 ----D---- C:\Windows\system32\MRT
2014-11-30 15:38:23 ----A---- C:\Windows\system32\MRT.exe
2014-11-30 15:33:57 ----A---- C:\Windows\system32\poqexec.exe
2014-11-30 15:19:43 ----D---- C:\Program Files\Common Files\Adobe
2014-11-30 15:19:43 ----D---- C:\Program Files\Adobe
2014-11-30 15:19:29 ----D---- C:\ProgramData\Adobe
2014-11-30 15:17:15 ----A---- C:\Windows\system32\nvuhda.exe
2014-11-30 15:17:15 ----A---- C:\Windows\system32\nvcohda.dll
2014-11-30 15:16:51 ----D---- C:\ProgramData\NVIDIA
2014-11-30 15:16:44 ----D---- C:\Program Files\NVIDIA Corporation
2014-11-30 15:15:55 ----SHD---- C:\Windows\Installer
2014-11-30 15:15:37 ----A---- C:\Windows\system32\nvuninst.exe
2014-11-30 15:14:57 ----A---- C:\Windows\system32\smdll.dll
2014-11-30 15:14:57 ----A---- C:\Windows\system32\msicpl.dll
2014-11-30 15:14:57 ----A---- C:\Windows\system32\HookShield.dll
2014-11-30 15:14:57 ----A---- C:\Windows\system32\executeosd.exe
2014-11-30 15:14:57 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-11-30 15:14:57 ----A---- C:\Windows\system32\d3dx9_28.dll
2014-11-30 15:14:57 ----A---- C:\Windows\system32\d3dx9_27.dll
2014-11-30 15:14:56 ----A---- C:\Windows\system32\startup.exe
2014-11-30 15:14:56 ----A---- C:\Windows\system32\nvudisp.exe
2014-11-30 15:14:56 ----A---- C:\Windows\system32\msvcr80.dll
2014-11-30 15:14:56 ----A---- C:\Windows\system32\MadCHook.dll
2014-11-30 15:14:56 ----A---- C:\Windows\system32\HookMap.dll
2014-11-30 15:14:56 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-11-30 15:14:56 ----A---- C:\Windows\system32\Auxiliary.dll
2014-11-30 15:13:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-30 15:07:34 ----D---- C:\Users\Adam\AppData\Roaming\Identities
2014-11-30 15:05:48 ----SD---- C:\Users\Adam\AppData\Roaming\Microsoft
2014-11-30 15:05:48 ----D---- C:\Users\Adam\AppData\Roaming\Media Center Programs
2014-11-30 15:04:38 ----SHD---- C:\Recovery
2014-11-30 15:01:02 ----D---- C:\Windows\SoftwareDistribution
2014-11-30 14:58:03 ----D---- C:\Windows\Prefetch
2014-11-30 14:57:55 ----ASH---- C:\pagefile.sys
2014-11-30 14:57:54 ----SHD---- C:\System Volume Information
2014-11-30 14:57:54 ----ASH---- C:\hiberfil.sys
2014-11-30 14:57:02 ----D---- C:\Windows\Panther

======List of files/folders modified in the last 1 month======

2014-12-17 17:55:52 ----D---- C:\Windows\Temp
2014-12-17 17:54:17 ----RD---- C:\Program Files
2014-12-17 16:57:16 ----D---- C:\Windows\system32\config
2014-12-13 16:30:00 ----D---- C:\Windows\System32
2014-12-13 16:29:59 ----D---- C:\Windows\inf
2014-12-13 16:24:28 ----D---- C:\Windows
2014-12-12 21:49:04 ----D---- C:\Windows\rescache
2014-12-12 19:57:28 ----D---- C:\Windows\Logs
2014-12-12 19:57:27 ----D---- C:\Windows\debug
2014-12-12 19:41:16 ----D---- C:\Windows\system32\Tasks
2014-12-12 17:39:23 ----D---- C:\Windows\winsxs
2014-12-11 23:26:03 ----D---- C:\Windows\system32\drivers
2014-12-11 23:26:01 ----D---- C:\Windows\AppCompat
2014-12-11 23:26:00 ----SD---- C:\ProgramData\Microsoft
2014-12-11 23:26:00 ----D---- C:\Windows\system32\sk-SK
2014-12-11 23:26:00 ----D---- C:\Windows\system32\en-US
2014-12-11 23:26:00 ----D---- C:\Windows\PolicyDefinitions
2014-12-11 23:25:58 ----D---- C:\Program Files\Internet Explorer
2014-12-11 21:44:09 ----D---- C:\Windows\system32\catroot
2014-12-11 21:07:37 ----D---- C:\Windows\system32\catroot2
2014-12-07 14:26:46 ----D---- C:\Windows\system32\wdi
2014-12-05 19:08:45 ----D---- C:\Windows\Microsoft.NET
2014-12-05 19:04:38 ----RSD---- C:\Windows\assembly
2014-12-05 18:28:17 ----D---- C:\Windows\system32\drivers\UMDF
2014-12-03 22:18:36 ----D---- C:\Windows\system32\wbem
2014-12-03 22:18:36 ----D---- C:\Windows\system32\DriverStore
2014-12-03 22:18:36 ----D---- C:\Windows\system32\drivers\en-US
2014-12-03 22:05:34 ----RSD---- C:\Windows\Fonts
2014-12-03 21:34:39 ----D---- C:\Windows\ehome
2014-12-03 21:34:36 ----D---- C:\Program Files\Common Files\System
2014-12-03 21:34:31 ----D---- C:\Program Files\Windows Journal
2014-12-03 21:34:14 ----D---- C:\Windows\system32\migration
2014-12-03 21:34:13 ----D---- C:\Windows\AppPatch
2014-12-03 21:33:54 ----D---- C:\Windows\system32\Dism
2014-12-03 21:33:16 ----D---- C:\Program Files\Windows Media Player
2014-12-03 21:33:04 ----D---- C:\Program Files\Windows Defender
2014-12-03 18:32:12 ----D---- C:\Windows\system32\LogFiles
2014-12-02 22:02:07 ----D---- C:\Windows\system32\zh-HK
2014-12-02 22:02:07 ----D---- C:\Windows\system32\pt-PT
2014-12-02 22:02:07 ----D---- C:\Windows\system32\pt-BR
2014-12-02 22:02:07 ----D---- C:\Windows\system32\pl-PL
2014-12-02 22:02:07 ----D---- C:\Windows\system32\ko-KR
2014-12-02 22:02:07 ----D---- C:\Windows\system32\it-IT
2014-12-02 22:02:07 ----D---- C:\Windows\system32\hu-HU
2014-12-02 22:02:06 ----D---- C:\Windows\system32\zh-TW
2014-12-02 22:02:06 ----D---- C:\Windows\system32\zh-CN
2014-12-02 22:02:06 ----D---- C:\Windows\system32\tr-TR
2014-12-02 22:02:06 ----D---- C:\Windows\system32\sv-SE
2014-12-02 22:02:06 ----D---- C:\Windows\system32\ru-RU
2014-12-02 22:02:06 ----D---- C:\Windows\system32\nl-NL
2014-12-02 22:02:06 ----D---- C:\Windows\system32\ja-JP
2014-12-02 22:02:06 ----D---- C:\Windows\system32\fr-FR
2014-12-02 22:02:06 ----D---- C:\Windows\system32\fi-FI
2014-12-02 22:02:06 ----D---- C:\Windows\system32\es-ES
2014-12-02 22:02:06 ----D---- C:\Windows\system32\el-GR
2014-12-02 22:02:06 ----D---- C:\Windows\system32\de-DE
2014-12-02 22:02:06 ----D---- C:\Windows\system32\cs-CZ
2014-12-02 22:02:05 ----D---- C:\Windows\system32\nb-NO
2014-12-02 22:02:05 ----D---- C:\Windows\system32\da-DK
2014-11-30 20:42:22 ----D---- C:\Program Files\Windows Sidebar
2014-11-30 20:42:22 ----D---- C:\Program Files\Windows Mail
2014-11-30 20:42:22 ----D---- C:\Program Files\DVD Maker
2014-11-30 20:42:21 ----D---- C:\Program Files\Windows Portable Devices
2014-11-30 20:42:21 ----D---- C:\Program Files\Windows Photo Viewer
2014-11-30 20:42:20 ----D---- C:\Windows\servicing
2014-11-30 20:42:07 ----D---- C:\Windows\system32\sysprep
2014-11-30 20:42:07 ----D---- C:\Windows\system32\oobe
2014-11-30 20:42:06 ----D---- C:\Windows\system32\sppui
2014-11-30 20:42:06 ----D---- C:\Windows\system32\Setup
2014-11-30 20:42:06 ----D---- C:\Windows\system32\manifeststore
2014-11-30 20:42:06 ----D---- C:\Windows\system32\en
2014-11-30 20:42:06 ----D---- C:\Windows\system32\AdvancedInstallers
2014-11-30 20:42:04 ----D---- C:\Windows\system32\migwiz
2014-11-30 20:41:24 ----D---- C:\Windows\system32\Boot
2014-11-30 20:21:21 ----A---- C:\Windows\system32\msclmd.dll
2014-11-30 19:00:40 ----D---- C:\Windows\Tasks
2014-11-30 17:42:57 ----HD---- C:\ProgramData
2014-11-30 17:42:55 ----D---- C:\Program Files\Common Files
2014-11-30 17:25:25 ----D---- C:\Windows\LiveKernelReports
2014-11-30 15:16:49 ----D---- C:\Windows\system32\CodeIntegrity
2014-11-30 15:16:13 ----D---- C:\Windows\Help
2014-11-30 15:07:31 ----SHD---- C:\$Recycle.Bin
2014-11-30 15:05:47 ----RD---- C:\Users
2014-11-30 15:05:01 ----D---- C:\Windows\system32\restore
2014-11-30 14:56:37 ----D---- C:\Windows\Setup

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-10-10 51288]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 191928]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 135296]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-10-10 37928]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-10-10 176448]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2014-08-19 162592]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2014-10-01 1349576]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 670552]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14 267440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-01 114800]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Rudy]

Zkuste kliknout do obrazu videa pravým myšítkem>nastavení a vypněte hardwarovou akceleraci. Provozovat Win7 na 1GB RAM je dost odvážné. K plynulému chodu by to chtělo min. dvojnásobek.