Zavirovaný počítač

Zpráva

PetrLe · #16 Příspěvek od **PetrLe** » 05 říj 2014 19:30

1.log:

info.txt logfile of random's system information tool 1.10 2014-10-05 20:26:45

======MBR======

0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000A0A5FA32000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->"C:\Program Files (x86)\WildGames\Game Explorer Categories - genres\Uninstall.exe"
Adobe Reader X (10.1.12) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
Apple Application Support-->MsiExec.exe /I{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}
Apple Mobile Device Support-->MsiExec.exe /I{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
ASUS InstantOn-->MsiExec.exe /I{749F674B-2674-47E8-879C-5626A06B2A91}
ASUS LifeFrame3-->MsiExec.exe /X{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
ASUS Power4Gear Hybrid-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
ASUS Screen Saver-->MsiExec.exe /I{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}
ASUS Smart Gesture-->MsiExec.exe /I{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /X{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS USB Charger Plus-->MsiExec.exe /X{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
ASUS WebStorage Sync Agent-->C:\Program Files (x86)\ASUS\WebStorage Sync Agent\uninst.exe
ASUSDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
ASUSDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
AsusVibe2.0-->C:\Program Files (x86)\Asus\AsusVibe\unins000.exe
ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
Azteca-->"C:\Program Files (x86)\WildGames\Azteca\uninstall\uninstaller.exe"
Bejeweled 3-->"C:\Program Files (x86)\WildGames\Bejeweled 3\uninstall\uninstaller.exe"
Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cut the Rope-->"C:\Program Files (x86)\WildGames\Cut the Rope\uninstall\uninstaller.exe"
CyberLink LabelPrint 2.5-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink LabelPrint 2.5-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
ESET Online Scanner v3-->C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
Facebook Video Calling 3.1.0.521-->MsiExec.exe /X{2091F234-EB58-4B80-8C96-8EB78C808CF7}
Fotogaléria-->MsiExec.exe /X{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}
Fotogalerie-->MsiExec.exe /X{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}
Fotótár-->MsiExec.exe /X{E50E3DBC-46AA-4827-B2A6-F995D81DF526}
Galeria fotografii-->MsiExec.exe /X{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\setup.exe" --uninstall --multi-install --chrome --system-level --verbose-logging
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
iTunes-->MsiExec.exe /I{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}
Java 7 Update 65-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F03217065FF}
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64)-->MsiExec.exe /I{E9F0BCD8-6BD5-1ED7-EDA3-9FCF2A478AA1}
Microsoft Office 365 - cs-cz-->"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" scenario=install baseurl="C:\Program Files\Microsoft Office 15" platform=x86 version=15.0.4649.1003 culture=cs-cz productstoremove=O365HomePremRetail_cs-cz_x-none
Microsoft Office Excel Viewer-->MsiExec.exe /I{95120000-003F-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Movie Maker-->MsiExec.exe /X{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}
Movie Maker-->MsiExec.exe /X{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}
Movie Maker-->MsiExec.exe /X{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}
Movie Maker-->MsiExec.exe /X{A035950F-15BA-41C0-9D8F-165FC0536012}
Movie Maker-->MsiExec.exe /X{A47EA9D4-BB87-415E-9239-28860434E5A0}
Movie Maker-->MsiExec.exe /X{ED6C77F9-4D7E-447C-9EC0-9A212D075535}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77}
MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
MyBitCast 2.0-->C:\Program Files (x86)\ASUS\MyBitCast\uninst.exe
Office 15 Click-to-Run Extensibility Component-->MsiExec.exe /X{90150000-008C-0000-0000-0000000FF1CE}
Office 15 Click-to-Run Licensing Component-->MsiExec.exe /I{90150000-008F-0000-1000-0000000FF1CE}
Office 15 Click-to-Run Localization Component-->MsiExec.exe /X{90150000-008C-0405-0000-0000000FF1CE}
Peggle-->"C:\Program Files (x86)\WildGames\Peggle\uninstall\uninstaller.exe"
Penguins!-->"C:\Program Files (x86)\WildGames\Penguins!\uninstall\uninstaller.exe"
Photo Common-->MsiExec.exe /X{0DF95460-2887-4011-9344-1959CDF18ADC}
Photo Common-->MsiExec.exe /X{49110532-D289-4BFF-807C-45B782E66A7C}
Photo Common-->MsiExec.exe /X{AA82E5EF-70C2-41CB-8432-309078304CBB}
Photo Common-->MsiExec.exe /X{C67BC332-A59A-4D40-977F-664F60AB21D8}
Photo Common-->MsiExec.exe /X{EB91007A-0110-42A6-B869-2709955A9B2A}
Photo Gallery-->MsiExec.exe /X{30F99474-EBE3-4134-A02B-F6CD38CFE243}
Photo Gallery-->MsiExec.exe /X{63824BC0-B747-43F3-9863-1066D64AD919}
Podstawowe programy Windows Live-->MsiExec.exe /I{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}
Qualcomm Atheros Bluetooth Suite (64)-->MsiExec.exe /X{A84A4FB1-D703-48DB-89E0-68B6499D2801}
Qualcomm Atheros Client Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -runfromtemp -l0x0409 -removeonly
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0409 -removeonly
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Realtek PCIE Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly
SceneSwitch-->MsiExec.exe /I{5172E572-C175-4F80-A6D5-5CB45826AD61}
Shared C Run-time for x64-->MsiExec.exe /I{EF79C448-6946-4D71-8134-03407888C054}
Sony Mobile Update Engine-->C:\Program Files (x86)\Sony Mobile\Update Engine\uninst.exe
Sony PC Companion 2.10.226-->"C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -runfromtemp -l0x0409 -removeonly
System Requirements Lab for Intel-->MsiExec.exe /I{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}
Tales of Lagoona-->"C:\Program Files (x86)\WildGames\Tales of Lagoona\uninstall\uninstaller.exe"
Update Installer for WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe"
Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
VLC media player 2.1.2-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\asus\Uninstall.exe"
WildTangent Games-->"C:\Program Files (x86)\WildGames\Uninstall.exe"
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170)-->C:\PROGRA~1\DIFX\0AA3FA~1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\asustp.inf_amd64_536dba63d5fddbba\asustp.inf
Windows Live Communications Platform-->MsiExec.exe /I{0454BB9A-2A7A-4214-BDFF-937F7A711A44}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}
Windows Live Essentials-->MsiExec.exe /I{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}
Windows Live Essentials-->MsiExec.exe /I{857BC375-BCFB-474E-9BD9-7EBB18EC55E0}
Windows Live Essentials-->MsiExec.exe /I{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}
Windows Live Installer-->MsiExec.exe /I{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}
Windows Live Photo Common-->MsiExec.exe /X{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}
Windows Live PIMT Platform-->MsiExec.exe /I{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}
Windows Live SOXE Definitions-->MsiExec.exe /I{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}
Windows Live SOXE-->MsiExec.exe /I{FE7C0B3D-50B9-4951-BE78-A321CBF86552}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{56232E3D-7EA9-45E0-A371-26CD80510AF7}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{7E9A63B3-8572-4A4B-9F87-3C2A873BBC55}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{E18F981B-401C-4D90-BC57-D8903564D558}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}
Windows Live UX Platform-->MsiExec.exe /I{4CCBD1F4-CEEC-452A-9CB8-46564B501315}
Windows Movie Maker 2.6-->MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088}
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
WinRAR 5.00 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe

======System event log======

Computer Name: NTB
Event Code: 12
Message: Schéma zásad resetování procesu C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (ID procesu: 4852) od {512A6AC6-EFC1-4441-85C9-CCCF29B69CD2} do {512A6AC6-EFC1-4441-85C9-CCCF29B69CD2}
Record Number: 19607
Source Name: Microsoft-Windows-UserModePowerService
Time Written: 20141003152642.880993-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: NTB
Event Code: 104
Message: Byl vymazán soubor protokolu Windows PowerShell.
Record Number: 19606
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141003152637.736494-000
Event Type: Informace
User: NTB\Karolínka

Computer Name: NTB
Event Code: 104
Message: Byl vymazán soubor protokolu Key Management Service.
Record Number: 19605
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141003152637.658366-000
Event Type: Informace
User: NTB\Karolínka

Computer Name: NTB
Event Code: 104
Message: Byl vymazán soubor protokolu Internet Explorer.
Record Number: 19604
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141003152637.595868-000
Event Type: Informace
User: NTB\Karolínka

Computer Name: NTB
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 19603
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141003152637.517749-000
Event Type: Informace
User: NTB\Karolínka

=====Application event log=====

Computer Name: NTB
Event Code: 326
Message: svchost (4364) Instance: Databázový stroj připojil databázi (1, C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb). (Čas=0 s)

Sekvence interního načasování: [1] 0.000, [2] 0.000, [3] 0.031, [4] 0.000, [5] 0.000, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000.
Uložená mezipaměť: 1 0
Record Number: 21562
Source Name: ESENT
Time Written: 20141003153211.000000-000
Event Type: Informace
User:

Computer Name: NTB
Event Code: 327
Message: svchost (4364) Instance: Databázový stroj odpojil databázi (1, C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb). (Čas=0 s)

Sekvence interního načasování: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.000, [6] 0.031, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.032, [11] 0.015, [12] 0.000.
Obnovená mezipaměť: 0 0
Record Number: 21561
Source Name: ESENT
Time Written: 20141003153211.000000-000
Event Type: Informace
User:

Computer Name: NTB
Event Code: 326
Message: svchost (4364) Instance: Databázový stroj připojil databázi (1, C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb). (Čas=0 s)

Sekvence interního načasování: [1] 0.000, [2] 0.000, [3] 0.031, [4] 0.000, [5] 0.000, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000.
Uložená mezipaměť: 1 0
Record Number: 21560
Source Name: ESENT
Time Written: 20141003153211.000000-000
Event Type: Informace
User:

Computer Name: NTB
Event Code: 105
Message: svchost (4364) Instance: Databázový stroj spustil novou instanci (0). (Čas=0 s)

Sekvence interního načasování: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.000, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000.
Record Number: 21559
Source Name: ESENT
Time Written: 20141003153211.000000-000
Event Type: Informace
User:

Computer Name: NTB
Event Code: 102
Message: svchost (4364) Instance: Databázový stroj (6.03.9600.0000) spouští novou instanci (0).
Record Number: 21558
Source Name: ESENT
Time Written: 20141003153211.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: NTB
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 72746
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141003153209.833154-000
Event Type: Úspěšný audit
User:

Computer Name: NTB
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: NTB$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Typ přihlášení: 5

Úroveň zosobnění: Zosobnění

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x374
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole úrovně zosobnění označuje rozsah, ve kterém může být proces v přihlašovací relaci zosobněn.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 72745
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141003153209.833154-000
Event Type: Úspěšný audit
User:

Computer Name: NTB
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 72744
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141003153200.378979-000
Event Type: Úspěšný audit
User:

Computer Name: NTB
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: NTB$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Typ přihlášení: 5

Úroveň zosobnění: Zosobnění

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x374
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole úrovně zosobnění označuje rozsah, ve kterém může být proces v přihlašovací relaci zosobněn.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 72743
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141003153200.378979-000
Event Type: Úspěšný audit
User:

Computer Name: NTB
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-3261597805-2257011035-590661094-1002
Název účtu: Karolínka
Název domény: NTB
ID přihlášení: 0xBE022
Record Number: 72742
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141003152637.345874-000
Event Type: Úspěšný audit
User:

======Environment variables======

"FP_NO_HOST_CHECK"=NO
"USERNAME"=SYSTEM
"ComSpec"=%SystemRoot%\system32\cmd.exe
"TMP"=%SystemRoot%\TEMP
"OS"=Windows_NT
"windir"=%SystemRoot%
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"Path"=C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
"configsetroot"=%SystemRoot%\ConfigSetRoot
"asl.log"=Destination=file

-----------------EOF-----------------

PetrLe · #17 Příspěvek od **PetrLe** » 05 říj 2014 19:33

2. Log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Karolínka at 2014-10-05 20:26:30
Microsoft Windows 8.1 Pro
System drive C: has 151 GB (53%) free of 286 GB
Total RAM: 6030 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:26:34, on 5. 10. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17278)
Boot mode: Normal

Running processes:
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\APRP\APRP.EXE
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files\trend micro\Karolínka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10264 bytes

======Listing Processes======

wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"

C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
dashost.exe {07b862c4-8b23-4463-899956ec57d6db3f}
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
taskeng.exe {E422E8AC-BF92-4AAF-83B9-ABA90C26A2EA}
taskhostex.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3261597805-2257011035-590661094-10022_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3261597805-2257011035-590661094-10022 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
KBFiltr.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
"C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files\Internet Explorer\iexplore.exe" -ServerName:DefaultBrowserServer
"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:4844 CREDAT:267777 /prefetch:1
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\WINDOWS\system32\hkcmd.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\WINDOWS\system32\igfxtray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
wmiadap.exe /F /T /R
"C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store
C:\WINDOWS\WinStore\WSHost.exe -Embedding

C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe -Embedding

"C:\WINDOWS\system32\SearchFilterHost.exe" 0 580 584 592 65536 588
"C:\Users\Karolínka\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-10-04 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-21 2334416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-29 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-04 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-29 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-03-27 132736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04 40336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-05-01 3187360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4]
c:\windows\temp\DisableS3S464\sethigh.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-05-20 1308232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-05-30 13550152]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2012-05-24 111120]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-04 4085896]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-03-27 132736]

C:\Users\Karolínka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-05 20:26:30 ----D---- C:\rsit
2014-10-05 20:26:30 ----D---- C:\Program Files\trend micro
2014-10-05 20:09:55 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-10-05 20:09:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-10-05 20:09:51 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-10-05 20:09:48 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-10-05 20:09:46 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-10-05 20:09:45 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-10-05 20:09:45 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-10-05 20:09:44 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-10-05 20:09:44 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2014-10-05 20:09:43 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-10-05 20:09:43 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-10-05 20:09:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2014-10-05 20:09:41 ----A---- C:\WINDOWS\system32\localspl.dll
2014-10-05 20:09:40 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL
2014-10-05 20:09:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-10-05 20:09:40 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2014-10-05 20:09:40 ----A---- C:\WINDOWS\system32\SRH.dll
2014-10-05 20:09:40 ----A---- C:\WINDOWS\system32\printui.dll
2014-10-05 20:09:40 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-10-05 20:09:40 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2014-10-05 20:09:40 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2014-10-05 20:09:39 ----A---- C:\WINDOWS\SYSWOW64\printui.dll
2014-10-05 20:09:39 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2014-10-05 20:09:39 ----A---- C:\WINDOWS\system32\XpsPrint.dll
2014-10-05 20:09:39 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-10-05 20:09:39 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2014-10-05 20:09:38 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2014-10-05 20:09:38 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2014-10-05 20:09:38 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-10-05 20:09:38 ----A---- C:\WINDOWS\system32\srvsvc.dll
2014-10-05 20:09:38 ----A---- C:\WINDOWS\system32\spoolsv.exe
2014-10-05 20:09:38 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-10-05 20:09:37 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2014-10-05 20:09:37 ----A---- C:\WINDOWS\SYSWOW64\mftranscode.dll
2014-10-05 20:09:37 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-10-05 20:09:37 ----A---- C:\WINDOWS\system32\storagewmi.dll
2014-10-05 20:09:37 ----A---- C:\WINDOWS\system32\SHCore.dll
2014-10-05 20:09:37 ----A---- C:\WINDOWS\system32\puiobj.dll
2014-10-05 20:09:37 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2014-10-05 20:09:36 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2014-10-05 20:09:36 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-10-05 20:09:36 ----A---- C:\WINDOWS\system32\winload.exe
2014-10-05 20:09:36 ----A---- C:\WINDOWS\system32\usbmon.dll
2014-10-05 20:09:36 ----A---- C:\WINDOWS\system32\netcfgx.dll
2014-10-05 20:09:36 ----A---- C:\WINDOWS\system32\mftranscode.dll
2014-10-05 20:09:36 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-10-05 20:09:36 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-10-05 20:09:36 ----A---- C:\WINDOWS\system32\comdlg32.dll
2014-10-05 20:09:36 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2014-10-05 20:09:35 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2014-10-05 20:09:35 ----A---- C:\WINDOWS\system32\wsecedit.dll
2014-10-05 20:09:35 ----A---- C:\WINDOWS\system32\wisp.dll
2014-10-05 20:09:35 ----A---- C:\WINDOWS\system32\winresume.exe
2014-10-05 20:09:35 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-10-05 20:09:35 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-10-05 20:09:35 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-10-05 20:09:35 ----A---- C:\WINDOWS\system32\aclui.dll
2014-10-05 20:09:34 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2014-10-05 20:09:34 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2014-10-05 20:09:34 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2014-10-05 20:09:34 ----A---- C:\WINDOWS\system32\winmmbase.dll
2014-10-05 20:09:34 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-10-05 20:09:34 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2014-10-05 20:09:34 ----A---- C:\WINDOWS\system32\user32.dll
2014-10-05 20:09:34 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-10-05 20:09:34 ----A---- C:\WINDOWS\system32\mfreadwrite.dll
2014-10-05 20:09:34 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2014-10-05 20:09:34 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-10-05 20:09:34 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-10-05 20:09:34 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2014-10-05 20:09:33 ----A---- C:\WINDOWS\SYSWOW64\winmmbase.dll
2014-10-05 20:09:33 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2014-10-05 20:09:33 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2014-10-05 20:09:33 ----A---- C:\WINDOWS\SYSWOW64\mfreadwrite.dll
2014-10-05 20:09:33 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-05 20:09:33 ----A---- C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-10-05 20:09:33 ----A---- C:\WINDOWS\system32\VAN.dll
2014-10-05 20:09:33 ----A---- C:\WINDOWS\system32\SndVol.exe
2014-10-05 20:09:33 ----A---- C:\WINDOWS\system32\SettingSync.dll
2014-10-05 20:09:33 ----A---- C:\WINDOWS\system32\osk.exe
2014-10-05 20:09:33 ----A---- C:\WINDOWS\system32\conhost.exe
2014-10-05 20:09:33 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-10-05 20:09:33 ----A---- C:\WINDOWS\system32\AppxSip.dll
2014-10-05 20:09:32 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-10-05 20:09:32 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2014-10-05 20:09:32 ----A---- C:\WINDOWS\SYSWOW64\wisp.dll
2014-10-05 20:09:32 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2014-10-05 20:09:32 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2014-10-05 20:09:32 ----A---- C:\WINDOWS\system32\winmm.dll
2014-10-05 20:09:32 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2014-10-05 20:09:32 ----A---- C:\WINDOWS\system32\mfps.dll
2014-10-05 20:09:32 ----A---- C:\WINDOWS\system32\drivers\NdisImPlatform.sys
2014-10-05 20:09:32 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2014-10-05 20:09:32 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-10-05 20:09:32 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-10-05 20:09:32 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2014-10-05 20:09:32 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2014-10-05 20:09:31 ----A---- C:\WINDOWS\SYSWOW64\wsecedit.dll
2014-10-05 20:09:31 ----A---- C:\WINDOWS\SYSWOW64\AppxSip.dll
2014-10-05 20:09:31 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-10-05 20:09:31 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2014-10-05 20:09:31 ----A---- C:\WINDOWS\system32\twinapi.dll
2014-10-05 20:09:31 ----A---- C:\WINDOWS\system32\prnntfy.dll
2014-10-05 20:09:31 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2014-10-05 20:09:31 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-10-05 20:09:30 ----A---- C:\WINDOWS\SYSWOW64\prnntfy.dll
2014-10-05 20:09:30 ----A---- C:\WINDOWS\system32\gpedit.dll
2014-10-05 20:09:30 ----A---- C:\WINDOWS\system32\Display.dll
2014-10-05 20:09:29 ----A---- C:\WINDOWS\SYSWOW64\XpsPrint.dll
2014-10-05 20:09:29 ----A---- C:\WINDOWS\SYSWOW64\winmm.dll
2014-10-05 20:09:29 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2014-10-05 20:09:29 ----A---- C:\WINDOWS\SYSWOW64\VAN.dll
2014-10-05 20:09:29 ----A---- C:\WINDOWS\SYSWOW64\SndVol.exe
2014-10-05 20:09:29 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll
2014-10-05 20:09:29 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2014-10-05 20:09:29 ----A---- C:\WINDOWS\SYSWOW64\Display.dll
2014-10-05 20:09:29 ----A---- C:\WINDOWS\system32\WebClnt.dll
2014-10-05 20:09:29 ----A---- C:\WINDOWS\system32\puiapi.dll
2014-10-05 20:09:29 ----A---- C:\WINDOWS\system32\profsvc.dll
2014-10-05 20:09:29 ----A---- C:\WINDOWS\system32\ppcsnap.dll
2014-10-05 20:09:29 ----A---- C:\WINDOWS\system32\iasnap.dll
2014-10-05 20:09:28 ----A---- C:\WINDOWS\system32\wups.dll
2014-10-05 20:09:28 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2014-10-05 20:09:27 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2014-10-05 20:09:27 ----A---- C:\WINDOWS\system32\wwanconn.dll
2014-10-05 20:09:27 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2014-10-05 20:09:27 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-10-05 20:09:27 ----A---- C:\WINDOWS\system32\stobject.dll
2014-10-05 20:09:27 ----A---- C:\WINDOWS\system32\mispace.dll
2014-10-05 20:09:27 ----A---- C:\WINDOWS\system32\drivers\IPMIDrv.sys
2014-10-05 20:09:27 ----A---- C:\WINDOWS\system32\dab.dll
2014-10-05 20:09:27 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\SYSWOW64\osk.exe
2014-10-05 20:09:26 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\SYSWOW64\iasnap.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\SYSWOW64\gpedit.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\system32\wups2.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-10-05 20:09:26 ----A---- C:\WINDOWS\system32\wshbth.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\system32\schannel.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\system32\rsaenh.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\system32\pmcsnap.dll
2014-10-05 20:09:26 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2014-10-05 20:09:25 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-10-05 20:09:25 ----A---- C:\WINDOWS\SYSWOW64\wshbth.dll
2014-10-05 20:09:25 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2014-10-05 20:09:25 ----A---- C:\WINDOWS\SYSWOW64\KBDRUM.DLL
2014-10-05 20:09:25 ----A---- C:\WINDOWS\SYSWOW64\ActionCenter.dll
2014-10-05 20:09:25 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2014-10-05 20:09:25 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-10-05 20:09:25 ----A---- C:\WINDOWS\system32\PrintDialogs.dll
2014-10-05 20:09:25 ----A---- C:\WINDOWS\system32\KBDRUM.DLL
2014-10-05 20:09:25 ----A---- C:\WINDOWS\system32\Defrag.exe
2014-10-05 20:09:25 ----A---- C:\WINDOWS\system32\browser.dll
2014-10-05 20:09:24 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2014-10-05 20:09:24 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-10-05 20:09:24 ----A---- C:\WINDOWS\SYSWOW64\KBDYAK.DLL
2014-10-05 20:09:24 ----A---- C:\WINDOWS\SYSWOW64\KBDRU1.DLL
2014-10-05 20:09:24 ----A---- C:\WINDOWS\SYSWOW64\KBDRU.DLL
2014-10-05 20:09:24 ----A---- C:\WINDOWS\SYSWOW64\KBDBASH.DLL
2014-10-05 20:09:24 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2014-10-05 20:09:24 ----A---- C:\WINDOWS\system32\KBDYAK.DLL
2014-10-05 20:09:24 ----A---- C:\WINDOWS\system32\KBDRU1.DLL
2014-10-05 20:09:24 ----A---- C:\WINDOWS\system32\KBDRU.DLL
2014-10-05 20:09:24 ----A---- C:\WINDOWS\system32\KBDBASH.DLL
2014-10-05 20:09:24 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2014-10-05 20:09:23 ----A---- C:\WINDOWS\SYSWOW64\PrintDialogs.dll
2014-10-05 20:09:23 ----A---- C:\WINDOWS\SYSWOW64\KBDTAT.DLL
2014-10-05 20:09:23 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-10-05 20:09:23 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2014-10-05 20:09:23 ----A---- C:\WINDOWS\system32\wwanmm.dll
2014-10-05 20:09:23 ----A---- C:\WINDOWS\system32\wlansec.dll
2014-10-05 20:09:23 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2014-10-05 20:09:23 ----A---- C:\WINDOWS\system32\rdpudd.dll
2014-10-05 20:09:23 ----A---- C:\WINDOWS\system32\KBDTAT.DLL
2014-10-05 20:09:23 ----A---- C:\WINDOWS\system32\drivers\bthpan.sys
2014-10-05 20:09:23 ----A---- C:\WINDOWS\system32\compstui.dll
2014-10-05 20:09:23 ----A---- C:\WINDOWS\system32\certcli.dll
2014-10-05 20:09:22 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-10-05 20:09:22 ----A---- C:\WINDOWS\SYSWOW64\KBDTT102.DLL
2014-10-05 20:09:22 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-10-05 20:09:22 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-10-05 20:09:22 ----A---- C:\WINDOWS\system32\KBDTT102.DLL
2014-10-05 19:12:12 ----A---- C:\WINDOWS\system32\termsrv.dll
2014-10-05 19:05:47 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-10-05 19:05:47 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-10-05 19:05:45 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-10-05 19:05:45 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-10-05 19:05:44 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-10-05 19:05:44 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-10-05 19:05:44 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-10-05 19:05:44 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-05 19:05:41 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-10-05 19:05:41 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-10-05 19:05:41 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-10-05 19:05:41 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-10-05 19:05:41 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-10-05 19:05:40 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-10-05 19:05:40 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-10-05 19:05:40 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-10-05 19:05:40 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-10-05 19:05:39 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-10-05 19:05:39 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-10-05 19:05:39 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-05 19:05:39 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-10-05 19:05:38 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-10-05 19:05:38 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-10-05 19:05:37 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-10-05 19:05:33 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-10-05 19:05:33 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-10-05 19:05:33 ----A---- C:\WINDOWS\system32\wininet.dll
2014-10-05 19:05:32 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-10-05 19:05:32 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-10-05 19:05:32 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-10-05 19:05:31 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-10-05 19:05:30 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-10-05 19:05:29 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-10-05 19:05:28 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-10-05 19:05:28 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-10-05 19:04:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-10-05 19:04:53 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-10-05 19:04:52 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll
2014-10-05 19:04:52 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-10-05 19:04:51 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-05 19:04:50 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-05 19:04:50 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-10-05 19:04:50 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-10-05 19:04:50 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2014-10-05 19:04:50 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-10-05 19:04:49 ----A---- C:\WINDOWS\system32\shell32.dll
2014-10-05 19:04:48 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-10-05 19:04:47 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-10-05 19:04:47 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-05 19:04:47 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-10-05 19:04:46 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-10-05 19:04:46 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-10-05 19:04:46 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-10-05 19:04:46 ----A---- C:\WINDOWS\system32\propsys.dll
2014-10-05 19:04:46 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-10-05 19:04:46 ----A---- C:\WINDOWS\system32\KernelBase.dll
2014-10-05 19:04:45 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2014-10-05 19:04:45 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-10-05 19:04:45 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-10-05 19:04:45 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2014-10-05 19:04:45 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2014-10-05 19:04:45 ----A---- C:\WINDOWS\system32\Wldap32.dll
2014-10-05 19:04:45 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-05 19:04:45 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2014-10-05 19:04:45 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2014-10-05 19:04:44 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2014-10-05 19:04:44 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-10-05 19:04:44 ----A---- C:\WINDOWS\system32\ProximityService.dll
2014-10-05 19:04:44 ----A---- C:\WINDOWS\system32\pcsvDevice.dll
2014-10-05 19:04:44 ----A---- C:\WINDOWS\system32\httpprxm.dll
2014-10-05 19:04:44 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-10-05 19:04:44 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2014-10-05 19:04:44 ----A---- C:\WINDOWS\system32\bisrv.dll
2014-10-05 19:04:44 ----A---- C:\WINDOWS\system32\adhsvc.dll
2014-10-05 19:04:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-05 19:04:43 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-10-05 19:04:43 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-05 19:04:36 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-10-05 19:04:36 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-10-05 19:04:36 ----A---- C:\WINDOWS\system32\uDWM.dll
2014-10-05 19:04:36 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-10-05 19:04:35 ----A---- C:\WINDOWS\system32\twinui.dll
2014-10-05 19:04:35 ----A---- C:\WINDOWS\explorer.exe
2014-10-05 19:04:34 ----A---- C:\WINDOWS\SYSWOW64\UXInit.dll
2014-10-05 19:04:34 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2014-10-05 19:04:34 ----A---- C:\WINDOWS\system32\UXInit.dll
2014-10-05 19:04:32 ----A---- C:\WINDOWS\system32\win32k.sys
2014-10-05 19:04:31 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-10-05 19:04:31 ----A---- C:\WINDOWS\system32\authui.dll
2014-10-05 19:04:30 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-10-05 19:04:30 ----A---- C:\WINDOWS\system32\msi.dll
2014-10-05 19:04:30 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-10-05 19:03:27 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-10-05 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-10-05 19:03:25 ----A---- C:\WINDOWS\system32\vpnike.dll
2014-10-05 19:03:24 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2014-10-05 19:03:24 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-10-05 19:03:24 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2014-10-05 19:03:23 ----A---- C:\WINDOWS\SYSWOW64\framedynos.dll
2014-10-05 19:03:23 ----A---- C:\WINDOWS\system32\fveapi.dll
2014-10-05 19:03:23 ----A---- C:\WINDOWS\system32\framedynos.dll
2014-10-05 19:03:23 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2014-10-05 19:03:23 ----A---- C:\WINDOWS\system32\bdesvc.dll
2014-10-05 19:03:22 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2014-10-05 19:03:22 ----A---- C:\WINDOWS\system32\winbici.dll
2014-10-05 19:03:22 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2014-10-05 19:03:22 ----A---- C:\WINDOWS\system32\framedyn.dll
2014-10-05 19:03:22 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2014-10-05 19:03:22 ----A---- C:\WINDOWS\system32\BFE.DLL
2014-10-05 19:03:21 ----A---- C:\WINDOWS\SYSWOW64\ncobjapi.dll
2014-10-05 19:03:21 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2014-10-05 19:03:20 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2014-10-05 19:03:20 ----A---- C:\WINDOWS\SYSWOW64\framedyn.dll
2014-10-05 19:03:20 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc6.dll
2014-10-05 19:03:20 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc.dll
2014-10-05 19:03:20 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-10-05 19:03:20 ----A---- C:\WINDOWS\system32\Robocopy.exe
2014-10-05 19:03:20 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2014-10-05 19:03:20 ----A---- C:\WINDOWS\system32\fvecpl.dll
2014-10-05 19:03:20 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2014-10-05 19:03:20 ----A---- C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-05 19:03:20 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-05 19:03:20 ----A---- C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-05 19:03:19 ----A---- C:\WINDOWS\system32\srms.dat
2014-10-05 19:03:19 ----A---- C:\WINDOWS\system32\reseteng.dll
2014-10-05 19:03:19 ----A---- C:\WINDOWS\system32\fvewiz.dll
2014-10-05 19:03:19 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-10-05 19:03:19 ----A---- C:\WINDOWS\system32\BdeHdCfg.exe
2014-10-05 19:03:15 ----A---- C:\WINDOWS\system32\WSDMon.dll
2014-10-05 19:03:15 ----A---- C:\WINDOWS\system32\tcpmon.dll
2014-10-05 19:03:15 ----A---- C:\WINDOWS\system32\drivers\msgpioclx.sys
2014-10-05 19:03:11 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2014-10-05 19:03:11 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-05 19:02:57 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2014-10-05 19:02:57 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2014-10-05 19:02:06 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2014-10-05 19:02:06 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-10-05 19:01:57 ----A---- C:\WINDOWS\system32\DWrite.dll
2014-10-05 19:01:56 ----A---- C:\WINDOWS\system32\FntCache.dll
2014-10-05 19:01:55 ----A---- C:\WINDOWS\SYSWOW64\mrt100.dll
2014-10-05 19:01:55 ----A---- C:\WINDOWS\SYSWOW64\mrt_map.dll
2014-10-05 19:01:55 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2014-10-05 19:01:55 ----A---- C:\WINDOWS\system32\mrt100.dll
2014-10-05 19:01:55 ----A---- C:\WINDOWS\system32\mrt_map.dll
2014-10-05 19:01:53 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-10-05 19:01:53 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2014-10-05 19:01:53 ----A---- C:\WINDOWS\system32\msxml3.dll
2014-10-05 19:01:53 ----A---- C:\WINDOWS\system32\dxgi.dll
2014-10-05 19:01:53 ----A---- C:\WINDOWS\system32\dwmcore.dll
2014-10-05 19:01:53 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2014-10-05 19:01:49 ----A---- C:\WINDOWS\system32\drivers\usbport.sys
2014-10-05 19:01:48 ----A---- C:\WINDOWS\SYSWOW64\gpprefcl.dll
2014-10-05 19:01:48 ----A---- C:\WINDOWS\system32\WUDFSvc.dll
2014-10-05 19:01:48 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-05 19:01:48 ----A---- C:\WINDOWS\system32\WUDFHost.exe
2014-10-05 19:01:48 ----A---- C:\WINDOWS\system32\hal.dll
2014-10-05 19:01:48 ----A---- C:\WINDOWS\system32\gpprefcl.dll
2014-10-05 19:01:48 ----A---- C:\WINDOWS\system32\drivers\WUDFRd.sys
2014-10-05 19:01:48 ----A---- C:\WINDOWS\system32\drivers\WUDFPf.sys
2014-10-05 19:01:48 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys
2014-10-05 19:01:48 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys
2014-10-05 19:01:48 ----A---- C:\WINDOWS\system32\drivers\usbd.sys
2014-10-05 19:01:48 ----A---- C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-05 19:01:48 ----A---- C:\WINDOWS\system32\cscui.dll
2014-10-05 19:01:47 ----A---- C:\WINDOWS\SYSWOW64\DaOtpCredentialProvider.dll
2014-10-05 19:01:40 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-10-05 19:01:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2014-10-05 19:01:30 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-10-05 19:01:29 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2014-10-05 19:01:29 ----A---- C:\WINDOWS\system32\winmde.dll
2014-10-05 19:01:28 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-10-05 19:01:28 ----A---- C:\WINDOWS\system32\services.exe
2014-10-05 19:01:27 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-10-05 19:01:27 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-10-05 19:01:27 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-10-05 19:01:27 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-10-05 19:01:26 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-10-05 19:01:26 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2014-10-05 19:01:26 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-10-05 19:01:26 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-10-05 19:01:26 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-10-05 19:01:25 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2014-10-05 19:01:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2014-10-05 19:01:25 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
2014-10-05 19:01:24 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2014-10-05 19:01:24 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2014-10-05 19:01:24 ----A---- C:\WINDOWS\system32\rdpencom.dll
2014-10-05 19:01:24 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-10-05 19:01:24 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-10-05 19:01:24 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-10-05 19:01:23 ----A---- C:\WINDOWS\SYSWOW64\XpsGdiConverter.dll
2014-10-05 19:01:23 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2014-10-05 19:01:23 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-10-05 19:01:23 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-10-05 19:01:23 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2014-10-05 19:01:23 ----A---- C:\WINDOWS\system32\swprv.dll
2014-10-05 19:01:23 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-10-05 19:01:23 ----A---- C:\WINDOWS\system32\resutils.dll
2014-10-05 19:01:23 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2014-10-05 19:01:23 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-10-05 19:01:23 ----A---- C:\WINDOWS\system32\gpapi.dll
2014-10-05 19:01:23 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-10-05 19:01:23 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2014-10-05 19:01:23 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-10-05 19:01:22 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2014-10-05 19:01:22 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2014-10-05 19:01:22 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2014-10-05 19:01:22 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2014-10-05 19:01:22 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2014-10-05 19:01:22 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-10-05 19:01:22 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-10-05 19:01:22 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-10-05 19:01:22 ----A---- C:\WINDOWS\system32\srcore.dll
2014-10-05 19:01:22 ----A---- C:\WINDOWS\system32\mfpmp.exe
2014-10-05 19:01:22 ----A---- C:\WINDOWS\system32\mf.dll
2014-10-05 19:01:22 ----A---- C:\WINDOWS\system32\energyprov.dll
2014-10-05 19:01:22 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-10-05 19:01:22 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-10-05 19:01:22 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-10-05 19:01:22 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-10-05 19:01:21 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2014-10-05 19:01:21 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2014-10-05 19:01:21 ----A---- C:\WINDOWS\system32\tlscsp.dll
2014-10-05 19:01:21 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-10-05 19:01:20 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2014-10-05 19:01:20 ----A---- C:\WINDOWS\SYSWOW64\srclient.dll
2014-10-05 19:01:20 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-10-05 19:01:20 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-10-05 19:01:20 ----A---- C:\WINDOWS\system32\srclient.dll
2014-10-05 19:01:20 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-10-05 19:01:20 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-10-05 19:01:14 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-10-05 19:01:13 ----A---- C:\WINDOWS\system32\schedsvc.dll
2014-10-05 19:01:01 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2014-10-05 19:01:01 ----A---- C:\WINDOWS\system32\qedit.dll
2014-10-05 19:01:01 ----A---- C:\WINDOWS\system32\gdi32.dll
2014-10-05 19:01:00 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2014-10-05 19:00:59 ----A---- C:\WINDOWS\system32\wpccpl.dll
2014-10-05 19:00:58 ----A---- C:\WINDOWS\system32\drivers\wpcfltr.sys
2014-10-05 19:00:57 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2014-10-05 19:00:57 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-10-05 19:00:57 ----A---- C:\WINDOWS\system32\adtschema.dll
2014-10-05 19:00:56 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2014-10-05 19:00:56 ----A---- C:\WINDOWS\system32\wusa.exe
2014-10-05 19:00:54 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-10-05 19:00:54 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-10-05 19:00:53 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-10-05 19:00:49 ----A---- C:\WINDOWS\system32\WpcMon.exe
2014-10-05 19:00:48 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2014-10-05 19:00:48 ----A---- C:\WINDOWS\system32\WpcWebSync.dll
2014-10-05 19:00:48 ----A---- C:\WINDOWS\system32\Wpc.dll
2014-10-05 19:00:41 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2014-10-05 19:00:41 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-10-05 19:00:41 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-10-05 19:00:41 ----A---- C:\WINDOWS\system32\ubpm.dll
2014-10-05 19:00:41 ----A---- C:\WINDOWS\system32\storewuauth.dll
2014-10-05 19:00:40 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-10-05 19:00:40 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-10-05 19:00:37 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-10-05 19:00:36 ----A---- C:\WINDOWS\system32\devinv.dll
2014-10-05 19:00:36 ----A---- C:\WINDOWS\system32\aepic.dll
2014-10-05 19:00:36 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-10-05 19:00:07 ----A---- C:\WINDOWS\SYSWOW64\drvinst.exe
2014-10-05 19:00:07 ----A---- C:\WINDOWS\system32\drvinst.exe
2014-10-05 19:00:07 ----A---- C:\WINDOWS\system32\drvcfg.exe
2014-10-05 18:59:37 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll
2014-10-05 18:59:37 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-10-05 18:59:37 ----A---- C:\WINDOWS\system32\consent.exe
2014-10-05 18:59:12 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2014-10-05 18:58:57 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2014-10-05 18:58:57 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2014-10-05 18:58:57 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2014-10-05 18:05:34 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-10-05 18:05:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2014-10-05 18:05:27 ----A---- C:\WINDOWS\system32\msftedit.dll
2014-10-05 18:05:26 ----A---- C:\WINDOWS\system32\msxml6.dll
2014-10-05 18:05:25 ----A---- C:\WINDOWS\system32\d3d11.dll
2014-10-05 18:05:25 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-10-05 18:05:24 ----A---- C:\WINDOWS\system32\ole32.dll
2014-10-05 18:05:23 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2014-10-05 18:05:23 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2014-10-05 18:05:22 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2014-10-05 18:05:22 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll

PetrLe · #18 Příspěvek od **PetrLe** » 05 říj 2014 19:34

Log 2: Pokračování:

2014-10-05 18:05:22 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2014-10-05 18:05:22 ----A---- C:\WINDOWS\system32\kernel32.dll
2014-10-05 18:05:22 ----A---- C:\WINDOWS\system32\kerberos.dll
2014-10-05 18:05:21 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2014-10-05 18:05:21 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2014-10-05 18:05:21 ----A---- C:\WINDOWS\system32\wlidprov.dll
2014-10-05 18:05:21 ----A---- C:\WINDOWS\system32\ReAgent.dll
2014-10-05 18:05:20 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2014-10-05 18:05:20 ----A---- C:\WINDOWS\system32\dnsapi.dll
2014-10-05 18:05:20 ----A---- C:\WINDOWS\system32\dcomp.dll
2014-10-05 18:05:19 ----A---- C:\WINDOWS\SYSWOW64\wlidprov.dll
2014-10-05 18:05:19 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2014-10-05 18:05:19 ----A---- C:\WINDOWS\system32\rasapi32.dll
2014-10-05 18:05:19 ----A---- C:\WINDOWS\system32\netlogon.dll
2014-10-05 18:05:19 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2014-10-05 18:05:19 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2014-10-05 18:05:18 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2014-10-05 18:05:18 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2014-10-05 18:05:18 ----A---- C:\WINDOWS\system32\SessEnv.dll
2014-10-05 18:05:17 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2014-10-05 18:05:16 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2014-10-05 18:05:16 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2014-10-05 18:05:16 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-10-05 18:05:15 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2014-10-05 18:05:15 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2014-10-05 18:05:15 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2014-10-05 18:05:15 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-10-05 18:05:15 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2014-10-05 18:05:14 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2014-10-05 18:05:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2014-10-05 18:05:14 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2014-10-05 18:05:14 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-10-05 18:05:14 ----A---- C:\WINDOWS\system32\userenv.dll
2014-10-05 18:05:14 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2014-10-05 18:05:14 ----A---- C:\WINDOWS\system32\ReInfo.dll
2014-10-05 18:05:14 ----A---- C:\WINDOWS\system32\pdh.dll
2014-10-05 18:05:14 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-10-05 18:05:14 ----A---- C:\WINDOWS\system32\davclnt.dll
2014-10-05 18:05:14 ----A---- C:\WINDOWS\system32\cdd.dll
2014-10-05 18:05:14 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-10-05 18:05:14 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2014-10-05 18:05:14 ----A---- C:\WINDOWS\system32\AdmTmpl.dll
2014-10-05 18:05:13 ----A---- C:\WINDOWS\SYSWOW64\userenv.dll
2014-10-05 18:05:13 ----A---- C:\WINDOWS\SYSWOW64\spp.dll
2014-10-05 18:05:13 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2014-10-05 18:05:13 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2014-10-05 18:05:13 ----A---- C:\WINDOWS\system32\wlangpui.dll
2014-10-05 18:05:13 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-10-05 18:05:13 ----A---- C:\WINDOWS\system32\spp.dll
2014-10-05 18:05:13 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2014-10-05 18:05:13 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2014-10-05 18:05:13 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2014-10-05 18:05:13 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2014-10-05 18:05:13 ----A---- C:\WINDOWS\system32\dafWfdProvider.dll
2014-10-05 18:05:12 ----A---- C:\WINDOWS\SYSWOW64\wlangpui.dll
2014-10-05 18:05:12 ----A---- C:\WINDOWS\SYSWOW64\w32tm.exe
2014-10-05 18:05:12 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2014-10-05 18:05:12 ----A---- C:\WINDOWS\SYSWOW64\CredentialMigrationHandler.dll
2014-10-05 18:05:12 ----A---- C:\WINDOWS\system32\w32tm.exe
2014-10-05 18:05:12 ----A---- C:\WINDOWS\system32\RMapi.dll
2014-10-05 18:05:12 ----A---- C:\WINDOWS\system32\fveapibase.dll
2014-10-05 18:05:12 ----A---- C:\WINDOWS\system32\drivers\tcpipreg.sys
2014-10-05 18:05:12 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2014-10-05 18:05:12 ----A---- C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-10-05 18:05:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.dll
2014-10-05 18:05:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll
2014-10-05 18:05:11 ----A---- C:\WINDOWS\SYSWOW64\sxproxy.dll
2014-10-05 18:05:11 ----A---- C:\WINDOWS\SYSWOW64\ReInfo.dll
2014-10-05 18:05:11 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2014-10-05 18:05:11 ----A---- C:\WINDOWS\SYSWOW64\LocationApi.dll
2014-10-05 18:05:11 ----A---- C:\WINDOWS\SYSWOW64\AdmTmpl.dll
2014-10-05 18:05:11 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-10-05 18:05:11 ----A---- C:\WINDOWS\system32\sxproxy.dll
2014-10-05 18:05:11 ----A---- C:\WINDOWS\system32\SetNetworkLocation.dll
2014-10-05 18:05:11 ----A---- C:\WINDOWS\system32\nshwfp.dll
2014-10-05 18:05:11 ----A---- C:\WINDOWS\system32\LocationApi.dll
2014-10-05 18:05:11 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2014-10-05 18:05:11 ----A---- C:\WINDOWS\system32\DevPropMgr.dll
2014-10-05 18:05:11 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-10-05 18:05:10 ----A---- C:\WINDOWS\SYSWOW64\l2gpstore.dll
2014-10-05 18:05:10 ----A---- C:\WINDOWS\system32\WsmWmiPl.dll
2014-10-05 18:05:10 ----A---- C:\WINDOWS\system32\l2gpstore.dll
2014-10-05 18:05:10 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2014-10-05 18:01:30 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2014-10-05 18:01:29 ----A---- C:\WINDOWS\SYSWOW64\OobeFldr.dll
2014-10-05 18:01:29 ----A---- C:\WINDOWS\system32\WSService.dll
2014-10-05 18:01:29 ----A---- C:\WINDOWS\system32\OobeFldr.dll
2014-10-05 18:01:22 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2014-10-05 18:01:10 ----A---- C:\WINDOWS\system32\wmp.dll
2014-10-05 18:01:08 ----A---- C:\WINDOWS\system32\sppobjs.dll
2014-10-05 18:01:05 ----A---- C:\WINDOWS\system32\tquery.dll
2014-10-05 18:01:04 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2014-10-05 18:01:02 ----A---- C:\WINDOWS\system32\sysmain.dll
2014-10-05 18:01:01 ----A---- C:\WINDOWS\system32\combase.dll
2014-10-05 18:01:00 ----A---- C:\WINDOWS\system32\mssrch.dll
2014-10-05 18:00:59 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2014-10-05 18:00:57 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2014-10-05 18:00:57 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2014-10-05 18:00:55 ----A---- C:\WINDOWS\system32\dui70.dll
2014-10-05 18:00:53 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2014-10-05 18:00:51 ----A---- C:\WINDOWS\system32\webservices.dll
2014-10-05 18:00:50 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2014-10-05 18:00:49 ----A---- C:\WINDOWS\system32\msctf.dll
2014-10-05 18:00:48 ----A---- C:\WINDOWS\SYSWOW64\dui70.dll
2014-10-05 18:00:48 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-10-05 18:00:48 ----A---- C:\WINDOWS\system32\msTextPrediction.dll
2014-10-05 18:00:47 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-10-05 18:00:47 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2014-10-05 18:00:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2014-10-05 18:00:44 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2014-10-05 18:00:44 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2014-10-05 18:00:44 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2014-10-05 18:00:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2014-10-05 18:00:43 ----A---- C:\WINDOWS\SYSWOW64\webservices.dll
2014-10-05 18:00:43 ----A---- C:\WINDOWS\system32\WinTypes.dll
2014-10-05 18:00:42 ----A---- C:\WINDOWS\system32\wer.dll
2014-10-05 18:00:42 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2014-10-05 18:00:41 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2014-10-05 18:00:41 ----A---- C:\WINDOWS\system32\WofTasks.dll
2014-10-05 18:00:41 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2014-10-05 18:00:41 ----A---- C:\WINDOWS\system32\setupapi.dll
2014-10-05 18:00:41 ----A---- C:\WINDOWS\system32\rpcss.dll
2014-10-05 18:00:41 ----A---- C:\WINDOWS\system32\DfpCommon.dll
2014-10-05 18:00:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2014-10-05 18:00:39 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2014-10-05 18:00:39 ----A---- C:\WINDOWS\system32\RacEngn.dll
2014-10-05 18:00:39 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2014-10-05 18:00:38 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2014-10-05 18:00:38 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2014-10-05 18:00:37 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2014-10-05 18:00:37 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2014-10-05 18:00:36 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2014-10-05 18:00:36 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2014-10-05 18:00:36 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2014-10-05 18:00:35 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2014-10-05 18:00:35 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2014-10-05 18:00:35 ----A---- C:\WINDOWS\system32\uxtheme.dll
2014-10-05 18:00:35 ----A---- C:\WINDOWS\system32\samsrv.dll
2014-10-05 18:00:33 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2014-10-05 18:00:33 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2014-10-05 18:00:32 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2014-10-05 18:00:32 ----A---- C:\WINDOWS\system32\WofUtil.dll
2014-10-05 18:00:32 ----A---- C:\WINDOWS\system32\wimgapi.dll
2014-10-05 18:00:31 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2014-10-05 18:00:31 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2014-10-05 18:00:31 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2014-10-05 18:00:30 ----A---- C:\WINDOWS\system32\drivers\rdyboost.sys
2014-10-05 18:00:29 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2014-10-05 18:00:29 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2014-10-05 18:00:29 ----A---- C:\WINDOWS\SYSWOW64\RacEngn.dll
2014-10-05 18:00:29 ----A---- C:\WINDOWS\system32\wpncore.dll
2014-10-05 18:00:29 ----A---- C:\WINDOWS\system32\recimg.exe
2014-10-05 18:00:29 ----A---- C:\WINDOWS\system32\dfp.exe
2014-10-05 18:00:28 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2014-10-05 18:00:28 ----A---- C:\WINDOWS\system32\WerFault.exe
2014-10-05 18:00:28 ----A---- C:\WINDOWS\system32\usercpl.dll
2014-10-05 18:00:28 ----A---- C:\WINDOWS\system32\perftrack.dll
2014-10-05 18:00:28 ----A---- C:\WINDOWS\system32\dfpinc.dat
2014-10-05 18:00:27 ----A---- C:\WINDOWS\system32\WWAHost.exe
2014-10-05 18:00:27 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2014-10-05 18:00:27 ----A---- C:\WINDOWS\system32\lsm.dll
2014-10-05 18:00:27 ----A---- C:\WINDOWS\system32\advapi32.dll
2014-10-05 18:00:26 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2014-10-05 18:00:26 ----A---- C:\WINDOWS\system32\tdh.dll
2014-10-05 18:00:26 ----A---- C:\WINDOWS\system32\mssvp.dll
2014-10-05 18:00:26 ----A---- C:\WINDOWS\system32\energy.dll
2014-10-05 18:00:26 ----A---- C:\WINDOWS\system32\apphelp.dll
2014-10-05 18:00:25 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2014-10-05 18:00:24 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2014-10-05 18:00:24 ----A---- C:\WINDOWS\system32\winlogon.exe
2014-10-05 18:00:24 ----A---- C:\WINDOWS\system32\DismApi.dll
2014-10-05 18:00:23 ----A---- C:\WINDOWS\SYSWOW64\MMDevAPI.dll
2014-10-05 18:00:23 ----A---- C:\WINDOWS\SYSWOW64\apphelp.dll
2014-10-05 18:00:23 ----A---- C:\WINDOWS\system32\mssph.dll
2014-10-05 18:00:22 ----A---- C:\WINDOWS\system32\werconcpl.dll
2014-10-05 18:00:22 ----A---- C:\WINDOWS\system32\msvproc.dll
2014-10-05 18:00:21 ----A---- C:\WINDOWS\system32\thumbcache.dll
2014-10-05 18:00:20 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2014-10-05 18:00:20 ----A---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-10-05 18:00:20 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2014-10-05 18:00:20 ----A---- C:\WINDOWS\system32\msctfuimanager.dll
2014-10-05 18:00:19 ----A---- C:\WINDOWS\system32\Faultrep.dll
2014-10-05 18:00:19 ----A---- C:\WINDOWS\system32\ci.dll
2014-10-05 18:00:18 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2014-10-05 18:00:18 ----A---- C:\WINDOWS\SYSWOW64\msctfuimanager.dll
2014-10-05 18:00:18 ----A---- C:\WINDOWS\system32\sppwinob.dll
2014-10-05 18:00:18 ----A---- C:\WINDOWS\system32\ntshrui.dll
2014-10-05 18:00:18 ----A---- C:\WINDOWS\system32\iuilp.dll
2014-10-05 18:00:18 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-10-05 18:00:17 ----A---- C:\WINDOWS\SYSWOW64\slc.dll
2014-10-05 18:00:17 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2014-10-05 18:00:17 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2014-10-05 18:00:17 ----A---- C:\WINDOWS\system32\wlidcli.dll
2014-10-05 18:00:17 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2014-10-05 18:00:17 ----A---- C:\WINDOWS\system32\slc.dll
2014-10-05 18:00:17 ----A---- C:\WINDOWS\system32\MrmIndexer.dll
2014-10-05 18:00:17 ----A---- C:\WINDOWS\system32\aelupsvc.dll
2014-10-05 18:00:16 ----A---- C:\WINDOWS\SYSWOW64\uxtheme.dll
2014-10-05 18:00:16 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2014-10-05 18:00:16 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2014-10-05 18:00:16 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2014-10-05 18:00:16 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-10-05 18:00:16 ----A---- C:\WINDOWS\system32\pnidui.dll
2014-10-05 18:00:16 ----A---- C:\WINDOWS\system32\nettrace.dll
2014-10-05 18:00:16 ----A---- C:\WINDOWS\system32\Dism.exe
2014-10-05 18:00:15 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2014-10-05 18:00:15 ----A---- C:\WINDOWS\system32\dwmredir.dll
2014-10-05 18:00:14 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2014-10-05 18:00:14 ----A---- C:\WINDOWS\system32\WlanMM.dll
2014-10-05 18:00:14 ----A---- C:\WINDOWS\system32\psmsrv.dll
2014-10-05 18:00:13 ----A---- C:\WINDOWS\system32\ninput.dll
2014-10-05 18:00:13 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2014-10-05 18:00:13 ----A---- C:\WINDOWS\system32\authz.dll
2014-10-05 18:00:12 ----A---- C:\WINDOWS\system32\taskeng.exe
2014-10-05 18:00:12 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2014-10-05 18:00:12 ----A---- C:\WINDOWS\system32\rascustom.dll
2014-10-05 18:00:12 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2014-10-05 18:00:11 ----A---- C:\WINDOWS\system32\wlidcredprov.dll
2014-10-05 18:00:11 ----A---- C:\WINDOWS\system32\wersvc.dll
2014-10-05 18:00:11 ----A---- C:\WINDOWS\system32\themeui.dll
2014-10-05 18:00:11 ----A---- C:\WINDOWS\system32\sqmapi.dll
2014-10-05 18:00:11 ----A---- C:\WINDOWS\system32\rdbui.dll
2014-10-05 18:00:11 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2014-10-05 18:00:10 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2014-10-05 18:00:10 ----A---- C:\WINDOWS\SYSWOW64\DismApi.dll
2014-10-05 18:00:10 ----A---- C:\WINDOWS\system32\wbengine.exe
2014-10-05 18:00:10 ----A---- C:\WINDOWS\system32\rdpcore.dll
2014-10-05 18:00:10 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2014-10-05 18:00:09 ----A---- C:\WINDOWS\SYSWOW64\WSClient.dll
2014-10-05 18:00:09 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2014-10-05 18:00:09 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2014-10-05 18:00:09 ----A---- C:\WINDOWS\SYSWOW64\MrmIndexer.dll
2014-10-05 18:00:09 ----A---- C:\WINDOWS\SYSWOW64\Dism.exe
2014-10-05 18:00:09 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-10-05 18:00:09 ----A---- C:\WINDOWS\system32\oleaut32.dll
2014-10-05 18:00:09 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2014-10-05 18:00:08 ----A---- C:\WINDOWS\SYSWOW64\mssphtb.dll
2014-10-05 18:00:08 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2014-10-05 18:00:08 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-10-05 18:00:08 ----A---- C:\WINDOWS\system32\sppc.dll
2014-10-05 18:00:08 ----A---- C:\WINDOWS\system32\clrhost.dll
2014-10-05 18:00:08 ----A---- C:\WINDOWS\system32\bcrypt.dll
2014-10-05 18:00:07 ----A---- C:\WINDOWS\SYSWOW64\sppc.dll
2014-10-05 18:00:07 ----A---- C:\WINDOWS\system32\WSClient.dll
2014-10-05 18:00:07 ----A---- C:\WINDOWS\system32\wscinterop.dll
2014-10-05 18:00:07 ----A---- C:\WINDOWS\system32\WLanConn.dll
2014-10-05 18:00:07 ----A---- C:\WINDOWS\system32\wimserv.exe
2014-10-05 18:00:07 ----A---- C:\WINDOWS\system32\PkgMgr.exe
2014-10-05 18:00:06 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-10-05 18:00:06 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2014-10-05 18:00:05 ----A---- C:\WINDOWS\SYSWOW64\SyncCenter.dll
2014-10-05 18:00:05 ----A---- C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-10-05 18:00:05 ----A---- C:\WINDOWS\system32\gameux.dll
2014-10-05 18:00:04 ----A---- C:\WINDOWS\SYSWOW64\WlanMM.dll
2014-10-05 18:00:04 ----A---- C:\WINDOWS\system32\fhcfg.dll
2014-10-05 18:00:03 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2014-10-05 18:00:03 ----A---- C:\WINDOWS\system32\dwm.exe
2014-10-05 18:00:02 ----A---- C:\WINDOWS\system32\winsrv.dll
2014-10-05 18:00:02 ----A---- C:\WINDOWS\system32\taskhost.exe
2014-10-05 18:00:02 ----A---- C:\WINDOWS\system32\rasgcw.dll
2014-10-05 18:00:02 ----A---- C:\WINDOWS\system32\drivers\luafv.sys
2014-10-05 18:00:01 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2014-10-05 18:00:01 ----A---- C:\WINDOWS\system32\wscapi.dll
2014-10-05 18:00:01 ----A---- C:\WINDOWS\system32\wermgr.exe
2014-10-05 18:00:01 ----A---- C:\WINDOWS\system32\drivers\PEAuth.sys
2014-10-05 18:00:01 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2014-10-05 18:00:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-10-05 18:00:00 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2014-10-05 18:00:00 ----A---- C:\WINDOWS\SYSWOW64\ninput.dll
2014-10-05 18:00:00 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2014-10-05 18:00:00 ----A---- C:\WINDOWS\SYSWOW64\clrhost.dll
2014-10-05 18:00:00 ----A---- C:\WINDOWS\system32\srchadmin.dll
2014-10-05 18:00:00 ----A---- C:\WINDOWS\system32\drivers\rfcomm.sys
2014-10-05 18:00:00 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2014-10-05 17:59:59 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2014-10-05 17:59:59 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2014-10-05 17:59:59 ----A---- C:\WINDOWS\system32\smss.exe
2014-10-05 17:59:59 ----A---- C:\WINDOWS\system32\BioCredProv.dll
2014-10-05 17:59:58 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2014-10-05 17:59:58 ----A---- C:\WINDOWS\system32\vdsbas.dll
2014-10-05 17:59:58 ----A---- C:\WINDOWS\system32\systemreset.exe
2014-10-05 17:59:58 ----A---- C:\WINDOWS\system32\RASMM.dll
2014-10-05 17:59:58 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2014-10-05 17:59:58 ----A---- C:\WINDOWS\system32\netid.dll
2014-10-05 17:59:58 ----A---- C:\WINDOWS\system32\imm32.dll
2014-10-05 17:59:58 ----A---- C:\WINDOWS\system32\fsutil.exe
2014-10-05 17:59:58 ----A---- C:\WINDOWS\system32\fhcpl.dll
2014-10-05 17:59:58 ----A---- C:\WINDOWS\system32\AltTab.dll
2014-10-05 17:59:57 ----A---- C:\WINDOWS\SYSWOW64\fsutil.exe
2014-10-05 17:59:57 ----A---- C:\WINDOWS\system32\WSDApi.dll
2014-10-05 17:59:57 ----A---- C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-10-05 17:59:57 ----A---- C:\WINDOWS\system32\taskhostex.exe
2014-10-05 17:59:57 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2014-10-05 17:59:57 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2014-10-05 17:59:57 ----A---- C:\WINDOWS\system32\sdclt.exe
2014-10-05 17:59:57 ----A---- C:\WINDOWS\system32\drivers\fileinfo.sys
2014-10-05 17:59:57 ----A---- C:\WINDOWS\system32\das.dll
2014-10-05 17:59:57 ----A---- C:\WINDOWS\system32\CloudNotifications.exe
2014-10-05 17:59:56 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2014-10-05 17:59:56 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2014-10-05 17:59:56 ----A---- C:\WINDOWS\SYSWOW64\imm32.dll
2014-10-05 17:59:56 ----A---- C:\WINDOWS\SYSWOW64\CloudNotifications.exe
2014-10-05 17:59:56 ----A---- C:\WINDOWS\system32\powrprof.dll
2014-10-05 17:59:56 ----A---- C:\WINDOWS\system32\newdev.dll
2014-10-05 17:59:56 ----A---- C:\WINDOWS\system32\mssprxy.dll
2014-10-05 17:59:56 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2014-10-05 17:59:56 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2014-10-05 17:59:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2014-10-05 17:59:55 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2014-10-05 17:59:55 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2014-10-05 17:59:55 ----A---- C:\WINDOWS\system32\zipfldr.dll
2014-10-05 17:59:55 ----A---- C:\WINDOWS\system32\RestoreOptIn.exe
2014-10-05 17:59:55 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2014-10-05 17:59:55 ----A---- C:\WINDOWS\system32\drivers\BthLEEnum.sys
2014-10-05 17:59:55 ----A---- C:\WINDOWS\system32\dmvdsitf.dll
2014-10-05 17:59:54 ----A---- C:\WINDOWS\SYSWOW64\WLanConn.dll
2014-10-05 17:59:54 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2014-10-05 17:59:54 ----A---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2014-10-05 17:59:54 ----A---- C:\WINDOWS\SYSWOW64\powrprof.dll
2014-10-05 17:59:54 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2014-10-05 17:59:54 ----A---- C:\WINDOWS\system32\wow64win.dll
2014-10-05 17:59:54 ----A---- C:\WINDOWS\system32\vds.exe
2014-10-05 17:59:54 ----A---- C:\WINDOWS\system32\UserAccountBroker.exe
2014-10-05 17:59:54 ----A---- C:\WINDOWS\system32\spwizeng.dll
2014-10-05 17:59:54 ----A---- C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-10-05 17:59:54 ----A---- C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-10-05 17:59:54 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2014-10-05 17:59:54 ----A---- C:\WINDOWS\system32\LockScreenContent.dll
2014-10-05 17:59:53 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2014-10-05 17:59:53 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll
2014-10-05 17:59:53 ----A---- C:\WINDOWS\SYSWOW64\wscinterop.dll
2014-10-05 17:59:53 ----A---- C:\WINDOWS\SYSWOW64\UserAccountBroker.exe
2014-10-05 17:59:53 ----A---- C:\WINDOWS\SYSWOW64\srchadmin.dll
2014-10-05 17:59:53 ----A---- C:\WINDOWS\SYSWOW64\RestoreOptIn.exe
2014-10-05 17:59:53 ----A---- C:\WINDOWS\SYSWOW64\newdev.dll
2014-10-05 17:59:53 ----A---- C:\WINDOWS\system32\easinvoker.exe
2014-10-05 17:59:53 ----A---- C:\WINDOWS\system32\dot3mm.dll
2014-10-05 17:59:53 ----A---- C:\WINDOWS\system32\bcd.dll
2014-10-05 17:59:52 ----A---- C:\WINDOWS\SYSWOW64\cleanmgr.exe
2014-10-05 17:59:52 ----A---- C:\WINDOWS\SYSWOW64\bcd.dll
2014-10-05 17:59:52 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2014-10-05 17:59:52 ----A---- C:\WINDOWS\system32\DAMM.dll
2014-10-05 17:59:52 ----A---- C:\WINDOWS\system32\bootux.dll
2014-10-05 17:59:51 ----A---- C:\WINDOWS\system32\samlib.dll
2014-10-05 17:59:51 ----A---- C:\WINDOWS\system32\rasmans.dll
2014-10-05 17:59:51 ----A---- C:\WINDOWS\system32\provsvc.dll
2014-10-05 17:59:51 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2014-10-05 17:59:51 ----A---- C:\WINDOWS\system32\drivers\UCX01000.SYS
2014-10-05 17:59:51 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2014-10-05 17:59:51 ----A---- C:\WINDOWS\system32\AuthHost.exe
2014-10-05 17:59:50 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2014-10-05 17:59:50 ----A---- C:\WINDOWS\SYSWOW64\taskeng.exe
2014-10-05 17:59:50 ----A---- C:\WINDOWS\SYSWOW64\netid.dll
2014-10-05 17:59:50 ----A---- C:\WINDOWS\SYSWOW64\dmvdsitf.dll
2014-10-05 17:59:50 ----A---- C:\WINDOWS\SYSWOW64\BioCredProv.dll
2014-10-05 17:59:50 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2014-10-05 17:59:50 ----A---- C:\WINDOWS\system32\netiohlp.dll
2014-10-05 17:59:50 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2014-10-05 17:59:50 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2014-10-05 17:59:49 ----A---- C:\WINDOWS\SYSWOW64\netiohlp.dll
2014-10-05 17:59:49 ----A---- C:\WINDOWS\system32\scrrun.dll
2014-10-05 17:59:49 ----A---- C:\WINDOWS\system32\drivers\http.sys
2014-10-05 17:59:48 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2014-10-05 17:59:48 ----A---- C:\WINDOWS\system32\easwrt.dll
2014-10-05 17:59:47 ----A---- C:\WINDOWS\SYSWOW64\dmdskmgr.dll
2014-10-05 17:59:47 ----A---- C:\WINDOWS\SYSWOW64\bcrypt.dll
2014-10-05 17:59:47 ----A---- C:\WINDOWS\system32\scrobj.dll
2014-10-05 17:59:47 ----A---- C:\WINDOWS\system32\netplwiz.dll
2014-10-05 17:59:47 ----A---- C:\WINDOWS\system32\LockScreenContentServer.exe
2014-10-05 17:59:47 ----A---- C:\WINDOWS\system32\CloudStorageWizard.exe
2014-10-05 17:59:47 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2014-10-05 17:59:47 ----A---- C:\WINDOWS\system32\acppage.dll
2014-10-05 17:59:46 ----A---- C:\WINDOWS\SYSWOW64\scrrun.dll
2014-10-05 17:59:46 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2014-10-05 17:59:46 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountTokenProvider.dll
2014-10-05 17:59:46 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2014-10-05 17:59:46 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2014-10-05 17:59:46 ----A---- C:\WINDOWS\SYSWOW64\acppage.dll
2014-10-05 17:59:46 ----A---- C:\WINDOWS\system32\winbrand.dll
2014-10-05 17:59:46 ----A---- C:\WINDOWS\system32\slpts.dll
2014-10-05 17:59:46 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2014-10-05 17:59:46 ----A---- C:\WINDOWS\system32\bcdedit.exe
2014-10-05 17:59:45 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2014-10-05 17:59:45 ----A---- C:\WINDOWS\system32\wpnprv.dll
2014-10-05 17:59:45 ----A---- C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-10-05 17:59:45 ----A---- C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-10-05 17:59:45 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2014-10-05 17:59:45 ----A---- C:\WINDOWS\system32\wbadmin.exe
2014-10-05 17:59:45 ----A---- C:\WINDOWS\system32\SysResetErr.exe
2014-10-05 17:59:45 ----A---- C:\WINDOWS\system32\sud.dll
2014-10-05 17:59:45 ----A---- C:\WINDOWS\system32\autofmt.exe
2014-10-05 17:59:45 ----A---- C:\WINDOWS\system32\autoconv.exe
2014-10-05 17:59:44 ----A---- C:\WINDOWS\SYSWOW64\wlidcredprov.dll
2014-10-05 17:59:44 ----A---- C:\WINDOWS\SYSWOW64\scrobj.dll
2014-10-05 17:59:44 ----A---- C:\WINDOWS\SYSWOW64\provsvc.dll
2014-10-05 17:59:44 ----A---- C:\WINDOWS\system32\untfs.dll
2014-10-05 17:59:44 ----A---- C:\WINDOWS\system32\sppnp.dll
2014-10-05 17:59:44 ----A---- C:\WINDOWS\system32\bcdboot.exe
2014-10-05 17:59:43 ----A---- C:\WINDOWS\SYSWOW64\winbrand.dll
2014-10-05 17:59:43 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-10-05 17:59:43 ----A---- C:\WINDOWS\SYSWOW64\slpts.dll
2014-10-05 17:59:43 ----A---- C:\WINDOWS\SYSWOW64\PkgMgr.exe
2014-10-05 17:59:43 ----A---- C:\WINDOWS\SYSWOW64\autochk.exe
2014-10-05 17:59:43 ----A---- C:\WINDOWS\SYSWOW64\autofmt.exe
2014-10-05 17:59:43 ----A---- C:\WINDOWS\system32\spbcd.dll
2014-10-05 17:59:43 ----A---- C:\WINDOWS\system32\setbcdlocale.dll
2014-10-05 17:59:43 ----A---- C:\WINDOWS\system32\migisol.dll
2014-10-05 17:59:43 ----A---- C:\WINDOWS\system32\DAConn.dll
2014-10-05 17:59:43 ----A---- C:\WINDOWS\system32\autochk.exe
2014-10-05 17:59:42 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2014-10-05 17:59:42 ----A---- C:\WINDOWS\SYSWOW64\autoconv.exe
2014-10-05 17:59:42 ----A---- C:\WINDOWS\SYSWOW64\AuthBroker.dll
2014-10-05 17:59:42 ----A---- C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-10-05 17:59:42 ----A---- C:\WINDOWS\system32\spcompat.dll
2014-10-05 17:59:42 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2014-10-05 17:59:42 ----A---- C:\WINDOWS\system32\fhevents.dll
2014-10-05 17:59:42 ----A---- C:\WINDOWS\system32\dafBth.dll
2014-10-05 17:59:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-10-05 17:59:41 ----A---- C:\WINDOWS\SYSWOW64\StorageContextHandler.dll
2014-10-05 17:59:41 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2014-10-05 17:59:41 ----A---- C:\WINDOWS\system32\vdsutil.dll
2014-10-05 17:59:41 ----A---- C:\WINDOWS\system32\drivers\watchdog.sys
2014-10-05 17:59:41 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2014-10-05 17:59:41 ----A---- C:\WINDOWS\system32\cscript.exe
2014-10-05 17:59:40 ----A---- C:\WINDOWS\SYSWOW64\spwizeng.dll
2014-10-05 17:59:39 ----A---- C:\WINDOWS\SYSWOW64\WimBootCompress.ini
2014-10-05 17:59:39 ----A---- C:\WINDOWS\SYSWOW64\spbcd.dll
2014-10-05 17:59:39 ----A---- C:\WINDOWS\system32\WimBootCompress.ini
2014-10-05 17:59:39 ----A---- C:\WINDOWS\system32\werui.dll
2014-10-05 17:59:39 ----A---- C:\WINDOWS\system32\energytask.dll
2014-10-05 17:59:39 ----A---- C:\WINDOWS\system32\diskpart.exe
2014-10-05 17:59:38 ----A---- C:\WINDOWS\system32\powercfg.exe
2014-10-05 17:59:35 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2014-10-05 17:59:35 ----A---- C:\WINDOWS\system32\RelPost.exe
2014-10-05 17:59:33 ----A---- C:\WINDOWS\system32\SettingMonitor.dll
2014-10-05 17:59:33 ----A---- C:\WINDOWS\system32\pnpclean.dll
2014-10-05 17:59:33 ----A---- C:\WINDOWS\system32\deviceassociation.dll
2014-10-05 17:59:31 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2014-10-05 17:59:31 ----A---- C:\WINDOWS\SYSWOW64\SettingMonitor.dll
2014-10-05 17:59:31 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2014-10-05 17:59:31 ----A---- C:\WINDOWS\system32\dasHost.exe
2014-10-05 17:59:29 ----A---- C:\WINDOWS\SYSWOW64\winsku.dll
2014-10-05 17:59:29 ----A---- C:\WINDOWS\SYSWOW64\SSShim.dll
2014-10-05 17:59:29 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2014-10-05 17:59:29 ----A---- C:\WINDOWS\SYSWOW64\CloudStorageWizard.exe
2014-10-05 17:59:29 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-10-05 17:59:29 ----A---- C:\WINDOWS\system32\srrstr.dll
2014-10-05 17:59:29 ----A---- C:\WINDOWS\system32\ReAgentc.exe
2014-10-05 17:59:29 ----A---- C:\WINDOWS\system32\offreg.dll
2014-10-05 17:59:29 ----A---- C:\WINDOWS\system32\ActionQueue.dll
2014-10-05 17:59:28 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2014-10-05 17:59:28 ----A---- C:\WINDOWS\SYSWOW64\UserLanguagesCpl.dll
2014-10-05 17:59:28 ----A---- C:\WINDOWS\SYSWOW64\powercfg.exe
2014-10-05 17:59:28 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2014-10-05 17:59:28 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2014-10-05 17:59:28 ----A---- C:\WINDOWS\SYSWOW64\deviceassociation.dll
2014-10-05 17:59:28 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-10-05 17:59:28 ----A---- C:\WINDOWS\system32\msshooks.dll
2014-10-05 17:59:28 ----A---- C:\WINDOWS\system32\mf3216.dll
2014-10-05 17:59:28 ----A---- C:\WINDOWS\system32\dfrgui.exe
2014-10-05 17:59:27 ----A---- C:\WINDOWS\SYSWOW64\migisol.dll
2014-10-05 17:59:27 ----A---- C:\WINDOWS\system32\f3ahvoas.dll
2014-10-05 17:59:26 ----A---- C:\WINDOWS\SYSWOW64\ReAgentc.exe
2014-10-05 17:59:26 ----A---- C:\WINDOWS\SYSWOW64\easwrt.dll
2014-10-05 17:59:26 ----A---- C:\WINDOWS\SYSWOW64\dfrgui.exe
2014-10-05 17:59:26 ----A---- C:\WINDOWS\system32\winsku.dll
2014-10-05 17:59:26 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2014-10-05 17:59:26 ----A---- C:\WINDOWS\system32\vdsdyn.dll
2014-10-05 17:59:26 ----A---- C:\WINDOWS\system32\SrTasks.exe
2014-10-05 17:59:26 ----A---- C:\WINDOWS\system32\LockScreenContentHost.dll
2014-10-05 17:59:25 ----A---- C:\WINDOWS\SYSWOW64\diskpart.exe
2014-10-05 17:59:25 ----A---- C:\WINDOWS\SYSWOW64\cscript.exe
2014-10-05 17:59:25 ----A---- C:\WINDOWS\system32\themecpl.dll
2014-10-05 17:59:25 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2014-10-05 17:59:25 ----A---- C:\WINDOWS\system32\AepRoam.dll
2014-10-05 17:59:24 ----A---- C:\WINDOWS\SYSWOW64\sxshared.dll
2014-10-05 17:59:24 ----A---- C:\WINDOWS\SYSWOW64\msshooks.dll
2014-10-05 17:59:24 ----A---- C:\WINDOWS\SYSWOW64\ConfigureExpandedStorage.dll
2014-10-05 17:59:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2014-10-05 17:59:23 ----A---- C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-10-05 17:59:17 ----A---- C:\WINDOWS\system32\scavengeui.dll
2014-10-05 17:59:15 ----A---- C:\WINDOWS\system32\wincorlib.dll
2014-10-05 17:59:14 ----AH---- C:\WINDOWS\SYSWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-10-05 17:59:14 ----A---- C:\WINDOWS\SYSWOW64\setupugc.exe
2014-10-05 17:59:13 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2014-10-05 17:59:10 ----A---- C:\WINDOWS\system32\syncui.dll
2014-10-05 17:59:10 ----A---- C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-10-05 17:59:09 ----A---- C:\WINDOWS\SYSWOW64\finger.exe
2014-10-05 17:59:08 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2014-10-05 17:59:08 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncPolicy.dll
2014-10-05 17:59:08 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2014-10-05 17:59:08 ----A---- C:\WINDOWS\system32\StorageContextHandler.dll
2014-10-05 17:59:08 ----A---- C:\WINDOWS\system32\ocsetapi.dll
2014-10-05 17:59:08 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2014-10-05 17:59:07 ----AH---- C:\WINDOWS\SYSWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-10-05 17:59:07 ----AH---- C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-10-05 17:59:07 ----AH---- C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-10-05 17:59:07 ----A---- C:\WINDOWS\SYSWOW64\ocsetapi.dll
2014-10-05 17:59:07 ----A---- C:\WINDOWS\SYSWOW64\korwbrkr.dll
2014-10-05 17:59:07 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2014-10-05 17:59:07 ----A---- C:\WINDOWS\system32\shsetup.dll
2014-10-05 17:59:07 ----A---- C:\WINDOWS\system32\dataclen.dll
2014-10-05 17:59:07 ----A---- C:\WINDOWS\system32\aitagent.exe
2014-10-05 17:59:06 ----AH---- C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-10-05 17:59:06 ----AH---- C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-10-05 17:59:06 ----A---- C:\WINDOWS\SYSWOW64\dataclen.dll
2014-10-05 17:59:06 ----A---- C:\WINDOWS\system32\shimeng.dll
2014-10-05 17:59:06 ----A---- C:\WINDOWS\system32\lpksetupproxyserv.dll
2014-10-05 17:59:06 ----A---- C:\WINDOWS\system32\fhsvcctl.dll
2014-10-05 17:59:05 ----AH---- C:\WINDOWS\SYSWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-10-05 17:59:05 ----AH---- C:\WINDOWS\SYSWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-10-05 17:59:05 ----AH---- C:\WINDOWS\SYSWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-10-05 17:59:05 ----A---- C:\WINDOWS\SYSWOW64\occache.dll
2014-10-05 17:59:05 ----A---- C:\WINDOWS\SYSWOW64\f3ahvoas.dll
2014-10-05 17:59:05 ----A---- C:\WINDOWS\system32\occache.dll
2014-10-05 17:59:05 ----A---- C:\WINDOWS\system32\fveskybackup.dll
2014-10-05 17:59:05 ----A---- C:\WINDOWS\system32\finger.exe
2014-10-05 17:59:05 ----A---- C:\WINDOWS\system32\dxmasf.dll
2014-10-05 17:23:06 ----RD---- C:\WINDOWS\BrowserChoice
2014-10-05 17:02:33 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-10-05 17:02:31 ----A---- C:\WINDOWS\system32\pnrpsvc.dll
2014-10-05 17:02:30 ----A---- C:\WINDOWS\SYSWOW64\sti.dll
2014-10-05 17:02:30 ----A---- C:\WINDOWS\SYSWOW64\OEMLicense.dll
2014-10-05 17:02:30 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2014-10-05 17:02:30 ----A---- C:\WINDOWS\system32\sti.dll
2014-10-05 17:02:30 ----A---- C:\WINDOWS\system32\OEMLicense.dll
2014-10-05 17:02:30 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2014-10-05 17:02:03 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2014-10-05 17:02:02 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2014-10-05 17:02:02 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2014-10-05 17:02:01 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2014-10-05 17:02:00 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2014-10-05 17:02:00 ----A---- C:\WINDOWS\system32\d3d10level9.dll
2014-10-05 17:01:58 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2014-10-05 17:01:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2014-10-05 17:01:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2014-10-05 17:01:57 ----A---- C:\WINDOWS\SYSWOW64\d3d10level9.dll
2014-10-05 17:01:56 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2014-10-05 17:01:55 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2014-10-05 17:01:55 ----A---- C:\WINDOWS\system32\tsmf.dll
2014-10-05 17:01:55 ----A---- C:\WINDOWS\system32\kd_02_8086.dll
2014-10-05 17:01:55 ----A---- C:\WINDOWS\system32\eapphost.dll
2014-10-05 17:01:55 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2014-10-05 17:01:53 ----A---- C:\WINDOWS\SYSWOW64\tsmf.dll
2014-10-05 17:01:53 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2014-10-05 17:01:53 ----A---- C:\WINDOWS\system32\msched.dll
2014-10-05 17:01:53 ----A---- C:\WINDOWS\system32\embeddedapplauncher.exe
2014-10-05 17:01:52 ----A---- C:\WINDOWS\SYSWOW64\shsetup.dll
2014-10-05 17:01:52 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2014-10-05 17:01:52 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2014-10-05 17:01:52 ----A---- C:\WINDOWS\system32\wldp.dll
2014-10-05 17:01:52 ----A---- C:\WINDOWS\system32\TSWbPrxy.exe
2014-10-05 17:01:52 ----A---- C:\WINDOWS\system32\eappcfg.dll
2014-10-05 17:01:52 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2014-10-05 17:01:51 ----A---- C:\WINDOWS\SYSWOW64\ftp.exe
2014-10-05 17:01:51 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2014-10-05 17:01:51 ----A---- C:\WINDOWS\system32\rdpclip.exe
2014-10-05 17:01:51 ----A---- C:\WINDOWS\system32\ftp.exe
2014-10-05 17:01:51 ----A---- C:\WINDOWS\system32\eappgnui.dll
2014-10-05 17:01:50 ----A---- C:\WINDOWS\SYSWOW64\miutils.dll
2014-10-05 17:01:50 ----A---- C:\WINDOWS\system32\miutils.dll
2014-10-05 17:01:43 ----A---- C:\WINDOWS\system32\sppsvc.exe
2014-10-05 17:01:42 ----A---- C:\WINDOWS\system32\dbgeng.dll
2014-10-05 17:01:41 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2014-10-05 17:01:41 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2014-10-05 17:01:41 ----A---- C:\WINDOWS\system32\dbghelp.dll
2014-10-05 17:01:40 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2014-10-05 17:01:40 ----A---- C:\WINDOWS\system32\sppcomapi.dll
2014-10-05 17:01:25 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2014-10-05 17:01:25 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2014-10-05 17:01:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll
2014-10-05 17:01:22 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2014-10-05 17:01:22 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll
2014-10-05 17:01:22 ----A---- C:\WINDOWS\system32\mfds.dll
2014-10-05 17:01:22 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2014-10-05 17:01:22 ----A---- C:\WINDOWS\system32\drivers\ipnat.sys
2014-10-05 17:01:21 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2014-10-05 17:01:21 ----A---- C:\WINDOWS\SYSWOW64\msieftp.dll
2014-10-05 17:01:21 ----A---- C:\WINDOWS\system32\rastls.dll
2014-10-05 17:01:21 ----A---- C:\WINDOWS\system32\msieftp.dll
2014-10-05 17:01:21 ----A---- C:\WINDOWS\system32\drivers\BtaMPM.sys
2014-10-05 17:01:21 ----A---- C:\WINDOWS\system32\deviceregistration.dll
2014-10-05 17:01:21 ----A---- C:\WINDOWS\system32\bi.dll
2014-10-05 17:00:57 ----A---- C:\WINDOWS\system32\drivers\intelpep.sys
2014-10-05 17:00:52 ----A---- C:\WINDOWS\SYSWOW64\appmgr.dll
2014-10-05 17:00:52 ----A---- C:\WINDOWS\system32\drivers\SerCx2.sys
2014-10-05 17:00:52 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2014-10-05 17:00:52 ----A---- C:\WINDOWS\system32\appmgr.dll
2014-10-05 17:00:47 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-10-05 17:00:47 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-10-05 17:00:47 ----A---- C:\WINDOWS\system32\ieetwcollectorres.dll
2014-10-05 17:00:46 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-10-05 17:00:45 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-10-05 17:00:44 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-10-05 17:00:44 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-10-05 17:00:43 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-10-05 17:00:43 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-10-05 17:00:42 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-10-05 17:00:41 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-10-05 17:00:40 ----A---- C:\WINDOWS\system32\msrating.dll
2014-10-05 17:00:24 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2014-10-05 17:00:24 ----A---- C:\WINDOWS\system32\d2d1.dll
2014-10-05 17:00:21 ----A---- C:\WINDOWS\system32\WSCollect.exe
2014-10-05 17:00:20 ----A---- C:\WINDOWS\SYSWOW64\imagehlp.dll
2014-10-05 17:00:20 ----A---- C:\WINDOWS\system32\imagehlp.dll
2014-10-05 16:59:43 ----A---- C:\WINDOWS\SYSWOW64\msdrm.dll
2014-10-05 16:59:43 ----A---- C:\WINDOWS\system32\msdrm.dll
2014-10-05 16:59:25 ----A---- C:\WINDOWS\SYSWOW64\WMPhoto.dll
2014-10-05 16:59:25 ----A---- C:\WINDOWS\system32\WMPhoto.dll
2014-10-05 16:59:20 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2014-10-05 16:59:20 ----A---- C:\WINDOWS\system32\poqexec.exe
2014-10-05 16:59:13 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2014-10-05 16:59:13 ----A---- C:\WINDOWS\system32\crypt32.dll
2014-10-05 16:59:12 ----A---- C:\WINDOWS\SYSWOW64\pcaui.exe
2014-10-05 16:59:12 ----A---- C:\WINDOWS\system32\pcaui.exe
2014-10-05 15:57:49 ----DC---- C:\WINDOWS\Panther
2014-10-05 15:55:53 ----D---- C:\Windows.old
2014-10-05 15:53:13 ----D---- C:\Program Files (x86)\Reference Assemblies
2014-10-05 15:53:13 ----D---- C:\Program Files (x86)\MSBuild
2014-10-05 15:53:11 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2014-10-05 15:53:11 ----D---- C:\Program Files\Reference Assemblies
2014-10-05 15:53:11 ----D---- C:\Program Files\MSBuild
2014-10-05 15:52:33 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2014-10-05 15:52:33 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-05 15:52:32 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-10-05 15:52:32 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-05 15:18:22 ----D---- C:\WINDOWS\CSC
2014-10-05 15:06:47 ----SD---- C:\Users\Karolínka\AppData\Roaming\Microsoft
2014-10-05 15:01:16 ----D---- C:\Program Files\Common Files\Atheros
2014-10-05 15:01:05 ----A---- C:\WINDOWS\system32\drivers\RTWAVES30.dat
2014-10-05 15:00:52 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2014-10-05 15:00:52 ----D---- C:\Program Files\Realtek
2014-10-05 15:00:45 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.DLL
2014-10-05 15:00:45 ----A---- C:\WINDOWS\system32\OpenCL.DLL
2014-10-05 15:00:30 ----D---- C:\Program Files\Intel
2014-10-05 14:59:21 ----D---- C:\WINDOWS\Prefetch
2014-10-05 14:04:25 ----HD---- C:\$WINDOWS.~BT
2014-10-05 12:57:55 ----A---- C:\Recovery.txt
2014-10-04 13:34:35 ----D---- C:\FRST
2014-10-04 08:40:32 ----D---- C:\Users\Karolínka\AppData\Roaming\DropboxMaster
2014-10-04 08:37:13 ----D---- C:\Users\Karolínka\AppData\Roaming\Dropbox
2014-10-04 08:27:12 ----D---- C:\Users\Karolínka\AppData\Roaming\AVAST Software
2014-10-04 08:25:23 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2014-10-04 08:25:23 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2014-10-04 08:25:23 ----A---- C:\WINDOWS\system32\drivers\aswsp.sys
2014-10-04 08:25:23 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2014-10-04 08:25:23 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2014-10-04 08:25:23 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2014-10-04 08:25:23 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2014-10-04 08:25:23 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2014-10-04 08:25:22 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-10-04 08:25:21 ----A---- C:\WINDOWS\avastSS.scr
2014-10-04 08:23:34 ----D---- C:\Program Files\AVAST Software
2014-10-04 08:23:10 ----D---- C:\ProgramData\AVAST Software
2014-10-04 08:12:13 ----SHD---- C:\Config.Msi
2014-09-29 23:14:43 ----D---- C:\Program Files\Microsoft Silverlight
2014-09-29 23:14:43 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-09-29 22:04:56 ----D---- C:\Program Files\CCleaner
2014-09-29 21:18:06 ----D---- C:\Program Files (x86)\ESET

======List of files/folders modified in the last 1 month======

2014-10-05 20:26:30 ----RD---- C:\Program Files
2014-10-05 20:26:01 ----D---- C:\WINDOWS\system32\config
2014-10-05 20:24:45 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-10-05 20:22:40 ----D---- C:\WINDOWS\Temp
2014-10-05 20:22:31 ----D---- C:\WINDOWS\Microsoft.NET
2014-10-05 20:22:29 ----D---- C:\WINDOWS\WinSxS
2014-10-05 20:21:05 ----D---- C:\WINDOWS\Inf
2014-10-05 20:19:10 ----RD---- C:\WINDOWS\ToastData
2014-10-05 20:19:09 ----D---- C:\WINDOWS\SYSWOW64\wbem
2014-10-05 20:19:09 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-10-05 20:19:09 ----D---- C:\Program Files\Windows Journal
2014-10-05 20:19:07 ----RD---- C:\WINDOWS\System32
2014-10-05 20:19:07 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-10-05 20:19:07 ----D---- C:\WINDOWS\SYSWOW64\setup
2014-10-05 20:19:07 ----D---- C:\WINDOWS\SysWOW64
2014-10-05 20:19:07 ----D---- C:\WINDOWS\system32\wbem
2014-10-05 20:19:07 ----D---- C:\WINDOWS\system32\setup
2014-10-05 20:19:07 ----D---- C:\WINDOWS\system32\oobe
2014-10-05 20:19:07 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2014-10-05 20:19:07 ----D---- C:\WINDOWS\system32\drivers
2014-10-05 20:19:07 ----D---- C:\WINDOWS\system32\cs-CZ
2014-10-05 20:19:07 ----D---- C:\WINDOWS\system32\Boot
2014-10-05 20:19:07 ----D---- C:\WINDOWS\PolicyDefinitions
2014-10-05 20:19:06 ----RSD---- C:\WINDOWS\Fonts
2014-10-05 20:19:06 ----D---- C:\WINDOWS\apppatch
2014-10-05 20:19:05 ----D---- C:\WINDOWS\system32\DriverStore
2014-10-05 20:18:30 ----RD---- C:\WINDOWS\assembly
2014-10-05 20:10:11 ----D---- C:\WINDOWS\CbsTemp
2014-10-05 20:07:51 ----D---- C:\WINDOWS\system32\catroot2
2014-10-05 20:00:02 ----D---- C:\WINDOWS\system32\sru
2014-10-05 19:59:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-05 19:51:35 ----SD---- C:\WINDOWS\system32\CompatTel
2014-10-05 19:51:34 ----D---- C:\Program Files\Windows Defender
2014-10-05 19:51:32 ----D---- C:\Program Files (x86)\Windows Defender
2014-10-05 19:51:27 ----D---- C:\WINDOWS\system32\migration
2014-10-05 19:51:26 ----D---- C:\Windows
2014-10-05 19:51:21 ----D---- C:\WINDOWS\WinStore
2014-10-05 19:51:20 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-10-05 19:51:19 ----D---- C:\WINDOWS\system32\en-US
2014-10-05 19:51:19 ----D---- C:\WINDOWS\MediaViewer
2014-10-05 19:51:19 ----D---- C:\WINDOWS\FileManager
2014-10-05 19:51:19 ----D---- C:\WINDOWS\Camera
2014-10-05 19:51:14 ----D---- C:\Program Files\Internet Explorer
2014-10-05 19:51:14 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-05 18:40:50 ----D---- C:\WINDOWS\AppReadiness
2014-10-05 18:23:21 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-10-05 18:23:12 ----D---- C:\Program Files\Windows Portable Devices
2014-10-05 18:23:12 ----D---- C:\Program Files\Windows Multimedia Platform
2014-10-05 18:23:12 ----D---- C:\Program Files\Windows Media Player
2014-10-05 18:23:11 ----D---- C:\WINDOWS\SYSWOW64\Dism
2014-10-05 18:23:11 ----D---- C:\WINDOWS\servicing
2014-10-05 18:23:11 ----D---- C:\Program Files (x86)\Windows Portable Devices
2014-10-05 18:23:11 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2014-10-05 18:23:11 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-05 18:23:10 ----D---- C:\WINDOWS\SYSWOW64\oobe
2014-10-05 18:23:05 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2014-10-05 18:23:05 ----D---- C:\WINDOWS\system32\sk-SK
2014-10-05 18:23:05 ----D---- C:\WINDOWS\system32\lv-LV
2014-10-05 18:23:05 ----D---- C:\WINDOWS\system32\ko-KR
2014-10-05 18:23:05 ----D---- C:\WINDOWS\system32\it-IT
2014-10-05 18:23:05 ----D---- C:\WINDOWS\system32\hr-HR
2014-10-05 18:23:05 ----D---- C:\WINDOWS\system32\et-EE
2014-10-05 18:23:05 ----D---- C:\WINDOWS\system32\en-GB
2014-10-05 18:23:05 ----D---- C:\WINDOWS\system32\el-GR
2014-10-05 18:23:05 ----D---- C:\WINDOWS\system32\de-DE
2014-10-05 18:23:05 ----D---- C:\WINDOWS\system32\da-DK
2014-10-05 18:23:05 ----D---- C:\WINDOWS\cs-CZ
2014-10-05 18:23:02 ----D---- C:\WINDOWS\system32\Sysprep
2014-10-05 18:23:02 ----D---- C:\WINDOWS\system32\sv-SE
2014-10-05 18:23:02 ----D---- C:\WINDOWS\system32\ru-RU
2014-10-05 18:23:02 ----D---- C:\WINDOWS\system32\he-IL
2014-10-05 18:23:02 ----D---- C:\WINDOWS\system32\fr-FR
2014-10-05 18:23:02 ----D---- C:\WINDOWS\system32\fi-FI
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\zh-TW
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\zh-HK
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\zh-CN
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\uk-UA
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\tr-TR
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\th-TH
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\sl-SI
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\ro-RO
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\pt-PT
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\pl-PL
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\ja-JP
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\hu-HU
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\es-ES
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\drivers\en-US
2014-10-05 18:23:01 ----D---- C:\WINDOWS\system32\bg-BG
2014-10-05 18:23:00 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2014-10-05 18:23:00 ----D---- C:\WINDOWS\system32\pt-BR
2014-10-05 18:23:00 ----D---- C:\WINDOWS\system32\nl-NL
2014-10-05 18:23:00 ----D---- C:\WINDOWS\system32\nb-NO
2014-10-05 18:23:00 ----D---- C:\WINDOWS\system32\migwiz
2014-10-05 18:23:00 ----D---- C:\WINDOWS\system32\lt-LT
2014-10-05 18:23:00 ----D---- C:\WINDOWS\system32\Dism
2014-10-05 18:23:00 ----D---- C:\WINDOWS\system32\ar-SA
2014-10-05 18:22:37 ----D---- C:\WINDOWS\system32\drivers\UMDF
2014-10-05 18:10:12 ----SH---- C:\WINDOWS\system32\desktop.ini
2014-10-05 17:27:35 ----D---- C:\WINDOWS\system32\wdi
2014-10-05 17:04:06 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2014-10-05 17:03:18 ----SHD---- C:\System Volume Information
2014-10-05 17:02:52 ----D---- C:\WINDOWS\system32\restore
2014-10-05 16:48:49 ----D---- C:\WINDOWS\Logs
2014-10-05 16:32:19 ----HD---- C:\Program Files\WindowsApps
2014-10-05 16:30:27 ----SHD---- C:\$Recycle.Bin
2014-10-05 15:57:38 ----SHD---- C:\Recovery
2014-10-05 15:55:37 ----SD---- C:\WINDOWS\system32\Microsoft
2014-10-05 15:28:32 ----D---- C:\WINDOWS\rescache
2014-10-05 15:27:22 ----D---- C:\Program Files\Windows NT
2014-10-05 15:26:44 ----D---- C:\WINDOWS\debug
2014-10-05 15:26:40 ----D---- C:\WINDOWS\SoftwareDistribution
2014-10-05 15:25:51 ----D---- C:\WINDOWS\Registration
2014-10-05 15:25:34 ----D---- C:\WINDOWS\system32\Tasks
2014-10-05 15:19:09 ----D---- C:\WINDOWS\system32\LogFiles
2014-10-05 15:18:37 ----RSD---- C:\WINDOWS\Media
2014-10-05 15:14:08 ----D---- C:\WINDOWS\SYSWOW64\drivers
2014-10-05 15:14:07 ----HD---- C:\WINDOWS\Installer
2014-10-05 15:14:07 ----D---- C:\WINDOWS\sk
2014-10-05 15:14:07 ----D---- C:\WINDOWS\pl
2014-10-05 15:14:07 ----D---- C:\WINDOWS\hu
2014-10-05 15:14:06 ----HD---- C:\ProgramData
2014-10-05 15:14:06 ----D---- C:\WINDOWS\en-GB
2014-10-05 15:14:06 ----D---- C:\WINDOWS\cs
2014-10-05 15:14:06 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-10-05 15:12:38 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2014-10-05 15:12:38 ----D---- C:\WINDOWS\SYSWOW64\zh-HK
2014-10-05 15:12:38 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2014-10-05 15:12:37 ----D---- C:\WINDOWS\SYSWOW64\WCN
2014-10-05 15:12:37 ----D---- C:\WINDOWS\SYSWOW64\uk-UA
2014-10-05 15:12:37 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2014-10-05 15:12:37 ----D---- C:\WINDOWS\SYSWOW64\th-TH
2014-10-05 15:12:37 ----D---- C:\WINDOWS\SYSWOW64\sysprep
2014-10-05 15:12:37 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2014-10-05 15:12:37 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-RS
2014-10-05 15:12:36 ----D---- C:\WINDOWS\SYSWOW64\SMI
2014-10-05 15:12:35 ----D---- C:\WINDOWS\SYSWOW64\sl-SI
2014-10-05 15:12:35 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2014-10-05 15:12:35 ----D---- C:\WINDOWS\SYSWOW64\sda
2014-10-05 15:12:34 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2014-10-05 15:12:34 ----D---- C:\WINDOWS\SYSWOW64\ro-RO
2014-10-05 15:12:34 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2014-10-05 15:12:34 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2014-10-05 15:12:34 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2014-10-05 15:12:34 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2014-10-05 15:12:34 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2014-10-05 15:12:34 ----D---- C:\WINDOWS\SYSWOW64\MUI
2014-10-05 15:12:34 ----D---- C:\WINDOWS\SYSWOW64\migwiz
2014-10-05 15:12:33 ----D---- C:\WINDOWS\SYSWOW64\lv-LV
2014-10-05 15:12:33 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2014-10-05 15:12:33 ----D---- C:\WINDOWS\SYSWOW64\LogFiles
2014-10-05 15:12:33 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2014-10-05 15:12:33 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2014-10-05 15:12:33 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2014-10-05 15:12:32 ----D---- C:\WINDOWS\SYSWOW64\InputMethod
2014-10-05 15:12:32 ----D---- C:\WINDOWS\SYSWOW64\IME
2014-10-05 15:12:32 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2014-10-05 15:12:32 ----D---- C:\WINDOWS\SYSWOW64\hr-HR
2014-10-05 15:12:32 ----D---- C:\WINDOWS\SYSWOW64\he-IL
2014-10-05 15:12:31 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2014-10-05 15:12:31 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2014-10-05 15:12:31 ----D---- C:\WINDOWS\SYSWOW64\et-EE
2014-10-05 15:12:31 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2014-10-05 15:12:31 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2014-10-05 15:12:31 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2014-10-05 15:12:31 ----D---- C:\WINDOWS\SYSWOW64\drivers\UMDF
2014-10-05 15:12:31 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2014-10-05 15:12:31 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2014-10-05 15:12:30 ----D---- C:\WINDOWS\SYSWOW64\catroot
2014-10-05 15:12:30 ----D---- C:\WINDOWS\SYSWOW64\bg-BG
2014-10-05 15:12:30 ----D---- C:\WINDOWS\SYSWOW64\ar-SA
2014-10-05 15:12:26 ----D---- C:\WINDOWS\system32\WCN
2014-10-05 15:12:26 ----D---- C:\WINDOWS\system32\spool
2014-10-05 15:12:22 ----D---- C:\WINDOWS\system32\NDF
2014-10-05 15:12:22 ----D---- C:\WINDOWS\system32\MUI
2014-10-05 15:12:21 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-10-05 15:12:21 ----D---- C:\WINDOWS\system32\IME
2014-10-05 15:12:20 ----D---- C:\WINDOWS\system32\drivers\etc
2014-10-05 15:11:25 ----D---- C:\WINDOWS\InputMethod
2014-10-05 15:11:24 ----D---- C:\WINDOWS\IME
2014-10-05 15:11:23 ----D---- C:\WINDOWS\Help
2014-10-05 15:11:20 ----D---- C:\WINDOWS\DigitalLocker
2014-10-05 15:11:18 ----RD---- C:\Users
2014-10-05 15:11:17 ----D---- C:\ProgramData\PRICache
2014-10-05 15:11:16 ----SD---- C:\ProgramData\Microsoft
2014-10-05 15:11:11 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2014-10-05 15:11:11 ----RD---- C:\Program Files (x86)
2014-10-05 15:11:11 ----D---- C:\Program Files (x86)\WindowsPowerShell
2014-10-05 15:11:08 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-10-05 15:11:07 ----D---- C:\Program Files (x86)\Common Files
2014-10-05 15:11:04 ----SHD---- C:\Program Files\Windows Sidebar
2014-10-05 15:11:04 ----D---- C:\Program Files\WindowsPowerShell
2014-10-05 15:11:02 ----D---- C:\Program Files\Common Files\microsoft shared
2014-10-05 15:11:01 ----D---- C:\Program Files\Common Files
2014-10-05 15:09:28 ----D---- C:\WINDOWS\system32\CodeIntegrity
2014-10-05 15:08:01 ----D---- C:\WINDOWS\system32\Recovery
2014-10-05 15:00:50 ----D---- C:\WINDOWS\system32\catroot
2014-10-04 08:20:23 ----D---- C:\ProgramData\AVG2014
2014-10-04 08:20:20 ----D---- C:\ProgramData\MFAData
2014-10-04 08:12:34 ----HD---- C:\WINDOWS\ELAMBKUP
2014-09-30 21:29:51 ----D---- C:\Users\Karolínka\AppData\Roaming\vlc
2014-09-29 22:20:47 ----D---- C:\Users\Karolínka\AppData\Roaming\uTorrent
2014-09-28 23:07:51 ----D---- C:\ProgramData\P4G
2014-09-28 23:07:51 ----D---- C:\Program Files (x86)\Google
2014-09-22 08:42:39 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2014-09-21 16:34:12 ----D---- C:\Program Files\Microsoft Office 15
2014-09-20 12:34:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-09-14 23:48:29 ----D---- C:\WINDOWS\system32\MRT
2014-09-14 23:43:43 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-10-04 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-10-04 224896]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-14 647736]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2014-10-04 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-10-04 1041168]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-10-04 427360]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-10-04 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-10-04 79184]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2014-10-04 92008]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 athr;@oem92.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-08-22 3915264]
R3 ATP;@oem33.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2013-04-16 65784]
R3 BTATH_HCRP;@oem3.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-03-27 179432]
R3 BTATH_RCP;@oem8.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-03-27 136784]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-01-28 593000]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HIDSwitch;@oem1.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-11-04 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-06-04 3441992]
R3 IntcDAud;@oem64.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-01-09 342528]
R3 iwdbus;@oem96.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 kbfiltr;@oem4.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem40.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 RSBASTOR;@oem88.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys [2012-10-08 298640]
R3 RTL8168;@oem91.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-11-29 838872]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 AthBTPort;@oem87.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-03-27 89168]
S3 BTATH_A2DP;@oem76.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-03-27 346192]
S3 btath_avdt;@oem76.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-03-27 115280]
S3 BTATH_LWFLT;@oem6.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-03-27 77464]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 intaud_WaveExtensible;@oem95.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-23 39320]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2013-06-14 1281640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-04 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-08-12 2428088]
R3 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-10-05 110976]
R3 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R3 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R3 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-03-27 227968]
R3 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-09-13 2466448]
R3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R3 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R3 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R3 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-28 116648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-09-30 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-28 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-06 641352]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-01 150600]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]

-----------------EOF-----------------

#19 Příspěvek od **motji** » 10 říj 2014 08:30

Zdravím

Stáhněte Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
-Uložte program na plochu a spusťte . Pak se zobrazí se licenční podminky - potvrďte start libovolnou klávesou.
- vytvoří se záloha a proběhne skenování.
Po skončení skenování na Vás vyběhne log (bude uložen v c:\JRT jako JRT.txt) - zkopírujte jej sem

Stáhněte AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/
-Uložte program na plochu a ukončete všechny spuštěné programy .
-spusťte AdwCleaner, klikněte na Scan a po dokončení skenu na Clean
- provede se oprava, restartuje se pc - (případně restartujte) a objeví se log C:\AdwCleaner\AdwCleaner.txt , obsah logu zkopírujte zde.

VIRY.CZ

Zavirovaný počítač

Re: Zavirovaný počítač

Re: Zavirovaný počítač

Re: Zavirovaný počítač

Re: Zavirovaný počítač