zavirovaný NTB

Zpráva

monikash · #1 Příspěvek od **monikash** » 03 bře 2013 15:23

Kamarádka mi donesla notebook, že ho má strááášně pomalý.
Nový Avast v něm našel cca 35 infikovaných souborů Win32:PUP-gen, Win32:FunWeb-K a Win32:Mywebsearch-AB. MBAM ještě Trojan.FakeAlert. Všechny jsem "vyléčila", počítač pročistila CCleanerem, stáhla chybějící aktualizace, které se při zavirování odmítly nainstalovat, ale NTB se ještě nešchová, jak by měl - pomalý start i internet.

Tady přikládám log z Hijacka a předem děkuji za pomoc:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:09:29, on 3.3.2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\syncables\syncables desktop\syncablesMAPI.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://atlas.centrum.cz/?utm_source=ch- ... nt=default
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://atlas.centrum.cz/?utm_source=ch- ... nt=default
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lišta Centrum.cz - {5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - C:\PROGRA~2\CENTRU~1.O\LITACE~1.CZ\cenbho32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe /S
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3221066132-3740197241-803019412-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3221066132-3740197241-803019412-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10134 bytes

#2 Příspěvek od **vyosek** » 03 bře 2013 16:10

Zdravim

Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Spustte tradicne dvouklikem
Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Search
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

monikash · #3 Příspěvek od **monikash** » 03 bře 2013 16:37

Napřed Short:
Shortcut Cleaner 1.2.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Program started at: 03/03/2013 04:32:41 PM.

Searching C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\ASUS\Desktop\

0 bad shortcuts found.

Program finished at: 03/03/2013 04:32:43 PM
Execution time: 0 hours(s), 0 minute(s), and 1 seconds(s)

A Adw:
# AdwCleaner v2.113 - Logfile created 03/03/2013 at 16:33:37
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : ASUS - ASUS-PC
# Boot Mode : Normal
# Running from : C:\Users\ASUS\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\h48kim89.default\searchplugins\my-web-search.xml
Folder Found : C:\ProgramData\Partner
Folder Found : C:\Users\ASUS\AppData\Local\Temp\AskSearch

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{93A3111F-4F74-4ED8-895E-D9708497629E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

#4 Příspěvek od **vyosek** » 03 bře 2013 17:59

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Delete
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S2].txt) , jeho obsah vlozte sem

monikash · #5 Příspěvek od **monikash** » 03 bře 2013 19:14

Krapet mi to po restartu zatuhlo, a přestala mi fungovat myš, takže po dalším restartu:

# AdwCleaner v2.113 - Logfile created 03/03/2013 at 19:00:16
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : ASUS - ASUS-PC
# Boot Mode : Normal
# Running from : C:\Users\ASUS\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\h48kim89.default\searchplugins\my-web-search.xml
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\ASUS\AppData\Local\Temp\AskSearch

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{93A3111F-4F74-4ED8-895E-D9708497629E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (cs)

File : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\h48kim89.default\prefs.js

Deleted : user_pref("browser.search.defaultenginename", "My Web Search");
Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jht[...]
Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=0F4B01A5[...]

*************************

AdwCleaner[R1].txt - [2333 octets] - [03/03/2013 16:33:37]
AdwCleaner[S1].txt - [2304 octets] - [03/03/2013 19:00:16]

########## EOF - C:\AdwCleaner[S1].txt - [2364 octets] ##########

#6 Příspěvek od **vyosek** » 03 bře 2013 19:44

Fajn, poprosim o log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

monikash · #7 Příspěvek od **monikash** » 03 bře 2013 20:06

1. část
Logfile of random's system information tool 1.09 (written by random/random)
Run by ASUS at 2013-03-03 19:56:13
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 107 GB (70%) free of 153 GB
Total RAM: 3884 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:56:16, on 3.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Program Files\trend micro\ASUS.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://atlas.centrum.cz/?utm_source=ch- ... nt=default
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://atlas.centrum.cz/?utm_source=ch- ... nt=default
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lišta Centrum.cz - {5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - C:\PROGRA~2\CENTRU~1.O\LITACE~1.CZ\cenbho32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3221066132-3740197241-803019412-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3221066132-3740197241-803019412-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10379 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
taskeng.exe {009D7D8D-8342-4B33-AD55-44A6F4C03296}
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Windows\AsScrPro.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\syncables\syncables desktop\syncables.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Users\ASUS\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\h48kim89.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "bkmrksync@nokia.com:1.0.0.740, 4zffxtbr@VideoDownloadConverter_4z.com:2.71.0.60687, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.12"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.15.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\h48kim89.default\extensions\
cs@dictionaries.addons.mozilla.org

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-02-28 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D9C17C6-093D-43E5-BF3D-4A13D162AB74}]
Lišta Centrum.cz - C:\PROGRA~2\CENTRU~1.O\LITACE~1.CZ\cenbho32.dll [2011-11-24 265680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-03 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-02-28 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-03 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-02-28 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-02-28 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-10 167256]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-10 391512]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-10 415064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Syncables"=C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-07-19 370480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-11-11 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-01-05 170624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-02-04 7350912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boingo Wi-Fi]
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2010-11-11 2429]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2011-04-10 391512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2011-04-10 167256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2012-10-02 6200680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2011-04-10 415064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-27 10775584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setwallpaper]
c:\programdata\SetWallpaper.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Syncables]
C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-07-19 370480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2010-03-12 1083680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-02-28 4767304]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [2012-08-03 740736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-10 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

monikash · #8 Příspěvek od **monikash** » 03 bře 2013 20:11

2. část
2013-03-03 19:56:14 ----D---- C:\Program Files\trend micro
2013-03-03 19:56:13 ----D---- C:\rsit
2013-03-03 19:31:16 ----D---- C:\Program Files (x86)\SpeedFan
2013-03-03 19:00:16 ----A---- C:\AdwCleaner[S1].txt
2013-03-03 17:01:37 ----A---- C:\Windows\d3dx.dat
2013-03-03 16:33:37 ----A---- C:\AdwCleaner[R1].txt
2013-03-03 15:55:01 ----D---- C:\Program Files\Defraggler
2013-03-03 15:49:15 ----D---- C:\Users\ASUS\AppData\Roaming\Ashampoo
2013-03-03 15:48:24 ----D---- C:\ProgramData\Ashampoo
2013-03-03 15:48:22 ----D---- C:\Program Files (x86)\Ashampoo
2013-03-03 15:42:44 ----D---- C:\Program Files (x86)\7-Zip
2013-03-03 15:36:45 ----D---- C:\Users\ASUS\AppData\Roaming\IrfanView
2013-03-03 15:36:44 ----D---- C:\Program Files (x86)\IrfanView
2013-03-03 15:36:09 ----D---- C:\Program Files (x86)\HWiNFO32
2013-03-03 15:07:39 ----D---- C:\hijack
2013-03-03 12:55:03 ----D---- C:\Program Files (x86)\CPUID
2013-03-03 12:49:41 ----D---- C:\bat
2013-03-03 12:12:01 ----D---- C:\ProgramData\ASUS WebStorage
2013-03-03 12:11:08 ----D---- C:\Users\ASUS\AppData\Roaming\EeeStorageUploader
2013-03-03 11:03:28 ----SHD---- C:\found.003
2013-03-03 09:57:01 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-03-03 09:57:01 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-03-03 09:57:00 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-03-03 09:56:56 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-03-03 09:56:55 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-03-03 09:56:50 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2013-03-03 09:56:50 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-03-03 09:56:50 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2013-03-03 09:56:50 ----A---- C:\Windows\system32\wksprtPS.dll
2013-03-03 09:56:50 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-03-03 09:56:50 ----A---- C:\Windows\system32\tsgqec.dll
2013-03-03 09:56:49 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2013-03-03 09:56:49 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-03-03 09:56:49 ----A---- C:\Windows\system32\wksprt.exe
2013-03-03 09:56:49 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-03-03 09:56:49 ----A---- C:\Windows\system32\rdpudd.dll
2013-03-03 09:56:49 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-03-03 09:56:49 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-03-03 09:56:49 ----A---- C:\Windows\system32\aaclient.dll
2013-03-03 09:56:48 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-03-03 09:56:48 ----A---- C:\Windows\system32\rdpcorets.dll
2013-03-03 09:56:48 ----A---- C:\Windows\system32\mstsc.exe
2013-03-03 09:56:47 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-03-03 09:56:46 ----A---- C:\Windows\system32\mstscax.dll
2013-03-03 09:51:47 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-03-03 09:51:47 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-03-03 09:51:47 ----A---- C:\Windows\system32\UIAnimation.dll
2013-03-03 09:51:47 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-03-03 09:51:41 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-03-03 09:51:41 ----A---- C:\Windows\system32\WMPhoto.dll
2013-03-03 09:51:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-03 09:51:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-03 09:51:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-03 09:51:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-03 09:51:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-03 09:51:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-03 09:51:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-03 09:51:28 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-03 09:51:28 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-03-03 09:51:28 ----A---- C:\Windows\system32\d3d10_1.dll
2013-03-03 09:51:27 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-03-03 09:51:26 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-03-03 09:51:26 ----A---- C:\Windows\system32\d3d10warp.dll
2013-03-03 09:51:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-03 09:51:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-03 09:51:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-03 09:51:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-03 09:51:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-03 09:51:25 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-03-03 09:51:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-03 09:51:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-03 09:51:24 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-03 09:51:24 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-03 09:51:24 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-03 09:51:24 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-03-03 09:51:24 ----A---- C:\Windows\system32\dxgi.dll
2013-03-03 09:51:23 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-03-03 09:51:23 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-03-03 09:51:23 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-03-03 09:51:23 ----A---- C:\Windows\system32\d3d10level9.dll
2013-03-03 09:51:22 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-03-03 09:51:22 ----A---- C:\Windows\system32\d3d10core.dll
2013-03-03 09:51:22 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-03-03 09:51:21 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-03-03 09:51:21 ----A---- C:\Windows\system32\d3d11.dll
2013-03-03 09:51:21 ----A---- C:\Windows\system32\d3d10.dll
2013-03-03 09:51:20 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-03-03 09:51:19 ----A---- C:\Windows\system32\XpsPrint.dll
2013-03-03 09:51:18 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-03-03 09:51:18 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-03-03 09:51:18 ----A---- C:\Windows\system32\FntCache.dll
2013-03-03 09:51:18 ----A---- C:\Windows\system32\DWrite.dll
2013-03-03 09:51:17 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-03-03 09:51:17 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-03-03 09:51:16 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-03-03 09:51:15 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-03-03 09:51:15 ----A---- C:\Windows\system32\d2d1.dll
2013-03-03 09:50:15 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-03-03 09:50:15 ----A---- C:\Windows\system32\ncsi.dll
2013-03-03 09:50:14 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-03-03 09:50:14 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-03-03 09:50:14 ----A---- C:\Windows\system32\nlasvc.dll
2013-03-03 09:50:14 ----A---- C:\Windows\system32\netcorehc.dll
2013-03-03 09:50:14 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-03-03 09:50:13 ----A---- C:\Windows\system32\nlaapi.dll
2013-03-03 09:50:13 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-03-03 09:50:12 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-03-03 09:50:12 ----A---- C:\Windows\system32\netevent.dll
2013-03-03 09:49:28 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-03-03 09:48:50 ----A---- C:\Windows\system32\taskhost.exe
2013-03-03 09:48:45 ----A---- C:\Windows\system32\schannel.dll
2013-03-03 09:48:44 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-03-03 09:48:43 ----A---- C:\Windows\system32\lsasrv.dll
2013-03-03 09:48:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-03-03 09:48:43 ----A---- C:\Windows\system32\drivers\cng.sys
2013-03-03 09:48:42 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-03-03 09:48:42 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-03-03 09:48:38 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-03-03 09:48:38 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-03-03 09:48:38 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-03-03 09:48:38 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-03-03 09:48:34 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-03-03 09:48:34 ----A---- C:\Windows\system32\qdvd.dll
2013-03-03 09:48:29 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-03-03 09:48:29 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-03-03 09:24:00 ----D---- C:\ProgramData\Sun
2013-03-03 09:23:35 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-03-03 09:23:34 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-03-03 09:23:34 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-03-03 09:23:18 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-03-03 09:23:18 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-03-03 09:23:18 ----A---- C:\Windows\SYSWOW64\java.exe
2013-03-03 09:22:31 ----D---- C:\Program Files (x86)\Java
2013-03-03 09:16:10 ----D---- C:\ProgramData\Intel
2013-03-03 09:05:26 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2013-03-03 09:05:26 ----A---- C:\Windows\system32\OpenCL.dll
2013-03-03 09:03:10 ----D---- C:\ProgramData\NVIDIA Corporation
2013-03-03 09:02:41 ----D---- C:\Program Files\NVIDIA Corporation
2013-03-03 08:58:08 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-03 08:58:08 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-03-03 08:54:22 ----A---- C:\Windows\SYSWOW64\admparse.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\wininet.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\wextract.exe
2013-03-03 08:54:22 ----A---- C:\Windows\system32\webcheck.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\vbscript.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\urlmon.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\url.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-03 08:54:22 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-03 08:54:22 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\occache.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\msrating.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\msls31.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\mshtml.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\mshta.exe
2013-03-03 08:54:22 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-03 08:54:22 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\jscript9.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\jscript.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\inseng.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\imgutil.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\iexpress.exe
2013-03-03 08:54:22 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-03 08:54:22 ----A---- C:\Windows\system32\ieui.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\iesetup.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\iertutil.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\iernonce.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\iepeers.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\ieframe.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\ieapfltr.dat
2013-03-03 08:54:22 ----A---- C:\Windows\system32\ieakui.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\ieaksie.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\ieakeng.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-03 08:54:22 ----A---- C:\Windows\system32\icardie.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-03 08:54:22 ----A---- C:\Windows\system32\admparse.dll
2013-03-03 08:34:57 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-03-02 18:56:40 ----D---- C:\Windows\system32\SPReview
2013-03-02 18:01:37 ----A---- C:\Windows\SYSWOW64\mobsync.exe
2013-03-02 18:01:37 ----A---- C:\Windows\system32\mprddm.dll
2013-03-02 18:01:36 ----A---- C:\Windows\SYSWOW64\MSAC3ENC.DLL
2013-03-02 18:01:36 ----A---- C:\Windows\system32\mobsync.exe
2013-03-02 18:01:35 ----A---- C:\Windows\SYSWOW64\mstask.dll
2013-03-02 18:01:35 ----A---- C:\Windows\SYSWOW64\MMDevAPI.dll
2013-03-02 18:01:34 ----A---- C:\Windows\SYSWOW64\mscories.dll
2013-03-02 18:01:34 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2013-03-02 18:01:33 ----A---- C:\Windows\SYSWOW64\KBDLT1.DLL
2013-03-02 18:01:33 ----A---- C:\Windows\SYSWOW64\KBDINTEL.DLL
2013-03-02 18:01:33 ----A---- C:\Windows\SYSWOW64\KBDCZ1.DLL
2013-03-02 18:01:33 ----A---- C:\Windows\system32\msdri.dll
2013-03-02 18:01:33 ----A---- C:\Windows\system32\KBDBLR.DLL
2013-03-02 18:01:33 ----A---- C:\Windows\system32\inetmib1.dll
2013-03-02 18:01:32 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2013-03-02 18:01:32 ----A---- C:\Windows\SYSWOW64\lsmproxy.dll
2013-03-02 18:01:32 ----A---- C:\Windows\SYSWOW64\iTVData.dll
2013-03-02 18:01:32 ----A---- C:\Windows\system32\itircl.dll
2013-03-02 18:01:32 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2013-03-02 18:01:31 ----A---- C:\Windows\SYSWOW64\raschap.dll
2013-03-02 18:01:31 ----A---- C:\Windows\SYSWOW64\RacEngn.dll
2013-03-02 18:01:31 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-03-02 18:01:31 ----A---- C:\Windows\SYSWOW64\provsvc.dll
2013-03-02 18:01:31 ----A---- C:\Windows\SYSWOW64\propsys.dll
2013-03-02 18:01:31 ----A---- C:\Windows\SYSWOW64\logagent.exe
2013-03-02 18:01:31 ----A---- C:\Windows\system32\printui.dll
2013-03-02 18:01:31 ----A---- C:\Windows\system32\pnidui.dll
2013-03-02 18:01:31 ----A---- C:\Windows\system32\pifmgr.dll
2013-03-02 18:01:30 ----A---- C:\Windows\SYSWOW64\Robocopy.exe
2013-03-02 18:01:30 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2013-03-02 18:01:30 ----A---- C:\Windows\system32\Ribbons.scr
2013-03-02 18:01:30 ----A---- C:\Windows\system32\drivers\scsiport.sys
2013-03-02 18:01:29 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2013-03-02 18:01:29 ----A---- C:\Windows\SYSWOW64\samcli.dll
2013-03-02 18:01:29 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2013-03-02 18:01:29 ----A---- C:\Windows\SYSWOW64\rdprefdrvapi.dll
2013-03-02 18:01:29 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2013-03-02 18:01:29 ----A---- C:\Windows\system32\sdcpl.dll
2013-03-02 18:01:29 ----A---- C:\Windows\system32\RDPENCDD.dll
2013-03-02 18:01:29 ----A---- C:\Windows\system32\rdpclip.exe
2013-03-02 18:01:29 ----A---- C:\Windows\system32\nslookup.exe
2013-03-02 18:01:29 ----A---- C:\Windows\system32\netshell.dll
2013-03-02 18:01:29 ----A---- C:\Windows\system32\netlogon.dll
2013-03-02 18:01:29 ----A---- C:\Windows\system32\netjoin.dll
2013-03-02 18:01:28 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2013-03-02 18:01:28 ----A---- C:\Windows\SYSWOW64\netiougc.exe
2013-03-02 18:01:28 ----A---- C:\Windows\SYSWOW64\netiohlp.dll
2013-03-02 18:01:28 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2013-03-02 18:01:28 ----A---- C:\Windows\SYSWOW64\ncryptui.dll
2013-03-02 18:01:28 ----A---- C:\Windows\system32\OobeFldr.dll
2013-03-02 18:01:28 ----A---- C:\Windows\system32\MultiDigiMon.exe
2013-03-02 18:01:27 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2013-03-02 18:01:27 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2013-03-02 18:01:27 ----A---- C:\Windows\SYSWOW64\ntlanman.dll
2013-03-02 18:01:26 ----A---- C:\Windows\SYSWOW64\cmd.exe
2013-03-02 18:01:26 ----A---- C:\Windows\system32\CertPolEng.dll
2013-03-02 18:01:26 ----A---- C:\Windows\system32\certmgr.dll
2013-03-02 18:01:26 ----A---- C:\Windows\system32\certcli.dll
2013-03-02 18:01:25 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2013-03-02 18:01:25 ----A---- C:\Windows\SYSWOW64\C_ISCII.DLL
2013-03-02 18:01:25 ----A---- C:\Windows\system32\drivers\cdrom.sys
2013-03-02 18:01:25 ----A---- C:\Windows\system32\diagperf.dll
2013-03-02 18:01:25 ----A---- C:\Windows\system32\cdd.dll
2013-03-02 18:01:24 ----A---- C:\Windows\system32\dbghelp.dll
2013-03-02 18:01:24 ----A---- C:\Windows\system32\dbgeng.dll
2013-03-02 18:01:24 ----A---- C:\Windows\system32\d3d9.dll
2013-03-02 18:01:24 ----A---- C:\Windows\system32\comdlg32.dll
2013-03-02 18:01:23 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-03-02 18:01:23 ----A---- C:\Windows\system32\consent.exe
2013-03-02 18:01:23 ----A---- C:\Windows\system32\aepdu.dll
2013-03-02 18:01:23 ----A---- C:\Windows\system32\aeinv.dll
2013-03-02 18:01:23 ----A---- C:\Windows\system32\AdmTmpl.dll
2013-03-02 18:01:22 ----A---- C:\Windows\SYSWOW64\AuxiliaryDisplayCpl.dll
2013-03-02 18:01:22 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-03-02 18:01:22 ----A---- C:\Windows\SYSWOW64\activeds.dll
2013-03-02 18:01:22 ----A---- C:\Windows\system32\bcdsrv.dll
2013-03-02 18:01:22 ----A---- C:\Windows\system32\bcdedit.exe
2013-03-02 18:01:22 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2013-03-02 18:01:22 ----A---- C:\Windows\system32\authui.dll
2013-03-02 18:01:22 ----A---- C:\Windows\system32\acppage.dll
2013-03-02 18:01:21 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2013-03-02 18:01:21 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2013-03-02 18:01:21 ----A---- C:\Windows\system32\ftp.exe
2013-03-02 18:01:21 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2013-03-02 18:01:21 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2013-03-02 18:01:21 ----A---- C:\Windows\system32\drivers\appid.sys
2013-03-02 18:01:21 ----A---- C:\Windows\system32\appinfo.dll
2013-03-02 18:01:20 ----A---- C:\Windows\SYSWOW64\imapi2.dll
2013-03-02 18:01:20 ----A---- C:\Windows\system32\imapi2fs.dll
2013-03-02 18:01:20 ----A---- C:\Windows\system32\drivers\http.sys
2013-03-02 18:01:20 ----A---- C:\Windows\system32\drivers\HpSAMD.sys
2013-03-02 18:01:19 ----A---- C:\Windows\SYSWOW64\evr.dll
2013-03-02 18:01:19 ----A---- C:\Windows\system32\elsTrans.dll
2013-03-02 18:01:19 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-03-02 18:01:19 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-03-02 18:01:18 ----A---- C:\Windows\SYSWOW64\dskquoui.dll
2013-03-02 18:01:18 ----A---- C:\Windows\SYSWOW64\diskpart.exe
2013-03-02 18:01:18 ----A---- C:\Windows\system32\Display.dll
2013-03-02 18:01:17 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2013-03-02 18:01:17 ----A---- C:\Windows\system32\SearchFolder.dll
2013-03-02 18:01:17 ----A---- C:\Windows\system32\Faultrep.dll
2013-03-02 18:01:17 ----A---- C:\Windows\system32\ExplorerFrame.dll
2013-03-02 18:01:16 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2013-03-02 18:01:15 ----A---- C:\Windows\SYSWOW64\tcpipcfg.dll
2013-03-02 18:01:15 ----A---- C:\Windows\system32\tscfgwmi.dll
2013-03-02 18:01:15 ----A---- C:\Windows\system32\thumbcache.dll
2013-03-02 18:01:15 ----A---- C:\Windows\system32\taskschd.dll
2013-03-02 18:01:15 ----A---- C:\Windows\system32\tabcal.exe
2013-03-02 18:01:14 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2013-03-02 18:01:14 ----A---- C:\Windows\SYSWOW64\sppinst.dll
2013-03-02 18:01:14 ----A---- C:\Windows\SYSWOW64\spp.dll
2013-03-02 18:01:14 ----A---- C:\Windows\SYSWOW64\spbcd.dll
2013-03-02 18:01:14 ----A---- C:\Windows\system32\sppsvc.exe
2013-03-02 18:01:14 ----A---- C:\Windows\system32\shwebsvc.dll
2013-03-02 18:01:13 ----A---- C:\Windows\system32\spp.dll
2013-03-02 18:01:11 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2013-03-02 18:01:11 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2013-03-02 18:01:10 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2013-03-02 18:01:10 ----A---- C:\Windows\SYSWOW64\srvcli.dll
2013-03-02 18:01:09 ----A---- C:\Windows\system32\sysmain.dll
2013-03-02 18:01:09 ----A---- C:\Windows\system32\sysclass.dll
2013-03-02 18:01:09 ----A---- C:\Windows\system32\srchadmin.dll
2013-03-02 18:01:09 ----A---- C:\Windows\system32\sqmapi.dll
2013-03-02 18:01:08 ----A---- C:\Windows\SYSWOW64\wmpsrcwp.dll
2013-03-02 18:01:08 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2013-03-02 18:01:08 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-03-02 18:01:08 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2013-03-02 18:01:08 ----A---- C:\Windows\system32\wmdrmnet.dll
2013-03-02 18:01:08 ----A---- C:\Windows\system32\wmdrmdev.dll
2013-03-02 18:01:08 ----A---- C:\Windows\system32\WMADMOD.DLL
2013-03-02 18:01:08 ----A---- C:\Windows\system32\wkssvc.dll
2013-03-02 18:01:07 ----A---- C:\Windows\system32\wmpeffects.dll
2013-03-02 18:01:07 ----A---- C:\Windows\system32\winhttp.dll
2013-03-02 18:01:06 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2013-03-02 18:01:06 ----A---- C:\Windows\SYSWOW64\wvc.dll
2013-03-02 18:01:06 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2013-03-02 18:01:06 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2013-03-02 18:01:06 ----A---- C:\Windows\SYSWOW64\wtsapi32.dll
2013-03-02 18:01:06 ----A---- C:\Windows\SYSWOW64\WPDSp.dll
2013-03-02 18:01:06 ----A---- C:\Windows\system32\wwanconn.dll
2013-03-02 18:01:06 ----A---- C:\Windows\system32\wsqmcons.exe
2013-03-02 18:01:06 ----A---- C:\Windows\system32\wsdchngr.dll
2013-03-02 18:01:06 ----A---- C:\Windows\system32\ws2_32.dll
2013-03-02 18:01:06 ----A---- C:\Windows\system32\wpdwcn.dll
2013-03-02 18:01:06 ----A---- C:\Windows\system32\wpd_ci.dll
2013-03-02 18:01:05 ----A---- C:\Windows\twain_32.dll
2013-03-02 18:01:05 ----A---- C:\Windows\SYSWOW64\untfs.dll
2013-03-02 18:01:05 ----A---- C:\Windows\SYSWOW64\unlodctr.exe
2013-03-02 18:01:05 ----A---- C:\Windows\SYSWOW64\tzutil.exe
2013-03-02 18:01:05 ----A---- C:\Windows\system32\userinit.exe
2013-03-02 18:01:05 ----A---- C:\Windows\system32\umrdp.dll
2013-03-02 18:01:05 ----A---- C:\Windows\system32\umb.dll
2013-03-02 18:01:05 ----A---- C:\Windows\system32\drivers\volsnap.sys
2013-03-02 18:01:05 ----A---- C:\Windows\system32\drivers\umbus.sys
2013-03-02 18:01:04 ----A---- C:\Windows\SYSWOW64\wiadefui.dll
2013-03-02 18:01:04 ----A---- C:\Windows\system32\WerFaultSecure.exe
2013-03-02 18:01:04 ----A---- C:\Windows\system32\VSSVC.exe
2013-03-02 18:01:04 ----A---- C:\Windows\system32\vss_ps.dll
2013-03-02 18:01:03 ----A---- C:\Windows\SYSWOW64\wdc.dll
2013-03-02 18:01:03 ----A---- C:\Windows\SYSWOW64\wavemsp.dll
2013-03-02 18:01:03 ----A---- C:\Windows\SYSWOW64\shacct.dll
2013-03-02 18:01:03 ----A---- C:\Windows\SYSWOW64\setupugc.exe
2013-03-02 18:01:03 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2013-03-02 18:01:03 ----A---- C:\Windows\SYSWOW64\secproc.dll
2013-03-02 18:01:03 ----A---- C:\Windows\system32\vssapi.dll
2013-03-02 18:01:02 ----A---- C:\Windows\system32\mimefilt.dll
2013-03-02 18:01:02 ----A---- C:\Windows\system32\mf.dll
2013-03-02 18:01:02 ----A---- C:\Windows\system32\Mcx2Svc.dll
2013-03-02 18:01:01 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2013-03-02 18:01:01 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2013-03-02 18:01:01 ----A---- C:\Windows\system32\mscorier.dll
2013-03-02 18:01:01 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2013-03-02 18:01:01 ----A---- C:\Windows\system32\mfps.dll
2013-03-02 18:01:01 ----A---- C:\Windows\system32\MFPlay.dll
2013-03-02 18:01:01 ----A---- C:\Windows\system32\mfds.dll
2013-03-02 18:01:00 ----A---- C:\Windows\SYSWOW64\mprapi.dll
2013-03-02 18:01:00 ----A---- C:\Windows\SYSWOW64\itircl.dll
2013-03-02 18:00:59 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2013-03-02 18:00:59 ----A---- C:\Windows\SYSWOW64\logman.exe
2013-03-02 18:00:59 ----A---- C:\Windows\SYSWOW64\KBDSF.DLL
2013-03-02 18:00:59 ----A---- C:\Windows\system32\LogonUI.exe
2013-03-02 18:00:59 ----A---- C:\Windows\system32\KBDTUF.DLL
2013-03-02 18:00:59 ----A---- C:\Windows\system32\KBDINBEN.DLL
2013-03-02 18:00:59 ----A---- C:\Windows\system32\KBDGKL.DLL
2013-03-02 18:00:59 ----A---- C:\Windows\system32\IPSECSVC.DLL
2013-03-02 18:00:58 ----A---- C:\Windows\system32\mblctr.exe
2013-03-02 18:00:58 ----A---- C:\Windows\system32\luainstall.dll
2013-03-02 18:00:58 ----A---- C:\Windows\system32\logoff.exe
2013-03-02 18:00:58 ----A---- C:\Windows\system32\KBDUS.DLL
2013-03-02 18:00:57 ----A---- C:\Windows\SYSWOW64\nshipsec.dll
2013-03-02 18:00:57 ----A---- C:\Windows\system32\netutils.dll
2013-03-02 18:00:56 ----A---- C:\Windows\SYSWOW64\OnLineIDCpl.dll
2013-03-02 18:00:56 ----A---- C:\Windows\system32\OpcServices.dll
2013-03-02 18:00:55 ----A---- C:\Windows\SYSWOW64\ocsetup.exe
2013-03-02 18:00:55 ----A---- C:\Windows\SYSWOW64\ocsetapi.dll
2013-03-02 18:00:55 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2013-03-02 18:00:55 ----A---- C:\Windows\system32\ole32.dll
2013-03-02 18:00:53 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2013-03-02 18:00:52 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2013-03-02 18:00:52 ----A---- C:\Windows\system32\msrle32.dll
2013-03-02 18:00:52 ----A---- C:\Windows\system32\mspbda.dll
2013-03-02 18:00:52 ----A---- C:\Windows\system32\msdrm.dll
2013-03-02 18:00:52 ----A---- C:\Windows\system32\msdmo.dll
2013-03-02 18:00:52 ----A---- C:\Windows\system32\drivers\msdsm.sys
2013-03-02 18:00:51 ----A---- C:\Windows\SYSWOW64\NAPCRYPT.DLL
2013-03-02 18:00:51 ----A---- C:\Windows\SYSWOW64\MuiUnattend.exe
2013-03-02 18:00:51 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2013-03-02 18:00:51 ----A---- C:\Windows\system32\muifontsetup.dll
2013-03-02 18:00:51 ----A---- C:\Windows\system32\msvidc32.dll
2013-03-02 18:00:51 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2013-03-02 18:00:50 ----A---- C:\Windows\system32\CscMig.dll
2013-03-02 18:00:49 ----A---- C:\Windows\system32\drivers\csc.sys
2013-03-02 18:00:48 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-03-02 18:00:48 ----A---- C:\Windows\system32\choice.exe
2013-03-02 18:00:48 ----A---- C:\Windows\system32\chgusr.exe
2013-03-02 18:00:47 ----A---- C:\Windows\SYSWOW64\drvstore.dll
2013-03-02 18:00:47 ----A---- C:\Windows\SYSWOW64\dot3ui.dll
2013-03-02 18:00:47 ----A---- C:\Windows\SYSWOW64\dot3cfg.dll
2013-03-02 18:00:47 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-03-02 18:00:47 ----A---- C:\Windows\system32\dot3cfg.dll
2013-03-02 18:00:46 ----A---- C:\Windows\SYSWOW64\autochk.exe
2013-03-02 18:00:46 ----A---- C:\Windows\system32\diskraid.exe
2013-03-02 18:00:46 ----A---- C:\Windows\system32\asycfilt.dll
2013-03-02 18:00:45 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2013-03-02 18:00:44 ----A---- C:\Windows\SYSWOW64\AdmTmpl.dll
2013-03-02 18:00:44 ----A---- C:\Windows\SYSWOW64\accessibilitycpl.dll
2013-03-02 18:00:44 ----A---- C:\Windows\system32\cca.dll
2013-03-02 18:00:44 ----A---- C:\Windows\system32\apphelp.dll
2013-03-02 18:00:43 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2013-03-02 18:00:43 ----A---- C:\Windows\SYSWOW64\cabview.dll
2013-03-02 18:00:43 ----A---- C:\Windows\SYSWOW64\Bubbles.scr
2013-03-02 18:00:43 ----A---- C:\Windows\system32\chgport.exe
2013-03-02 18:00:43 ----A---- C:\Windows\system32\chglogon.exe
2013-03-02 18:00:43 ----A---- C:\Windows\system32\change.exe
2013-03-02 18:00:43 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2013-03-02 18:00:43 ----A---- C:\Windows\system32\Bubbles.scr
2013-03-02 18:00:42 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2013-03-02 18:00:42 ----A---- C:\Windows\system32\IcCoinstall.dll
2013-03-02 18:00:42 ----A---- C:\Windows\system32\iasrad.dll
2013-03-02 18:00:42 ----A---- C:\Windows\system32\iasacct.dll
2013-03-02 18:00:42 ----A---- C:\Windows\system32\fveapi.dll
2013-03-02 18:00:42 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2013-03-02 18:00:42 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-03-02 18:00:41 ----A---- C:\Windows\SYSWOW64\imm32.dll
2013-03-02 18:00:41 ----A---- C:\Windows\system32\imapi2.dll
2013-03-02 18:00:40 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2013-03-02 18:00:40 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2013-03-02 18:00:40 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2013-03-02 18:00:40 ----A---- C:\Windows\SYSWOW64\DxpTaskSync.dll
2013-03-02 18:00:40 ----A---- C:\Windows\SYSWOW64\dxdiagn.dll
2013-03-02 18:00:40 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2013-03-02 18:00:39 ----A---- C:\Windows\SYSWOW64\fde.dll
2013-03-02 18:00:39 ----A---- C:\Windows\SYSWOW64\efscore.dll
2013-03-02 18:00:39 ----A---- C:\Windows\system32\fontext.dll
2013-03-02 18:00:39 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2013-03-02 18:00:38 ----A---- C:\Windows\SYSWOW64\TRAPI.dll
2013-03-02 18:00:38 ----A---- C:\Windows\SYSWOW64\themeui.dll
2013-03-02 18:00:38 ----A---- C:\Windows\SYSWOW64\elsTrans.dll
2013-03-02 18:00:38 ----A---- C:\Windows\system32\tsmf.dll
2013-03-02 18:00:38 ----A---- C:\Windows\system32\tskill.exe
2013-03-02 18:00:38 ----A---- C:\Windows\system32\tsdiscon.exe
2013-03-02 18:00:38 ----A---- C:\Windows\system32\tscon.exe
2013-03-02 18:00:38 ----A---- C:\Windows\system32\TRAPI.dll
2013-03-02 18:00:37 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2013-03-02 18:00:37 ----A---- C:\Windows\system32\UIRibbon.dll
2013-03-02 18:00:36 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2013-03-02 18:00:36 ----A---- C:\Windows\system32\UIRibbonRes.dll
2013-03-02 18:00:35 ----A---- C:\Windows\SYSWOW64\SyncCenter.dll
2013-03-02 18:00:35 ----A---- C:\Windows\system32\takeown.exe
2013-03-02 18:00:35 ----A---- C:\Windows\system32\syssetup.dll
2013-03-02 18:00:34 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2013-03-02 18:00:34 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2013-03-02 18:00:34 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2013-03-02 18:00:34 ----A---- C:\Windows\system32\termsrv.dll
2013-03-02 18:00:34 ----A---- C:\Windows\system32\taskmgr.exe
2013-03-02 18:00:34 ----A---- C:\Windows\system32\taskbarcpl.dll
2013-03-02 18:00:34 ----A---- C:\Windows\system32\t2embed.dll
2013-03-02 18:00:33 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-03-02 18:00:33 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2013-03-02 18:00:33 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2013-03-02 18:00:33 ----A---- C:\Windows\SYSWOW64\WMPEncEn.dll
2013-03-02 18:00:33 ----A---- C:\Windows\SYSWOW64\winmm.dll
2013-03-02 18:00:33 ----A---- C:\Windows\system32\WMNetMgr.dll
2013-03-02 18:00:33 ----A---- C:\Windows\system32\WinSAT.exe
2013-03-02 18:00:32 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2013-03-02 18:00:32 ----A---- C:\Windows\SYSWOW64\wlanui.dll
2013-03-02 18:00:32 ----A---- C:\Windows\system32\XpsRasterService.dll
2013-03-02 18:00:32 ----A---- C:\Windows\system32\wvc.dll
2013-03-02 18:00:32 ----A---- C:\Windows\system32\wusa.exe
2013-03-02 18:00:31 ----A---- C:\Windows\SYSWOW64\upnp.dll
2013-03-02 18:00:31 ----A---- C:\Windows\system32\wsnmp32.dll
2013-03-02 18:00:31 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2013-03-02 18:00:31 ----A---- C:\Windows\system32\wpdshext.dll
2013-03-02 18:00:31 ----A---- C:\Windows\system32\WMVSDECD.DLL
2013-03-02 18:00:31 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2013-03-02 18:00:31 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2013-03-02 18:00:30 ----A---- C:\Windows\SYSWOW64\wdscore.dll
2013-03-02 18:00:30 ----A---- C:\Windows\SYSWOW64\wbemcomn.dll
2013-03-02 18:00:30 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2013-03-02 18:00:30 ----A---- C:\Windows\SYSWOW64\user32.dll
2013-03-02 18:00:30 ----A---- C:\Windows\system32\wdc.dll
2013-03-02 18:00:30 ----A---- C:\Windows\system32\drivers\wanarp.sys
2013-03-02 18:00:30 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-03-02 18:00:29 ----A---- C:\Windows\system32\vmictimeprovider.dll
2013-03-02 18:00:29 ----A---- C:\Windows\system32\vmicsvc.exe
2013-03-02 18:00:29 ----A---- C:\Windows\system32\vmicres.dll
2013-03-02 18:00:29 ----A---- C:\Windows\system32\SyncCenter.dll
2013-03-02 18:00:29 ----A---- C:\Windows\system32\runonce.exe
2013-03-02 18:00:29 ----A---- C:\Windows\system32\rtutils.dll
2013-03-02 18:00:29 ----A---- C:\Windows\system32\Robocopy.exe
2013-03-02 18:00:28 ----A---- C:\Windows\SYSWOW64\schedcli.dll
2013-03-02 18:00:28 ----A---- C:\Windows\SYSWOW64\Ribbons.scr
2013-03-02 18:00:28 ----A---- C:\Windows\SYSWOW64\relog.exe
2013-03-02 18:00:28 ----A---- C:\Windows\system32\schedsvc.dll
2013-03-02 18:00:28 ----A---- C:\Windows\system32\scesrv.dll
2013-03-02 18:00:28 ----A---- C:\Windows\system32\scansetting.dll
2013-03-02 18:00:28 ----A---- C:\Windows\system32\rwinsta.exe
2013-03-02 18:00:28 ----A---- C:\Windows\system32\riched32.dll
2013-03-02 18:00:28 ----A---- C:\Windows\system32\riched20.dll
2013-03-02 18:00:28 ----A---- C:\Windows\system32\reset.exe
2013-03-02 18:00:28 ----A---- C:\Windows\system32\regapi.dll
2013-03-02 18:00:27 ----A---- C:\Windows\SYSWOW64\rastls.dll
2013-03-02 18:00:27 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2013-03-02 18:00:27 ----A---- C:\Windows\SYSWOW64\powercpl.dll
2013-03-02 18:00:27 ----A---- C:\Windows\SYSWOW64\PortableDeviceSyncProvider.dll
2013-03-02 18:00:27 ----A---- C:\Windows\SYSWOW64\pla.dll
2013-03-02 18:00:27 ----A---- C:\Windows\SYSWOW64\PerfCenterCPL.dll
2013-03-02 18:00:27 ----A---- C:\Windows\SYSWOW64\pdh.dll
2013-03-02 18:00:27 ----A---- C:\Windows\system32\perfmon.exe
2013-03-02 18:00:27 ----A---- C:\Windows\system32\drivers\rdbss.sys
2013-03-02 18:00:27 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2013-03-02 18:00:26 ----A---- C:\Windows\SYSWOW64\qcap.dll
2013-03-02 18:00:26 ----A---- C:\Windows\system32\rdpdd.dll
2013-03-02 18:00:26 ----A---- C:\Windows\system32\rasmans.dll
2013-03-02 18:00:26 ----A---- C:\Windows\system32\query.exe
2013-03-02 18:00:26 ----A---- C:\Windows\system32\qdv.dll
2013-03-02 18:00:26 ----A---- C:\Windows\system32\qappsrv.exe
2013-03-02 18:00:26 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2013-03-02 18:00:25 ----A---- C:\Windows\SYSWOW64\sud.dll
2013-03-02 18:00:25 ----A---- C:\Windows\SYSWOW64\sppcomapi.dll
2013-03-02 18:00:25 ----A---- C:\Windows\SYSWOW64\slwga.dll
2013-03-02 18:00:25 ----A---- C:\Windows\system32\StructuredQuery.dll
2013-03-02 18:00:25 ----A---- C:\Windows\system32\spwizui.dll
2013-03-02 18:00:25 ----A---- C:\Windows\system32\spreview.exe
2013-03-02 18:00:25 ----A---- C:\Windows\system32\sppwinob.dll
2013-03-02 18:00:25 ----A---- C:\Windows\system32\sppcomapi.dll
2013-03-02 18:00:25 ----A---- C:\Windows\system32\spinstall.exe
2013-03-02 18:00:25 ----A---- C:\Windows\system32\SmiEngine.dll
2013-03-02 18:00:25 ----A---- C:\Windows\system32\slui.exe
2013-03-02 18:00:25 ----A---- C:\Windows\system32\qprocess.exe
2013-03-02 18:00:24 ----A---- C:\Windows\SYSWOW64\setupcln.dll
2013-03-02 18:00:24 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2013-03-02 18:00:24 ----A---- C:\Windows\system32\srrstr.dll
2013-03-02 18:00:24 ----A---- C:\Windows\system32\shunimpl.dll
2013-03-02 18:00:24 ----A---- C:\Windows\system32\sharemediacpl.dll
2013-03-02 18:00:24 ----A---- C:\Windows\system32\shadow.exe
2013-03-02 18:00:24 ----A---- C:\Windows\system32\lpksetup.exe
2013-03-02 18:00:24 ----A---- C:\Windows\system32\logman.exe
2013-03-02 18:00:23 ----A---- C:\Windows\SYSWOW64\migisol.dll
2013-03-02 18:00:23 ----A---- C:\Windows\SYSWOW64\KBDUGHR1.DLL
2013-03-02 18:00:23 ----A---- C:\Windows\SYSWOW64\KBDTUF.DLL
2013-03-02 18:00:23 ----A---- C:\Windows\SYSWOW64\KBDSG.DLL
2013-03-02 18:00:23 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2013-03-02 18:00:23 ----A---- C:\Windows\system32\mcbuilder.exe
2013-03-02 18:00:23 ----A---- C:\Windows\system32\manage-bde.exe
2013-03-02 18:00:23 ----A---- C:\Windows\system32\KMSVC.DLL
2013-03-02 18:00:23 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2013-03-02 18:00:23 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2013-03-02 18:00:23 ----A---- C:\Windows\system32\KBDSG.DLL
2013-03-02 18:00:22 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2013-03-02 18:00:22 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-03-02 18:00:22 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys
2013-03-02 18:00:21 ----A---- C:\Windows\SYSWOW64\KBDPO.DLL
2013-03-02 18:00:21 ----A---- C:\Windows\SYSWOW64\KBDMAORI.DLL
2013-03-02 18:00:21 ----A---- C:\Windows\SYSWOW64\KBDINORI.DLL
2013-03-02 18:00:21 ----A---- C:\Windows\SYSWOW64\KBDINKAN.DLL
2013-03-02 18:00:21 ----A---- C:\Windows\SYSWOW64\KBDBLR.DLL
2013-03-02 18:00:21 ----A---- C:\Windows\SYSWOW64\imapi2fs.dll
2013-03-02 18:00:21 ----A---- C:\Windows\system32\KBDNEPR.DLL
2013-03-02 18:00:21 ----A---- C:\Windows\system32\kbdlk41a.dll
2013-03-02 18:00:21 ----A---- C:\Windows\system32\KBDINKAN.DLL
2013-03-02 18:00:21 ----A---- C:\Windows\system32\KBDINHIN.DLL
2013-03-02 18:00:21 ----A---- C:\Windows\system32\KBDBULG.DLL
2013-03-02 18:00:21 ----A---- C:\Windows\system32\iprtrmgr.dll
2013-03-02 18:00:21 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2013-03-02 18:00:20 ----A---- C:\Windows\SYSWOW64\odbcconf.dll
2013-03-02 18:00:20 ----A---- C:\Windows\SYSWOW64\isoburn.exe
2013-03-02 18:00:20 ----A---- C:\Windows\SYSWOW64\iscsium.dll
2013-03-02 18:00:20 ----A---- C:\Windows\SYSWOW64\iscsicli.exe
2013-03-02 18:00:20 ----A---- C:\Windows\SYSWOW64\ipsmsnap.dll
2013-03-02 18:00:20 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2013-03-02 18:00:20 ----A---- C:\Windows\system32\odbc32.dll
2013-03-02 18:00:20 ----A---- C:\Windows\system32\iTVData.dll
2013-03-02 18:00:19 ----A---- C:\Windows\SYSWOW64\netshell.dll
2013-03-02 18:00:17 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-03-02 18:00:17 ----A---- C:\Windows\SYSWOW64\networkexplorer.dll
2013-03-02 18:00:17 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2013-03-02 18:00:17 ----A---- C:\Windows\system32\nrpsrv.dll
2013-03-02 18:00:17 ----A---- C:\Windows\system32\netid.dll
2013-03-02 18:00:17 ----A---- C:\Windows\system32\drivers\netbt.sys
2013-03-02 18:00:16 ----A---- C:\Windows\SYSWOW64\pnidui.dll
2013-03-02 18:00:16 ----A---- C:\Windows\SYSWOW64\networkmap.dll
2013-03-02 18:00:16 ----A---- C:\Windows\system32\PnPUnattend.exe
2013-03-02 18:00:16 ----A---- C:\Windows\system32\nlsbres.dll
2013-03-02 18:00:15 ----A---- C:\Windows\SYSWOW64\olethk32.dll
2013-03-02 18:00:15 ----A---- C:\Windows\SYSWOW64\ole32.dll
2013-03-02 18:00:15 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2013-03-02 18:00:15 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2013-03-02 18:00:15 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2013-03-02 18:00:14 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2013-03-02 18:00:14 ----A---- C:\Windows\system32\mscoree.dll
2013-03-02 18:00:13 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2013-03-02 18:00:13 ----A---- C:\Windows\system32\mscms.dll
2013-03-02 18:00:13 ----A---- C:\Windows\system32\MPSSVC.dll
2013-03-02 18:00:13 ----A---- C:\Windows\system32\drivers\mpio.sys
2013-03-02 18:00:12 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-03-02 18:00:12 ----A---- C:\Windows\system32\mswsock.dll
2013-03-02 18:00:12 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-03-02 18:00:11 ----A---- C:\Windows\SYSWOW64\nci.dll
2013-03-02 18:00:11 ----A---- C:\Windows\SYSWOW64\napdsnap.dll
2013-03-02 18:00:11 ----A---- C:\Windows\SYSWOW64\muifontsetup.dll
2013-03-02 18:00:11 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-03-02 18:00:11 ----A---- C:\Windows\system32\NAPHLPR.DLL
2013-03-02 18:00:11 ----A---- C:\Windows\system32\napdsnap.dll
2013-03-02 18:00:11 ----A---- C:\Windows\system32\Mystify.scr
2013-03-02 18:00:11 ----A---- C:\Windows\system32\msv1_0.dll
2013-03-02 18:00:11 ----A---- C:\Windows\system32\mstask.dll
2013-03-02 18:00:11 ----A---- C:\Windows\system32\msnetobj.dll
2013-03-02 18:00:11 ----A---- C:\Windows\system32\msiexec.exe
2013-03-02 18:00:11 ----A---- C:\Windows\system32\msftedit.dll
2013-03-02 18:00:10 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2013-03-02 18:00:10 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2013-03-02 18:00:10 ----A---- C:\Windows\SYSWOW64\credssp.dll
2013-03-02 18:00:10 ----A---- C:\Windows\system32\msscp.dll
2013-03-02 18:00:10 ----A---- C:\Windows\system32\clusapi.dll
2013-03-02 18:00:09 ----A---- C:\Windows\SYSWOW64\calc.exe
2013-03-02 18:00:09 ----A---- C:\Windows\system32\cryptui.dll
2013-03-02 18:00:09 ----A---- C:\Windows\system32\CertEnroll.dll
2013-03-02 18:00:09 ----A---- C:\Windows\system32\cabview.dll
2013-03-02 18:00:09 ----A---- C:\Windows\system32\browseui.dll
2013-03-02 18:00:08 ----A---- C:\Windows\SYSWOW64\DevicePairingFolder.dll
2013-03-02 18:00:08 ----A---- C:\Windows\SYSWOW64\CertPolEng.dll
2013-03-02 18:00:08 ----A---- C:\Windows\system32\drivers\dfsc.sys
2013-03-02 18:00:08 ----A---- C:\Windows\system32\dhcpcore.dll
2013-03-02 18:00:08 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2013-03-02 18:00:08 ----A---- C:\Windows\system32\certprop.dll
2013-03-02 18:00:07 ----A---- C:\Windows\system32\cscobj.dll
2013-03-02 18:00:06 ----A---- C:\Windows\SYSWOW64\appmgr.dll
2013-03-02 18:00:06 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2013-03-02 18:00:06 ----A---- C:\Windows\SYSWOW64\acppage.dll
2013-03-02 18:00:06 ----A---- C:\Windows\system32\drivers\acpi.sys
2013-03-02 18:00:05 ----A---- C:\Windows\SYSWOW64\batmeter.dll
2013-03-02 18:00:05 ----A---- C:\Windows\SYSWOW64\ActionCenterCPL.dll
2013-03-02 18:00:05 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2013-03-02 18:00:05 ----A---- C:\Windows\system32\BFE.DLL
2013-03-02 18:00:05 ----A---- C:\Windows\system32\bcryptprimitives.dll
2013-03-02 18:00:05 ----A---- C:\Windows\system32\basecsp.dll
2013-03-02 18:00:05 ----A---- C:\Windows\bfsvc.exe
2013-03-02 18:00:04 ----A---- C:\Windows\system32\BlbEvents.dll
2013-03-02 18:00:04 ----A---- C:\Windows\system32\blackbox.dll
2013-03-02 18:00:04 ----A---- C:\Windows\system32\biocpl.dll
2013-03-02 18:00:03 ----A---- C:\Windows\system32\hgcpl.dll
2013-03-02 18:00:03 ----A---- C:\Windows\system32\gdi32.dll
2013-03-02 18:00:03 ----A---- C:\Windows\system32\fms.dll
2013-03-02 18:00:03 ----A---- C:\Windows\system32\AxInstSv.dll
2013-03-02 18:00:03 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2013-03-02 18:00:03 ----A---- C:\Windows\system32\autochk.exe
2013-03-02 18:00:02 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-03-02 18:00:02 ----A---- C:\Windows\SYSWOW64\ftp.exe
2013-03-02 18:00:02 ----A---- C:\Windows\SYSWOW64\FirewallControlPanel.dll
2013-03-02 18:00:02 ----A---- C:\Windows\SYSWOW64\findstr.exe
2013-03-02 18:00:02 ----A---- C:\Windows\system32\FXSUNATD.exe
2013-03-02 18:00:02 ----A---- C:\Windows\system32\FXSSVC.exe
2013-03-02 18:00:02 ----A---- C:\Windows\system32\FXSMON.dll
2013-03-02 18:00:02 ----A---- C:\Windows\system32\fphc.dll
2013-03-02 18:00:02 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2013-03-02 18:00:01 ----A---- C:\Windows\SYSWOW64\hgcpl.dll
2013-03-02 18:00:01 ----A---- C:\Windows\system32\hgprint.dll
2013-03-02 18:00:01 ----A---- C:\Windows\system32\drivers\hidusb.sys
2013-03-02 18:00:01 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-03-02 18:00:00 ----A---- C:\Windows\SYSWOW64\dsauth.dll
2013-03-02 18:00:00 ----A---- C:\Windows\SYSWOW64\dpx.dll
2013-03-02 18:00:00 ----A---- C:\Windows\system32\DXP.dll
2013-03-02 18:00:00 ----A---- C:\Windows\system32\drmmgrtn.dll
2013-03-02 17:59:59 ----A---- C:\Windows\SYSWOW64\eudcedit.exe
2013-03-02 17:59:59 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2013-03-02 17:59:59 ----A---- C:\Windows\SYSWOW64\dnscmmc.dll
2013-03-02 17:59:59 ----A---- C:\Windows\system32\dot3ui.dll
2013-03-02 17:59:59 ----A---- C:\Windows\system32\diskpart.exe
2013-03-02 17:59:58 ----A---- C:\Windows\SYSWOW64\fdeploy.dll
2013-03-02 17:59:58 ----A---- C:\Windows\system32\eudcedit.exe
2013-03-02 17:59:56 ----A---- C:\Windows\system32\DxpTaskSync.dll
2013-03-02 17:59:55 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2013-03-02 17:59:55 ----A---- C:\Windows\SYSWOW64\tcpmonui.dll
2013-03-02 17:59:55 ----A---- C:\Windows\SYSWOW64\takeown.exe
2013-03-02 17:59:55 ----A---- C:\Windows\system32\upnp.dll
2013-03-02 17:59:55 ----A---- C:\Windows\system32\untfs.dll
2013-03-02 17:59:55 ----A---- C:\Windows\system32\tlscsp.dll
2013-03-02 17:59:55 ----A---- C:\Windows\system32\themecpl.dll
2013-03-02 17:59:55 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2013-03-02 17:59:54 ----A---- C:\Windows\SYSWOW64\unimdmat.dll
2013-03-02 17:59:54 ----A---- C:\Windows\SYSWOW64\twext.dll
2013-03-02 17:59:54 ----A---- C:\Windows\system32\tzutil.exe
2013-03-02 17:59:54 ----A---- C:\Windows\system32\twext.dll
2013-03-02 17:59:54 ----A---- C:\Windows\system32\drivers\udfs.sys
2013-03-02 17:59:54 ----A---- C:\Windows\system32\drivers\tunnel.sys
2013-03-02 17:59:53 ----A---- C:\Windows\SYSWOW64\stobject.dll
2013-03-02 17:59:49 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2013-03-02 17:59:49 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2013-03-02 17:59:49 ----A---- C:\Windows\system32\wmpsrcwp.dll
2013-03-02 17:59:49 ----A---- C:\Windows\system32\wmdrmsdk.dll
2013-03-02 17:59:49 ----A---- C:\Windows\system32\wlanmsm.dll
2013-03-02 17:59:49 ----A---- C:\Windows\system32\wlangpui.dll
2013-03-02 17:59:49 ----A---- C:\Windows\system32\wkscli.dll
2013-03-02 17:59:49 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2013-03-02 17:59:48 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2013-03-02 17:59:48 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2013-03-02 17:59:48 ----A---- C:\Windows\system32\winlogon.exe
2013-03-02 17:59:47 ----A---- C:\Windows\SYSWOW64\wusa.exe
2013-03-02 17:59:47 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2013-03-02 17:59:47 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2013-03-02 17:59:47 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2013-03-02 17:59:47 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-03-02 17:59:47 ----A---- C:\Windows\system32\WsmSvc.dll
2013-03-02 17:59:47 ----A---- C:\Windows\system32\WPDSp.dll
2013-03-02 17:59:46 ----A---- C:\Windows\SYSWOW64\w32tm.exe
2013-03-02 17:59:46 ----A---- C:\Windows\SYSWOW64\userinit.exe
2013-03-02 17:59:46 ----A---- C:\Windows\system32\WSDApi.dll
2013-03-02 17:59:46 ----A---- C:\Windows\system32\vfwwdm32.dll
2013-03-02 17:59:46 ----A---- C:\Windows\system32\VAN.dll
2013-03-02 17:59:46 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2013-03-02 17:59:45 ----A---- C:\Windows\SYSWOW64\wer.dll
2013-03-02 17:59:45 ----A---- C:\Windows\SYSWOW64\Vault.dll
2013-03-02 17:59:45 ----A---- C:\Windows\SYSWOW64\userenv.dll
2013-03-02 17:59:45 ----A---- C:\Windows\system32\wevtsvc.dll
2013-03-02 17:59:45 ----A---- C:\Windows\system32\werconcpl.dll
2013-03-02 17:59:45 ----A---- C:\Windows\system32\webservices.dll
2013-03-02 17:59:45 ----A---- C:\Windows\system32\vdsutil.dll
2013-03-02 17:59:45 ----A---- C:\Windows\system32\vds.exe
2013-03-02 17:59:44 ----A---- C:\Windows\SYSWOW64\wimserv.exe
2013-03-02 17:59:44 ----A---- C:\Windows\SYSWOW64\wimgapi.dll
2013-03-02 17:59:44 ----A---- C:\Windows\SYSWOW64\wiavideo.dll
2013-03-02 17:59:44 ----A---- C:\Windows\SYSWOW64\webservices.dll
2013-03-02 17:59:44 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-03-02 17:59:44 ----A---- C:\Windows\SYSWOW64\ReAgentc.exe
2013-03-02 17:59:44 ----A---- C:\Windows\SYSWOW64\rdpd3d.dll
2013-03-02 17:59:44 ----A---- C:\Windows\system32\wiadefui.dll
2013-03-02 17:59:44 ----A---- C:\Windows\system32\wcncsvc.dll
2013-03-02 17:59:44 ----A---- C:\Windows\system32\wavemsp.dll
2013-03-02 17:59:44 ----A---- C:\Windows\system32\rastls.dll
2013-03-02 17:59:44 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2013-03-02 17:59:43 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2013-03-02 17:59:43 ----A---- C:\Windows\SYSWOW64\scecli.dll
2013-03-02 17:59:43 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2013-03-02 17:59:43 ----A---- C:\Windows\SYSWOW64\RpcRtRemote.dll
2013-03-02 17:59:43 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-03-02 17:59:43 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2013-03-02 17:59:43 ----A---- C:\Windows\SYSWOW64\remotepg.dll
2013-03-02 17:59:43 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2013-03-02 17:59:43 ----A---- C:\Windows\system32\scecli.dll
2013-03-02 17:59:43 ----A---- C:\Windows\system32\rpcrt4.dll
2013-03-02 17:59:43 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2013-03-02 17:59:43 ----A---- C:\Windows\system32\relog.exe
2013-03-02 17:59:43 ----A---- C:\Windows\system32\drivers\scfilter.sys
2013-03-02 17:59:42 ----A---- C:\Windows\system32\QAGENTRT.DLL
2013-03-02 17:59:42 ----A---- C:\Windows\system32\proquota.exe
2013-03-02 17:59:42 ----A---- C:\Windows\system32\propsys.dll
2013-03-02 17:59:41 ----A---- C:\Windows\SYSWOW64\QUTIL.DLL
2013-03-02 17:59:41 ----A---- C:\Windows\SYSWOW64\QCLIPROV.DLL
2013-03-02 17:59:41 ----A---- C:\Windows\SYSWOW64\QAGENT.DLL
2013-03-02 17:59:41 ----A---- C:\Windows\SYSWOW64\prntvpt.dll
2013-03-02 17:59:41 ----A---- C:\Windows\system32\raschap.dll
2013-03-02 17:59:41 ----A---- C:\Windows\system32\Query.dll
2013-03-02 17:59:41 ----A---- C:\Windows\system32\qmgr.dll
2013-03-02 17:59:41 ----A---- C:\Windows\system32\QCLIPROV.DLL
2013-03-02 17:59:41 ----A---- C:\Windows\system32\QAGENT.DLL
2013-03-02 17:59:40 ----A---- C:\Windows\SYSWOW64\SndVolSSO.dll
2013-03-02 17:59:40 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2013-03-02 17:59:40 ----A---- C:\Windows\system32\shsvcs.dll
2013-03-02 17:59:40 ----A---- C:\Windows\system32\RacEngn.dll
2013-03-02 17:59:39 ----A---- C:\Windows\system32\sqlcese30.dll
2013-03-02 17:59:39 ----A---- C:\Windows\system32\sppnp.dll
2013-03-02 17:59:39 ----A---- C:\Windows\system32\spopk.dll
2013-03-02 17:59:38 ----A---- C:\Windows\SYSWOW64\mfds.dll
2013-03-02 17:59:38 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2013-03-02 17:59:38 ----A---- C:\Windows\SYSWOW64\mcbuilder.exe
2013-03-02 17:59:38 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2013-03-02 17:59:37 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2013-03-02 17:59:37 ----A---- C:\Windows\SYSWOW64\mf.dll
2013-03-02 17:59:36 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2013-03-02 17:59:36 ----A---- C:\Windows\SYSWOW64\KBDNEPR.DLL
2013-03-02 17:59:36 ----A---- C:\Windows\SYSWOW64\KBDGR1.DLL
2013-03-02 17:59:36 ----A---- C:\Windows\SYSWOW64\KBDGEO.DLL
2013-03-02 17:59:36 ----A---- C:\Windows\system32\mmcndmgr.dll
2013-03-02 17:59:36 ----A---- C:\Windows\system32\KBDMON.DLL
2013-03-02 17:59:36 ----A---- C:\Windows\system32\KBDINMAR.DLL
2013-03-02 17:59:36 ----A---- C:\Windows\system32\KBDGEO.DLL
2013-03-02 17:59:36 ----A---- C:\Windows\system32\iyuv_32.dll
2013-03-02 17:59:35 ----A---- C:\Windows\SYSWOW64\nslookup.exe
2013-03-02 17:59:35 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2013-03-02 17:59:35 ----A---- C:\Windows\SYSWOW64\KBDTURME.DLL
2013-03-02 17:59:35 ----A---- C:\Windows\SYSWOW64\KBDTUQ.DLL
2013-03-02 17:59:35 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2013-03-02 17:59:35 ----A---- C:\Windows\system32\ntlanman.dll
2013-03-02 17:59:35 ----A---- C:\Windows\system32\logoncli.dll
2013-03-02 17:59:35 ----A---- C:\Windows\system32\KBDSF.DLL
2013-03-02 17:59:35 ----A---- C:\Windows\system32\KBDPO.DLL
2013-03-02 17:59:34 ----A---- C:\Windows\SYSWOW64\netid.dll
2013-03-02 17:59:34 ----A---- C:\Windows\system32\netplwiz.dll
2013-03-02 17:59:34 ----A---- C:\Windows\system32\netfxperf.dll
2013-03-02 17:59:33 ----A---- C:\Windows\SYSWOW64\PortableDeviceStatus.dll
2013-03-02 17:59:33 ----A---- C:\Windows\SYSWOW64\pifmgr.dll
2013-03-02 17:59:33 ----A---- C:\Windows\SYSWOW64\onexui.dll
2013-03-02 17:59:33 ----A---- C:\Windows\SYSWOW64\onex.dll
2013-03-02 17:59:33 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2013-03-02 17:59:33 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2013-03-02 17:59:33 ----A---- C:\Windows\system32\odbcconf.dll
2013-03-02 17:59:33 ----A---- C:\Windows\system32\ocsetup.exe
2013-03-02 17:59:33 ----A---- C:\Windows\system32\ocsetapi.dll
2013-03-02 17:59:33 ----A---- C:\Windows\system32\msieftp.dll
2013-03-02 17:59:32 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2013-03-02 17:59:31 ----A---- C:\Windows\SYSWOW64\Mystify.scr
2013-03-02 17:59:31 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2013-03-02 17:59:31 ----A---- C:\Windows\SYSWOW64\msvfw32.dll
2013-03-02 17:59:31 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2013-03-02 17:59:31 ----A---- C:\Windows\system32\net1.exe
2013-03-02 17:59:31 ----A---- C:\Windows\system32\ncryptui.dll
2013-03-02 17:59:31 ----A---- C:\Windows\system32\mydocs.dll
2013-03-02 17:59:31 ----A---- C:\Windows\system32\msyuv.dll
2013-03-02 17:59:31 ----A---- C:\Windows\system32\msasn1.dll
2013-03-02 17:59:29 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-03-02 17:59:29 ----A---- C:\Windows\SYSWOW64\d3d9.dll
2013-03-02 17:59:29 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2013-03-02 17:59:29 ----A---- C:\Windows\SYSWOW64\certcli.dll
2013-03-02 17:59:29 ----A---- C:\Windows\system32\davclnt.dll
2013-03-02 17:59:29 ----A---- C:\Windows\system32\cmstp.exe
2013-03-02 17:59:28 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2013-03-02 17:59:28 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2013-03-02 17:59:28 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2013-03-02 17:59:28 ----A---- C:\Windows\system32\DeviceCenter.dll
2013-03-02 17:59:27 ----A---- C:\Windows\SYSWOW64\adsldp.dll
2013-03-02 17:59:26 ----A---- C:\Windows\system32\accessibilitycpl.dll
2013-03-02 17:59:25 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2013-03-02 17:59:25 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2013-03-02 17:59:25 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2013-03-02 17:59:25 ----A---- C:\Windows\system32\cabinet.dll
2013-03-02 17:59:25 ----A---- C:\Windows\system32\bcdboot.exe
2013-03-02 17:59:25 ----A---- C:\Windows\system32\autoplay.dll
2013-03-02 17:59:25 ----A---- C:\Windows\system32\autofmt.exe
2013-03-02 17:59:25 ----A---- C:\Windows\system32\actxprxy.dll
2013-03-02 17:59:25 ----A---- C:\Windows\system32\ActionQueue.dll
2013-03-02 17:59:25 ----A---- C:\Windows\system32\ActionCenter.dll
2013-03-02 17:59:24 ----A---- C:\Windows\SYSWOW64\httpapi.dll
2013-03-02 17:59:24 ----A---- C:\Windows\SYSWOW64\AuthFWSnapin.dll
2013-03-02 17:59:24 ----A---- C:\Windows\system32\hal.dll
2013-03-02 17:59:24 ----A---- C:\Windows\system32\gpsvc.dll
2013-03-02 17:59:23 ----A---- C:\Windows\SYSWOW64\iasrad.dll
2013-03-02 17:59:23 ----A---- C:\Windows\SYSWOW64\iasacct.dll
2013-03-02 17:59:22 ----A---- C:\Windows\system32\inetpp.dll
2013-03-02 17:59:21 ----A---- C:\Windows\system32\evr.dll
2013-03-02 17:59:21 ----A---- C:\Windows\system32\dwmredir.dll
2013-03-02 17:59:21 ----A---- C:\Windows\system32\dsauth.dll
2013-03-02 17:59:21 ----A---- C:\Windows\system32\drvstore.dll
2013-03-02 17:59:20 ----A---- C:\Windows\SYSWOW64\Display.dll
2013-03-02 17:59:20 ----A---- C:\Windows\system32\efscore.dll
2013-03-02 17:59:20 ----A---- C:\Windows\system32\dot3svc.dll
2013-03-02 17:59:20 ----A---- C:\Windows\system32\dot3msm.dll
2013-03-02 17:59:19 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2013-03-02 17:59:19 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2013-03-02 17:59:19 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2013-03-02 17:59:19 ----A---- C:\Windows\SYSWOW64\fontext.dll
2013-03-02 17:59:19 ----A---- C:\Windows\system32\fde.dll
2013-03-02 17:59:19 ----A---- C:\Windows\system32\dot3api.dll
2013-03-02 17:59:17 ----A---- C:\Windows\SYSWOW64\tapisrv.dll
2013-03-02 17:59:17 ----A---- C:\Windows\system32\tcpipcfg.dll
2013-03-02 17:59:17 ----A---- C:\Windows\system32\syncui.dll
2013-03-02 17:59:17 ----A---- C:\Windows\system32\drivers\tdx.sys
2013-03-02 17:59:16 ----A---- C:\Windows\SYSWOW64\ssText3d.scr
2013-03-02 17:59:16 ----A---- C:\Windows\SYSWOW64\srchadmin.dll
2013-03-02 17:59:16 ----A---- C:\Windows\SYSWOW64\sppc.dll
2013-03-02 17:59:16 ----A---- C:\Windows\system32\srvcli.dll
2013-03-02 17:59:16 ----A---- C:\Windows\system32\SndVolSSO.dll
2013-03-02 17:59:16 ----A---- C:\Windows\system32\SndVol.exe
2013-03-02 17:59:16 ----A---- C:\Windows\system32\drivers\storvsc.sys
2013-03-02 17:59:15 ----A---- C:\Windows\SYSWOW64\spwizres.dll
2013-03-02 17:59:15 ----A---- C:\Windows\SYSWOW64\spwizeng.dll
2013-03-02 17:59:14 ----A---- C:\Windows\SYSWOW64\sqlsrv32.dll
2013-03-02 17:59:14 ----A---- C:\Windows\SYSWOW64\sqlcese30.dll
2013-03-02 17:59:13 ----A---- C:\Windows\SYSWOW64\wmpps.dll
2013-03-02 17:59:13 ----A---- C:\Windows\system32\WinSCard.dll
2013-03-02 17:59:13 ----A---- C:\Windows\system32\WebClnt.dll
2013-03-02 17:59:13 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2013-03-02 17:59:13 ----A---- C:\Windows\system32\wbengine.exe
2013-03-02 17:59:12 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2013-03-02 17:59:12 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2013-03-02 17:59:12 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2013-03-02 17:59:12 ----A---- C:\Windows\system32\wmpdxm.dll
2013-03-02 17:59:11 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll
2013-03-02 17:59:11 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll
2013-03-02 17:59:11 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2013-03-02 17:59:10 ----A---- C:\Windows\system32\vmstorfltres.dll
2013-03-02 17:59:10 ----A---- C:\Windows\system32\tsbyuv.dll
2013-03-02 17:59:09 ----A---- C:\Windows\SYSWOW64\uxlib.dll
2013-03-02 17:59:09 ----A---- C:\Windows\SYSWOW64\utildll.dll
2013-03-02 17:59:09 ----A---- C:\Windows\system32\wbemcomn.dll
2013-03-02 17:59:09 ----A---- C:\Windows\system32\vpnikeapi.dll
2013-03-02 17:59:09 ----A---- C:\Windows\system32\vpnike.dll
2013-03-02 17:59:09 ----A---- C:\Windows\system32\Vault.dll
2013-03-02 17:59:09 ----A---- C:\Windows\system32\drivers\vmstorfl.sys
2013-03-02 17:59:08 ----A---- C:\Windows\SYSWOW64\shsvcs.dll
2013-03-02 17:59:08 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2013-03-02 17:59:08 ----A---- C:\Windows\system32\VmdCoinstall.dll
2013-03-02 17:59:08 ----A---- C:\Windows\system32\schedcli.dll
2013-03-02 17:59:08 ----A---- C:\Windows\system32\secproc_ssp.dll
2013-03-02 17:59:07 ----A---- C:\Windows\SYSWOW64\QSVRMGMT.DLL
2013-03-02 17:59:07 ----A---- C:\Windows\system32\schtasks.exe
2013-03-02 17:59:07 ----A---- C:\Windows\system32\QUTIL.DLL
2013-03-02 17:59:06 ----A---- C:\Windows\SYSWOW64\riched32.dll
2013-03-02 17:59:06 ----A---- C:\Windows\SYSWOW64\riched20.dll
2013-03-02 17:59:06 ----A---- C:\Windows\SYSWOW64\QSHVHOST.DLL
2013-03-02 17:59:06 ----A---- C:\Windows\SYSWOW64\qdv.dll
2013-03-02 17:59:06 ----A---- C:\Windows\SYSWOW64\qasf.dll
2013-03-02 17:59:06 ----A---- C:\Windows\SYSWOW64\proquota.exe
2013-03-02 17:59:06 ----A---- C:\Windows\SYSWOW64\prnfldr.dll
2013-03-02 17:59:06 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2013-03-02 17:59:06 ----A---- C:\Windows\system32\prncache.dll
2013-03-02 17:59:06 ----A---- C:\Windows\system32\PresentationSettings.exe
2013-03-02 17:59:05 ----A---- C:\Windows\system32\shdocvw.dll
2013-03-02 17:59:05 ----A---- C:\Windows\system32\shacct.dll
2013-03-02 17:59:05 ----A---- C:\Windows\system32\setupapi.dll
2013-03-02 17:59:05 ----A---- C:\Windows\system32\SensorsCpl.dll
2013-03-02 17:59:05 ----A---- C:\Windows\system32\rpchttp.dll
2013-03-02 17:59:05 ----A---- C:\Windows\system32\recovery.dll
2013-03-02 17:59:05 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2013-03-02 17:59:04 ----A---- C:\Windows\SYSWOW64\shimgvw.dll
2013-03-02 17:59:04 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2013-03-02 17:59:04 ----A---- C:\Windows\system32\shlwapi.dll
2013-03-02 17:59:04 ----A---- C:\Windows\system32\MdSched.exe
2013-03-02 17:59:03 ----A---- C:\Windows\SYSWOW64\mciqtz32.dll
2013-03-02 17:59:03 ----A---- C:\Windows\system32\mciqtz32.dll
2013-03-02 17:59:03 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2013-03-02 17:59:03 ----A---- C:\Windows\system32\lsmproxy.dll
2013-03-02 17:59:02 ----A---- C:\Windows\SYSWOW64\mimefilt.dll
2013-03-02 17:59:02 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2013-03-02 17:59:00 ----A---- C:\Windows\SYSWOW64\kbdlk41a.dll
2013-03-02 17:59:00 ----A---- C:\Windows\SYSWOW64\input.dll
2013-03-02 17:59:00 ----A---- C:\Windows\system32\ListSvc.dll
2013-03-02 17:59:00 ----A---- C:\Windows\system32\KBDTURME.DLL
2013-03-02 17:59:00 ----A---- C:\Windows\system32\KBDMAORI.DLL
2013-03-02 17:59:00 ----A---- C:\Windows\system32\iasrecst.dll
2013-03-02 17:59:00 ----A---- C:\Windows\system32\httpapi.dll
2013-03-02 17:58:59 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2013-03-02 17:58:59 ----A---- C:\Windows\SYSWOW64\NAPHLPR.DLL
2013-03-02 17:58:59 ----A---- C:\Windows\SYSWOW64\mydocs.dll
2013-03-02 17:58:59 ----A---- C:\Windows\SYSWOW64\localsec.dll
2013-03-02 17:58:59 ----A---- C:\Windows\SYSWOW64\KBDINBEN.DLL
2013-03-02 17:58:59 ----A---- C:\Windows\SYSWOW64\KBDGKL.DLL
2013-03-02 17:58:59 ----A---- C:\Windows\SYSWOW64\KBDBULG.DLL
2013-03-02 17:58:59 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2013-03-02 17:58:59 ----A---- C:\Windows\system32\netiohlp.dll
2013-03-02 17:58:59 ----A---- C:\Windows\system32\netcfgx.dll
2013-03-02 17:58:59 ----A---- C:\Windows\system32\netcenter.dll
2013-03-02 17:58:59 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2013-03-02 17:58:59 ----A---- C:\Windows\system32\KBDINTAM.DLL
2013-03-02 17:58:59 ----A---- C:\Windows\system32\KBDGR1.DLL
2013-03-02 17:58:59 ----A---- C:\Windows\system32\KBDCZ1.DLL
2013-03-02 17:58:59 ----A---- C:\Windows\system32\isoburn.exe
2013-03-02 17:58:59 ----A---- C:\Windows\system32\iscsium.dll
2013-03-02 17:58:59 ----A---- C:\Windows\system32\iscsicli.exe
2013-03-02 17:58:58 ----A---- C:\Windows\SYSWOW64\mtxclu.dll
2013-03-02 17:58:58 ----A---- C:\Windows\system32\mtxclu.dll
2013-03-02 17:58:58 ----A---- C:\Windows\system32\MSVidCtl.dll
2013-03-02 17:58:57 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2013-03-02 17:58:57 ----A---- C:\Windows\SYSWOW64\netutils.dll
2013-03-02 17:58:57 ----A---- C:\Windows\SYSWOW64\netplwiz.dll
2013-03-02 17:58:57 ----A---- C:\Windows\SYSWOW64\netjoin.dll
2013-03-02 17:58:57 ----A---- C:\Windows\system32\ntprint.dll
2013-03-02 17:58:57 ----A---- C:\Windows\system32\nltest.exe
2013-03-02 17:58:56 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2013-03-02 17:58:56 ----A---- C:\Windows\system32\mprapi.dll
2013-03-02 17:58:56 ----A---- C:\Windows\system32\drivers\msahci.sys
2013-03-02 17:58:55 ----A---- C:\Windows\SYSWOW64\msscp.dll
2013-03-02 17:58:55 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2013-03-02 17:58:55 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2013-03-02 17:58:54 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2013-03-02 17:58:54 ----A---- C:\Windows\system32\msdtctm.dll
2013-03-02 17:58:54 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2013-03-02 17:58:53 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2013-03-02 17:58:53 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2013-03-02 17:58:53 ----A---- C:\Windows\SYSWOW64\cscobj.dll
2013-03-02 17:58:53 ----A---- C:\Windows\SYSWOW64\certmgr.dll
2013-03-02 17:58:53 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2013-03-02 17:58:53 ----A---- C:\Windows\system32\BWUnpairElevated.dll
2013-03-02 17:58:53 ----A---- C:\Windows\system32\bootres.dll
2013-03-02 17:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2013-03-02 17:58:52 ----A---- C:\Windows\SYSWOW64\cmstp.exe
2013-03-02 17:58:52 ----A---- C:\Windows\SYSWOW64\audiodev.dll
2013-03-02 17:58:52 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-03-02 17:58:52 ----A---- C:\Windows\system32\credui.dll
2013-03-02 17:58:52 ----A---- C:\Windows\system32\cmd.exe
2013-03-02 17:58:51 ----A---- C:\Windows\SYSWOW64\AzSqlExt.dll
2013-03-02 17:58:51 ----A---- C:\Windows\SYSWOW64\amstream.dll
2013-03-02 17:58:51 ----A---- C:\Windows\system32\bitsperf.dll
2013-03-02 17:58:51 ----A---- C:\Windows\system32\batmeter.dll
2013-03-02 17:58:51 ----A---- C:\Windows\system32\amstream.dll
2013-03-02 17:58:51 ----A---- C:\Windows\system32\aitagent.exe
2013-03-02 17:58:50 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2013-03-02 17:58:50 ----A---- C:\Windows\SYSWOW64\bitsadmin.exe
2013-03-02 17:58:50 ----A---- C:\Windows\SYSWOW64\azroles.dll
2013-03-02 17:58:50 ----A---- C:\Windows\SYSWOW64\autoplay.dll
2013-03-02 17:58:50 ----A---- C:\Windows\SYSWOW64\autofmt.exe
2013-03-02 17:58:50 ----A---- C:\Windows\system32\AzSqlExt.dll
2013-03-02 17:58:50 ----A---- C:\Windows\system32\azroles.dll
2013-03-02 17:58:50 ----A---- C:\Windows\system32\autoconv.exe
2013-03-02 17:58:50 ----A---- C:\Windows\system32\audiosrv.dll
2013-03-02 17:58:50 ----A---- C:\Windows\system32\AudioSes.dll
2013-03-02 17:58:50 ----A---- C:\Windows\system32\audiodg.exe
2013-03-02 17:58:49 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2013-03-02 17:58:49 ----A---- C:\Windows\SYSWOW64\dsuiext.dll
2013-03-02 17:58:49 ----A---- C:\Windows\system32\fdProxy.dll
2013-03-02 17:58:49 ----A---- C:\Windows\system32\eapphost.dll
2013-03-02 17:58:49 ----A---- C:\Windows\system32\eappgnui.dll
2013-03-02 17:58:49 ----A---- C:\Windows\system32\eapp3hst.dll
2013-03-02 17:58:49 ----A---- C:\Windows\system32\dxmasf.dll
2013-03-02 17:58:49 ----A---- C:\Windows\system32\dxdiagn.dll
2013-03-02 17:58:47 ----A---- C:\Windows\SYSWOW64\fphc.dll
2013-03-02 17:58:47 ----A---- C:\Windows\system32\hbaapi.dll
2013-03-02 17:58:47 ----A---- C:\Windows\system32\framedynos.dll
2013-03-02 17:58:47 ----A---- C:\Windows\system32\framedyn.dll
2013-03-02 17:58:46 ----A---- C:\Windows\SYSWOW64\diskraid.exe
2013-03-02 17:58:46 ----A---- C:\Windows\system32\djoin.exe
2013-03-02 17:58:46 ----A---- C:\Windows\system32\dfshim.dll
2013-03-02 17:58:45 ----A---- C:\Windows\SYSWOW64\DShowRdpFilter.dll
2013-03-02 17:58:45 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2013-03-02 17:58:45 ----A---- C:\Windows\SYSWOW64\dot3msm.dll
2013-03-02 17:58:45 ----A---- C:\Windows\SYSWOW64\dfrgui.exe
2013-03-02 17:58:45 ----A---- C:\Windows\SYSWOW64\DeviceCenter.dll
2013-03-02 17:58:45 ----A---- C:\Windows\system32\dpx.dll
2013-03-02 17:58:44 ----A---- C:\Windows\SYSWOW64\tlscsp.dll
2013-03-02 17:58:44 ----A---- C:\Windows\SYSWOW64\dot3api.dll
2013-03-02 17:58:44 ----A---- C:\Windows\system32\taskcomp.dll
2013-03-02 17:58:44 ----A---- C:\Windows\system32\TabSvc.dll
2013-03-02 17:58:44 ----A---- C:\Windows\system32\dps.dll
2013-03-02 17:58:43 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2013-03-02 17:58:43 ----A---- C:\Windows\system32\user32.dll
2013-03-02 17:58:43 ----A---- C:\Windows\system32\unimdmat.dll
2013-03-02 17:58:43 ----A---- C:\Windows\system32\taskeng.exe
2013-03-02 17:58:43 ----A---- C:\Windows\system32\drivers\usbser.sys
2013-03-02 17:58:43 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2013-03-02 17:58:43 ----A---- C:\Windows\system32\drivers\termdd.sys
2013-03-02 17:58:42 ----A---- C:\Windows\SYSWOW64\tsmf.dll
2013-03-02 17:58:42 ----A---- C:\Windows\SYSWOW64\sscore.dll
2013-03-02 17:58:42 ----A---- C:\Windows\system32\ssText3d.scr
2013-03-02 17:58:41 ----A---- C:\Windows\SYSWOW64\sxs.dll
2013-03-02 17:58:41 ----A---- C:\Windows\SYSWOW64\spopk.dll
2013-03-02 17:58:41 ----A---- C:\Windows\system32\sud.dll
2013-03-02 17:58:41 ----A---- C:\Windows\system32\spwmp.dll
2013-03-02 17:58:41 ----A---- C:\Windows\system32\sppobjs.dll
2013-03-02 17:58:40 ----A---- C:\Windows\SYSWOW64\syssetup.dll
2013-03-02 17:58:40 ----A---- C:\Windows\SYSWOW64\syncui.dll
2013-03-02 17:58:39 ----A---- C:\Windows\system32\wmp.dll
2013-03-02 17:58:38 ----A---- C:\Windows\SYSWOW64\wlanpref.dll
2013-03-02 17:58:38 ----A---- C:\Windows\system32\WMVCORE.DLL
2013-03-02 17:58:38 ----A---- C:\Windows\system32\wmpmde.dll
2013-03-02 17:58:38 ----A---- C:\Windows\system32\wmploc.DLL
2013-03-02 17:58:38 ----A---- C:\Windows\system32\wlanui.dll
2013-03-02 17:58:38 ----A---- C:\Windows\system32\wlanpref.dll
2013-03-02 17:58:38 ----A---- C:\Windows\system32\wisptis.exe
2013-03-02 17:58:38 ----A---- C:\Windows\system32\winsta.dll
2013-03-02 17:58:37 ----A---- C:\Windows\SYSWOW64\xpsservices.dll
2013-03-02 17:58:37 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2013-03-02 17:58:37 ----A---- C:\Windows\SYSWOW64\wpdwcn.dll
2013-03-02 17:58:37 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2013-03-02 17:58:37 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2013-03-02 17:58:37 ----A---- C:\Windows\SYSWOW64\wlangpui.dll
2013-03-02 17:58:37 ----A---- C:\Windows\system32\xpsservices.dll
2013-03-02 17:58:37 ----A---- C:\Windows\system32\wshbth.dll
2013-03-02 17:58:37 ----A---- C:\Windows\system32\Wldap32.dll
2013-03-02 17:58:36 ----A---- C:\Windows\system32\vmbusres.dll
2013-03-02 17:58:36 ----A---- C:\Windows\system32\vmbuspipe.dll
2013-03-02 17:58:36 ----A---- C:\Windows\system32\drivers\volmgr.sys
2013-03-02 17:58:35 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2013-03-02 17:58:35 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2013-03-02 17:58:35 ----A---- C:\Windows\SYSWOW64\vpnikeapi.dll
2013-03-02 17:58:35 ----A---- C:\Windows\system32\WinSATAPI.dll
2013-03-02 17:58:35 ----A---- C:\Windows\system32\WavDest.dll
2013-03-02 17:58:35 ----A---- C:\Windows\system32\VmbusCoinstaller.dll
2013-03-02 17:58:35 ----A---- C:\Windows\system32\vdsbas.dll
2013-03-02 17:58:35 ----A---- C:\Windows\system32\drivers\winhv.sys
2013-03-02 17:58:35 ----A---- C:\Windows\system32\drivers\vmbus.sys
2013-03-02 17:58:34 ----A---- C:\Windows\SYSWOW64\rdpendp.dll
2013-03-02 17:58:34 ----A---- C:\Windows\SYSWOW64\rdpencom.dll
2013-03-02 17:58:34 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2013-03-02 17:58:34 ----A---- C:\Windows\system32\rdpendp.dll
2013-03-02 17:58:34 ----A---- C:\Windows\system32\rdpd3d.dll
2013-03-02 17:58:34 ----A---- C:\Windows\system32\rasppp.dll
2013-03-02 17:58:34 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2013-03-02 17:58:34 ----A---- C:\Windows\system32\QSHVHOST.DLL
2013-03-02 17:58:34 ----A---- C:\Windows\system32\qasf.dll
2013-03-02 17:58:34 ----A---- C:\Windows\system32\puiobj.dll
2013-03-02 17:58:34 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2013-03-02 17:58:34 ----A---- C:\Windows\system32\drivers\raspptp.sys
2013-03-02 17:58:33 ----A---- C:\Windows\SYSWOW64\resutils.dll
2013-03-02 17:58:33 ----A---- C:\Windows\SYSWOW64\regapi.dll
2013-03-02 17:58:33 ----A---- C:\Windows\SYSWOW64\PkgMgr.exe
2013-03-02 17:58:33 ----A---- C:\Windows\system32\remotepg.dll
2013-03-02 17:58:33 ----A---- C:\Windows\system32\ReAgent.dll
2013-03-02 17:58:33 ----A---- C:\Windows\system32\PresentationHost.exe
2013-03-02 17:58:33 ----A---- C:\Windows\system32\powercpl.dll
2013-03-02 17:58:33 ----A---- C:\Windows\system32\PkgMgr.exe
2013-03-02 17:58:33 ----A---- C:\Windows\system32\photowiz.dll
2013-03-02 17:58:32 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2013-03-02 17:58:32 ----A---- C:\Windows\SYSWOW64\perfts.dll
2013-03-02 17:58:32 ----A---- C:\Windows\SYSWOW64\OobeFldr.dll
2013-03-02 17:58:32 ----A---- C:\Windows\system32\provsvc.dll
2013-03-02 17:58:32 ----A---- C:\Windows\system32\pla.dll
2013-03-02 17:58:32 ----A---- C:\Windows\system32\pdh.dll
2013-03-02 17:58:32 ----A---- C:\Windows\system32\drivers\pci.sys
2013-03-02 17:58:32 ----A---- C:\Windows\system32\drivers\pacer.sys
2013-03-02 17:58:31 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-03-02 17:58:31 ----A---- C:\Windows\SYSWOW64\prncache.dll
2013-03-02 17:58:31 ----A---- C:\Windows\SYSWOW64\printui.dll
2013-03-02 17:58:31 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2013-03-02 17:58:31 ----A---- C:\Windows\system32\setupcl.exe
2013-03-02 17:58:31 ----A---- C:\Windows\system32\SessEnv.dll
2013-03-02 17:58:31 ----A---- C:\Windows\system32\prnfldr.dll
2013-03-02 17:58:31 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2013-03-02 17:58:31 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2013-03-02 17:58:30 ----A---- C:\Windows\SYSWOW64\sisbkup.dll
2013-03-02 17:58:30 ----A---- C:\Windows\SYSWOW64\shwebsvc.dll
2013-03-02 17:58:30 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-03-02 17:58:29 ----A---- C:\Windows\SYSWOW64\shunimpl.dll
2013-03-02 17:58:29 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-03-02 17:58:29 ----A---- C:\Windows\SYSWOW64\runonce.exe
2013-03-02 17:58:29 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2013-03-02 17:58:29 ----A---- C:\Windows\system32\shimgvw.dll
2013-03-02 17:58:29 ----A---- C:\Windows\system32\shgina.dll
2013-03-02 17:58:29 ----A---- C:\Windows\system32\secproc.dll
2013-03-02 17:58:29 ----A---- C:\Windows\system32\samsrv.dll
2013-03-02 17:58:29 ----A---- C:\Windows\system32\samcli.dll
2013-03-02 17:58:28 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2013-03-02 17:58:28 ----A---- C:\Windows\SYSWOW64\scansetting.dll
2013-03-02 17:58:28 ----A---- C:\Windows\system32\scrptadm.dll
2013-03-02 17:58:28 ----A---- C:\Windows\system32\scavengeui.dll
2013-03-02 17:58:28 ----A---- C:\Windows\system32\RMActivate.exe
2013-03-02 17:58:28 ----A---- C:\Windows\system32\drivers\rmcast.sys
2013-03-02 17:58:27 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2013-03-02 17:58:27 ----A---- C:\Windows\system32\RpcRtRemote.dll
2013-03-02 17:58:27 ----A---- C:\Windows\system32\msconfig.exe
2013-03-02 17:58:26 ----A---- C:\Windows\SYSWOW64\shgina.dll
2013-03-02 17:58:26 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2013-03-02 17:58:26 ----A---- C:\Windows\SYSWOW64\msdmo.dll
2013-03-02 17:58:26 ----A---- C:\Windows\SYSWOW64\mscms.dll
2013-03-02 17:58:26 ----A---- C:\Windows\system32\sisbkup.dll
2013-03-02 17:58:26 ----A---- C:\Windows\system32\shsetup.dll
2013-03-02 17:58:25 ----A---- C:\Windows\SYSWOW64\sethc.exe
2013-03-02 17:58:25 ----A---- C:\Windows\SYSWOW64\SensorsCpl.dll
2013-03-02 17:58:25 ----A---- C:\Windows\system32\slwga.dll
2013-03-02 17:58:25 ----A---- C:\Windows\system32\sethc.exe
2013-03-02 17:58:25 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2013-03-02 17:58:24 ----A---- C:\Windows\SYSWOW64\wkscli.dll
2013-03-02 17:58:24 ----A---- C:\Windows\SYSWOW64\winsta.dll
2013-03-02 17:58:24 ----A---- C:\Windows\system32\wmicmiplugin.dll
2013-03-02 17:58:23 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-03-02 17:58:23 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2013-03-02 17:58:23 ----A---- C:\Windows\SYSWOW64\WinSATAPI.dll
2013-03-02 17:58:23 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2013-03-02 17:58:22 ----A---- C:\Windows\SYSWOW64\wmpshell.dll
2013-03-02 17:58:22 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2013-03-02 17:58:22 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2013-03-02 17:58:22 ----A---- C:\Windows\system32\wmpshell.dll
2013-03-02 17:58:22 ----A---- C:\Windows\system32\WMPEncEn.dll
2013-03-02 17:58:21 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-03-02 17:58:21 ----A---- C:\Windows\SYSWOW64\autoconv.exe
2013-03-02 17:58:21 ----A---- C:\Windows\system32\wmpps.dll
2013-03-02 17:58:20 ----A---- C:\Windows\SYSWOW64\azroleui.dll
2013-03-02 17:58:20 ----A---- C:\Windows\system32\azroleui.dll
2013-03-02 17:58:19 ----A---- C:\Windows\system32\TSpkg.dll
2013-03-02 17:58:19 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2013-03-02 17:58:18 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-03-02 17:58:17 ----A---- C:\Windows\system32\sxs.dll
2013-03-02 17:58:17 ----A---- C:\Windows\system32\stobject.dll
2013-03-02 17:58:17 ----A---- C:\Windows\system32\sscore.dll
2013-03-02 17:58:17 ----A---- C:\Windows\system32\appmgr.dll
2013-03-02 17:58:16 ----A---- C:\Windows\SYSWOW64\sqmapi.dll
2013-03-02 17:58:16 ----A---- C:\Windows\system32\srvsvc.dll
2013-03-02 17:58:16 ----A---- C:\Windows\system32\sqlsrv32.dll
2013-03-02 17:58:16 ----A---- C:\Windows\system32\spwizeng.dll
2013-03-02 17:58:16 ----A---- C:\Windows\system32\sppc.dll
2013-03-02 17:58:16 ----A---- C:\Windows\system32\spbcd.dll
2013-03-02 17:58:15 ----A---- C:\Windows\SYSWOW64\thumbcache.dll
2013-03-02 17:58:15 ----A---- C:\Windows\SYSWOW64\termmgr.dll
2013-03-02 17:58:15 ----A---- C:\Windows\SYSWOW64\taskmgr.exe
2013-03-02 17:58:15 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2013-03-02 17:58:15 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2013-03-02 17:58:15 ----A---- C:\Windows\system32\themeui.dll
2013-03-02 17:58:15 ----A---- C:\Windows\system32\termmgr.dll
2013-03-02 17:58:15 ----A---- C:\Windows\system32\tapisrv.dll
2013-03-02 17:58:15 ----A---- C:\Windows\system32\systemcpl.dll
2013-03-02 17:58:15 ----A---- C:\Windows\system32\spwizres.dll
2013-03-02 17:58:15 ----A---- C:\Windows\system32\drivers\tdi.sys

monikash · #9 Příspěvek od **monikash** » 03 bře 2013 20:14

3. část
2013-03-02 17:58:13 ----A---- C:\Windows\SYSWOW64\OpcServices.dll
2013-03-02 17:58:12 ----A---- C:\Windows\SYSWOW64\PhotoScreensaver.scr
2013-03-02 17:58:12 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2013-03-02 17:58:12 ----A---- C:\Windows\system32\onexui.dll
2013-03-02 17:58:12 ----A---- C:\Windows\system32\onex.dll
2013-03-02 17:58:11 ----A---- C:\Windows\SYSWOW64\printmanagement.msc
2013-03-02 17:58:11 ----A---- C:\Windows\SYSWOW64\ppcsnap.dll
2013-03-02 17:58:11 ----A---- C:\Windows\SYSWOW64\pmcsnap.dll
2013-03-02 17:58:11 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2013-03-02 17:58:11 ----A---- C:\Windows\system32\prntvpt.dll
2013-03-02 17:58:11 ----A---- C:\Windows\system32\nshipsec.dll
2013-03-02 17:58:10 ----A---- C:\Windows\system32\seclogon.dll
2013-03-02 17:58:10 ----A---- C:\Windows\system32\sdrsvc.dll
2013-03-02 17:58:10 ----A---- C:\Windows\system32\sdengin2.dll
2013-03-02 17:58:10 ----A---- C:\Windows\system32\sdclt.exe
2013-03-02 17:58:09 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2013-03-02 17:58:09 ----A---- C:\Windows\system32\networkmap.dll
2013-03-02 17:58:09 ----A---- C:\Windows\system32\networkexplorer.dll
2013-03-02 17:58:08 ----A---- C:\Windows\SYSWOW64\scrptadm.dll
2013-03-02 17:58:08 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2013-03-02 17:58:08 ----A---- C:\Windows\system32\repair-bde.exe
2013-03-02 17:58:08 ----A---- C:\Windows\system32\recdisc.exe
2013-03-02 17:58:08 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2013-03-02 17:58:07 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2013-03-02 17:58:07 ----A---- C:\Windows\system32\rpcss.dll
2013-03-02 17:58:07 ----A---- C:\Windows\system32\RMActivate_isv.exe
2013-03-02 17:58:06 ----A---- C:\Windows\system32\rdpencom.dll
2013-03-02 17:58:06 ----A---- C:\Windows\system32\rdpcfgex.dll
2013-03-02 17:58:05 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2013-03-02 17:58:05 ----A---- C:\Windows\SYSWOW64\wsdchngr.dll
2013-03-02 17:58:05 ----A---- C:\Windows\SYSWOW64\Query.dll
2013-03-02 17:58:05 ----A---- C:\Windows\SYSWOW64\PushPrinterConnections.exe
2013-03-02 17:58:05 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2013-03-02 17:58:05 ----A---- C:\Windows\system32\wscapi.dll
2013-03-02 17:58:05 ----A---- C:\Windows\system32\wpdbusenum.dll
2013-03-02 17:58:05 ----A---- C:\Windows\system32\wpccpl.dll
2013-03-02 17:58:05 ----A---- C:\Windows\system32\qedit.dll
2013-03-02 17:58:05 ----A---- C:\Windows\system32\qcap.dll
2013-03-02 17:58:04 ----A---- C:\Windows\SYSWOW64\wups.dll
2013-03-02 17:58:04 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2013-03-02 17:58:04 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2013-03-02 17:58:04 ----A---- C:\Windows\SYSWOW64\wshirda.dll
2013-03-02 17:58:04 ----A---- C:\Windows\system32\wshirda.dll
2013-03-02 17:58:03 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2013-03-02 17:58:03 ----A---- C:\Windows\SYSWOW64\msutb.dll
2013-03-02 17:58:03 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2013-03-02 17:58:03 ----A---- C:\Windows\system32\secproc_isv.dll
2013-03-02 17:58:03 ----A---- C:\Windows\system32\msinfo32.exe
2013-03-02 17:58:03 ----A---- C:\Windows\system32\drivers\msrpc.sys
2013-03-02 17:58:02 ----A---- C:\Windows\SYSWOW64\netdiagfx.dll
2013-03-02 17:58:02 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2013-03-02 17:58:02 ----A---- C:\Windows\SYSWOW64\net1.exe
2013-03-02 17:58:02 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2013-03-02 17:58:02 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2013-03-02 17:58:02 ----A---- C:\Windows\system32\netdiagfx.dll
2013-03-02 17:58:02 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2013-03-02 17:58:02 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2013-03-02 17:58:01 ----A---- C:\Windows\SYSWOW64\NaturalLanguage6.dll
2013-03-02 17:58:01 ----A---- C:\Windows\system32\nci.dll
2013-03-02 17:58:01 ----A---- C:\Windows\system32\Narrator.exe
2013-03-02 17:58:00 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2013-03-02 17:58:00 ----A---- C:\Windows\system32\lsm.exe
2013-03-02 17:58:00 ----A---- C:\Windows\system32\localsec.dll
2013-03-02 17:58:00 ----A---- C:\Windows\system32\drivers\ks.sys
2013-03-02 17:58:00 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2013-03-02 17:57:59 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2013-03-02 17:57:59 ----A---- C:\Windows\SYSWOW64\inetmib1.dll
2013-03-02 17:57:59 ----A---- C:\Windows\system32\ipsmsnap.dll
2013-03-02 17:57:58 ----A---- C:\Windows\SYSWOW64\KBDUS.DLL
2013-03-02 17:57:58 ----A---- C:\Windows\SYSWOW64\KBDTAJIK.DLL
2013-03-02 17:57:58 ----A---- C:\Windows\SYSWOW64\KBDMON.DLL
2013-03-02 17:57:58 ----A---- C:\Windows\SYSWOW64\KBDINTAM.DLL
2013-03-02 17:57:58 ----A---- C:\Windows\SYSWOW64\KBDINMAR.DLL
2013-03-02 17:57:58 ----A---- C:\Windows\SYSWOW64\KBDINHIN.DLL
2013-03-02 17:57:58 ----A---- C:\Windows\system32\KBDTUQ.DLL
2013-03-02 17:57:58 ----A---- C:\Windows\system32\KBDLT1.DLL
2013-03-02 17:57:58 ----A---- C:\Windows\system32\KBDINTEL.DLL
2013-03-02 17:57:58 ----A---- C:\Windows\system32\KBDBASH.DLL
2013-03-02 17:57:57 ----A---- C:\Windows\SYSWOW64\vfwwdm32.dll
2013-03-02 17:57:57 ----A---- C:\Windows\SYSWOW64\vdsbas.dll
2013-03-02 17:57:57 ----A---- C:\Windows\system32\uxlib.dll
2013-03-02 17:57:57 ----A---- C:\Windows\system32\KBDINORI.DLL
2013-03-02 17:57:57 ----A---- C:\Windows\system32\drivers\vms3cap.sys
2013-03-02 17:57:57 ----A---- C:\Windows\system32\drivers\VMBusHID.sys
2013-03-02 17:57:56 ----A---- C:\Windows\SYSWOW64\VAN.dll
2013-03-02 17:57:56 ----A---- C:\Windows\system32\wiaservc.dll
2013-03-02 17:57:56 ----A---- C:\Windows\system32\userenv.dll
2013-03-02 17:57:55 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2013-03-02 17:57:55 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2013-03-02 17:57:55 ----A---- C:\Windows\system32\wiavideo.dll
2013-03-02 17:57:55 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2013-03-02 17:57:55 ----A---- C:\Windows\system32\mcmde.dll
2013-03-02 17:57:54 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2013-03-02 17:57:54 ----A---- C:\Windows\SYSWOW64\MCEWMDRMNDBootstrap.dll
2013-03-02 17:57:54 ----A---- C:\Windows\SYSWOW64\luainstall.dll
2013-03-02 17:57:54 ----A---- C:\Windows\system32\usercpl.dll
2013-03-02 17:57:54 ----A---- C:\Windows\system32\mfreadwrite.dll
2013-03-02 17:57:54 ----A---- C:\Windows\system32\mapistub.dll
2013-03-02 17:57:54 ----A---- C:\Windows\system32\mapi32.dll
2013-03-02 17:57:53 ----A---- C:\Windows\SYSWOW64\UserAccountControlSettings.dll
2013-03-02 17:57:53 ----A---- C:\Windows\SYSWOW64\defaultlocationcpl.dll
2013-03-02 17:57:53 ----A---- C:\Windows\system32\TSWorkspace.dll
2013-03-02 17:57:53 ----A---- C:\Windows\system32\DiagCpl.dll
2013-03-02 17:57:52 ----A---- C:\Windows\system32\dskquoui.dll
2013-03-02 17:57:52 ----A---- C:\Windows\system32\dfrgui.exe
2013-03-02 17:57:52 ----A---- C:\Windows\system32\cscui.dll
2013-03-02 17:57:51 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2013-03-02 17:57:51 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2013-03-02 17:57:51 ----A---- C:\Windows\system32\dwmcore.dll
2013-03-02 17:57:51 ----A---- C:\Windows\system32\dsuiext.dll
2013-03-02 17:57:51 ----A---- C:\Windows\system32\dnscmmc.dll
2013-03-02 17:57:50 ----A---- C:\Windows\SYSWOW64\cca.dll
2013-03-02 17:57:50 ----A---- C:\Windows\SYSWOW64\cabinet.dll
2013-03-02 17:57:50 ----A---- C:\Windows\SYSWOW64\browseui.dll
2013-03-02 17:57:50 ----A---- C:\Windows\system32\ci.dll
2013-03-02 17:57:50 ----A---- C:\Windows\system32\C_ISCII.DLL
2013-03-02 17:57:49 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2013-03-02 17:57:49 ----A---- C:\Windows\SYSWOW64\bitsperf.dll
2013-03-02 17:57:49 ----A---- C:\Windows\system32\cscapi.dll
2013-03-02 17:57:49 ----A---- C:\Windows\system32\credssp.dll
2013-03-02 17:57:49 ----A---- C:\Windows\system32\bitsadmin.exe
2013-03-02 17:57:48 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2013-03-02 17:57:48 ----A---- C:\Windows\system32\cscsvc.dll
2013-03-02 17:57:48 ----A---- C:\Windows\system32\cscdll.dll
2013-03-02 17:57:48 ----A---- C:\Windows\system32\comctl32.dll
2013-03-02 17:57:46 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2013-03-02 17:57:46 ----A---- C:\Windows\system32\gpprefcl.dll
2013-03-02 17:57:45 ----A---- C:\Windows\SYSWOW64\fms.dll
2013-03-02 17:57:45 ----A---- C:\Windows\system32\FXSTIFF.dll
2013-03-02 17:57:45 ----A---- C:\Windows\system32\FXSAPI.dll
2013-03-02 17:57:45 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2013-03-02 17:57:44 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-03-02 17:57:43 ----A---- C:\Windows\SYSWOW64\ifsutil.dll
2013-03-02 17:57:43 ----A---- C:\Windows\system32\zipfldr.dll
2013-03-02 17:57:42 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2013-03-02 17:57:42 ----A---- C:\Windows\SYSWOW64\iasrecst.dll
2013-03-02 17:57:42 ----A---- C:\Windows\system32\ifsutil.dll
2013-03-02 17:57:39 ----A---- C:\Windows\system32\EhStorAPI.dll
2013-03-02 17:57:38 ----A---- C:\Windows\SYSWOW64\EhStorAPI.dll
2013-03-02 17:57:37 ----A---- C:\Windows\system32\findstr.exe
2013-03-02 17:57:37 ----A---- C:\Windows\system32\fdeploy.dll
2013-03-02 17:57:36 ----A---- C:\Windows\system32\fixmapi.exe
2013-03-02 15:36:39 ----D---- C:\Program Files (x86)\ESET
2013-03-02 11:51:51 ----D---- C:\Program Files (x86)\VideoLAN
2013-03-02 11:50:53 ----D---- C:\Users\ASUS\AppData\Roaming\GHISLER
2013-03-02 11:50:53 ----D---- C:\totalcmd
2013-03-02 11:40:52 ----D---- C:\Users\ASUS\AppData\Roaming\Malwarebytes
2013-03-02 11:40:37 ----D---- C:\ProgramData\Malwarebytes
2013-03-02 11:40:34 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-02 11:40:34 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-03-02 11:35:04 ----D---- C:\ProgramData\Mozilla
2013-03-02 11:35:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of files/folders modified in the last 1 month======

2013-03-03 19:56:14 ----RD---- C:\Program Files
2013-03-03 19:52:34 ----D---- C:\Windows\system32\config
2013-03-03 19:43:16 ----D---- C:\Windows\System32
2013-03-03 19:43:16 ----D---- C:\Windows\inf
2013-03-03 19:43:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-03 19:39:02 ----D---- C:\Windows\Temp
2013-03-03 19:37:01 ----D---- C:\Windows\system32\Tasks
2013-03-03 19:36:34 ----A---- C:\Windows\SYSWOW64\log.txt
2013-03-03 19:31:16 ----RD---- C:\Program Files (x86)
2013-03-03 19:31:16 ----D---- C:\Windows\SysWOW64
2013-03-03 19:01:48 ----A---- C:\Windows\system32\ServiceFilter.ini
2013-03-03 19:00:19 ----HD---- C:\ProgramData
2013-03-03 18:32:08 ----SHD---- C:\System Volume Information
2013-03-03 17:01:37 ----D---- C:\Windows
2013-03-03 16:45:41 ----D---- C:\ProgramData\Adobe
2013-03-03 16:45:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-03 16:40:31 ----A---- C:\Windows\ATKPF.ini
2013-03-03 15:33:30 ----SD---- C:\Users\ASUS\AppData\Roaming\Microsoft
2013-03-03 15:33:30 ----D---- C:\Users\ASUS\AppData\Roaming\Adobe
2013-03-03 15:33:20 ----SHD---- C:\Windows\Installer
2013-03-03 15:32:56 ----D---- C:\Program Files (x86)\Adobe
2013-03-03 12:59:43 ----D---- C:\Program Files (x86)\ASUS
2013-03-03 12:16:35 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-03-03 12:12:06 ----D---- C:\Users\ASUS\AppData\Roaming\Asus WebStorage
2013-03-03 12:11:55 ----RSD---- C:\Windows\assembly
2013-03-03 10:40:37 ----D---- C:\Windows\Microsoft.NET
2013-03-03 10:04:09 ----D---- C:\Windows\winsxs
2013-03-03 09:59:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-03 09:59:54 ----D---- C:\Windows\SYSWOW64\wbem
2013-03-03 09:59:54 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-03 09:59:54 ----D---- C:\Windows\system32\cs-CZ
2013-03-03 09:59:53 ----D---- C:\Windows\system32\wbem
2013-03-03 09:59:53 ----D---- C:\Windows\system32\en-US
2013-03-03 09:59:53 ----D---- C:\Windows\system32\drivers\en-US
2013-03-03 09:59:53 ----D---- C:\Windows\system32\drivers
2013-03-03 09:59:53 ----D---- C:\Windows\PolicyDefinitions
2013-03-03 09:59:52 ----D---- C:\Windows\SYSWOW64\migration
2013-03-03 09:59:52 ----D---- C:\Windows\system32\migration
2013-03-03 09:59:51 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-03-03 09:59:51 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-03-03 09:59:51 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-03-03 09:59:51 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-03-03 09:59:51 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-03-03 09:59:51 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-03-03 09:59:51 ----D---- C:\Windows\SYSWOW64\it-IT
2013-03-03 09:59:51 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-03-03 09:59:51 ----D---- C:\Windows\SYSWOW64\el-GR
2013-03-03 09:59:50 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-03-03 09:59:50 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-03-03 09:59:50 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-03-03 09:59:50 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-03-03 09:59:50 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-03-03 09:59:50 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-03-03 09:59:50 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-03-03 09:59:50 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-03-03 09:59:50 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-03-03 09:59:50 ----D---- C:\Windows\SYSWOW64\es-ES
2013-03-03 09:59:50 ----D---- C:\Windows\SYSWOW64\de-DE
2013-03-03 09:59:50 ----D---- C:\Windows\SYSWOW64\da-DK
2013-03-03 09:59:50 ----D---- C:\Windows\system32\zh-TW
2013-03-03 09:59:50 ----D---- C:\Windows\system32\zh-HK
2013-03-03 09:59:50 ----D---- C:\Windows\system32\tr-TR
2013-03-03 09:59:50 ----D---- C:\Windows\system32\sv-SE
2013-03-03 09:59:50 ----D---- C:\Windows\system32\pt-PT
2013-03-03 09:59:50 ----D---- C:\Windows\system32\pt-BR
2013-03-03 09:59:50 ----D---- C:\Windows\system32\pl-PL
2013-03-03 09:59:50 ----D---- C:\Windows\system32\nl-NL
2013-03-03 09:59:50 ----D---- C:\Windows\system32\ko-KR
2013-03-03 09:59:50 ----D---- C:\Windows\system32\it-IT
2013-03-03 09:59:50 ----D---- C:\Windows\system32\hu-HU
2013-03-03 09:59:50 ----D---- C:\Windows\system32\fr-FR
2013-03-03 09:59:50 ----D---- C:\Windows\system32\fi-FI
2013-03-03 09:59:50 ----D---- C:\Windows\system32\es-ES
2013-03-03 09:59:50 ----D---- C:\Windows\system32\el-GR
2013-03-03 09:59:50 ----D---- C:\Windows\system32\de-DE
2013-03-03 09:59:49 ----D---- C:\Windows\system32\zh-CN
2013-03-03 09:59:49 ----D---- C:\Windows\system32\ru-RU
2013-03-03 09:59:49 ----D---- C:\Windows\system32\nb-NO
2013-03-03 09:59:49 ----D---- C:\Windows\system32\ja-JP
2013-03-03 09:59:49 ----D---- C:\Windows\system32\da-DK
2013-03-03 09:59:48 ----D---- C:\Windows\system32\DriverStore
2013-03-03 09:57:38 ----D---- C:\Windows\system32\catroot2
2013-03-03 09:57:38 ----D---- C:\Windows\system32\catroot
2013-03-03 09:23:55 ----D---- C:\Program Files (x86)\Common Files
2013-03-03 09:15:46 ----D---- C:\Windows\SYSWOW64\NV
2013-03-03 09:15:45 ----D---- C:\Windows\system32\NV
2013-03-03 09:15:43 ----D---- C:\ProgramData\NVIDIA
2013-03-03 09:11:38 ----D---- C:\Program Files\Internet Explorer
2013-03-03 09:11:38 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-03 09:08:18 ----D---- C:\Program Files (x86)\Intel
2013-03-03 09:06:30 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-03-03 09:00:22 ----SD---- C:\ProgramData\Microsoft
2013-03-03 08:51:33 ----D---- C:\Windows\Logs
2013-03-03 08:35:06 ----A---- C:\Windows\ntbtlog.txt
2013-03-03 08:03:54 ----D---- C:\Windows\pss
2013-03-02 19:09:17 ----SHD---- C:\Boot
2013-03-02 19:00:05 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-03-02 19:00:05 ----D---- C:\Program Files (x86)\Windows Mail
2013-03-02 19:00:01 ----D---- C:\Program Files (x86)\Windows Portable Devices
2013-03-02 19:00:01 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2013-03-02 19:00:01 ----D---- C:\Program Files (x86)\Windows Media Player
2013-03-02 19:00:00 ----D---- C:\Program Files\Windows Sidebar
2013-03-02 19:00:00 ----D---- C:\Program Files\Windows Portable Devices
2013-03-02 19:00:00 ----D---- C:\Program Files\Windows Photo Viewer
2013-03-02 19:00:00 ----D---- C:\Program Files\Windows Media Player
2013-03-02 19:00:00 ----D---- C:\Program Files\Windows Mail
2013-03-02 19:00:00 ----D---- C:\Program Files\Windows Journal
2013-03-02 19:00:00 ----D---- C:\Program Files\DVD Maker
2013-03-02 18:59:59 ----D---- C:\Program Files\Common Files\System
2013-03-02 18:59:58 ----D---- C:\Windows\servicing
2013-03-02 18:59:58 ----D---- C:\Windows\ehome
2013-03-02 18:59:58 ----D---- C:\Program Files\Windows Defender
2013-03-02 18:59:50 ----D---- C:\Windows\SYSWOW64\Setup
2013-03-02 18:59:50 ----D---- C:\Windows\SYSWOW64\oobe
2013-03-02 18:59:50 ----D---- C:\Windows\SYSWOW64\cs
2013-03-02 18:59:50 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2013-03-02 18:59:49 ----D---- C:\Windows\SYSWOW64\sppui
2013-03-02 18:59:49 ----D---- C:\Windows\SYSWOW64\manifeststore
2013-03-02 18:59:48 ----D---- C:\Windows\SYSWOW64\migwiz
2013-03-02 18:59:48 ----D---- C:\Windows\SYSWOW64\Dism
2013-03-02 18:59:34 ----D---- C:\Windows\system32\Setup
2013-03-02 18:59:34 ----D---- C:\Windows\system32\oobe
2013-03-02 18:59:34 ----D---- C:\Windows\system32\cs
2013-03-02 18:59:34 ----D---- C:\Windows\system32\AdvancedInstallers
2013-03-02 18:59:33 ----D---- C:\Windows\system32\sppui
2013-03-02 18:59:33 ----D---- C:\Windows\system32\manifeststore
2013-03-02 18:59:32 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-03-02 18:59:24 ----D---- C:\Windows\system32\migwiz
2013-03-02 18:59:24 ----D---- C:\Windows\system32\Dism
2013-03-02 18:59:08 ----RSD---- C:\Windows\Fonts
2013-03-02 18:59:07 ----D---- C:\Windows\AppPatch
2013-03-02 18:58:54 ----D---- C:\Windows\system32\Boot
2013-03-02 18:45:54 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2013-03-02 18:45:54 ----A---- C:\Windows\system32\msclmd.dll
2013-03-02 15:36:41 ----D---- C:\Windows\Downloaded Program Files
2013-03-02 12:00:57 ----D---- C:\Windows\system32\NDF
2013-03-02 11:34:56 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-28 09:35:43 ----A---- C:\Windows\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-02-28 65408]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-02-28 177672]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-07-03 19600]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-02-28 71064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-02-28 1025880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-02-28 377992]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-02-28 68992]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-02-28 33472]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-02-28 80888]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-08-06 13784]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-12-14 53800]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-04-10 12223936]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-27 2357024]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-02 271872]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-03-04 75816]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1800192]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cpuz135;cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-02-28 45248]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-03-12 873248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 891240]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-08 1258856]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-03 251248]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-16 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-25 1255736]

-----------------EOF-----------------

monikash · #10 Příspěvek od **monikash** » 03 bře 2013 20:15

a info:
info.txt logfile of random's system information tool 1.09 2013-03-03 19:56:20

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
7-Zip 9.20-->"C:\Program Files (x86)\7-Zip\Uninstall.exe"
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{5AF4B3C4-C393-48D7-AC7E-8E7615579548}
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe -maintain activex
Adobe Reader XI - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
Aktualizace NVIDIA 1.10.8-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Update
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}\Setup.exe -runfromtemp -l0x0409
Ashampoo Burning Studio 2013 v.11.0.5-->"C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2013\unins000.exe"
Asistent pro přihlášení ke službě Windows Live-->MsiExec.exe /I{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}
ASUS AI Recovery-->MsiExec.exe /I{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}
ASUS AP Bank-->"C:\Program Files (x86)\ASUS\ASUS AP Bank\unins000.exe"
ASUS FancyStart-->MsiExec.exe /I{2B81872B-A054-48DA-BE3B-FA5C164C303A}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9
ASUS MultiFrame-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9
ASUS Power4Gear Hybrid-->MsiExec.exe /I{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS U Series Bamboo ScreenSaver-->C:\Windows\ASUS U Series Bamboo ScreenSaver Uninstaller.exe
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
ASUS WebStorage-->C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe
ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_amd64_neutral_73c28da64803cefc\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_amd64_neutral_13826104cd8e800f\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\F4092DA208C2C970\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfdx6_8A3BAB842294F8D9255C3CF2A3B1CECAEEB8EA7E\pccsmcfdx64.inf
Boingo Wi-Fi-->MsiExec.exe /X{B653A2EC-D816-4498-A4FD-651047AB9DC9}
Bookworm Deluxe-->C:\Program Files (x86)\Asus\Game Park\Bookworm Deluxe\Uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
ControlDeck-->MsiExec.exe /I{5B65EF64-1DFA-414A-8C94-7BB726158E21}
Cooking Dash-->C:\Program Files (x86)\Asus\Game Park\Cooking Dash\Uninstall.exe
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
ESET Online Scanner v3-->C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
ETDWare PS/2-x64 7.0.5.9_WHQL-->C:\Program Files\Elantech\ETDUninst.exe
Express Gate-->MsiExec.exe /X{B5A5627C-0173-4DB2-ADA8-740479370F67}
Fast Boot-->MsiExec.exe /X{13F4A7F3-EABC-4261-AF6B-1317777F0755}
Governor of Poker-->C:\Program Files (x86)\Asus\Game Park\Governor of Poker\Uninstall.exe
HijackThis 2.0.2-->"C:\hijack\HijackThis.exe" /uninstall
HWiNFO32 Version 3.92-->"C:\Program Files (x86)\HWiNFO32\unins000.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Graphics Media Accelerator Driver-->C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Turbo Boost Technology Monitor-->MsiExec.exe /X{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}
IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe
Java 7 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217015FF}
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
Lišta Centrum.cz-->MsiExec.exe /I{44416DCF-39B9-46FD-93F4-35F4D8BD2FBC}
Luxor 3-->C:\Program Files (x86)\Asus\Game Park\Luxor 3\Uninstall.exe
Malwarebytes Anti-Malware verze 1.70.0.1100-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox 19.0 (x86 cs)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSVC90_x64-->MsiExec.exe /I{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP3 Parser (KB2721691)-->MsiExec.exe /I{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}
MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{2D99A593-C841-43A7-B7C9-D6F3AE70B756}
Nokia PC Suite-->C:\ProgramData\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Nokia_PC_Suite_cze_web.exe
Nokia PC Suite-->MsiExec.exe /I{D0D14551-3A2D-433B-861F-F4DCE5422759}
NVIDIA Ovladače grafiky 306.97-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Updatus-->"C:\Program Files (x86)\InstallShield Installation Information\{7357286A-CBE7-4F4A-BABC-EC4B3DD63862}\setup.exe" -runfromtemp -l0x0009
PC Connectivity Solution-->MsiExec.exe /I{C373F7C4-05D2-4047-96D1-6AF30661C6AA}
PC Wizard 2012.2.11-->"C:\Program Files (x86)\CPUID\PC Wizard 2012\unins000.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
Renesas Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe" -runfromtemp -l0x0409 -removeonly
Renesas Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9}
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {43171CAD-DC60-4E7B-9703-B2EC18001B9F}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EF5B5C7F-20CB-4A3A-AC3D-F5DE2C2BFDC7}
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition -->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {020B65AD-B2ED-4B35-92CA-DB56EFB864A5}
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {020B65AD-B2ED-4B35-92CA-DB56EFB864A5}
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CAB47CC0-A98C-47DD-9FA1-C0416EC96ED5}
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {488F0918-97F9-4CD0-8AD5-8986A46AC962}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {718E87EC-6590-485A-B12D-C01D290EDB12}
SpeedFan (remove only)-->"C:\Program Files (x86)\SpeedFan\uninstall.exe"
SRS Premium Sound Control Panel-->MsiExec.exe /I{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}
syncables desktop SE-->MsiExec.exe /X{341697D8-9923-445E-B42A-529E5A99CB7A}
syncables desktop-->MsiExec.exe /X{DACA59E5-16EF-4240-8A4F-C4688F35080B}
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {620E77C0-CDFE-4C14-AAEB-830ABB65864C}
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {525A4A44-8940-40AD-ABA0-14501199D2F0}
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8153EC80-C988-4336-8DAF-6D99C0D26E0C}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4FB6D8D7-0FD3-4D3F-BBFC-8CB62226BA4E}
USB2.0 UVC 2M WebCam-->C:\Windows\snuninst.exe /name='USB2.0 UVC 2M WebCam'
VLC media player 2.0.1-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WIDCOMM Bluetooth Software-->MsiExec.exe /X{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (02/25/2010 6.2.0.9419)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums-win7x64-brcm-blpm.inf_amd64_neutral_61ed158ffeb14f88\bcbtums-win7x64-brcm-blpm.inf
Windows Driver Package - Broadcom Bluetooth (01/19/2010 6.2.0.1417)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums-win7x64-brcm.inf_amd64_neutral_a63c6cc15657e92e\bcbtums-win7x64-brcm.inf
Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums64.inf_amd64_neutral_d7fa6cc9d085915b\bcbtums64.inf
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums-vistax64-brcm.inf_amd64_neutral_669857059b361c7a\bcbtums-vistax64-brcm.inf
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbthid64.inf_amd64_neutral_737f347105a3e66a\bcbthid64.inf
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{4EA44BA4-A708-4223-BC1A-22B6DA9E7D1C}
Windows Live Fotogalerie-->MsiExec.exe /X{A13DE9CB-8C84-4889-B114-C5A9661F844E}
Windows Live Mail-->MsiExec.exe /I{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}
Windows Live Messenger-->MsiExec.exe /X{20D0CDB1-5F03-4A5D-86EB-7C218053B157}
Windows Live Sync-->MsiExec.exe /X{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}
Windows Live Writer-->MsiExec.exe /X{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}
Windows Live Zabezpečení rodiny-->MsiExec.exe /X{D35D9E34-7B4A-44E3-A882-69A6C6088BC6}
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}

======System event log======

Computer Name: ASUS-PC
Event Code: 7036
Message: Stav služby Funkčnost aplikací byl změněn na: Spuštěno
Record Number: 35101
Source Name: Service Control Manager
Time Written: 20120719085854.502406-000
Event Type: Informace
User:

Computer Name: ASUS-PC
Event Code: 33
Message: Nejstarší stínová kopie svazku C: byla odstraněna, aby byl zachován uživatelem definovaný limit místa na disku používaného pro stínové kopie svazku C:.
Record Number: 35100
Source Name: volsnap
Time Written: 20120719084340.886802-000
Event Type: Informace
User:

Computer Name: ASUS-PC
Event Code: 33
Message: Nejstarší stínová kopie svazku C: byla odstraněna, aby byl zachován uživatelem definovaný limit místa na disku používaného pro stínové kopie svazku C:.
Record Number: 35099
Source Name: volsnap
Time Written: 20120719083959.584813-000
Event Type: Informace
User:

Computer Name: ASUS-PC
Event Code: 33
Message: Nejstarší stínová kopie svazku C: byla odstraněna, aby byl zachován uživatelem definovaný limit místa na disku používaného pro stínové kopie svazku C:.
Record Number: 35098
Source Name: volsnap
Time Written: 20120719083706.362109-000
Event Type: Informace
User:

Computer Name: ASUS-PC
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 35097
Source Name: Microsoft-Windows-Eventlog
Time Written: 20120719083639.062061-000
Event Type: Informace
User: ASUS-PC\ASUS

=====Application event log=====

Computer Name: ASUS-PC
Event Code: 1530
Message: Systém Windows zjistil, že soubor registru je stále používán jinými aplikacemi nebo službami. Soubor bude nyní uvolněn. Aplikace nebo služby, které soubor registru používají, nemusejí potom fungovat správně.

PODROBNOSTI –
1 user registry handles leaked from \Registry\User\S-1-5-21-3221066132-3740197241-803019412-1001_Classes:
Process 1392 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3221066132-3740197241-803019412-1001_CLASSES

Record Number: 9160
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120719090638.705622-000
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM

Computer Name: ASUS-PC
Event Code: 1530
Message: Systém Windows zjistil, že soubor registru je stále používán jinými aplikacemi nebo službami. Soubor bude nyní uvolněn. Aplikace nebo služby, které soubor registru používají, nemusejí potom fungovat správně.

PODROBNOSTI –
3 user registry handles leaked from \Registry\User\S-1-5-21-3221066132-3740197241-803019412-1001:
Process 1392 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3221066132-3740197241-803019412-1001
Process 1392 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3221066132-3740197241-803019412-1001
Process 1392 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3221066132-3740197241-803019412-1001\Software\Microsoft\Windows\CurrentVersion\Explorer

Record Number: 9159
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120719090638.424821-000
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM

Computer Name: ASUS-PC
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 9158
Source Name: Microsoft-Windows-Winlogon
Time Written: 20120719090638.000000-000
Event Type: Informace
User:

Computer Name: ASUS-PC
Event Code: 9009
Message: Správce oken plochy byl ukončen s kódem (0x40010004).
Record Number: 9157
Source Name: Desktop Window Manager
Time Written: 20120719090638.000000-000
Event Type: Informace
User:

Computer Name: ASUS-PC
Event Code: 8194
Message: Bod obnovení byl úspěšně vytvořen (Proces = C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\registrydefrag.exe Files (x86)\Auslogics\Auslogics BoostSpeed\registrydefrag.exe" ; Popis = Auslogics Regisry Defrag - before defragmentation).
Record Number: 9156
Source Name: System Restore
Time Written: 20120719090606.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: ASUS-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 13951
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120719090535.532311-000
Event Type: Úspěšný audit
User:

Computer Name: ASUS-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ASUS-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x29c
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 13950
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120719090535.532311-000
Event Type: Úspěšný audit
User:

Computer Name: ASUS-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 13949
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120719085854.424406-000
Event Type: Úspěšný audit
User:

Computer Name: ASUS-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ASUS-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x29c
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 13948
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120719085854.424406-000
Event Type: Úspěšný audit
User:

Computer Name: ASUS-PC
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-3221066132-3740197241-803019412-1001
Název účtu: ASUS
Název domény: ASUS-PC
ID přihlášení: 0x37c49
Record Number: 13947
Source Name: Microsoft-Windows-Eventlog
Time Written: 20120719083639.015261-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=2505
"configsetroot"=%SystemRoot%\ConfigSetRoot

-----------------EOF-----------------

#11 Příspěvek od **vyosek** » 03 bře 2013 20:18

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

monikash · #12 Příspěvek od **monikash** » 04 bře 2013 07:40

Budu v léčení pokračovat v podvečer, až se vrátím z fachy. Doufám, že ten log už nebude tak dlouhý. Trefit se do 80000 znaků je docela fuška.

monikash · #13 Příspěvek od **monikash** » 04 bře 2013 18:11

ComboFix 13-03-04.01 - ASUS 04.03.2013 17:53:23.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3884.2541 [GMT 1:00]
Spuštěný z: c:\users\ASUS\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\esupport\eDriver\Software\ASUS\MultiFrame\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.0021\Desktop_.ini
c:\programdata\FullRemove.exe
c:\users\ASUS\Desktop\Internet Explorer.lnk
d:\esupport\eDriver\Software\ASUS\MultiFrame\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.0021\Desktop_.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-04 do 2013-03-04 )))))))))))))))))))))))))))))))
.
.
2013-03-04 17:03 . 2013-03-04 17:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-03-04 17:03 . 2013-03-04 17:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-03 18:56 . 2013-03-03 18:56 -------- d-----w- c:\program files\trend micro
2013-03-03 18:56 . 2013-03-03 18:56 -------- d-----w- C:\rsit
2013-03-03 18:31 . 2013-03-03 18:31 -------- d-----w- c:\program files (x86)\SpeedFan
2013-03-03 14:55 . 2013-03-03 14:56 -------- d-----w- c:\program files\Defraggler
2013-03-03 14:49 . 2013-03-03 14:49 -------- d-----w- c:\users\ASUS\AppData\Roaming\Ashampoo
2013-03-03 14:49 . 2013-03-03 14:49 -------- d-----w- c:\users\ASUS\AppData\Local\ashampoo
2013-03-03 14:48 . 2013-03-03 14:49 -------- d-----w- c:\programdata\Ashampoo
2013-03-03 14:48 . 2013-03-03 14:48 -------- d-----w- c:\program files (x86)\Ashampoo
2013-03-03 14:42 . 2013-03-03 14:42 -------- d-----w- c:\program files (x86)\7-Zip
2013-03-03 14:36 . 2013-03-03 14:36 -------- d-----w- c:\users\ASUS\AppData\Roaming\IrfanView
2013-03-03 14:36 . 2013-03-03 14:36 -------- d-----w- c:\program files (x86)\IrfanView
2013-03-03 14:36 . 2013-03-03 14:36 -------- d-----w- c:\program files (x86)\HWiNFO32
2013-03-03 14:07 . 2013-03-03 14:09 -------- d-----w- C:\hijack
2013-03-03 11:55 . 2012-02-14 11:49 114176 ----a-w- c:\windows\SysWow64\PCWizard.cpl
2013-03-03 11:55 . 2013-03-03 11:55 -------- d-----w- c:\program files (x86)\CPUID
2013-03-03 11:49 . 2013-03-03 11:49 -------- d-----w- C:\bat
2013-03-03 11:12 . 2013-03-03 11:12 -------- d-----w- c:\programdata\ASUS WebStorage
2013-03-03 11:11 . 2013-03-03 11:11 -------- d-----w- c:\users\ASUS\AppData\Roaming\EeeStorageUploader
2013-03-03 10:03 . 2013-03-03 10:03 -------- d-----w- C:\found.003
2013-03-03 08:57 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2013-03-03 08:57 . 2012-08-23 13:41 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-03-03 08:57 . 2012-08-23 13:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-03-03 08:57 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2013-03-03 08:55 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-03-03 08:55 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-03-03 08:50 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll
2013-03-03 08:50 . 2012-10-03 16:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2013-03-03 08:50 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll
2013-03-03 08:50 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll
2013-03-03 08:50 . 2012-10-03 17:42 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-03-03 08:50 . 2012-10-03 16:42 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2013-03-03 08:50 . 2012-01-13 07:12 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2013-03-03 08:50 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll
2013-03-03 08:50 . 2012-10-03 16:07 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-03-03 08:50 . 2012-10-03 17:44 18944 ----a-w- c:\windows\system32\netevent.dll
2013-03-03 08:50 . 2012-10-03 16:42 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2013-03-03 08:49 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2013-03-03 08:23 . 2013-03-03 08:23 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-03-03 08:23 . 2013-03-03 08:22 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-03 08:23 . 2013-03-03 08:22 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-03 08:23 . 2013-03-03 08:22 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-03 08:22 . 2013-03-03 08:22 -------- d-----w- c:\program files (x86)\Java
2013-03-03 08:16 . 2013-03-03 08:16 -------- d-----w- c:\programdata\Intel
2013-03-03 08:05 . 2012-10-08 10:42 60776 ----a-w- c:\windows\system32\OpenCL.dll
2013-03-03 08:05 . 2012-10-08 10:42 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-03-03 08:03 . 2013-03-03 08:03 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-03-03 08:02 . 2013-03-03 08:06 -------- d-----w- c:\program files\NVIDIA Corporation
2013-03-03 07:58 . 2013-03-03 07:58 -------- d-----w- c:\program files\Microsoft Silverlight
2013-03-03 07:58 . 2013-03-03 07:58 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-03-02 17:56 . 2013-03-02 17:56 -------- d-----w- c:\windows\system32\SPReview
2013-03-02 17:05 . 2010-11-20 04:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2013-03-02 17:05 . 2010-11-20 04:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2013-03-02 17:05 . 2010-11-20 04:32 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2013-03-02 17:05 . 2010-11-20 04:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2013-03-02 17:00 . 2010-11-20 04:26 501248 ----a-w- c:\windows\system32\IPSECSVC.DLL
2013-03-02 16:59 . 2010-11-20 04:26 313344 ----a-w- c:\windows\system32\dot3ui.dll
2013-03-02 16:58 . 2010-11-20 04:27 519680 ----a-w- c:\windows\system32\netcfgx.dll
2013-03-02 16:57 . 2010-11-20 04:26 584192 ----a-w- c:\windows\system32\ipsmsnap.dll
2013-03-02 14:36 . 2013-03-02 14:36 -------- d-----w- c:\program files (x86)\ESET
2013-03-02 11:04 . 2013-03-02 11:04 -------- d-----w- c:\users\ASUS\AppData\Local\GHISLER
2013-03-02 10:51 . 2013-03-02 10:51 -------- d-----w- c:\program files (x86)\VideoLAN
2013-03-02 10:50 . 2013-03-02 11:02 -------- d-----w- C:\totalcmd
2013-03-02 10:50 . 2013-03-02 10:50 -------- d-----w- c:\users\ASUS\AppData\Roaming\GHISLER
2013-03-02 10:40 . 2013-03-02 10:40 -------- d-----w- c:\users\ASUS\AppData\Roaming\Malwarebytes
2013-03-02 10:40 . 2013-03-02 10:40 -------- d-----w- c:\programdata\Malwarebytes
2013-03-02 10:40 . 2013-03-02 10:40 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-02 10:40 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-02 10:40 . 2013-03-02 10:40 -------- d-----w- c:\users\ASUS\AppData\Local\Programs
2013-03-02 10:35 . 2013-03-02 10:35 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-03 15:45 . 2012-04-01 15:32 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-03 15:45 . 2011-08-23 21:26 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-03 07:54 . 2013-03-03 07:54 249344 ----a-w- c:\windows\system32\webcheck.dll
2013-03-03 07:54 . 2013-03-03 07:54 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-03-02 17:45 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-03-02 17:45 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-02-28 08:36 . 2012-12-12 16:52 177672 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-02-28 08:36 . 2010-11-25 10:56 68992 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-28 08:36 . 2012-12-12 16:52 65408 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-02-28 08:36 . 2012-03-25 18:29 71064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-02-28 08:36 . 2011-07-26 18:55 1025880 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-28 08:36 . 2010-11-25 10:56 377992 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-28 08:36 . 2010-11-25 10:56 80888 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-28 08:36 . 2010-11-25 10:56 33472 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-28 08:36 . 2010-11-25 10:56 41664 ----a-w- c:\windows\avastSS.scr
2013-02-28 08:35 . 2011-01-30 12:12 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-01-05 05:53 . 2012-11-28 05:10 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2012-11-28 05:10 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2012-11-28 05:10 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2012-11-28 05:09 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2012-11-28 05:09 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2012-11-28 05:09 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2012-11-28 05:10 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2012-11-28 05:09 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2012-11-28 05:09 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2012-11-28 05:09 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2012-11-28 05:09 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2012-11-28 05:09 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2012-11-28 05:09 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-12-16 17:11 . 2012-10-07 03:26 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-10-07 03:26 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-10-07 03:26 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-10-07 03:26 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2012-10-23 04:53 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2012-10-23 04:53 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2012-10-23 04:53 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2012-10-23 04:53 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2012-10-23 04:53 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2012-10-23 04:53 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2012-10-23 04:53 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2012-10-23 04:53 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2012-10-23 04:53 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2012-10-23 04:53 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2012-10-23 04:53 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2012-10-23 04:53 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2012-10-23 04:53 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2012-10-23 04:53 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2012-10-23 04:53 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2012-10-23 04:53 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2012-10-23 04:53 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2012-10-23 04:53 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2012-10-23 04:53 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2012-10-23 04:53 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2012-10-23 04:53 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2012-10-23 04:53 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2012-10-23 04:53 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2012-10-23 04:53 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2012-10-23 04:53 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2012-10-23 04:53 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2012-10-23 04:53 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2012-10-23 04:53 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2012-10-23 04:53 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2012-10-23 04:53 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2012-10-23 04:53 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-12-07 10:46 . 2012-10-23 04:53 55296 ----a-w- c:\windows\SysWow64\cero.rs
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{5D9C17C6-093D-43E5-BF3D-4A13D162AB74}]
2011-11-24 17:15 265680 ----a-w- c:\progra~2\CENTRU~1.O\LITACE~1.CZ\cenbho32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-02-28 4767304]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe" [2012-08-03 740736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2012-8-16 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-11-11 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-25 1255736]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-08 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-02-28 80888]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-08-06 13784]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-12-14 53800]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-02 271872]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-03-04 75816]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 15:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-02-28 08:35 133840 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-08-03 09:39 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-08-03 09:39 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-08-03 09:39 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-10 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-10 391512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-10 415064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uStart Page = hxxp://atlas.centrum.cz/?utm_source=ch-browser&utm_medium=IE-9&utm_content=default
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\h48kim89.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - ExtSQL: 2013-02-28 09:33; wrc@avast.com; c:\program files\Alwil Software\Avast5\WebRep\FF
FF - ExtSQL: 2013-03-03 16:21; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\h48kim89.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-03-03 16:23; cs@dictionaries.addons.mozilla.org; c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\h48kim89.default\extensions\cs@dictionaries.addons.mozilla.org
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-03-04 18:07:57
ComboFix-quarantined-files.txt 2013-03-04 17:07
.
Před spuštěním: Volných bajtů: 111 523 270 656
Po spuštění: Volných bajtů: 111 625 871 360
.
- - End Of File - - C9D22D15AB710CAEB9291299B4D21209

#14 Příspěvek od **vyosek** » 04 bře 2013 21:37

Poprosim o DDS http://forum.viry.cz/viewtopic.php?f=13&t=125171

monikash · #15 Příspěvek od **monikash** » 05 bře 2013 17:15

DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.15.2
Run by ASUS at 17:07:50 on 2013-03-05
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3884.2354 [GMT 1:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://atlas.centrum.cz/?utm_source=ch-browser&utm_medium=IE-9&utm_content=default
uProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Lišta Centrum.cz: {5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Pomocník pro přihlášení ke službě Windows Live: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
uRun: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe /S
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office 2007\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{803FA35A-B0A7-4993-A163-D0A62B0BB96F} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{F78B6E2E-2FA1-46CA-9F14-5F108EE42979}\F4274696E616365602C49647F66756C6 : DHCPNameServer = 10.0.0.138
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveSystemServices.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\h48kim89.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-02-28 09:33; wrc@avast.com; C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF - ExtSQL: 2013-03-03 16:21; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\h48kim89.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-03-03 16:23; cs@dictionaries.addons.mozilla.org; C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\h48kim89.default\extensions\cs@dictionaries.addons.mozilla.org
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2012-12-12 65408]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2012-12-12 177672]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-3-4 30496]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-8-7 19600]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-7-26 1025880]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-11-25 377992]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2013-3-3 30080]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-11-11 379520]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-11-25 33472]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-11-25 80888]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-12-12 45248]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-8-6 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-11-11 2314240]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2009-12-14 53800]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-11-11 35104]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2009-10-15 117760]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-11-11 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-26 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-2 271872]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-3-4 75816]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-4-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-4-27 184968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 cpuz135;cpuz135;C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2013-3-3 24368]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-11-25 61792]
S3 fsssvc;Windows Live Zabezpečení rodiny;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-3 19456]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 StorSvc;Služba úložiště;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-3 57856]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-8-6 118672]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-25 1255736]
.
=============== Created Last 30 ================
.
2013-03-04 18:10:39 -------- d-----w- C:\NVIDIA
2013-03-04 17:13:04 -------- d-sh--w- C:\$RECYCLE.BIN
2013-03-04 16:51:21 98816 ----a-w- C:\Windows\sed.exe
2013-03-04 16:51:21 256000 ----a-w- C:\Windows\PEV.exe
2013-03-04 16:51:21 208896 ----a-w- C:\Windows\MBR.exe
2013-03-04 16:51:15 -------- d-----w- C:\ComboFix
2013-03-03 18:56:14 -------- d-----w- C:\Program Files\trend micro
2013-03-03 18:31:16 -------- d-----w- C:\Program Files (x86)\SpeedFan
2013-03-03 14:55:01 -------- d-----w- C:\Program Files\Defraggler
2013-03-03 14:49:15 -------- d-----w- C:\Users\ASUS\AppData\Roaming\Ashampoo
2013-03-03 14:49:01 -------- d-----w- C:\Users\ASUS\AppData\Local\ashampoo
2013-03-03 14:48:24 -------- d-----w- C:\ProgramData\Ashampoo
2013-03-03 14:48:22 -------- d-----w- C:\Program Files (x86)\Ashampoo
2013-03-03 14:36:45 -------- d-----w- C:\Users\ASUS\AppData\Roaming\IrfanView
2013-03-03 14:36:44 -------- d-----w- C:\Program Files (x86)\IrfanView
2013-03-03 14:36:09 -------- d-----w- C:\Program Files (x86)\HWiNFO32
2013-03-03 14:07:39 -------- d-----w- C:\hijack
2013-03-03 11:55:07 114176 ----a-w- C:\Windows\SysWow64\PCWizard.cpl
2013-03-03 11:55:03 -------- d-----w- C:\Program Files (x86)\CPUID
2013-03-03 11:49:41 -------- d-----w- C:\bat
2013-03-03 11:12:01 -------- d-----w- C:\ProgramData\ASUS WebStorage
2013-03-03 11:11:08 -------- d-----w- C:\Users\ASUS\AppData\Roaming\EeeStorageUploader
2013-03-03 10:03:28 -------- d-----w- C:\found.003
2013-03-03 08:57:04 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2013-03-03 08:57:01 13312 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2013-03-03 08:57:01 13312 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2013-03-03 08:57:00 15360 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2013-03-03 08:55:41 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-03-03 08:55:41 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-03-03 08:50:15 216576 ----a-w- C:\Windows\System32\ncsi.dll
2013-03-03 08:50:15 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2013-03-03 08:50:14 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2013-03-03 08:50:14 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
2013-03-03 08:50:14 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2013-03-03 08:50:14 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2013-03-03 08:50:14 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2013-03-03 08:50:13 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2013-03-03 08:50:13 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2013-03-03 08:50:12 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2013-03-03 08:50:12 18944 ----a-w- C:\Windows\System32\netevent.dll
2013-03-03 08:49:28 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2013-03-03 08:23:35 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-03-03 08:23:34 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-03-03 08:23:18 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-03 08:05:26 60776 ----a-w- C:\Windows\System32\OpenCL.dll
2013-03-03 08:05:26 52584 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-03-03 08:03:10 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-03-03 08:02:41 -------- d-----w- C:\Program Files\NVIDIA Corporation
2013-03-02 17:56:40 -------- d-----w- C:\Windows\System32\SPReview
2013-03-02 17:05:27 2560 ----a-w- C:\Windows\System32\drivers\cs-CZ\rdpwd.sys.mui
2013-03-02 17:05:21 3584 ----a-w- C:\Windows\System32\drivers\cs-CZ\tsusbflt.sys.mui
2013-03-02 17:05:06 3072 ----a-w- C:\Windows\System32\drivers\cs-CZ\GAGP30KX.SYS.mui
2013-03-02 17:05:02 4608 ----a-w- C:\Windows\System32\drivers\cs-CZ\kbdclass.sys.mui
2013-03-02 17:00:59 82944 ----a-w- C:\Windows\SysWow64\logman.exe
2013-03-02 16:59:59 630784 ----a-w- C:\Windows\SysWow64\DXPTaskRingtone.dll
2013-03-02 16:58:59 91648 ----a-w- C:\Windows\System32\isoburn.exe
2013-03-02 16:57:59 584192 ----a-w- C:\Windows\System32\ipsmsnap.dll
2013-03-02 14:36:39 -------- d-----w- C:\Program Files (x86)\ESET
2013-03-02 11:04:55 -------- d-----w- C:\Users\ASUS\AppData\Local\GHISLER
2013-03-02 10:51:51 -------- d-----w- C:\Program Files (x86)\VideoLAN
2013-03-02 10:50:53 -------- d-----w- C:\Users\ASUS\AppData\Roaming\GHISLER
2013-03-02 10:50:53 -------- d-----w- C:\totalcmd
2013-03-02 10:40:52 -------- d-----w- C:\Users\ASUS\AppData\Roaming\Malwarebytes
2013-03-02 10:40:37 -------- d-----w- C:\ProgramData\Malwarebytes
2013-03-02 10:40:34 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-03-02 10:40:34 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-02 10:40:16 -------- d-----w- C:\Users\ASUS\AppData\Local\Programs
2013-03-02 10:35:02 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2013-02-15 22:04:52 208448 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2013-03-03 15:45:33 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-03 15:45:33 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-02 17:45:54 175616 ----a-w- C:\Windows\System32\msclmd.dll
2013-03-02 17:45:54 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2013-02-28 08:36:34 177672 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-02-28 08:36:33 71064 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-02-28 08:36:33 65408 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-02-28 08:36:33 1025880 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-02-28 08:36:32 80888 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-02-28 08:36:07 41664 ----a-w- C:\Windows\avastSS.scr
2013-02-10 01:04:31 6393120 ----a-w- C:\Windows\System32\nvcpl.dll
2013-02-10 01:04:31 3472672 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-02-10 01:04:29 877856 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-02-10 01:04:29 76064 ----a-w- C:\Windows\System32\nv3dappshextr.dll
2013-02-10 01:04:29 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-02-10 01:04:29 2555680 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-02-10 01:04:29 237856 ----a-w- C:\Windows\System32\nvmctray.dll
2013-02-10 01:04:29 1012000 ----a-w- C:\Windows\System32\Nv3DAppShExt.dll
2013-02-09 13:25:36 3035306 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
.
============= FINISH: 17:08:50,73 ===============

VIRY.CZ

zavirovaný NTB

zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB