Zdravim, asi mam trojan bo daco ... antivirus mi stale pise ze sa vzialena adresa pokusila o prenik do pc.
Hlavne ked som na facebooku
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pokus o prenik do pocitaca
Moderátor: Moderátoři
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pokus o prenik do pocitaca
Také zdravím!
Dejte log RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .
Dejte log RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pokus o prenik do pocitaca
Iste, mohlo by to byt taktiez zlym nastavenim anti-viru/firewallu ?
10 pokusov o prienik za 10 sekund a vyhadzuje mi to furt.
Ked som do googlu nahadzal tie adresy tak skoro zo celeho sveta.
10 pokusov o prienik za 10 sekund a vyhadzuje mi to furt.
Ked som do googlu nahadzal tie adresy tak skoro zo celeho sveta.
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pokus o prenik do pocitaca
To není špatným nastavením, neboť AV to zablokoval. Jen je třeba zjistit, zda nemáte v PC nějakého trojana, který s něčím venku komunikuje.Dotard píše:Iste, mohlo by to byt taktiez zlym nastavenim anti-viru/firewallu ?
10 pokusov o prienik za 10 sekund a vyhadzuje mi to furt.
Ked som do googlu nahadzal tie adresy tak skoro zo celeho sveta.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pokus o prenik do pocitaca
- info.txt logfile of random's system information tool 1.09 2012-03-23 19:33:05
======Uninstall list======
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS2"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ExploitShield"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gadget"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ISP News"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure NRS"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ORSP Client"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Control"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Scanner"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
-->"C:\Program Files (x86)\Datart Antivir\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Web Filter"
-->"C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Web Link - Crush the Castle 2\Uninstall.exe"
-->MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
7-Zip 9.20 (x64 edition)-->MsiExec.exe /I{23170F69-40C1-2702-0920-000001000000}
Adobe Flash Player 11 Plugin 64-bit-->C:\Windows\system32\Macromed\Flash\FlashUtil64_11_1_102_Plugin.exe -maintain plugin
Adobe Reader X MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Agatha Christie - Peril at End House-->"C:\Program Files (x86)\HP Games\Agatha Christie - Peril at End House\Uninstall.exe"
ATI Catalyst Install Manager-->msiexec /q/x{9A11B072-9CE7-ABB9-2F65-EC971A7B839D} REBOOT=ReallySuppress
AuthenTec TrueAPI-->MsiExec.exe /X{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}
Bejeweled 2 Deluxe-->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
Bejeweled 3-->"C:\Program Files (x86)\HP Games\Bejeweled 3\Uninstall.exe"
Blackhawk Striker 2-->"C:\Program Files (x86)\HP Games\Blackhawk Striker 2\Uninstall.exe"
Blasterball 3-->"C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe"
Borderlands-->"C:\Program Files (x86)\2K Games\Gearbox Software\Borderlands GOTY Edition\unins000.exe"
Bounce Symphony-->"C:\Program Files (x86)\HP Games\Bounce Symphony\Uninstall.exe"
Broadcom 2070 Bluetooth 3.0-->MsiExec.exe /X{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}
Broadcom 802.11 Wireless LAN Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
Build-a-lot 2-->"C:\Program Files (x86)\HP Games\Build-a-lot 2\Uninstall.exe"
Cake Mania-->"C:\Program Files (x86)\HP Games\Cake Mania\Uninstall.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{949D6B51-10E8-4CD4-A81E-064E38240415}
CompCare Internet Security-->"C:\Program Files (x86)\Datart Antivir\FSGUI\PostInstall.exe" /tUnInstall
CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Diablo III Beta-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\Diablo III Beta (2)\Uninstall.exe
Diner Dash 2 Restaurant Rescue-->"C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
DOOM 3: Resurrection of Evil-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{04347DFD-87B6-4E30-B14D-5DF2888AD8F5} /l2057
Doom 3-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{FB6908C2-2138-4D6E-9CAF-11D7AE6C3909} /l2057 /x
Dora's World Adventure-->"C:\Program Files (x86)\HP Games\Dora's World Adventure\Uninstall.exe"
Energy Star Digital Logo-->MsiExec.exe /I{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}
ESU for Microsoft Windows 7-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
Evernote v. 4.2.2-->MsiExec.exe /X{F761359C-9CED-45AE-9A51-9D6605CD55C4}
Farm Frenzy-->"C:\Program Files (x86)\HP Games\Farm Frenzy\Uninstall.exe"
FATE - The Traitor Soul-->"C:\Program Files (x86)\HP Games\FATE - The Traitor Soul\Uninstall.exe"
Final Drive Nitro-->"C:\Program Files (x86)\HP Games\Final Drive Nitro\Uninstall.exe"
F-Secure PSC Prerequisites-->MsiExec.exe /I{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}
Hewlett-Packard ACLM.NET v1.1.2.0-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F}
HP 3D DriveGuard-->MsiExec.exe /X{1157C464-E5CC-4CAC-930F-105470098EE1}
HP Auto-->MsiExec.exe /I{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
HP Client Services-->MsiExec.exe /I{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}
HP Connection Manager-->MsiExec.exe /X{5E63C0AB-19B0-47D4-842E-6B324EB0614B}
HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
HP Documentation-->MsiExec.exe /X{3C5AB11A-2DDB-49E6-9FC0-CFD88A7DDFE4}
HP DVB-T TV Tuner 8.0.64.43-->C:\Program Files (x86)\HP\HP DVB-T TV Tuner\uninst.exe
HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe"
HP On Screen Display-->MsiExec.exe /I{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}
HP Power Manager-->MsiExec.exe /I{872B1C80-38EC-4A31-A25C-980820593900}
HP Quick Launch-->MsiExec.exe /I{00A42832-B21A-4296-B5F4-D296D0BC4A3E}
HP Setup Manager-->MsiExec.exe /I{AE856388-AFAD-4753-81DF-D96B19D0A17C}
HP Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{210A03F5-B2ED-4947-B27E-516F50CBB292}\setup.exe" -l0x9 -removeonly
HP SimplePass 2011-->MsiExec.exe /X{BCFAA37D-A6DB-43BF-A351-43F183E52D07}
HP Software Framework-->MsiExec.exe /X{24584BB7-0D2D-4A04-81B7-393C8CB87498}
HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe" -runfromtemp -l0x0409 -removeonly
Chuzzle Deluxe-->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe"
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly
Intel(R) Display Audio Driver-->C:\Program Files (x86)\Intel\Intel(R) Display Audio Driver\Uninstall\setup.exe -uninstall
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Java(TM) 6 Update 24 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416024FF}
Java(TM) 6 Update 30-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216024FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe
Mah Jong Medley-->"C:\Program Files (x86)\HP Games\Mah Jong Medley\Uninstall.exe"
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Mozilla Firefox 10.0.2 (x86 en-US)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Mumble 1.2.3-->MsiExec.exe /I{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}
Mystery P.I. - Stolen in San Francisco-->"C:\Program Files (x86)\HP Games\Mystery P.I. - Stolen in San Francisco\Uninstall.exe"
Namco All-Stars PAC-MAN-->"C:\Program Files (x86)\HP Games\Namco All-Stars PAC-MAN\Uninstall.exe"
NVIDIA PhysX-->MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia-->MsiExec.exe /I{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}
Penguins!-->"C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe"
Plants vs. Zombies - Game of the Year-->"C:\Program Files (x86)\HP Games\Plants vs. Zombies - Game of the Year\Uninstall.exe"
Poker Superstars III-->"C:\Program Files (x86)\HP Games\Poker Superstars III\Uninstall.exe"
Polar Bowler-->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe"
Polar Golfer-->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe"
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek PCIE Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly
Recovery Manager-->MsiExec.exe /I{DBCD5E64-7379-4648-9444-8A6558DCB614}
Renesas Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe" -runfromtemp -l0x0405 -removeonly
Renesas Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996}
Security Task Manager 1.8d-->C:\Program Files (x86)\Security Task Manager\Uninstal.exe "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Slingo Supreme-->"C:\Program Files (x86)\HP Games\Slingo Supreme\Uninstall.exe"
Synaptics Gesture Suite featuring SYNAPTICS | Scrybe-->MsiExec.exe /X{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update Installer for WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe"
Validity WBF DDK-->MsiExec.exe /X{7C54D017-21BB-43AE-9746-33E78AF4A425}
Virtual Villagers 4 - The Tree of Life-->"C:\Program Files (x86)\HP Games\Virtual Villagers 4 - The Tree of Life\Uninstall.exe"
VLC media player 2.0.0-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WildTangent Games App (HP Games)-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\hp\Uninstall.exe"
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1B8ABA62-74F0-47ED-B18C-A43128E591B8}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{D07A61E5-A59C-433C-BCBD-22025FA2287B}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger-->MsiExec.exe /X{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}
Windows Live Messenger-->MsiExec.exe /X{50300123-F8FC-4B50-B449-E847D04F1BA2}
Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources-->MsiExec.exe /I{3921492E-82D2-4180-8124-E347AD2F2DB4}
Windows Live Remote Client Resources-->MsiExec.exe /I{5F44A3A1-5D24-4708-8776-66B42B174C64}
Windows Live Remote Client Resources-->MsiExec.exe /I{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}
Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B}
Windows Live Remote Service Resources-->MsiExec.exe /I{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}
Windows Live Remote Service Resources-->MsiExec.exe /I{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}
Windows Live Remote Service Resources-->MsiExec.exe /I{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}
Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
WinRAR 4.10 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
World of Warcraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
Zuma Deluxe-->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe"
======System event log======
Computer Name: a-HP
Event Code: 10002
Message: Modul WLAN Extensibility Module sa zastavil.
Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll
Record Number: 60469
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20120211021536.253987-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: a-HP
Event Code: 219
Message: The driver \Driver\WUDFRd failed to load for the device USB\VID_138A&PID_0018\c217cf683b08.
Record Number: 58896
Source Name: Microsoft-Windows-Kernel-PnP
Time Written: 20120210141042.201618-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: a-HP
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.
Record Number: 58870
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20120210000915.963995-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: a-HP
Event Code: 10002
Message: Modul WLAN Extensibility Module sa zastavil.
Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll
Record Number: 58869
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20120210000915.963995-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: a-HP
Event Code: 1014
Message: Name resolution for the name ocsp.verisign.com timed out after none of the configured DNS servers responded.
Record Number: 58681
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20120209201708.659645-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE
=====Application event log=====
Computer Name: a-HP
Event Code: 16398
Message: ATI EEU failed to post message to CCC
Record Number: 1814
Source Name: ATIeRecord
Time Written: 20120115110205.000000-000
Event Type: Error
User:
Computer Name: a-HP
Event Code: 513
Message: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.
System Error:
Systém nemôže nájsť zadaný súbor.
.
Record Number: 1809
Source Name: Microsoft-Windows-CAPI2
Time Written: 20120115110016.030101-000
Event Type: Error
User:
Computer Name: a-HP
Event Code: 513
Message: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.
System Error:
Systém nemôže nájsť zadaný súbor.
.
Record Number: 1808
Source Name: Microsoft-Windows-CAPI2
Time Written: 20120115110016.030101-000
Event Type: Error
User:
Computer Name: a-HP
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 1490
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20120115090232.235115-000
Event Type: Error
User: NT AUTHORITY\SYSTEM
Computer Name: a-HP
Event Code: 4107
Message: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.
Record Number: 1422
Source Name: Microsoft-Windows-CAPI2
Time Written: 20120115080452.234699-000
Event Type: Error
User:
=====Security event log=====
Computer Name: a-HP
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 904
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120115080457.710309-000
Event Type: Audit Success
User:
Computer Name: a-HP
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: WIN-KTTKQ9M31SU$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x298
Process Name: C:\Windows\System32\services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 903
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120115080457.710309-000
Event Type: Audit Success
User:
Computer Name: a-HP
Event Code: 4905
Message: An attempt was made to unregister a security event source.
Subject
Security ID: S-1-5-18
Account Name: WIN-KTTKQ9M31SU$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Process:
Process ID: 0x1140
Process Name: C:\Windows\System32\VSSVC.exe
Event Source:
Source Name: VSSAudit
Event Source ID: 0xd9ab5
Record Number: 902
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120115080426.104654-000
Event Type: Audit Success
User:
Computer Name: a-HP
Event Code: 4904
Message: An attempt was made to register a security event source.
Subject :
Security ID: S-1-5-18
Account Name: WIN-KTTKQ9M31SU$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Process:
Process ID: 0x1140
Process Name: C:\Windows\System32\VSSVC.exe
Event Source:
Source Name: VSSAudit
Event Source ID: 0xd9ab5
Record Number: 901
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120115080426.104654-000
Event Type: Audit Success
User:
Computer Name: a-HP
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-2612745644-2218735099-4189180592-1000
Account Name: a
Domain Name: a-HP
Logon ID: 0x57826
Record Number: 900
Source Name: Microsoft-Windows-Eventlog
Time Written: 20120115080418.304640-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\HP SimplePass 2011\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Broadcom\Broadcom 802.11\Driver;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=8
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"OnlineServices"=Online Services
"Platform"=MCD
"PCBRAND"=Pavilion
-----------------EOF-----------------
Re: pokus o prenik do pocitaca
- Logfile of random's system information tool 1.09 (written by random/random)
Run by Oto at 2012-03-23 19:32:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 816 GB (87%) free of 935 GB
Total RAM: 8140 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:33:02, on 23. 3. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Datart Antivir\Common\FSM32.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\ProgramData\Battle.net\Agent\Agent.749\Agent.exe
C:\ProgramData\Battle.net\Client\Blizzard Launcher.1364\Blizzard Launcher.exe
C:\Program Files\trend micro\Oto.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\Datart Antivir\NRS\iescript\baselitmus.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Datart Antivir\NRS\iescript\baselitmus.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Datart Antivir\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\Datart Antivir\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Scrybe.lnk = ?
O8 - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\Datart Antivir\Anti-Virus\fsgk32st.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\Datart Antivir\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files (x86)\Datart Antivir\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Datart Antivir\ORSP Client\fsorsp.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Aktualizačný program Scrybe Updater (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12946 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
atieclxx
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a45571f3-531d-40d9-b8c7-9883456c1b50 -SystemEventPortName:HostProcess-11fd8608-940e-4296-aef0-db05b1bbbd24 -IoCancelEventPortName:HostProcess-e593b04d-d35f-4901-966e-2c792a617a84 -NonStateChangingEventPortName:HostProcess-cdbafa56-d015-4a9e-a629-0a442bb2db0b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4b8ef0f8-cf84-40be-81ee-cc66f1c2be82
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 20063408
\??\C:\Windows\system32\conhost.exe "-848564841-34987390520144202431792186011735062232-1615446685-6166829282003972129
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files (x86)\Datart Antivir\Anti-Virus\fsgk32st.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Datart Antivir\Anti-Virus\FSGK32.EXE" /service /stopevent=192 /ipcexch=208
"C:\Program Files (x86)\Datart Antivir\Common\FSMA32.EXE"
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
oid 1.3.6.1.4.1.2213.11.1.27 HosterGroupType 0
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe"
oid 1.3.6.1.4.1.2213.11.1.27.64 HosterGroupType 0
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
WLIDSvcM.exe 2764
"C:\Program Files (x86)\Datart Antivir\FWES\Program\fsdfwd.exe"
"C:\Program Files (x86)\Datart Antivir\ORSP Client\fsorsp.exe"
"C:\Program Files (x86)\Datart Antivir\Anti-Virus\fssm32.exe" 3 680 672 688
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Datart Antivir\Anti-Virus\fsav32.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files (x86)\Datart Antivir\Common\FSM32.EXE" /splash
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Datart Antivir\Spam Control\fsscoepl_x64.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
taskeng.exe {C07A4641-955B-4E41-878F-75AA5ECAC173}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
-Minimized
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Connection Manager</Title><Text>Wi-Fi: Vypnuté
Bluetooth®: Vypnuté
Sieť LAN: Pripojené</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe</IconPath><ID>1</ID><Path>C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe</Path><Parameters>OpenMainWindow</Parameters></Toast></hpNotification>"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\ProgramData\Battle.net\Agent\Agent.749\Agent.exe" --locale=enGB
\??\C:\Windows\system32\conhost.exe "1416324692-185740007893486417-1264716573300635965419539667-1045503989-234999434
"C:\ProgramData\Battle.net\Client\Blizzard Launcher.1364\Blizzard Launcher.exe" "--gamepath=C:\Program Files (x86)\Diablo III Beta" --game=diablo3_beta_engb
"C:\Users\Oto\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\HPCeeScheduleForA-HP$.job
C:\Windows\tasks\HPCeeScheduleForOto.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Oto\AppData\Roaming\Mozilla\Firefox\Profiles\2heaye7k.default
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 2786678&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
websitelogon@truesuite.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
amazondotcom.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml
C:\Users\Oto\AppData\Roaming\Mozilla\Firefox\Profiles\2heaye7k.default\extensions\
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-17 1744200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-07 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-11-10 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-17 1596232]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}]
Browsing Protection Class - C:\Program Files (x86)\Datart Antivir\NRS\iescript\baselitmus.dll [2011-01-05 541352]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files (x86)\Datart Antivir\NRS\iescript\baselitmus.dll [2011-01-05 541352]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-03-11 1128448]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-31 2735400]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-15 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-15 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-15 416024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-13 283160]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-08 336384]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-03-16 61112]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-01-27 318520]
"F-Secure Manager"=C:\Program Files (x86)\Datart Antivir\Common\FSM32.EXE [2011-01-05 201384]
"F-Secure TNB"=C:\Program Files (x86)\Datart Antivir\FSGUI\TNBUtil.exe [2011-01-05 1655464]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-06-14 103992]
""= []
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-02-15 577408]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Scrybe.lnk - C:\Windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-15 385024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-07 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=0
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2012-03-23 19:32:57 ----D---- C:\rsit
2012-03-23 19:32:57 ----D---- C:\Program Files\trend micro
2012-03-23 18:16:27 ----D---- C:\Program Files (x86)\Diablo III Beta
2012-03-23 18:11:55 ----D---- C:\ProgramData\Battle.net
2012-03-15 03:02:43 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-03-15 03:02:42 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-03-15 03:02:42 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-03-14 19:30:37 ----A---- C:\Windows\system32\win32k.sys
2012-03-14 19:30:35 ----A---- C:\Windows\system32\DWrite.dll
2012-03-14 19:30:34 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-03-14 14:31:02 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-03-14 14:31:02 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-14 14:31:02 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-14 14:31:02 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-14 14:30:59 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-14 14:30:58 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-14 14:30:58 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-14 04:25:01 ----RHD---- C:\Users\Oto\AppData\Roaming\SecuROM
2012-03-14 04:25:00 ----A---- C:\Windows\SYSWOW64\UAService7.exe
2012-03-14 03:22:57 ----D---- C:\Windows\SYSWOW64\AGEIA
2012-03-14 03:22:57 ----D---- C:\Program Files (x86)\AGEIA Technologies
2012-03-14 03:22:09 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2012-03-14 03:22:09 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2012-03-14 03:22:09 ----A---- C:\Windows\system32\XAudio2_7.dll
2012-03-14 03:22:09 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2012-03-14 03:22:07 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2012-03-14 03:22:07 ----A---- C:\Windows\system32\xactengine3_7.dll
2012-03-14 03:22:06 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2012-03-14 03:22:06 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2012-03-14 03:22:04 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2012-03-14 03:22:04 ----A---- C:\Windows\system32\d3dcsx_43.dll
2012-03-14 03:22:03 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2012-03-14 03:22:03 ----A---- C:\Windows\system32\d3dx11_43.dll
2012-03-14 03:22:02 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2012-03-14 03:22:02 ----A---- C:\Windows\system32\d3dx10_43.dll
2012-03-14 03:22:01 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2012-03-14 03:22:01 ----A---- C:\Windows\system32\D3DX9_43.dll
2012-03-14 03:21:59 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2012-03-14 03:21:59 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2012-03-14 03:21:59 ----A---- C:\Windows\system32\XAudio2_6.dll
2012-03-14 03:21:59 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2012-03-14 03:21:57 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2012-03-14 03:21:57 ----A---- C:\Windows\system32\xactengine3_6.dll
2012-03-14 03:21:56 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2012-03-14 03:21:56 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2012-03-14 03:21:54 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2012-03-14 03:21:54 ----A---- C:\Windows\system32\XAudio2_5.dll
2012-03-14 03:21:53 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2012-03-14 03:21:53 ----A---- C:\Windows\system32\xactengine3_5.dll
2012-03-14 03:21:51 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2012-03-14 03:21:51 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2012-03-14 03:21:50 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2012-03-14 03:21:50 ----A---- C:\Windows\system32\d3dcsx_42.dll
2012-03-14 03:21:49 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2012-03-14 03:21:49 ----A---- C:\Windows\system32\d3dx11_42.dll
2012-03-14 03:21:48 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2012-03-14 03:21:48 ----A---- C:\Windows\system32\d3dx10_42.dll
2012-03-14 03:21:47 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2012-03-14 03:21:47 ----A---- C:\Windows\system32\D3DX9_42.dll
2012-03-14 03:21:45 ----A---- C:\Windows\system32\d3dx10_41.dll
2012-03-14 03:21:45 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2012-03-14 03:21:44 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2012-03-14 03:21:44 ----A---- C:\Windows\system32\D3DX9_41.dll
2012-03-14 03:21:42 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2012-03-14 03:21:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2012-03-14 03:21:42 ----A---- C:\Windows\system32\XAudio2_4.dll
2012-03-14 03:21:42 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2012-03-14 03:21:41 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2012-03-14 03:21:41 ----A---- C:\Windows\system32\xactengine3_4.dll
2012-03-14 03:21:40 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2012-03-14 03:21:40 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2012-03-14 03:21:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2012-03-14 03:21:39 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-03-14 03:21:38 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2012-03-14 03:21:38 ----A---- C:\Windows\system32\d3dx10_40.dll
2012-03-14 03:21:37 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2012-03-14 03:21:37 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-03-14 03:21:35 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2012-03-14 03:21:35 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2012-03-14 03:21:35 ----A---- C:\Windows\system32\XAudio2_3.dll
2012-03-14 03:21:35 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2012-03-14 03:21:33 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2012-03-14 03:21:33 ----A---- C:\Windows\system32\xactengine3_3.dll
2012-03-14 03:21:32 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2012-03-14 03:21:32 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2012-03-14 03:21:31 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2012-03-14 03:21:31 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2012-03-14 03:21:31 ----A---- C:\Windows\system32\XAudio2_2.dll
2012-03-14 03:21:31 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2012-03-14 03:21:29 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2012-03-14 03:21:29 ----A---- C:\Windows\system32\xactengine3_2.dll
2012-03-14 03:21:27 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2012-03-14 03:21:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2012-03-14 03:21:27 ----A---- C:\Windows\system32\d3dx10_39.dll
2012-03-14 03:21:27 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2012-03-14 03:21:25 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2012-03-14 03:21:25 ----A---- C:\Windows\system32\D3DX9_39.dll
2012-03-14 03:21:24 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2012-03-14 03:21:24 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2012-03-14 03:21:24 ----A---- C:\Windows\system32\XAudio2_1.dll
2012-03-14 03:21:24 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2012-03-14 03:21:22 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2012-03-14 03:21:22 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2012-03-14 03:21:22 ----A---- C:\Windows\system32\xactengine3_1.dll
2012-03-14 03:21:22 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2012-03-14 03:21:20 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2012-03-14 03:21:20 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2012-03-14 03:21:20 ----A---- C:\Windows\system32\d3dx10_38.dll
2012-03-14 03:21:20 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2012-03-14 03:21:18 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2012-03-14 03:21:18 ----A---- C:\Windows\system32\D3DX9_38.dll
2012-03-14 03:21:17 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2012-03-14 03:21:17 ----A---- C:\Windows\system32\XAudio2_0.dll
2012-03-14 03:21:16 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2012-03-14 03:21:16 ----A---- C:\Windows\system32\xactengine3_0.dll
2012-03-14 03:21:15 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2012-03-14 03:21:15 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2012-03-14 03:21:14 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2012-03-14 03:21:14 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2012-03-14 03:21:14 ----A---- C:\Windows\system32\d3dx10_37.dll
2012-03-14 03:21:14 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2012-03-14 03:21:12 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2012-03-14 03:21:12 ----A---- C:\Windows\system32\D3DX9_37.dll
2012-03-14 03:21:10 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2012-03-14 03:21:10 ----A---- C:\Windows\system32\xactengine2_10.dll
2012-03-14 03:21:08 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2012-03-14 03:21:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2012-03-14 03:21:08 ----A---- C:\Windows\system32\d3dx10_36.dll
2012-03-14 03:21:08 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2012-03-14 03:21:06 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2012-03-14 03:21:06 ----A---- C:\Windows\system32\d3dx9_36.dll
2012-03-14 03:21:05 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2012-03-14 03:21:05 ----A---- C:\Windows\system32\xactengine2_9.dll
2012-03-14 03:21:01 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2012-03-14 03:21:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2012-03-14 03:21:01 ----A---- C:\Windows\system32\d3dx10_35.dll
2012-03-14 03:21:01 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2012-03-14 03:21:00 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2012-03-14 03:21:00 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-03-14 03:20:58 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2012-03-14 03:20:58 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2012-03-14 03:20:58 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-03-14 03:20:58 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2012-03-14 03:20:56 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2012-03-14 03:20:56 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2012-03-14 03:20:56 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-03-14 03:20:56 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-03-14 03:20:55 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2012-03-14 03:20:55 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-03-14 03:20:54 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2012-03-14 03:20:54 ----A---- C:\Windows\system32\xinput1_3.dll
2012-03-14 03:20:53 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2012-03-14 03:20:53 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-03-14 03:20:51 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2012-03-14 03:20:51 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2012-03-14 03:20:51 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-03-14 03:20:51 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-03-14 03:20:50 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2012-03-14 03:20:50 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-03-14 03:20:48 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2012-03-14 03:20:48 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-03-14 03:20:47 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2012-03-14 03:20:47 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-03-14 03:20:46 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2012-03-14 03:20:46 ----A---- C:\Windows\system32\d3dx10.dll
2012-03-14 03:20:41 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2012-03-14 03:20:41 ----A---- C:\Windows\system32\d3dx9_32.dll
2012-03-14 03:20:39 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2012-03-14 03:20:39 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2012-03-14 03:20:39 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-03-14 03:20:39 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-03-14 03:20:37 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2012-03-14 03:20:37 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-03-14 03:20:36 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2012-03-14 03:20:36 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-03-14 03:20:34 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2012-03-14 03:20:34 ----A---- C:\Windows\system32\xinput1_2.dll
2012-03-14 03:20:33 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2012-03-14 03:20:33 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-03-14 03:20:32 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2012-03-14 03:20:32 ----A---- C:\Windows\system32\xinput1_1.dll
2012-03-14 03:20:29 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2012-03-14 03:20:29 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-03-14 03:20:20 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2012-03-14 03:20:20 ----A---- C:\Windows\system32\d3dx9_30.dll
2012-03-14 03:20:17 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2012-03-14 03:20:17 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2012-03-14 03:20:17 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-03-14 03:20:17 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-03-14 03:20:15 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2012-03-14 03:20:15 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-03-14 03:20:13 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2012-03-14 03:20:13 ----A---- C:\Windows\system32\d3dx9_28.dll
2012-03-14 03:20:10 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2012-03-14 03:20:10 ----A---- C:\Windows\system32\d3dx9_27.dll
2012-03-14 03:20:08 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2012-03-14 03:20:08 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-03-14 03:20:06 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2012-03-14 03:20:06 ----A---- C:\Windows\system32\d3dx9_25.dll
2012-03-14 03:20:04 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2012-03-14 03:20:04 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-03-14 03:01:08 ----D---- C:\Program Files (x86)\2K Games
2012-03-14 02:58:21 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2012-03-14 02:58:16 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2012-03-06 23:27:42 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-03-04 19:11:34 ----D---- C:\Users\Oto\AppData\Roaming\vlc
2012-03-04 19:10:39 ----D---- C:\Program Files (x86)\VideoLAN
2012-02-24 16:49:33 ----D---- C:\Windows\system32\Macromed
2012-02-18 14:56:07 ----D---- C:\Users\Oto\AppData\Roaming\Mumble
2012-02-18 14:55:14 ----D---- C:\Program Files (x86)\Mumble
2012-02-18 02:20:41 ----D---- C:\Program Files\7-Zip
2012-02-16 01:12:33 ----D---- C:\9cabeea22ee7b70596e31db5cb
2012-02-16 01:09:03 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-02-16 01:09:03 ----A---- C:\Windows\system32\mshtmled.dll
2012-02-16 01:09:02 ----A---- C:\Windows\SYSWOW64\url.dll
2012-02-16 01:09:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-02-16 01:09:02 ----A---- C:\Windows\system32\jscript9.dll
2012-02-16 01:09:02 ----A---- C:\Windows\system32\iertutil.dll
2012-02-16 01:09:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-02-16 01:09:01 ----A---- C:\Windows\system32\url.dll
2012-02-16 01:09:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-02-16 01:09:00 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-02-16 01:09:00 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-02-16 01:09:00 ----A---- C:\Windows\system32\urlmon.dll
2012-02-16 01:09:00 ----A---- C:\Windows\system32\jscript.dll
2012-02-16 01:09:00 ----A---- C:\Windows\system32\ieui.dll
2012-02-16 01:08:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-02-16 01:08:59 ----A---- C:\Windows\system32\wininet.dll
2012-02-16 01:08:59 ----A---- C:\Windows\system32\jsproxy.dll
2012-02-16 01:08:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-02-16 01:08:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-02-16 01:08:57 ----A---- C:\Windows\system32\mshtml.dll
2012-02-16 01:08:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-02-16 01:08:55 ----A---- C:\Windows\system32\ieframe.dll
2012-02-15 15:09:39 ----A---- C:\Windows\system32\shell32.dll
2012-02-15 15:09:36 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-02-15 15:09:35 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-02-15 15:09:35 ----A---- C:\Windows\system32\ntshrui.dll
2012-02-15 15:09:27 ----A---- C:\Windows\system32\drivers\afd.sys
2012-02-15 15:09:11 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-02-15 15:09:11 ----A---- C:\Windows\system32\msvcrt.dll
2012-02-15 12:58:02 ----A---- C:\Windows\SYSWOW64\msvcr100.dll
2012-02-15 12:58:00 ----A---- C:\Windows\SYSWOW64\msvcp100.dll
2012-01-26 19:04:05 ----D---- C:\ProgramData\SecTaskMan
2012-01-26 19:04:01 ----D---- C:\Program Files (x86)\Security Task Manager
2012-01-26 01:53:50 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2012-01-26 01:43:36 ----D---- C:\Windows\Minidump
2012-01-26 00:48:11 ----D---- C:\HP_TOOLS_mountHPSF
2012-01-26 00:47:33 ----D---- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-01-25 21:16:33 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-01-25 21:16:33 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-01-25 21:16:33 ----A---- C:\Windows\SYSWOW64\java.exe
2012-01-24 14:56:36 ----D---- C:\Windows\Sun
2012-01-23 20:15:05 ----D---- C:\Users\Oto\AppData\Roaming\Hewlett-Packard
2012-01-23 16:02:25 ----D---- C:\Program Files (x86)\Synaptics
2012-01-23 16:02:15 ----A---- C:\Windows\SYSWOW64\SynTPEnhPS.dll
2012-01-23 16:02:15 ----A---- C:\Windows\SYSWOW64\SynTPCOM.dll
2012-01-23 16:02:15 ----A---- C:\Windows\SYSWOW64\SynCtrl.dll
2012-01-23 16:02:15 ----A---- C:\Windows\SYSWOW64\SynCOM.dll
2012-01-23 16:02:15 ----A---- C:\Windows\system32\SynTPAPI.dll
2012-01-23 16:02:15 ----A---- C:\Windows\system32\SynCtrl.dll
2012-01-23 16:02:15 ----A---- C:\Windows\system32\drivers\SynTP.sys
2012-01-23 15:10:02 ----D---- C:\Users\Oto\AppData\Roaming\WinRAR
2012-01-23 15:09:32 ----D---- C:\Program Files\WinRAR
2012-01-23 14:16:29 ----A---- C:\Windows\d3xp.ini
2012-01-23 14:10:33 ----A---- C:\Windows\doom3.ini
2012-01-23 14:06:41 ----D---- C:\Program Files (x86)\DOOM 3
2012-01-19 16:55:44 ----D---- C:\Program Files\ATI Technologies
2012-01-19 16:04:03 ----D---- C:\AMD
2012-01-19 15:41:21 ----D---- C:\ProgramData\UAB
2012-01-19 15:40:50 ----D---- C:\ProgramData\PC Drivers HeadQuarters
2012-01-19 15:39:10 ----D---- C:\Program Files (x86)\PC Drivers HeadQuarters
2012-01-19 15:27:19 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-01-19 15:27:19 ----A---- C:\Windows\system32\schannel.dll
2012-01-19 15:27:19 ----A---- C:\Windows\system32\lsasrv.dll
2012-01-19 15:27:19 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-01-19 15:27:18 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-01-19 15:27:18 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-01-19 15:27:18 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-01-19 15:27:18 ----A---- C:\Windows\system32\webio.dll
2012-01-19 15:27:18 ----A---- C:\Windows\system32\sspisrv.dll
2012-01-19 15:27:18 ----A---- C:\Windows\system32\sspicli.dll
2012-01-19 15:27:18 ----A---- C:\Windows\system32\secur32.dll
2012-01-19 15:27:18 ----A---- C:\Windows\system32\lsass.exe
2012-01-19 15:27:18 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-01-19 15:27:18 ----A---- C:\Windows\system32\drivers\cng.sys
2012-01-18 23:22:35 ----D---- C:\0c84f013295f31033dd458c587
2012-01-18 21:33:46 ----A---- C:\Windows\Doom 3 Uninstall Log.txt
2012-01-18 20:56:03 ----D---- C:\Windows\Doom 3
2012-01-18 20:51:07 ----D---- C:\Users\Oto\AppData\Roaming\DAEMON Tools Lite
2012-01-18 20:50:56 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-01-18 20:21:47 ----D---- C:\Program Files (x86)\Conduit
2012-01-18 20:19:00 ----D---- C:\Program Files (x86)\uTorrent
2012-01-18 20:18:13 ----D---- C:\Users\Oto\AppData\Roaming\uTorrent
2012-01-18 17:23:01 ----D---- C:\ProgramData\Blizzard Entertainment
2012-01-18 17:13:30 ----A---- C:\Windows\WinInit.Ini
2012-01-18 14:57:06 ----D---- C:\ProgramData\Blizzard
2012-01-18 13:47:25 ----A---- C:\Windows\system32\drivers\bthport.sys
2012-01-18 13:47:24 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2012-01-18 13:46:35 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-01-18 13:44:31 ----D---- C:\Windows\SYSWOW64\Wat
2012-01-18 13:44:30 ----D---- C:\Windows\system32\Wat
2012-01-18 13:26:01 ----A---- C:\Windows\system32\MRT.exe
2012-01-18 13:23:40 ----D---- C:\Users\Oto\AppData\Roaming\Mozilla
2012-01-18 13:22:07 ----A---- C:\Windows\system32\tquery.dll
2012-01-18 13:22:06 ----A---- C:\Windows\SYSWOW64\tquery.dll
2012-01-18 13:22:06 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2012-01-18 13:22:06 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2012-01-18 13:22:06 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2012-01-18 13:22:06 ----A---- C:\Windows\SYSWOW64\mssph.dll
2012-01-18 13:22:06 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2012-01-18 13:22:06 ----A---- C:\Windows\system32\SearchIndexer.exe
2012-01-18 13:22:06 ----A---- C:\Windows\system32\SearchFilterHost.exe
2012-01-18 13:22:06 ----A---- C:\Windows\system32\mssvp.dll
2012-01-18 13:22:06 ----A---- C:\Windows\system32\mssrch.dll
2012-01-18 13:22:06 ----A---- C:\Windows\system32\mssph.dll
2012-01-18 13:22:05 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2012-01-18 13:22:05 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2012-01-18 13:22:05 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2012-01-18 13:22:05 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2012-01-18 13:22:05 ----A---- C:\Windows\system32\mssphtb.dll
2012-01-18 13:22:05 ----A---- C:\Windows\system32\msscntrs.dll
2012-01-18 13:22:03 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2012-01-18 13:22:03 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2012-01-18 13:22:03 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2012-01-18 13:22:03 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2012-01-18 13:22:03 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2012-01-18 13:22:03 ----A---- C:\Windows\system32\odbctrac.dll
2012-01-18 13:22:03 ----A---- C:\Windows\system32\odbccu32.dll
2012-01-18 13:22:03 ----A---- C:\Windows\system32\odbccr32.dll
2012-01-18 13:22:03 ----A---- C:\Windows\system32\odbccp32.dll
2012-01-18 13:21:55 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2012-01-18 13:21:55 ----A---- C:\Windows\system32\xmllite.dll
2012-01-18 13:21:51 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-01-18 13:21:51 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-01-18 13:21:51 ----A---- C:\Windows\system32\quartz.dll
2012-01-18 13:21:50 ----A---- C:\Windows\system32\qdvd.dll
2012-01-18 13:21:49 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2012-01-18 13:21:45 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2012-01-18 13:21:45 ----A---- C:\Windows\system32\poqexec.exe
2012-01-18 13:21:43 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-01-18 13:21:42 ----A---- C:\Windows\system32\csrsrv.dll
2012-01-18 13:21:41 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2012-01-18 13:21:41 ----A---- C:\Windows\system32\XpsPrint.dll
2012-01-18 13:21:22 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2012-01-18 13:21:22 ----A---- C:\Windows\system32\psisdecd.dll
2012-01-18 13:21:06 ----A---- C:\Windows\system32\KernelBase.dll
2012-01-18 13:21:06 ----A---- C:\Windows\system32\kernel32.dll
2012-01-18 13:21:05 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-01-18 13:21:05 ----A---- C:\Windows\system32\wow64win.dll
2012-01-18 13:21:05 ----A---- C:\Windows\system32\winsrv.dll
2012-01-18 13:21:05 ----A---- C:\Windows\system32\conhost.exe
2012-01-18 13:21:04 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-01-18 13:21:04 ----A---- C:\Windows\system32\wow64.dll
2012-01-18 13:21:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-01-18 13:21:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-01-18 13:21:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-01-18 13:21:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-01-18 13:21:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-01-18 13:21:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-01-18 13:21:03 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-01-18 13:21:03 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-01-18 13:21:03 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-01-18 13:21:03 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-01-18 13:21:03 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-01-18 13:21:03 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-01-18 13:21:03 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-01-18 13:21:03 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-01-18 13:21:03 ----A---- C:\Windows\system32\wow64cpu.dll
2012-01-18 13:21:03 ----A---- C:\Windows\system32\ntvdm64.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-01-18 13:21:02 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-01-18 13:21:01 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-01-18 13:21:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-01-18 13:21:00 ----A---- C:\Windows\SYSWOW64\user.exe
2012-01-18 13:20:02 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2012-01-18 13:20:02 ----A---- C:\Windows\SYSWOW64\devobj.dll
2012-01-18 13:20:02 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2012-01-18 13:20:02 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-01-18 13:20:01 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2012-01-18 13:19:09 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-01-18 13:19:09 ----A---- C:\Windows\system32\tzres.dll
2012-01-18 13:18:59 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2012-01-18 13:18:59 ----A---- C:\Windows\system32\EncDec.dll
2012-01-18 13:18:58 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2012-01-18 13:18:58 ----A---- C:\Windows\system32\oleacc.dll
2012-01-18 13:18:57 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2012-01-18 13:18:57 ----A---- C:\Windows\system32\oleaut32.dll
2012-01-18 13:18:55 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-01-18 13:18:55 ----A---- C:\Windows\system32\ntdll.dll
2012-01-18 13:17:59 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-01-18 13:17:59 ----A---- C:\Windows\system32\packager.dll
2012-01-18 13:10:14 ----D---- C:\Users\Oto\AppData\Roaming\Macromedia
2012-01-18 13:10:13 ----D---- C:\Users\Oto\AppData\Roaming\Adobe
2012-01-17 20:35:27 ----D---- C:\Users\Oto\AppData\Roaming\F-Secure
2012-01-17 20:22:18 ----D---- C:\Users\Oto\AppData\Roaming\IDT
2012-01-17 20:07:04 ----D---- C:\ProgramData\Synaptics
2012-01-17 20:01:25 ----D---- C:\Users\Oto\AppData\Roaming\ATI
2012-01-17 20:00:25 ----D---- C:\Users\Oto\AppData\Roaming\Synaptics
2012-01-17 20:00:25 ----D---- C:\Users\Oto\AppData\Roaming\Intel Corporation
2012-01-17 20:00:25 ----D---- C:\Users\Oto\AppData\Roaming\hpqLog
2012-01-17 20:00:07 ----D---- C:\Users\Oto\AppData\Roaming\Identities
2012-01-17 20:00:01 ----SD---- C:\Users\Oto\AppData\Roaming\Microsoft
2012-01-17 20:00:01 ----D---- C:\Users\Oto\AppData\Roaming\Media Center Programs
2012-01-17 18:28:06 ----A---- C:\Windows\SYSWOW64\msvcp50.dll
2012-01-15 12:01:22 ----A---- C:\Windows\SYSWOW64\drivers\fsbts.sys
2012-01-15 12:01:11 ----A---- C:\Windows\system32\drivers\fses.sys
2012-01-15 12:01:09 ----A---- C:\Windows\system32\drivers\fsdfw.sys
2012-01-15 12:01:02 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-01-15 12:00:41 ----D---- C:\Program Files (x86)\Datart Antivir
2012-01-15 11:58:39 ----D---- C:\ProgramData\fssg
2012-01-15 11:57:17 ----D---- C:\ProgramData\f-secure
2012-01-15 10:45:55 ----AH---- C:\Windows\system32\Rebecca.dat
2012-01-15 09:02:38 ----SHD---- C:\ProgramData\Šablony
2012-01-15 09:02:38 ----SHD---- C:\ProgramData\Plocha
2012-01-15 09:02:38 ----SHD---- C:\ProgramData\Oblíbené položky
2012-01-15 09:02:38 ----SHD---- C:\ProgramData\Nabídka Start
2012-01-15 09:02:38 ----SHD---- C:\ProgramData\Dokumenty
2012-01-15 09:02:38 ----SHD---- C:\ProgramData\Data aplikací
2012-01-15 09:00:54 ----ASH---- C:\pagefile.sys
======List of files/folders modified in the last 3 months======
2012-03-23 19:33:01 ----D---- C:\Windows\Temp
2012-03-23 19:32:57 ----RD---- C:\Program Files
2012-03-23 18:16:37 ----RD---- C:\Program Files (x86)
2012-03-23 18:16:34 ----SHD---- C:\Windows\Installer
2012-03-23 18:13:19 ----D---- C:\Windows\Prefetch
2012-03-23 18:11:55 ----HD---- C:\ProgramData
2012-03-23 17:59:53 ----D---- C:\Windows\system32\config
2012-03-23 17:50:14 ----D---- C:\Windows\System32
2012-03-23 17:50:14 ----D---- C:\Windows\inf
2012-03-23 17:50:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-23 17:49:28 ----SHD---- C:\System Volume Information
2012-03-23 17:47:10 ----A---- C:\Windows\SYSWOW64\log.txt
2012-03-22 20:22:56 ----D---- C:\Windows\Tasks
2012-03-22 20:22:56 ----D---- C:\Windows\system32\Tasks
2012-03-21 20:31:30 ----RSD---- C:\Windows\assembly
2012-03-15 16:11:27 ----D---- C:\Windows\winsxs
2012-03-15 05:00:56 ----D---- C:\Windows\SysWOW64
2012-03-15 05:00:54 ----D---- C:\Windows\system32\drivers
2012-03-15 03:02:46 ----D---- C:\Windows\system32\catroot
2012-03-15 03:02:45 ----D---- C:\Windows\system32\catroot2
2012-03-14 03:23:06 ----D---- C:\Windows
2012-03-14 03:22:37 ----D---- C:\Program Files (x86)\Common Files
2012-03-14 03:20:22 ----D---- C:\Windows\Microsoft.NET
2012-03-14 02:58:52 ----D---- C:\Windows\system32\DriverStore
2012-02-29 21:12:19 ----D---- C:\Program Files (x86)\Hewlett-Packard
2012-02-29 21:11:26 ----D---- C:\SWSetup
2012-02-23 09:18:36 ----N---- C:\Windows\system32\MpSigStub.exe
2012-02-18 04:38:32 ----D---- C:\Windows\system32\NDF
2012-02-16 15:23:07 ----D---- C:\ProgramData\Hewlett-Packard
2012-02-16 15:18:42 ----D---- C:\Program Files\Internet Explorer
2012-02-16 15:18:42 ----D---- C:\Program Files (x86)\Internet Explorer
2012-02-16 15:18:41 ----D---- C:\Windows\SYSWOW64\migration
2012-02-16 15:18:40 ----D---- C:\Windows\system32\migration
2012-02-16 01:11:47 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-02-02 00:05:19 ----D---- C:\Windows\Logs
2012-01-26 10:21:21 ----D---- C:\Windows\system32\LogFiles
2012-01-26 00:52:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-01-26 00:50:11 ----D---- C:\Windows\Help
2012-01-25 21:16:20 ----D---- C:\Program Files (x86)\Java
2012-01-23 16:09:30 ----D---- C:\Windows\rescache
2012-01-23 16:06:12 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-01-23 16:06:12 ----D---- C:\Program Files (x86)\Windows Mail
2012-01-23 16:06:11 ----D---- C:\Program Files (x86)\Windows Media Player
2012-01-23 16:06:09 ----D---- C:\Program Files\Windows Sidebar
2012-01-23 16:06:09 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-01-23 16:06:09 ----D---- C:\Program Files (x86)\Windows Defender
2012-01-23 16:06:08 ----D---- C:\Program Files\Windows Mail
2012-01-23 16:06:08 ----D---- C:\Program Files\DVD Maker
2012-01-23 16:06:07 ----D---- C:\Program Files\Windows Media Player
2012-01-23 16:06:05 ----D---- C:\Program Files\Windows Photo Viewer
2012-01-23 16:06:04 ----D---- C:\Program Files\Windows Defender
2012-01-23 16:06:04 ----D---- C:\Program Files\Common Files\System
2012-01-23 16:06:00 ----D---- C:\Windows\SYSWOW64\winrm
2012-01-23 16:06:00 ----D---- C:\Windows\SYSWOW64\slmgr
2012-01-23 16:06:00 ----D---- C:\Windows\SYSWOW64\migwiz
2012-01-23 16:06:00 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-01-23 16:06:00 ----D---- C:\Windows\ehome
2012-01-23 16:05:23 ----D---- C:\Windows\SYSWOW64\WCN
2012-01-23 16:05:23 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2012-01-23 16:05:23 ----D---- C:\Windows\SYSWOW64\MUI
2012-01-23 16:05:23 ----D---- C:\Windows\SYSWOW64\DriverStore
2012-01-23 16:05:23 ----D---- C:\Windows\SYSWOW64\drivers
2012-01-23 16:05:23 ----D---- C:\Windows\SYSWOW64\Dism
2012-01-23 16:05:22 ----D---- C:\Windows\SYSWOW64\com
2012-01-23 16:05:22 ----D---- C:\Windows\IME
2012-01-23 16:05:20 ----D---- C:\Windows\system32\winrm
2012-01-23 16:05:20 ----D---- C:\Windows\system32\oobe
2012-01-23 16:05:20 ----D---- C:\Windows\system32\migwiz
2012-01-23 16:05:19 ----D---- C:\Windows\system32\sysprep
2012-01-23 16:05:19 ----D---- C:\Windows\system32\slmgr
2012-01-23 16:05:19 ----D---- C:\Windows\system32\cs-CZ
2012-01-23 16:05:19 ----D---- C:\Windows\system32\Boot
2012-01-23 16:04:43 ----D---- C:\Windows\system32\WCN
2012-01-23 16:04:43 ----D---- C:\Windows\system32\MUI
2012-01-23 16:04:43 ----D---- C:\Windows\system32\drivers\UMDF
2012-01-23 16:04:43 ----D---- C:\Windows\system32\Dism
2012-01-23 16:04:37 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2012-01-23 16:04:35 ----D---- C:\Windows\system32\com
2012-01-23 16:04:34 ----D---- C:\Windows\AppPatch
2012-01-23 16:04:13 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2012-01-23 16:04:11 ----D---- C:\Windows\SYSWOW64\en-US
2012-01-23 16:03:57 ----D---- C:\Windows\en-US
2012-01-23 16:03:56 ----D---- C:\Windows\system32\drivers\en-US
2012-01-23 16:03:54 ----D---- C:\Windows\system32\en-US
2012-01-23 16:03:40 ----D---- C:\Windows\Speech
2012-01-18 13:30:51 ----RSD---- C:\Windows\Fonts
2012-01-18 13:30:40 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-01-18 13:30:40 ----D---- C:\Windows\system32\sk-SK
2012-01-18 13:26:03 ----D---- C:\Windows\debug
2012-01-18 13:22:34 ----D---- C:\Windows\SoftwareDistribution
2012-01-18 13:08:26 ----SD---- C:\ProgramData\Microsoft
2012-01-18 13:08:26 ----D---- C:\Program Files (x86)\Microsoft
2012-01-17 20:01:20 ----RD---- C:\Users
2012-01-17 20:00:05 ----SHD---- C:\$RECYCLE.BIN
2012-01-15 12:02:59 ----D---- C:\ProgramData\Norton
2012-01-15 11:59:33 ----D---- C:\Program Files\Common Files
2012-01-15 09:05:15 ----RD---- C:\Program Files (x86)\Online Services
2012-01-15 09:03:51 ----D---- C:\Windows\system32\restore
2012-01-15 09:03:50 ----HD---- C:\SYSTEM.SAV
2012-01-15 09:03:44 ----SHD---- C:\Recovery
2012-01-15 09:03:44 ----D---- C:\Windows\system32\Recovery
2012-01-15 09:02:38 ----D---- C:\Program Files\Windows NT
2012-01-15 09:01:26 ----D---- C:\Windows\Panther
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-14 283200]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files (x86)\Datart Antivir\HIPS\drivers\fshs.sys [2011-01-05 60040]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2011-01-05 46664]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2011-01-05 94280]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files (x86)\Datart Antivir\Anti-Virus\minifilter\fsvista.sys [2011-01-05 14904]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-07 9259520]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-07 301568]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-12-10 3065408]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\Datart Antivir\Anti-Virus\minifilter\fsgk.sys [2012-01-17 198808]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-04-15 12228128]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-01-13 333928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-03-11 521728]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-31 1424944]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-07 203776]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-17 265544]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files (x86)\Datart Antivir\Anti-Virus\fsgk32st.exe [2011-01-05 221864]
R2 FSMA;FSMA; C:\Program Files (x86)\Datart Antivir\Common\FSMA32.EXE [2011-01-05 189096]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 HPAuto;HP Auto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-16 682040]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-02-15 34872]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
R2 ScrybeUpdater;Aktualizačný program Scrybe Updater; C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-05-27 1300264]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-03-11 297984]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files (x86)\Datart Antivir\FWES\Program\fsdfwd.exe [2011-01-05 846504]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files (x86)\Datart Antivir\ORSP Client\fsorsp.exe [2012-01-15 61088]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-06-14 1098296]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-09-01 991288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-18 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pokus o prenik do pocitaca
Pro jistotu ještě udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte. Log RSIT vypadá OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pokus o prenik do pocitaca
Pak by mělo být vše v pořádku.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pokus o prenik do pocitaca
Dakujem ; )
Fakt teda neviem ... je to bezne ze staci mat zapnuty internet a hned sa chcu do vasho dostat ?
Nastavil som anti-virus nech ma neinformuje o tom ked zablokoval vzdialenu adresu.
Ale vazne, skoro sa mi prehrial notebook ... stale okienka vyskakovali.
Som rad ze uz to nerobi a ze nic tu nieje, keby daco dam vediet a este raz dakujem.
Fakt teda neviem ... je to bezne ze staci mat zapnuty internet a hned sa chcu do vasho dostat ?
Nastavil som anti-virus nech ma neinformuje o tom ked zablokoval vzdialenu adresu.
Ale vazne, skoro sa mi prehrial notebook ... stale okienka vyskakovali.
Som rad ze uz to nerobi a ze nic tu nieje, keby daco dam vediet a este raz dakujem.
Re: pokus o prenik do pocitaca
EDIT: pouzivam crack na hru (Paul.dll) mozete skontrolovat ci toto moze byt ten trojan/rootkit ?
Podla MBAMU je v poriadku.
Podla MBAMU je v poriadku.
Re: pokus o prenik do pocitaca
Zdravim a omlouvam se kolegovi za vstupDotard píše:EDIT: pouzivam crack na hru (Paul.dll) mozete skontrolovat ci toto moze byt ten trojan/rootkit ?
Pravidla fora a sekce jste si racil precist
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?