Dobrý den, mám problém s výše zmíněným procesem. Při vypínání pc se sem tam stane, že se plocha rozmaže a následně pc zamrzne. Při ctrl + alt + del někdy vyskočí tato chyba: http://bykes.rajce.idnes.cz/ERROR#P7030499.jpg , po odkliknutí se pc normálně vypne. V jiných případech chyba jenom problikne a zčerná monitor. Jediné řešení je reset pc. Myslel jsem, že je to HW problém, ale po výměně desky, pamětí a CPU problém přetrvává. Systém mám teď nainstalovaný na novém SSD disku, ale starý oddíl se systémem jsem si ponechal pro případné zálohy. Předem děkuji za rady.
Log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Buraq at 2012-07-11 12:59:30
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 79 GB (69%) free of 114 GB
Total RAM: 8154 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:59:33, on 11.7.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
D:\Fraps\fraps.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
E:\Steam\Steam.exe
C:\Program Files (x86)\QIP 2012\qip.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Buraq.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Razer Nostromo Driver] C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Buraq\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [EADM] "E:\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Steam] "E:\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9772 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2d4
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {A1F3B853-45C0-443F-A885-F15047457387}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe" /AUTORUN
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
D:\Fraps\fraps.exe
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"E:\Steam\Steam.exe" -silent
"C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\Fraps\fraps64.dat"
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --extension-process --renderer-print-preview --channel="5560.1.1768917445\940269063" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.3.1691823773\1338251446" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.4.1715116414\1662214109" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.5.1560797233\1564646240" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.6.1650970968\1284978828" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.7.1862873523\1759092935" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.8.589107508\846926312" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.9.1995739373\2059798030" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.10.2121301959\484243079" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.11.586474408\1176592556" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.12.1158510415\1198853881" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.13.736578334\890579103" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.14.173203629\318955475" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.15.1405975069\542451436" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.16.787024760\1264668625" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.18.2112728585\1783622186" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.19.1268488372\524509587" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5560.20.27998588\93760389" --reduce-gpu-sandbox --disable-image-transport-surface /prefetch:12
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.21.597792683\1910240186" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.22.1536668096\1526073176" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.23.727209482\598873613" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.24.1526206228\1491444803" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.25.1259687943\1723020535" /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\Buraq\AppData\Local\Google\Chrome\APPLIC~1\200113~1.47\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Buraq\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll" --lang=cs --channel="5560.26.1580434933\1387496903" --flash-broker=5524 /prefetch:4
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --extension-process --renderer-print-preview --channel="5560.39.749577299\2040379035" /prefetch:3
"C:\Users\Buraq\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HIDDEN/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/1/Prerender/ContentPrefetchPrerender2/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5560.46.213656182\314554348" /prefetch:3
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9cd2bf72-1a41-41d8-ae86-648d8f09a4b2 -SystemEventPortName:HostProcess-d8c58cdb-eb68-403b-a0bb-4904477d0eba -IoCancelEventPortName:HostProcess-39ede6c5-c183-4ee2-8428-7cdc730a520f -NonStateChangingEventPortName:HostProcess-2eabea8d-eb4b-4911-b8ff-50a073bb90f4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d7f8ac9f-9dae-48a6-b40c-11f15c8d3c50
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Users\Buraq\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4077993609-2345425953-272445447-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4077993609-2345425953-272445447-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-03-07 1211776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-03-07 1211776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Buraq\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-28 116648]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"EADM"=E:\Origin\Origin.exe [2012-06-29 3407496]
"Steam"=E:\Steam\Steam.exe [2012-06-29 1242448]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe [2012-03-23 7351760]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-04-06 641664]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-05-11 5119600]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"Razer Nostromo Driver"=C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe [2011-07-19 978840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-07-11 12:59:30 ----D---- C:\rsit
2012-07-11 12:59:30 ----D---- C:\Program Files\trend micro
2012-07-09 21:34:44 ----D---- C:\Windows\SYSWOW64\directx
2012-07-07 21:00:12 ----D---- C:\ProgramData\media center programs
2012-07-06 21:51:57 ----D---- C:\Users\Buraq\AppData\Roaming\LolClient
2012-07-03 17:24:39 ----A---- C:\Windows\system32\browserchoice.exe
2012-06-30 19:48:07 ----D---- C:\Users\Buraq\AppData\Roaming\wargaming.net
2012-06-30 09:45:44 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-06-29 16:36:07 ----D---- C:\Users\Buraq\AppData\Roaming\vlc
2012-06-29 14:59:32 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2012-06-29 14:59:32 ----A---- C:\Windows\system32\drivers\usbport.sys
2012-06-29 14:59:32 ----A---- C:\Windows\system32\drivers\usbohci.sys
2012-06-29 14:59:32 ----A---- C:\Windows\system32\drivers\usbhub.sys
2012-06-29 14:59:32 ----A---- C:\Windows\system32\drivers\usbehci.sys
2012-06-29 14:59:32 ----A---- C:\Windows\system32\drivers\usbd.sys
2012-06-29 14:59:32 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2012-06-29 14:59:30 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2012-06-29 14:59:30 ----A---- C:\Windows\SYSWOW64\esent.dll
2012-06-29 14:59:30 ----A---- C:\Windows\system32\fsutil.exe
2012-06-29 14:59:30 ----A---- C:\Windows\system32\esent.dll
2012-06-29 14:59:30 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2012-06-29 14:59:30 ----A---- C:\Windows\system32\drivers\storport.sys
2012-06-29 14:59:30 ----A---- C:\Windows\system32\drivers\nvstor.sys
2012-06-29 14:59:30 ----A---- C:\Windows\system32\drivers\nvraid.sys
2012-06-29 14:59:30 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-06-29 14:59:30 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2012-06-29 14:59:30 ----A---- C:\Windows\system32\drivers\amdxata.sys
2012-06-29 14:59:30 ----A---- C:\Windows\system32\drivers\amdsata.sys
2012-06-29 11:15:29 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2012-06-29 11:15:29 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2012-06-29 11:15:28 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2012-06-29 10:50:18 ----D---- C:\ProgramData\PMB Files
2012-06-29 10:50:12 ----D---- C:\Program Files (x86)\Pando Networks
2012-06-29 10:35:42 ----D---- C:\ProgramData\Blizzard Entertainment
2012-06-29 10:34:53 ----D---- C:\ProgramData\Battle.net
2012-06-29 10:03:49 ----D---- C:\Program Files (x86)\Razer
2012-06-29 09:57:44 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-06-29 09:57:20 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-06-29 09:56:30 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2012-06-29 09:56:30 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2012-06-29 09:56:30 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2012-06-29 09:56:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2012-06-29 09:56:30 ----A---- C:\Windows\system32\XAudio2_7.dll
2012-06-29 09:56:30 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2012-06-29 09:56:30 ----A---- C:\Windows\system32\xactengine3_7.dll
2012-06-29 09:56:30 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2012-06-29 09:56:29 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2012-06-29 09:56:29 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2012-06-29 09:56:29 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2012-06-29 09:56:29 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2012-06-29 09:56:29 ----A---- C:\Windows\system32\D3DX9_43.dll
2012-06-29 09:56:29 ----A---- C:\Windows\system32\d3dx11_43.dll
2012-06-29 09:56:29 ----A---- C:\Windows\system32\d3dx10_43.dll
2012-06-29 09:56:29 ----A---- C:\Windows\system32\d3dcsx_43.dll
2012-06-29 09:56:28 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2012-06-29 09:56:28 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2012-06-29 09:56:28 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2012-06-29 09:56:28 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2012-06-29 09:56:28 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2012-06-29 09:56:28 ----A---- C:\Windows\system32\XAudio2_6.dll
2012-06-29 09:56:28 ----A---- C:\Windows\system32\XAudio2_5.dll
2012-06-29 09:56:28 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2012-06-29 09:56:28 ----A---- C:\Windows\system32\xactengine3_6.dll
2012-06-29 09:56:28 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2012-06-29 09:56:27 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2012-06-29 09:56:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2012-06-29 09:56:27 ----A---- C:\Windows\system32\xactengine3_5.dll
2012-06-29 09:56:27 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2012-06-29 09:56:25 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2012-06-29 09:56:25 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2012-06-29 09:56:25 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2012-06-29 09:56:25 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2012-06-29 09:56:25 ----A---- C:\Windows\system32\D3DX9_42.dll
2012-06-29 09:56:25 ----A---- C:\Windows\system32\d3dx11_42.dll
2012-06-29 09:56:25 ----A---- C:\Windows\system32\d3dx10_42.dll
2012-06-29 09:56:25 ----A---- C:\Windows\system32\d3dcsx_42.dll
2012-06-29 09:56:24 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2012-06-29 09:56:24 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2012-06-29 09:56:24 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2012-06-29 09:56:24 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2012-06-29 09:56:24 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2012-06-29 09:56:24 ----A---- C:\Windows\system32\XAudio2_4.dll
2012-06-29 09:56:24 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2012-06-29 09:56:24 ----A---- C:\Windows\system32\D3DX9_41.dll
2012-06-29 09:56:24 ----A---- C:\Windows\system32\d3dx10_41.dll
2012-06-29 09:56:24 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2012-06-29 09:56:23 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2012-06-29 09:56:23 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2012-06-29 09:56:23 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2012-06-29 09:56:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2012-06-29 09:56:23 ----A---- C:\Windows\system32\xactengine3_4.dll
2012-06-29 09:56:23 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2012-06-29 09:56:23 ----A---- C:\Windows\system32\d3dx10_40.dll
2012-06-29 09:56:23 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-06-29 09:56:22 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2012-06-29 09:56:22 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2012-06-29 09:56:22 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2012-06-29 09:56:22 ----A---- C:\Windows\system32\XAudio2_3.dll
2012-06-29 09:56:22 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2012-06-29 09:56:22 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-06-29 09:56:21 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2012-06-29 09:56:21 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2012-06-29 09:56:21 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2012-06-29 09:56:21 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2012-06-29 09:56:21 ----A---- C:\Windows\system32\XAudio2_2.dll
2012-06-29 09:56:21 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2012-06-29 09:56:21 ----A---- C:\Windows\system32\xactengine3_3.dll
2012-06-29 09:56:21 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2012-06-29 09:56:20 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2012-06-29 09:56:20 ----A---- C:\Windows\system32\xactengine3_2.dll
2012-06-29 09:56:20 ----A---- C:\Windows\system32\D3DX9_39.dll
2012-06-29 09:56:20 ----A---- C:\Windows\system32\d3dx10_39.dll
2012-06-29 09:56:20 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2012-06-29 09:56:19 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2012-06-29 09:56:19 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2012-06-29 09:56:19 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2012-06-29 09:56:19 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2012-06-29 09:56:19 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2012-06-29 09:56:19 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2012-06-29 09:56:19 ----A---- C:\Windows\system32\XAudio2_1.dll
2012-06-29 09:56:19 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2012-06-29 09:56:19 ----A---- C:\Windows\system32\xactengine3_1.dll
2012-06-29 09:56:19 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2012-06-29 09:56:19 ----A---- C:\Windows\system32\d3dx10_38.dll
2012-06-29 09:56:19 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2012-06-29 09:56:18 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2012-06-29 09:56:18 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2012-06-29 09:56:18 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2012-06-29 09:56:18 ----A---- C:\Windows\system32\XAudio2_0.dll
2012-06-29 09:56:18 ----A---- C:\Windows\system32\xactengine3_0.dll
2012-06-29 09:56:18 ----A---- C:\Windows\system32\D3DX9_38.dll
2012-06-29 09:56:17 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2012-06-29 09:56:17 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2012-06-29 09:56:17 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2012-06-29 09:56:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2012-06-29 09:56:17 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2012-06-29 09:56:17 ----A---- C:\Windows\system32\D3DX9_37.dll
2012-06-29 09:56:17 ----A---- C:\Windows\system32\d3dx10_37.dll
2012-06-29 09:56:17 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2012-06-29 09:56:16 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2012-06-29 09:56:16 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2012-06-29 09:56:16 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2012-06-29 09:56:16 ----A---- C:\Windows\system32\xactengine2_10.dll
2012-06-29 09:56:16 ----A---- C:\Windows\system32\d3dx10_36.dll
2012-06-29 09:56:16 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2012-06-29 09:56:15 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2012-06-29 09:56:15 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2012-06-29 09:56:15 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2012-06-29 09:56:15 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2012-06-29 09:56:15 ----A---- C:\Windows\system32\xactengine2_9.dll
2012-06-29 09:56:15 ----A---- C:\Windows\system32\d3dx9_36.dll
2012-06-29 09:56:15 ----A---- C:\Windows\system32\d3dx10_35.dll
2012-06-29 09:56:15 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2012-06-29 09:56:14 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2012-06-29 09:56:14 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2012-06-29 09:56:14 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2012-06-29 09:56:14 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2012-06-29 09:56:14 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2012-06-29 09:56:14 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-06-29 09:56:14 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2012-06-29 09:56:14 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-06-29 09:56:14 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-06-29 09:56:14 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-06-29 09:56:13 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2012-06-29 09:56:13 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2012-06-29 09:56:13 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2012-06-29 09:56:13 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2012-06-29 09:56:13 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2012-06-29 09:56:13 ----A---- C:\Windows\system32\xinput1_3.dll
2012-06-29 09:56:13 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-06-29 09:56:13 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-06-29 09:56:13 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-06-29 09:56:13 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-06-29 09:56:12 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2012-06-29 09:56:12 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2012-06-29 09:56:12 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-06-29 09:56:12 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-06-29 09:56:11 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2012-06-29 09:56:11 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2012-06-29 09:56:11 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2012-06-29 09:56:11 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-06-29 09:56:11 ----A---- C:\Windows\system32\d3dx9_32.dll
2012-06-29 09:56:11 ----A---- C:\Windows\system32\d3dx10.dll
2012-06-29 09:56:10 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2012-06-29 09:56:10 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2012-06-29 09:56:10 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2012-06-29 09:56:10 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2012-06-29 09:56:10 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2012-06-29 09:56:10 ----A---- C:\Windows\system32\xinput1_2.dll
2012-06-29 09:56:10 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-06-29 09:56:10 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-06-29 09:56:10 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-06-29 09:56:10 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-06-29 09:56:09 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2012-06-29 09:56:09 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2012-06-29 09:56:09 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2012-06-29 09:56:09 ----A---- C:\Windows\system32\xinput1_1.dll
2012-06-29 09:56:09 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-06-29 09:56:09 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-06-29 09:56:07 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2012-06-29 09:56:07 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2012-06-29 09:56:07 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2012-06-29 09:56:07 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2012-06-29 09:56:07 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-06-29 09:56:07 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-06-29 09:56:07 ----A---- C:\Windows\system32\d3dx9_30.dll
2012-06-29 09:56:07 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-06-29 09:56:06 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2012-06-29 09:56:06 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2012-06-29 09:56:06 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2012-06-29 09:56:06 ----A---- C:\Windows\system32\d3dx9_28.dll
2012-06-29 09:56:06 ----A---- C:\Windows\system32\d3dx9_27.dll
2012-06-29 09:56:06 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-06-29 09:56:05 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2012-06-29 09:56:05 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2012-06-29 09:56:05 ----A---- C:\Windows\system32\d3dx9_25.dll
2012-06-29 09:56:05 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-06-29 09:50:04 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2012-06-29 09:48:27 ----D---- C:\ProgramData\EA Core
2012-06-29 09:48:26 ----D---- C:\ProgramData\EA Logs
2012-06-29 09:06:39 ----D---- C:\Program Files (x86)\Origin Games
2012-06-29 09:06:38 ----D---- C:\ProgramData\Origin
2012-06-29 09:05:56 ----D---- C:\Users\Buraq\AppData\Roaming\Origin
2012-06-29 09:05:56 ----D---- C:\ProgramData\Electronic Arts
2012-06-29 05:50:25 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-06-29 05:50:25 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-06-29 05:50:25 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-06-29 05:50:25 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2012-06-29 05:50:25 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-06-29 05:50:25 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-06-29 05:50:25 ----A---- C:\Windows\system32\aswBoot.exe
2012-06-29 05:50:16 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-06-29 05:50:16 ----A---- C:\Windows\avastSS.scr
2012-06-29 05:50:11 ----D---- C:\ProgramData\AVAST Software
2012-06-29 05:50:11 ----D---- C:\Program Files\AVAST Software
2012-06-29 03:24:57 ----D---- C:\Windows\SYSWOW64\Wat
2012-06-29 03:24:57 ----D---- C:\Windows\system32\Wat
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\url.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-06-29 03:02:21 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\wininet.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\wextract.exe
2012-06-29 03:02:21 ----A---- C:\Windows\system32\webcheck.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\vbscript.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\urlmon.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\url.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-06-29 03:02:21 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-06-29 03:02:21 ----A---- C:\Windows\system32\pngfilt.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\occache.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\msrating.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\msls31.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\mshtmler.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\mshtml.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\mshta.exe
2012-06-29 03:02:21 ----A---- C:\Windows\system32\msfeedssync.exe
2012-06-29 03:02:21 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\msfeeds.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\licmgr10.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\jscript9.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\jscript.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\inseng.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\imgutil.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\iexpress.exe
2012-06-29 03:02:21 ----A---- C:\Windows\system32\ieUnatt.exe
2012-06-29 03:02:21 ----A---- C:\Windows\system32\ieui.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\iesysprep.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\iesetup.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\iertutil.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\iernonce.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\iepeers.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\ieframe.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\iedkcs32.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\ieapfltr.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\ieapfltr.dat
2012-06-29 03:02:21 ----A---- C:\Windows\system32\ieakui.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\ieaksie.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\ieakeng.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\ie4uinit.exe
2012-06-29 03:02:21 ----A---- C:\Windows\system32\icardie.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\dxtrans.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\dxtmsft.dll
2012-06-29 03:02:21 ----A---- C:\Windows\system32\admparse.dll
2012-06-29 03:00:35 ----A---- C:\Windows\SYSWOW64\wmi.dll
2012-06-29 03:00:35 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-06-29 03:00:35 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2012-06-29 03:00:35 ----A---- C:\Windows\system32\wmi.dll
2012-06-29 03:00:35 ----A---- C:\Windows\system32\wintrust.dll
2012-06-29 03:00:35 ----A---- C:\Windows\system32\imagehlp.dll
2012-06-29 03:00:35 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-06-28 20:54:44 ----D---- C:\Program Files (x86)\FinalWire
2012-06-28 20:27:44 ----D---- C:\ProgramData\explauncher
2012-06-28 20:27:43 ----D---- C:\ProgramData\launcher
2012-06-28 20:21:22 ----D---- C:\Program Files (x86)\QIP 2012
2012-06-28 20:18:56 ----DC---- C:\Windows\system32\DRVSTORE
2012-06-28 20:18:56 ----A---- C:\Windows\system32\drivers\hotcore3.sys
2012-06-28 20:18:53 ----D---- C:\Program Files (x86)\Paragon Software
2012-06-28 20:17:14 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-06-28 20:17:14 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2012-06-28 20:15:22 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2012-06-28 20:15:19 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2012-06-28 20:14:57 ----D---- C:\Users\Buraq\AppData\Roaming\DAEMON Tools Lite
2012-06-28 20:14:55 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-06-28 20:13:46 ----D---- C:\Program Files (x86)\Hard Disk Sentinel
2012-06-28 20:13:31 ----D---- C:\Users\Buraq\AppData\Roaming\WinRAR
2012-06-28 20:13:18 ----D---- C:\Program Files\WinRAR
2012-06-28 20:12:53 ----D---- C:\Program Files (x86)\VideoLAN
2012-06-28 20:11:43 ----D---- C:\Users\Buraq\AppData\Roaming\BSplayer Pro
2012-06-28 20:11:43 ----D---- C:\Users\Buraq\AppData\Roaming\BSplayer
2012-06-28 20:11:43 ----D---- C:\Program Files (x86)\Webteh
2012-06-28 20:10:37 ----D---- C:\Program Files (x86)\Adobe
2012-06-28 20:10:26 ----D---- C:\ProgramData\Adobe
2012-06-28 20:09:16 ----D---- C:\Users\Buraq\AppData\Roaming\Macromedia
2012-06-28 20:09:16 ----D---- C:\Users\Buraq\AppData\Roaming\Adobe
2012-06-28 20:08:30 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2012-06-28 20:08:30 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2012-06-28 20:08:30 ----A---- C:\Windows\SYSWOW64\unrar.dll
2012-06-28 20:08:29 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2012-06-28 20:08:28 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2012-06-28 19:55:08 ----D---- C:\Users\Buraq\AppData\Roaming\QIP
2012-06-28 19:36:55 ----D---- C:\Program Files\TeamSpeak 3 Client
2012-06-28 19:07:40 ----D---- C:\Users\Buraq\AppData\Roaming\ATI
2012-06-28 19:07:40 ----D---- C:\ProgramData\ATI
2012-06-28 19:06:29 ----D---- C:\ProgramData\AMD
2012-06-28 19:06:28 ----D---- C:\Program Files (x86)\AMD AVT
2012-06-28 19:06:28 ----D---- C:\Program Files (x86)\AMD APP
2012-06-28 19:06:27 ----D---- C:\Program Files\Common Files\ATI Technologies
2012-06-28 19:06:14 ----D---- C:\Program Files\ATI
2012-06-28 19:06:14 ----D---- C:\Program Files (x86)\ATI Technologies
2012-06-28 19:05:43 ----D---- C:\Program Files\ATI Technologies
2012-06-28 19:05:16 ----D---- C:\AMD
2012-06-28 19:01:19 ----D---- C:\Program Files (x86)\Etron Technology
2012-06-28 19:00:11 ----A---- C:\Windows\system32\drivers\USB3Ver.dll
2012-06-28 18:59:57 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2012-06-28 18:59:57 ----A---- C:\Windows\system32\drivers\iusb3xhc.sys
2012-06-28 18:59:57 ----A---- C:\Windows\system32\drivers\iusb3hub.sys
2012-06-28 18:59:57 ----A---- C:\Windows\system32\drivers\iusb3hcs.sys
2012-06-28 18:57:15 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2012-06-28 18:56:34 ----A---- C:\Windows\system32\drivers\IntelMEFWVer.dll
2012-06-28 18:56:30 ----A---- C:\Windows\SYSWOW64\log.txt
2012-06-28 18:56:29 ----D---- C:\ProgramData\Intel
2012-06-28 18:56:28 ----D---- C:\Program Files\Intel
2012-06-28 18:56:16 ----D---- C:\Program Files (x86)\Intel
2012-06-28 18:56:16 ----D---- C:\Intel
2012-06-28 18:56:16 ----A---- C:\Windows\system32\drivers\HECIx64.sys
2012-06-28 18:56:15 ----D---- C:\Users\Buraq\AppData\Roaming\InstallShield
2012-06-28 18:54:40 ----A---- C:\Windows\system32\VIASysFx.dll
2012-06-28 18:54:40 ----A---- C:\Windows\system32\VIAPropPageExt.dll
2012-06-28 18:54:40 ----A---- C:\Windows\system32\ViaMicArrayPropPageExt.dll
2012-06-28 18:54:40 ----A---- C:\Windows\system32\ViaMicArrayAPO.dll
2012-06-28 18:54:40 ----A---- C:\Windows\system32\ViakaraokeSrv.exe
2012-06-28 18:54:40 ----A---- C:\Windows\system32\ViaKaraokePropPageExt.dll
2012-06-28 18:54:40 ----A---- C:\Windows\system32\ViaKaraokeApo.dll
2012-06-28 18:54:40 ----A---- C:\Windows\system32\nQPropPageExt.dll
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
dwm.exe - chyba aplikace
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: dwm.exe - chyba aplikace
2012-06-28 18:54:40 ----A---- C:\Windows\system32\nQAPO.dll
2012-06-28 18:54:40 ----A---- C:\Windows\system32\Dts2PropPageExt.dll
2012-06-28 18:54:40 ----A---- C:\Windows\system32\drivers\viahduaa.sys
2012-06-28 18:54:22 ----N---- C:\Windows\difxapi.dll
2012-06-28 18:54:22 ----D---- C:\Program Files (x86)\VIA
2012-06-28 18:54:17 ----SHD---- C:\Windows\Installer
2012-06-28 18:53:49 ----A---- C:\Windows\system32\Dts2APO.dll
2012-06-28 18:53:05 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2012-06-28 18:53:05 ----A---- C:\Windows\SYSWOW64\sbe.dll
2012-06-28 18:53:05 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-06-28 18:53:05 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2012-06-28 18:53:05 ----A---- C:\Windows\system32\xmllite.dll
2012-06-28 18:53:05 ----A---- C:\Windows\system32\sbe.dll
2012-06-28 18:53:05 ----A---- C:\Windows\system32\DWrite.dll
2012-06-28 18:53:05 ----A---- C:\Windows\system32\CPFilters.dll
2012-06-28 18:53:03 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-06-28 18:53:03 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-06-28 18:53:03 ----A---- C:\Windows\system32\quartz.dll
2012-06-28 18:53:03 ----A---- C:\Windows\system32\qdvd.dll
2012-06-28 18:53:02 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-06-28 18:53:02 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-06-28 18:53:02 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-06-28 18:53:02 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-06-28 18:53:02 ----A---- C:\Windows\system32\webio.dll
2012-06-28 18:53:02 ----A---- C:\Windows\system32\sspisrv.dll
2012-06-28 18:53:02 ----A---- C:\Windows\system32\sspicli.dll
2012-06-28 18:53:02 ----A---- C:\Windows\system32\schannel.dll
2012-06-28 18:53:02 ----A---- C:\Windows\system32\secur32.dll
2012-06-28 18:53:02 ----A---- C:\Windows\system32\lsass.exe
2012-06-28 18:53:02 ----A---- C:\Windows\system32\lsasrv.dll
2012-06-28 18:53:02 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2012-06-28 18:53:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2012-06-28 18:53:02 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2012-06-28 18:53:02 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-06-28 18:53:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-06-28 18:53:02 ----A---- C:\Windows\system32\drivers\cng.sys
2012-06-28 18:53:01 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-06-28 18:53:01 ----A---- C:\Windows\system32\odbccu32.dll
2012-06-28 18:53:01 ----A---- C:\Windows\system32\odbccr32.dll
2012-06-28 18:53:01 ----A---- C:\Windows\system32\odbccp32.dll
2012-06-28 18:53:01 ----A---- C:\Windows\system32\kerberos.dll
2012-06-28 18:53:01 ----A---- C:\Windows\system32\csrsrv.dll
2012-06-28 18:53:00 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2012-06-28 18:53:00 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2012-06-28 18:53:00 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2012-06-28 18:53:00 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2012-06-28 18:53:00 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2012-06-28 18:53:00 ----A---- C:\Windows\SYSWOW64\explorer.exe
2012-06-28 18:53:00 ----A---- C:\Windows\system32\odbctrac.dll
2012-06-28 18:53:00 ----A---- C:\Windows\explorer.exe
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\tquery.dll
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\mssph.dll
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2012-06-28 18:52:59 ----A---- C:\Windows\system32\tquery.dll
2012-06-28 18:52:59 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2012-06-28 18:52:59 ----A---- C:\Windows\system32\SearchIndexer.exe
2012-06-28 18:52:59 ----A---- C:\Windows\system32\SearchFilterHost.exe
2012-06-28 18:52:59 ----A---- C:\Windows\system32\mssvp.dll
2012-06-28 18:52:59 ----A---- C:\Windows\system32\mssrch.dll
2012-06-28 18:52:59 ----A---- C:\Windows\system32\mssphtb.dll
2012-06-28 18:52:59 ----A---- C:\Windows\system32\mssph.dll
2012-06-28 18:52:59 ----A---- C:\Windows\system32\msscntrs.dll
2012-06-28 18:52:57 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2012-06-28 18:52:57 ----A---- C:\Windows\system32\shell32.dll
2012-06-28 18:52:57 ----A---- C:\Windows\system32\poqexec.exe
2012-06-28 18:52:56 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-06-28 18:52:56 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-06-28 18:52:56 ----A---- C:\Windows\system32\ntshrui.dll
2012-06-28 18:52:54 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2012-06-28 18:52:54 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2012-06-28 18:52:51 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2012-06-28 18:52:51 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2012-06-28 18:52:51 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2012-06-28 18:52:51 ----A---- C:\Windows\system32\XpsPrint.dll
2012-06-28 18:52:51 ----A---- C:\Windows\system32\mfc42u.dll
2012-06-28 18:52:51 ----A---- C:\Windows\system32\mfc42.dll
2012-06-28 18:52:44 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-28 18:52:44 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-28 18:52:44 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-28 18:52:40 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2012-06-28 18:52:40 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-06-28 18:52:40 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-06-28 18:52:40 ----A---- C:\Windows\system32\fontsub.dll
2012-06-28 18:52:40 ----A---- C:\Windows\system32\atmlib.dll
2012-06-28 18:52:40 ----A---- C:\Windows\system32\atmfd.dll
2012-06-28 18:52:39 ----A---- C:\Windows\system32\profsvc.dll
2012-06-28 18:52:39 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2012-06-28 18:52:38 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-06-28 18:52:38 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-06-28 18:52:38 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2012-06-28 18:52:38 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2012-06-28 18:52:38 ----A---- C:\Windows\system32\win32k.sys
2012-06-28 18:52:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-28 18:52:38 ----A---- C:\Windows\system32\dnsrslvr.dll
2012-06-28 18:52:38 ----A---- C:\Windows\system32\dnscacheugc.exe
2012-06-28 18:52:38 ----A---- C:\Windows\system32\dnsapi.dll
2012-06-28 18:52:21 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2012-06-28 18:52:21 ----A---- C:\Windows\system32\drivers\srvnet.sys
2012-06-28 18:52:21 ----A---- C:\Windows\system32\drivers\srv2.sys
2012-06-28 18:52:21 ----A---- C:\Windows\system32\drivers\srv.sys
2012-06-28 18:52:21 ----A---- C:\Windows\system32\d3d10_1.dll
2012-06-28 18:52:20 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2012-06-28 18:52:20 ----A---- C:\Windows\system32\psisdecd.dll
2012-06-28 18:52:20 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-28 18:52:19 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-06-28 18:52:19 ----A---- C:\Windows\system32\winresume.exe
2012-06-28 18:52:19 ----A---- C:\Windows\system32\winload.exe
2012-06-28 18:52:19 ----A---- C:\Windows\system32\msi.dll
2012-06-28 18:52:19 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-06-28 18:52:19 ----A---- C:\Windows\system32\drivers\afd.sys
2012-06-28 18:52:18 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-06-28 18:52:18 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-06-28 18:52:18 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-06-28 18:52:18 ----A---- C:\Windows\system32\kdusb.dll
2012-06-28 18:52:18 ----A---- C:\Windows\system32\kdcom.dll
2012-06-28 18:52:18 ----A---- C:\Windows\system32\kd1394.dll
2012-06-28 18:52:18 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-28 18:52:18 ----A---- C:\Windows\system32\cryptnet.dll
2012-06-28 18:52:18 ----A---- C:\Windows\system32\crypt32.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-06-28 18:52:16 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-06-28 18:52:16 ----A---- C:\Windows\SYSWOW64\user.exe
2012-06-28 18:52:16 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-06-28 18:52:16 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-06-28 18:52:16 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-06-28 18:52:16 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-06-28 18:52:16 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-06-28 18:52:16 ----A---- C:\Windows\system32\wow64win.dll
2012-06-28 18:52:16 ----A---- C:\Windows\system32\wow64cpu.dll
2012-06-28 18:52:16 ----A---- C:\Windows\system32\wow64.dll
2012-06-28 18:52:16 ----A---- C:\Windows\system32\winsrv.dll
2012-06-28 18:52:16 ----A---- C:\Windows\system32\ntvdm64.dll
2012-06-28 18:52:16 ----A---- C:\Windows\system32\KernelBase.dll
2012-06-28 18:52:16 ----A---- C:\Windows\system32\kernel32.dll
2012-06-28 18:52:16 ----A---- C:\Windows\system32\conhost.exe
2012-06-28 18:52:14 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2012-06-28 18:52:14 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2012-06-28 18:52:14 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2012-06-28 18:52:14 ----A---- C:\Windows\SYSWOW64\devobj.dll
2012-06-28 18:52:14 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2012-06-28 18:52:14 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-06-28 18:52:14 ----A---- C:\Windows\system32\prevhost.exe
2012-06-28 18:52:05 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2012-06-28 18:52:05 ----A---- C:\Windows\system32\inetcomm.dll
2012-06-28 18:52:05 ----A---- C:\Windows\system32\FXSCOVER.exe
2012-06-28 18:52:04 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-06-28 18:52:04 ----A---- C:\Windows\system32\oleacc.dll
2012-06-28 18:52:04 ----A---- C:\Windows\system32\msvcrt.dll
2012-06-28 18:52:04 ----A---- C:\Windows\system32\drivers\bowser.sys
2012-06-28 18:52:03 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2012-06-28 18:52:03 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2012-06-28 18:52:03 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2012-06-28 18:52:03 ----A---- C:\Windows\system32\oleaut32.dll
2012-06-28 18:52:03 ----A---- C:\Windows\system32\EncDec.dll
2012-06-28 18:52:02 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-06-28 18:52:02 ----A---- C:\Windows\system32\tzres.dll
2012-06-28 18:52:01 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-06-28 18:52:00 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-06-28 18:52:00 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-06-28 18:52:00 ----A---- C:\Windows\system32\packager.dll
2012-06-28 18:52:00 ----A---- C:\Windows\system32\ntdll.dll
2012-06-28 18:49:28 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-06-28 18:49:28 ----A---- C:\Windows\system32\rdpcore.dll
2012-06-28 18:49:28 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-06-28 18:47:49 ----A---- C:\Windows\system32\wups2.dll
2012-06-28 18:47:49 ----A---- C:\Windows\system32\wucltux.dll
2012-06-28 18:47:49 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-28 18:47:49 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-28 18:47:48 ----A---- C:\Windows\system32\wups.dll
2012-06-28 18:47:48 ----A---- C:\Windows\system32\wudriver.dll
2012-06-28 18:47:48 ----A---- C:\Windows\system32\wuapi.dll
2012-06-28 18:47:47 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-28 18:47:47 ----A---- C:\Windows\system32\wuapp.exe
2012-06-28 18:47:10 ----D---- C:\Windows\SYSWOW64\Atheros_L1e
2012-06-28 18:47:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-06-28 18:39:00 ----A---- C:\Windows\system32\drivers\L1C62x64.sys
2012-06-28 05:14:28 ----D---- C:\Windows\Panther
2012-06-28 04:15:16 ----D---- C:\Windows\Prefetch
2012-06-28 04:15:08 ----SHD---- C:\System Volume Information
2012-06-28 04:15:08 ----ASH---- C:\pagefile.sys
2012-06-28 04:15:08 ----ASH---- C:\hiberfil.sys
2012-06-27 22:21:40 ----D---- C:\Users\Buraq\AppData\Roaming\Identities
2012-06-27 22:21:37 ----SD---- C:\Users\Buraq\AppData\Roaming\Microsoft
2012-06-27 22:21:37 ----D---- C:\Users\Buraq\AppData\Roaming\Media Center Programs
2012-06-27 22:21:35 ----SHD---- C:\Recovery
2012-06-27 22:21:35 ----SHD---- C:\ProgramData\Šablony
2012-06-27 22:21:35 ----SHD---- C:\ProgramData\Plocha
2012-06-27 22:21:35 ----SHD---- C:\ProgramData\Oblíbené položky
2012-06-27 22:21:35 ----SHD---- C:\ProgramData\Nabídka Start
2012-06-27 22:21:35 ----SHD---- C:\ProgramData\Dokumenty
2012-06-27 22:21:35 ----SHD---- C:\ProgramData\Data aplikací
2012-06-27 22:21:34 ----D---- C:\Windows\SoftwareDistribution
======List of files/folders modified in the last 1 month======
2012-07-11 12:59:33 ----D---- C:\Windows\Temp
2012-07-11 12:59:30 ----RD---- C:\Program Files
2012-07-11 12:23:54 ----D---- C:\Windows\system32\config
2012-07-11 12:15:41 ----D---- C:\Windows\System32
2012-07-11 12:15:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-11 12:13:53 ----D---- C:\Windows\system32\catroot
2012-07-11 12:13:52 ----D---- C:\Windows\winsxs
2012-07-11 12:13:16 ----D---- C:\Windows\system32\catroot2
2012-07-11 12:09:56 ----D---- C:\Windows\system32\Tasks
2012-07-09 21:34:45 ----D---- C:\Windows\Logs
2012-07-09 21:34:44 ----D---- C:\Windows\SysWOW64
2012-07-07 21:00:12 ----HD---- C:\ProgramData
2012-07-02 12:44:37 ----D---- C:\Windows\rescache
2012-07-02 08:55:10 ----RSD---- C:\Windows\assembly
2012-07-02 08:55:10 ----D---- C:\Windows\Microsoft.NET
2012-07-02 08:21:00 ----D---- C:\Windows\inf
2012-07-02 08:20:59 ----D---- C:\Windows\system32\DriverStore
2012-07-02 08:20:46 ----D---- C:\Windows\system32\drivers
2012-06-30 09:46:54 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-06-30 09:46:54 ----D---- C:\Windows\system32\cs-CZ
2012-06-30 09:45:44 ----RD---- C:\Program Files (x86)
2012-06-30 09:45:44 ----D---- C:\Windows\SYSWOW64\en-US
2012-06-30 09:45:44 ----D---- C:\Windows\system32\en-US
2012-06-29 10:04:12 ----D---- C:\Windows\system32\wdi
2012-06-29 10:03:51 ----D---- C:\Windows
2012-06-29 09:57:20 ----D---- C:\Windows\system32\LogFiles
2012-06-29 09:56:34 ----D---- C:\Program Files (x86)\Common Files
2012-06-29 05:45:12 ----SD---- C:\ProgramData\Microsoft
2012-06-29 03:24:58 ----RSD---- C:\Windows\Fonts
2012-06-29 03:24:58 ----D---- C:\Windows\SYSWOW64\migration
2012-06-29 03:24:58 ----D---- C:\Windows\system32\migration
2012-06-29 03:24:58 ----D---- C:\Windows\PolicyDefinitions
2012-06-29 03:24:58 ----D---- C:\Windows\ehome
2012-06-29 03:24:58 ----D---- C:\Windows\AppPatch
2012-06-29 03:24:58 ----D---- C:\Program Files\Internet Explorer
2012-06-29 03:24:58 ----D---- C:\Program Files\Common Files\System
2012-06-29 03:24:58 ----D---- C:\Program Files (x86)\Internet Explorer
2012-06-29 03:24:57 ----D---- C:\Windows\system32\Boot
2012-06-29 03:24:57 ----D---- C:\Program Files\Windows Journal
2012-06-28 19:32:41 ----D---- C:\Windows\Tasks
2012-06-28 19:06:27 ----D---- C:\Program Files\Common Files
2012-06-28 18:56:26 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-06-28 18:47:04 ----D---- C:\Windows\system32\restore
2012-06-28 18:45:19 ----D---- C:\Windows\system32\CodeIntegrity
2012-06-28 04:19:08 ----D---- C:\Windows\debug
2012-06-28 04:16:48 ----D---- C:\Windows\system32\sysprep
2012-06-28 04:15:40 ----D---- C:\Windows\system32\drivers\UMDF
2012-06-28 04:15:16 ----D---- C:\Windows\CSC
2012-06-27 22:21:39 ----SHD---- C:\$Recycle.Bin
2012-06-27 22:21:37 ----RD---- C:\Users
2012-06-27 22:21:35 ----D---- C:\Program Files\Windows NT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hotcore3;hc3ServiceName; C:\Windows\system32\DRIVERS\hotcore3.sys [2010-07-13 37392]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-03-07 53080]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 819032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337240]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 59224]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-28 279616]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 69976]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2012-01-06 59392]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2012-01-06 84608]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-08-12 104560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 rzjoystk;Razer VJoystick; C:\Windows\system32\DRIVERS\rzjoystk.sys [2011-03-24 19968]
R3 RzSynapse;Razer Driver; C:\Windows\system32\DRIVERS\RzSynapse.sys [2011-07-14 157184]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-05-04 2196592]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-04-06 236544]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-06-29 76888]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-05-04 27760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-06-29 529232]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-29 1255736]
-----------------EOF-----------------
2012-06-28 18:54:40 ----A---- C:\Windows\system32\Dts2PropPageExt.dll
2012-06-28 18:54:40 ----A---- C:\Windows\system32\drivers\viahduaa.sys
2012-06-28 18:54:22 ----N---- C:\Windows\difxapi.dll
2012-06-28 18:54:22 ----D---- C:\Program Files (x86)\VIA
2012-06-28 18:54:17 ----SHD---- C:\Windows\Installer
2012-06-28 18:53:49 ----A---- C:\Windows\system32\Dts2APO.dll
2012-06-28 18:53:05 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2012-06-28 18:53:05 ----A---- C:\Windows\SYSWOW64\sbe.dll
2012-06-28 18:53:05 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-06-28 18:53:05 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2012-06-28 18:53:05 ----A---- C:\Windows\system32\xmllite.dll
2012-06-28 18:53:05 ----A---- C:\Windows\system32\sbe.dll
2012-06-28 18:53:05 ----A---- C:\Windows\system32\DWrite.dll
2012-06-28 18:53:05 ----A---- C:\Windows\system32\CPFilters.dll
2012-06-28 18:53:03 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-06-28 18:53:03 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-06-28 18:53:03 ----A---- C:\Windows\system32\quartz.dll
2012-06-28 18:53:03 ----A---- C:\Windows\system32\qdvd.dll
2012-06-28 18:53:02 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-06-28 18:53:02 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-06-28 18:53:02 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-06-28 18:53:02 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-06-28 18:53:02 ----A---- C:\Windows\system32\webio.dll
2012-06-28 18:53:02 ----A---- C:\Windows\system32\sspisrv.dll
2012-06-28 18:53:02 ----A---- C:\Windows\system32\sspicli.dll
2012-06-28 18:53:02 ----A---- C:\Windows\system32\schannel.dll
2012-06-28 18:53:02 ----A---- C:\Windows\system32\secur32.dll
2012-06-28 18:53:02 ----A---- C:\Windows\system32\lsass.exe
2012-06-28 18:53:02 ----A---- C:\Windows\system32\lsasrv.dll
2012-06-28 18:53:02 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2012-06-28 18:53:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2012-06-28 18:53:02 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2012-06-28 18:53:02 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-06-28 18:53:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-06-28 18:53:02 ----A---- C:\Windows\system32\drivers\cng.sys
2012-06-28 18:53:01 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-06-28 18:53:01 ----A---- C:\Windows\system32\odbccu32.dll
2012-06-28 18:53:01 ----A---- C:\Windows\system32\odbccr32.dll
2012-06-28 18:53:01 ----A---- C:\Windows\system32\odbccp32.dll
2012-06-28 18:53:01 ----A---- C:\Windows\system32\kerberos.dll
2012-06-28 18:53:01 ----A---- C:\Windows\system32\csrsrv.dll
2012-06-28 18:53:00 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2012-06-28 18:53:00 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2012-06-28 18:53:00 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2012-06-28 18:53:00 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2012-06-28 18:53:00 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2012-06-28 18:53:00 ----A---- C:\Windows\SYSWOW64\explorer.exe
2012-06-28 18:53:00 ----A---- C:\Windows\system32\odbctrac.dll
2012-06-28 18:53:00 ----A---- C:\Windows\explorer.exe
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\tquery.dll
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\mssph.dll
2012-06-28 18:52:59 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2012-06-28 18:52:59 ----A---- C:\Windows\system32\tquery.dll
2012-06-28 18:52:59 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2012-06-28 18:52:59 ----A---- C:\Windows\system32\SearchIndexer.exe
2012-06-28 18:52:59 ----A---- C:\Windows\system32\SearchFilterHost.exe
2012-06-28 18:52:59 ----A---- C:\Windows\system32\mssvp.dll
2012-06-28 18:52:59 ----A---- C:\Windows\system32\mssrch.dll
2012-06-28 18:52:59 ----A---- C:\Windows\system32\mssphtb.dll
2012-06-28 18:52:59 ----A---- C:\Windows\system32\mssph.dll
2012-06-28 18:52:59 ----A---- C:\Windows\system32\msscntrs.dll
2012-06-28 18:52:57 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2012-06-28 18:52:57 ----A---- C:\Windows\system32\shell32.dll
2012-06-28 18:52:57 ----A---- C:\Windows\system32\poqexec.exe
2012-06-28 18:52:56 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-06-28 18:52:56 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-06-28 18:52:56 ----A---- C:\Windows\system32\ntshrui.dll
2012-06-28 18:52:54 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2012-06-28 18:52:54 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2012-06-28 18:52:51 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2012-06-28 18:52:51 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2012-06-28 18:52:51 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2012-06-28 18:52:51 ----A---- C:\Windows\system32\XpsPrint.dll
2012-06-28 18:52:51 ----A---- C:\Windows\system32\mfc42u.dll
2012-06-28 18:52:51 ----A---- C:\Windows\system32\mfc42.dll
2012-06-28 18:52:44 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-28 18:52:44 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-28 18:52:44 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-28 18:52:40 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2012-06-28 18:52:40 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-06-28 18:52:40 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-06-28 18:52:40 ----A---- C:\Windows\system32\fontsub.dll
2012-06-28 18:52:40 ----A---- C:\Windows\system32\atmlib.dll
2012-06-28 18:52:40 ----A---- C:\Windows\system32\atmfd.dll
2012-06-28 18:52:39 ----A---- C:\Windows\system32\profsvc.dll
2012-06-28 18:52:39 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2012-06-28 18:52:38 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-06-28 18:52:38 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-06-28 18:52:38 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2012-06-28 18:52:38 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2012-06-28 18:52:38 ----A---- C:\Windows\system32\win32k.sys
2012-06-28 18:52:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-28 18:52:38 ----A---- C:\Windows\system32\dnsrslvr.dll
2012-06-28 18:52:38 ----A---- C:\Windows\system32\dnscacheugc.exe
2012-06-28 18:52:38 ----A---- C:\Windows\system32\dnsapi.dll
2012-06-28 18:52:21 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2012-06-28 18:52:21 ----A---- C:\Windows\system32\drivers\srvnet.sys
2012-06-28 18:52:21 ----A---- C:\Windows\system32\drivers\srv2.sys
2012-06-28 18:52:21 ----A---- C:\Windows\system32\drivers\srv.sys
2012-06-28 18:52:21 ----A---- C:\Windows\system32\d3d10_1.dll
2012-06-28 18:52:20 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2012-06-28 18:52:20 ----A---- C:\Windows\system32\psisdecd.dll
2012-06-28 18:52:20 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-28 18:52:19 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-06-28 18:52:19 ----A---- C:\Windows\system32\winresume.exe
2012-06-28 18:52:19 ----A---- C:\Windows\system32\winload.exe
2012-06-28 18:52:19 ----A---- C:\Windows\system32\msi.dll
2012-06-28 18:52:19 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-06-28 18:52:19 ----A---- C:\Windows\system32\drivers\afd.sys
2012-06-28 18:52:18 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-06-28 18:52:18 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-06-28 18:52:18 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-06-28 18:52:18 ----A---- C:\Windows\system32\kdusb.dll
2012-06-28 18:52:18 ----A---- C:\Windows\system32\kdcom.dll
2012-06-28 18:52:18 ----A---- C:\Windows\system32\kd1394.dll
2012-06-28 18:52:18 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-28 18:52:18 ----A---- C:\Windows\system32\cryptnet.dll
2012-06-28 18:52:18 ----A---- C:\Windows\system32\crypt32.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-06-28 18:52:16 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-06-28 18:52:16 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-06-28 18:52:16 ----A---- C:\Windows\SYSWOW64\user.exe
2012-06-28 18:52:16 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-06-28 18:52:16 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-06-28 18:52:16 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-06-28 18:52:16 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-06-28 18:52:16 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-06-28 18:52:16 ----A---- C:\Windows\system32\wow64win.dll
2012-06-28 18:52:16 ----A---- C:\Windows\system32\wow64cpu.dll
2012-06-28 18:52:16 ----A---- C:\Windows\system32\wow64.dll
2012-06-28 18:52:16 ----A---- C:\Windows\system32\winsrv.dll
2012-06-28 18:52:16 ----A---- C:\Windows\system32\ntvdm64.dll
2012-06-28 18:52:16 ----A---- C:\Windows\system32\KernelBase.dll
2012-06-28 18:52:16 ----A---- C:\Windows\system32\kernel32.dll
2012-06-28 18:52:16 ----A---- C:\Windows\system32\conhost.exe
2012-06-28 18:52:14 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2012-06-28 18:52:14 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2012-06-28 18:52:14 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2012-06-28 18:52:14 ----A---- C:\Windows\SYSWOW64\devobj.dll
2012-06-28 18:52:14 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2012-06-28 18:52:14 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-06-28 18:52:14 ----A---- C:\Windows\system32\prevhost.exe
2012-06-28 18:52:05 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2012-06-28 18:52:05 ----A---- C:\Windows\system32\inetcomm.dll
2012-06-28 18:52:05 ----A---- C:\Windows\system32\FXSCOVER.exe
2012-06-28 18:52:04 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-06-28 18:52:04 ----A---- C:\Windows\system32\oleacc.dll
2012-06-28 18:52:04 ----A---- C:\Windows\system32\msvcrt.dll
2012-06-28 18:52:04 ----A---- C:\Windows\system32\drivers\bowser.sys
2012-06-28 18:52:03 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2012-06-28 18:52:03 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2012-06-28 18:52:03 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2012-06-28 18:52:03 ----A---- C:\Windows\system32\oleaut32.dll
2012-06-28 18:52:03 ----A---- C:\Windows\system32\EncDec.dll
2012-06-28 18:52:02 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-06-28 18:52:02 ----A---- C:\Windows\system32\tzres.dll
2012-06-28 18:52:01 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-06-28 18:52:00 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-06-28 18:52:00 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-06-28 18:52:00 ----A---- C:\Windows\system32\packager.dll
2012-06-28 18:52:00 ----A---- C:\Windows\system32\ntdll.dll
2012-06-28 18:49:28 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-06-28 18:49:28 ----A---- C:\Windows\system32\rdpcore.dll
2012-06-28 18:49:28 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-06-28 18:47:49 ----A---- C:\Windows\system32\wups2.dll
2012-06-28 18:47:49 ----A---- C:\Windows\system32\wucltux.dll
2012-06-28 18:47:49 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-28 18:47:49 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-28 18:47:48 ----A---- C:\Windows\system32\wups.dll
2012-06-28 18:47:48 ----A---- C:\Windows\system32\wudriver.dll
2012-06-28 18:47:48 ----A---- C:\Windows\system32\wuapi.dll
2012-06-28 18:47:47 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-28 18:47:47 ----A---- C:\Windows\system32\wuapp.exe
2012-06-28 18:47:10 ----D---- C:\Windows\SYSWOW64\Atheros_L1e
2012-06-28 18:47:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-06-28 18:39:00 ----A---- C:\Windows\system32\drivers\L1C62x64.sys
2012-06-28 05:14:28 ----D---- C:\Windows\Panther
2012-06-28 04:15:16 ----D---- C:\Windows\Prefetch
2012-06-28 04:15:08 ----SHD---- C:\System Volume Information
2012-06-28 04:15:08 ----ASH---- C:\pagefile.sys
2012-06-28 04:15:08 ----ASH---- C:\hiberfil.sys
2012-06-27 22:21:40 ----D---- C:\Users\Buraq\AppData\Roaming\Identities
2012-06-27 22:21:37 ----SD---- C:\Users\Buraq\AppData\Roaming\Microsoft
2012-06-27 22:21:37 ----D---- C:\Users\Buraq\AppData\Roaming\Media Center Programs
2012-06-27 22:21:35 ----SHD---- C:\Recovery
2012-06-27 22:21:35 ----SHD---- C:\ProgramData\Šablony
2012-06-27 22:21:35 ----SHD---- C:\ProgramData\Plocha
2012-06-27 22:21:35 ----SHD---- C:\ProgramData\Oblíbené položky
2012-06-27 22:21:35 ----SHD---- C:\ProgramData\Nabídka Start
2012-06-27 22:21:35 ----SHD---- C:\ProgramData\Dokumenty
2012-06-27 22:21:35 ----SHD---- C:\ProgramData\Data aplikací
2012-06-27 22:21:34 ----D---- C:\Windows\SoftwareDistribution
======List of files/folders modified in the last 1 month======
2012-07-11 12:59:33 ----D---- C:\Windows\Temp
2012-07-11 12:59:30 ----RD---- C:\Program Files
2012-07-11 12:23:54 ----D---- C:\Windows\system32\config
2012-07-11 12:15:41 ----D---- C:\Windows\System32
2012-07-11 12:15:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-11 12:13:53 ----D---- C:\Windows\system32\catroot
2012-07-11 12:13:52 ----D---- C:\Windows\winsxs
2012-07-11 12:13:16 ----D---- C:\Windows\system32\catroot2
2012-07-11 12:09:56 ----D---- C:\Windows\system32\Tasks
2012-07-09 21:34:45 ----D---- C:\Windows\Logs
2012-07-09 21:34:44 ----D---- C:\Windows\SysWOW64
2012-07-07 21:00:12 ----HD---- C:\ProgramData
2012-07-02 12:44:37 ----D---- C:\Windows\rescache
2012-07-02 08:55:10 ----RSD---- C:\Windows\assembly
2012-07-02 08:55:10 ----D---- C:\Windows\Microsoft.NET
2012-07-02 08:21:00 ----D---- C:\Windows\inf
2012-07-02 08:20:59 ----D---- C:\Windows\system32\DriverStore
2012-07-02 08:20:46 ----D---- C:\Windows\system32\drivers
2012-06-30 09:46:54 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-06-30 09:46:54 ----D---- C:\Windows\system32\cs-CZ
2012-06-30 09:45:44 ----RD---- C:\Program Files (x86)
2012-06-30 09:45:44 ----D---- C:\Windows\SYSWOW64\en-US
2012-06-30 09:45:44 ----D---- C:\Windows\system32\en-US
2012-06-29 10:04:12 ----D---- C:\Windows\system32\wdi
2012-06-29 10:03:51 ----D---- C:\Windows
2012-06-29 09:57:20 ----D---- C:\Windows\system32\LogFiles
2012-06-29 09:56:34 ----D---- C:\Program Files (x86)\Common Files
2012-06-29 05:45:12 ----SD---- C:\ProgramData\Microsoft
2012-06-29 03:24:58 ----RSD---- C:\Windows\Fonts
2012-06-29 03:24:58 ----D---- C:\Windows\SYSWOW64\migration
2012-06-29 03:24:58 ----D---- C:\Windows\system32\migration
2012-06-29 03:24:58 ----D---- C:\Windows\PolicyDefinitions
2012-06-29 03:24:58 ----D---- C:\Windows\ehome
2012-06-29 03:24:58 ----D---- C:\Windows\AppPatch
2012-06-29 03:24:58 ----D---- C:\Program Files\Internet Explorer
2012-06-29 03:24:58 ----D---- C:\Program Files\Common Files\System
2012-06-29 03:24:58 ----D---- C:\Program Files (x86)\Internet Explorer
2012-06-29 03:24:57 ----D---- C:\Windows\system32\Boot
2012-06-29 03:24:57 ----D---- C:\Program Files\Windows Journal
2012-06-28 19:32:41 ----D---- C:\Windows\Tasks
2012-06-28 19:06:27 ----D---- C:\Program Files\Common Files
2012-06-28 18:56:26 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-06-28 18:47:04 ----D---- C:\Windows\system32\restore
2012-06-28 18:45:19 ----D---- C:\Windows\system32\CodeIntegrity
2012-06-28 04:19:08 ----D---- C:\Windows\debug
2012-06-28 04:16:48 ----D---- C:\Windows\system32\sysprep
2012-06-28 04:15:40 ----D---- C:\Windows\system32\drivers\UMDF
2012-06-28 04:15:16 ----D---- C:\Windows\CSC
2012-06-27 22:21:39 ----SHD---- C:\$Recycle.Bin
2012-06-27 22:21:37 ----RD---- C:\Users
2012-06-27 22:21:35 ----D---- C:\Program Files\Windows NT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hotcore3;hc3ServiceName; C:\Windows\system32\DRIVERS\hotcore3.sys [2010-07-13 37392]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-03-07 53080]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 819032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337240]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 59224]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-28 279616]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 69976]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2012-01-06 59392]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2012-01-06 84608]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-08-12 104560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 rzjoystk;Razer VJoystick; C:\Windows\system32\DRIVERS\rzjoystk.sys [2011-03-24 19968]
R3 RzSynapse;Razer Driver; C:\Windows\system32\DRIVERS\RzSynapse.sys [2011-07-14 157184]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-05-04 2196592]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-04-06 236544]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-06-29 76888]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-05-04 27760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-06-29 529232]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-29 1255736]
-----------------EOF-----------------
Re: dwm.exe - chyba aplikace
Zdravím 
Odkdy to dělá? Nestahl jste nějaké aktualizace?
Odkdy to dělá? Nestahl jste nějaké aktualizace?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: dwm.exe - chyba aplikace
Na staré sestavě mi to dělalo dlouho, ale problém se nevyskytoval tak často, takže jsem to neřešil(a myslel jsem, že je to HW problém). Ale na nové sestavě to začalo dělat hned po nainstalování Winů. Aktualizace stahuji pravidelně, takže těžko říct, jestli to nějaká mohla způsobit.
Re: dwm.exe - chyba aplikace
Poprosím Vás ještě o log ze rsitu s názvem info.txt
Mrkněte sem
http://translate.google.cz/translate?hl ... CFgQ7gEwAA
Mrkněte sem
http://translate.google.cz/translate?hl ... CFgQ7gEwAA
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: dwm.exe - chyba aplikace
Na odkaz jsem se díval, ale nepopisuje přesně můj problém.
zde je log:
info.txt logfile of random's system information tool 1.09 2012-07-11 12:59:34
======Uninstall list======
Adobe Reader X (10.1.0) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
AIDA64 Extreme Edition v2.50-->"C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\unins000.exe"
Alien Swarm-->"E:\Steam\steam.exe" steam://uninstall/630
AMD Accelerated Video Transcoding-->MsiExec.exe /X{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Catalyst Install Manager-->msiexec /q/x{5831C6D6-309D-DBB5-14F7-FEE57086CEE7} REBOOT=ReallySuppress
AMD Drag and Drop Transcoding-->MsiExec.exe /X{3ABFAF33-D6EE-9348-CE96-AF51E9D6D2FF}
AMD Media Foundation Decoders-->MsiExec.exe /X{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -removeonly
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging
Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
BS.Player FREE-->"C:\Program Files (x86)\Webteh\BSplayer\uninstall.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
Etron USB3.0 Host Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}\setup.exe" -runfromtemp -l0x0409 -removeonly
Etron USB3.0 Host Controller-->MsiExec.exe /I{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}
Fraps (remove only)-->"d:\Fraps\uninstall.exe"
Hard Disk Sentinel PRO-->"C:\Program Files (x86)\Hard Disk Sentinel\unins000.exe"
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) USB 3.0 eXtensible Host Controller Driver-->C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{6199B534-A1B6-46ED-873B-97B0ECF8F81E}
K-Lite Mega Codec Pack 8.9.5-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
League of Legends-->"C:\Program Files (x86)\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0409 -removeonly
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Origin-->e:\Origin\OriginUninstall.exe
Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
Paragon Partition Manager™ 11 SE Personal-->MsiExec.exe /I{986A654F-F1E4-11DD-9FCA-005056C00008}
Razer Nostromo-->MsiExec.exe /X{0214578F-4888-43FB-9E34-C14FCFDEDDEB}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
The Secret World-->"e:\The Secret World\unins000.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
VIA Platforma Ovladače zařízení-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VLC media player 2.0.1-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WinRAR 4.01 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
World of Warplanes-->"e:\World_of_Warplanes\unins000.exe"
======System event log======
Computer Name: 37L4247F27-25
Event Code: 7036
Message: Stav služby Windows Event Log byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20101121035831.093172-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 7036
Message: Stav služby Diagnostic Policy Service byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20101121035831.093172-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 3
Source Name: EventLog
Time Written: 20120628021515.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 6009
Message: Microsoft (R) Windows (R) 6.01. 7601 Service Pack 1 Multiprocessor Free.
Record Number: 2
Source Name: EventLog
Time Written: 20120628021515.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 6011
Message: Název tohoto počítače v systémech DNS a NetBIOS byl změněn z 37L4247F27-25 na WIN-GJJ8JF7BQIO.
Record Number: 1
Source Name: EventLog
Time Written: 20120628021515.000000-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: 37L4247F27-25
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20120628021517.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20120628021516.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 3
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120628021516.036862-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: 37L4247F27-25
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 2
Source Name: Microsoft-Windows-EventSystem
Time Written: 20120628021516.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.
Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101121035831.124372-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: 37L4247F27-25
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247F27-25$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin
Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -
Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120628021513.728058-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247F27-25$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin
Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -
Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120628021513.728058-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.
Počet prvků: 0
ID zásady: 0x31d1e
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120628021513.712458-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0
Typ přihlášení: 0
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x4
Název procesu:
Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120628021513.587658-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4608
Message: Spouští se systém Windows.
Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120628021513.572058-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\
-----------------EOF-----------------
zde je log:
info.txt logfile of random's system information tool 1.09 2012-07-11 12:59:34
======Uninstall list======
Adobe Reader X (10.1.0) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
AIDA64 Extreme Edition v2.50-->"C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\unins000.exe"
Alien Swarm-->"E:\Steam\steam.exe" steam://uninstall/630
AMD Accelerated Video Transcoding-->MsiExec.exe /X{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Catalyst Install Manager-->msiexec /q/x{5831C6D6-309D-DBB5-14F7-FEE57086CEE7} REBOOT=ReallySuppress
AMD Drag and Drop Transcoding-->MsiExec.exe /X{3ABFAF33-D6EE-9348-CE96-AF51E9D6D2FF}
AMD Media Foundation Decoders-->MsiExec.exe /X{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -removeonly
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging
Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
BS.Player FREE-->"C:\Program Files (x86)\Webteh\BSplayer\uninstall.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
Etron USB3.0 Host Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}\setup.exe" -runfromtemp -l0x0409 -removeonly
Etron USB3.0 Host Controller-->MsiExec.exe /I{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}
Fraps (remove only)-->"d:\Fraps\uninstall.exe"
Hard Disk Sentinel PRO-->"C:\Program Files (x86)\Hard Disk Sentinel\unins000.exe"
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) USB 3.0 eXtensible Host Controller Driver-->C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{6199B534-A1B6-46ED-873B-97B0ECF8F81E}
K-Lite Mega Codec Pack 8.9.5-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
League of Legends-->"C:\Program Files (x86)\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0409 -removeonly
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Origin-->e:\Origin\OriginUninstall.exe
Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
Paragon Partition Manager™ 11 SE Personal-->MsiExec.exe /I{986A654F-F1E4-11DD-9FCA-005056C00008}
Razer Nostromo-->MsiExec.exe /X{0214578F-4888-43FB-9E34-C14FCFDEDDEB}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
The Secret World-->"e:\The Secret World\unins000.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
VIA Platforma Ovladače zařízení-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VLC media player 2.0.1-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WinRAR 4.01 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
World of Warplanes-->"e:\World_of_Warplanes\unins000.exe"
======System event log======
Computer Name: 37L4247F27-25
Event Code: 7036
Message: Stav služby Windows Event Log byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20101121035831.093172-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 7036
Message: Stav služby Diagnostic Policy Service byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20101121035831.093172-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 3
Source Name: EventLog
Time Written: 20120628021515.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 6009
Message: Microsoft (R) Windows (R) 6.01. 7601 Service Pack 1 Multiprocessor Free.
Record Number: 2
Source Name: EventLog
Time Written: 20120628021515.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 6011
Message: Název tohoto počítače v systémech DNS a NetBIOS byl změněn z 37L4247F27-25 na WIN-GJJ8JF7BQIO.
Record Number: 1
Source Name: EventLog
Time Written: 20120628021515.000000-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: 37L4247F27-25
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20120628021517.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20120628021516.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 3
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120628021516.036862-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: 37L4247F27-25
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 2
Source Name: Microsoft-Windows-EventSystem
Time Written: 20120628021516.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.
Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101121035831.124372-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: 37L4247F27-25
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247F27-25$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin
Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -
Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120628021513.728058-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247F27-25$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin
Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -
Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120628021513.728058-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.
Počet prvků: 0
ID zásady: 0x31d1e
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120628021513.712458-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0
Typ přihlášení: 0
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x4
Název procesu:
Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120628021513.587658-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4608
Message: Spouští se systém Windows.
Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120628021513.572058-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\
-----------------EOF-----------------
Re: dwm.exe - chyba aplikace
J8 Vám sem pošlu kolegu, ale bude tu až večer. Nemám win7, takže to nemůžu sebe odzkoušet 
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: dwm.exe - chyba aplikace
Ahoj, stáhni toto, spusť to, povol přidání informací do registru a restartuj počítač.
Pak zkus vypnout počítač. Po dalším startu by se ve složce c:\CrashDumpsApp měl objevit soubor s výpisem stavu paměti procesu dwm.exe při pádu. Ten mi upni na http://www.leteckaposta.cz.
Potřebuji, aby ti vyskočila ta chybová hláška.
Pak zkus vypnout počítač. Po dalším startu by se ve složce c:\CrashDumpsApp měl objevit soubor s výpisem stavu paměti procesu dwm.exe při pádu. Ten mi upni na http://www.leteckaposta.cz.
Potřebuji, aby ti vyskočila ta chybová hláška.
Pokud jste s naší pomocí spokojeni, můžete nás podpořit. Informace zde
Re: dwm.exe - chyba aplikace
Registry jsem upravil. Jakmile se vyskytne chyba, tak ten log uploadnu. Jelikož se chyba nevyskytuje pravidelně, tak se ji pokusím vyvolat, ale až v pondělí. O víkendu bohužel nemám moc času.
Re: dwm.exe - chyba aplikace
OK, budu čekat.
Pokud jste s naší pomocí spokojeni, můžete nás podpořit. Informace zde
Re: dwm.exe - chyba aplikace
V průběhu několika dnů, jsem pc vypínal a restartoval, nicméně se chyba neukázala. Ale jak jsem říkal, je to zcela náhodné(i na staré sestavě mi to tak dělalo). Napíšu sem hned, jak to spadne. Předem děkuji za trpělivost.
Re: dwm.exe - chyba aplikace
Samozřejmě 
Pokud jste s naší pomocí spokojeni, můžete nás podpořit. Informace zde
Re: dwm.exe - chyba aplikace
Takže včera večer to konečně padlo. Nicméně se neobjevil žádný log od DWM.exe. Mám tam jenom logy od různých jiných pádu her, ale dwm ne. Jak budeme postupovat dále ?
Re: dwm.exe - chyba aplikace
V Ovládací panely->Nástroje pro správu->Prohlížeč událostí->Protokoly systému Windows->klikni pravým myšítkem na protokol Systém a Aplikace, vyber Uložit všechny události jako, ulož to jako .evtx soubory a ty upni na http://www.leteckaposta.cz
Upni mi i ty dmp soubory, i když s tím nesouvisí. Jinak je to podivné, ta vyjímka v dwm.exe měla být zachycena.
Upni mi i ty dmp soubory, i když s tím nesouvisí. Jinak je to podivné, ta vyjímka v dwm.exe měla být zachycena.
Pokud jste s naší pomocí spokojeni, můžete nás podpořit. Informace zde
Přispějete na provoz fóra?
