moc prosím o kntrolu logu

Zpráva

raduch · #1 Příspěvek od **raduch** » 05 dub 2013 21:55

přeji fajn večer..
chtěl bych moc poprosit o kontrolu logu.nevím moc jak se to dělá,tak jen podle toho co jsem tu okoukal.
nedávno mi spadl celý systém na nb.nešlo vůbec nic. po dlouhé době se mi podařilo udělat reinstal.před tím pádem mi stále vynechával kurzor na obrazovce a druhý den jsem nb již nemohl rozchodit..nu a ted se to problikávání děje opět..proto bych poprosil o kontrolu..nerad bych,aby to opět vše spadlo..předem dík

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:48:00, on 5.4.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal

Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files\My Lockbox\mylbx.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Users\radim\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9210 bytes

#2 Příspěvek od **Rudy** » 06 dub 2013 10:45

Zdravím!
Poprosím o log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=105895 . Je podrobnější, než HJT. Spadnout systém vám teoreticky může kdykoli a obvykle to bývá z jiných důvodů, než virových.

raduch · #3 Příspěvek od **raduch** » 07 dub 2013 12:25

zdravím a přeji pěkný nedělní den..
moc se omlouvám,ale nebyl jsem doma,tak jsem nemohl reagovat na předchozí zprávu..
tady posílám ten log

Logfile of random's system information tool 1.09 (written by random/random)
Run by radim at 2013-04-07 13:21:39
Microsoft Windows 7 Home Premium
System drive C: has 239 GB (82%) free of 292 GB
Total RAM: 3002 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:22:10, on 7.4.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal

Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files\trend micro\radim.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9715 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2816.a0ba400.1743944136 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox" E7CF176E110C211B 2816 "\\.\pipe\gecko-crash-server-pipe.2816" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash2572.68CD1D80.19284 --host-broker-channel=Flash2572.68CD1D80.11992 --host-pid=2572 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=4204.001BF708.1697340079 --proxy-stub-channel=Flash2572.68CD1D80.19284 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
"C:\Users\radim\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\radim\AppData\Roaming\Mozilla\Firefox\Profiles\oeetbmjr.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\radim\AppData\Roaming\Mozilla\Firefox\Profiles\oeetbmjr.default\extensions\
{77b819fa-95ad-4f2c-ac7c-486b356188a9}
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-06 11057768]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-06-14 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-06-14 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-06-14 365592]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-06-09 206208]
"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2010-06-11 861216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files (x86)\Video Web Camera\traybar.exe [2010-07-06 600688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mylbx]
C:\Program Files\My Lockbox\mylbx.exe [2013-02-02 2584352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup]
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 1155928]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-04-13 284696]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [2010-06-29 263936]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-10 975952]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-02 259584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-04-07 13:21:39 ----D---- C:\rsit
2013-04-07 13:21:39 ----D---- C:\Program Files\trend micro
2013-04-07 08:15:16 ----A---- C:\Windows\system32\perfi005.dat
2013-04-07 08:15:16 ----A---- C:\Windows\system32\perfh005.dat
2013-04-07 08:15:16 ----A---- C:\Windows\system32\perfd005.dat
2013-04-07 08:15:16 ----A---- C:\Windows\system32\perfc005.dat
2013-04-07 08:14:51 ----D---- C:\Windows\SYSWOW64\cs
2013-04-07 08:14:50 ----D---- C:\Windows\SYSWOW64\XPSViewer
2013-04-07 08:14:50 ----D---- C:\Windows\SYSWOW64\drivers\cs-CZ
2013-04-07 08:14:50 ----D---- C:\Windows\system32\cs
2013-04-07 08:14:50 ----D---- C:\Windows\cs-CZ
2013-04-07 08:14:48 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-04-07 08:09:22 ----D---- C:\Windows\NAPP_Dism_Log
2013-04-07 01:27:30 ----D---- C:\Program Files (x86)\MSXML 4.0
2013-04-06 23:00:47 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2013-04-06 23:00:47 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-04-06 23:00:43 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-04-06 22:59:50 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2013-04-06 22:59:45 ----D---- C:\Program Files (x86)\Windows Live
2013-04-06 22:59:34 ----D---- C:\Windows\PCHEALTH
2013-04-06 22:58:06 ----N---- C:\Windows\system32\drivers\PxHlpa64.sys
2013-04-06 22:55:29 ----D---- C:\Program Files (x86)\Microsoft Office
2013-04-06 22:53:32 ----D---- C:\Program Files (x86)\Microsoft
2013-04-06 22:50:21 ----A---- C:\Windows\SYSWOW64\Snpropwp.dll
2013-04-06 22:50:20 ----D---- C:\Program Files (x86)\Video Web Camera
2013-04-06 22:50:20 ----A---- C:\Windows\PLFSetI.exe
2013-04-06 22:50:20 ----A---- C:\Windows\PidList_C.ini
2013-04-06 22:48:16 ----D---- C:\Program Files\Elantech
2013-04-06 22:47:28 ----D---- C:\Program Files (x86)\Launch Manager
2013-04-06 22:43:36 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2013-04-06 22:43:36 ----A---- C:\Windows\system32\rtutils.dll
2013-04-06 22:43:16 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2013-04-06 22:34:18 ----D---- C:\Windows\SYSWOW64\x64
2013-04-06 22:34:18 ----D---- C:\Windows\SYSWOW64\Lang
2013-04-06 22:34:17 ----A---- C:\Windows\SYSWOW64\igxpun.exe
2013-04-06 22:34:02 ----D---- C:\Windows\SoftwareDistribution
2013-04-06 22:30:20 ----ASH---- C:\pagefile.sys
2013-04-06 22:30:19 ----SHD---- C:\System Volume Information
2013-04-06 22:30:19 ----ASH---- C:\hiberfil.sys
2013-04-06 22:14:15 ----D---- C:\Program Files (x86)\Runtime Software
2013-04-06 22:04:18 ----D---- C:\Users\radim\AppData\Roaming\R-TT
2013-04-06 22:04:08 ----D---- C:\Program Files (x86)\R-Studio
2013-04-06 21:53:39 ----D---- C:\Users\radim\AppData\Roaming\.oit
2013-04-06 14:10:44 ----D---- C:\Program Files (x86)\MunSoft
2013-04-06 14:03:57 ----D---- C:\Program Files (x86)\Ontrack
2013-04-06 13:39:11 ----D---- C:\Users\radim\AppData\Roaming\Systweak
2013-04-06 07:30:50 ----D---- C:\Users\radim\AppData\Roaming\Hive Cluster
2013-04-05 20:22:13 ----D---- C:\Program Files\CCleaner
2013-04-05 20:05:00 ----D---- C:\Program Files (x86)\The Binding of Isaac
2013-04-05 20:02:00 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2013-04-05 20:02:00 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2013-04-05 20:01:59 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2013-04-05 20:01:59 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2013-04-05 20:01:58 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2013-04-05 20:01:58 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2013-04-05 20:01:58 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2013-04-05 20:01:41 ----D---- C:\Program Files (x86)\Microsoft XNA
2013-04-05 19:58:26 ----D---- C:\Program Files (x86)\Terraria
2013-04-05 19:43:52 ----D---- C:\Program Files (x86)\Teraria 1.0.6
2013-04-05 19:19:15 ----D---- C:\Program Files (x86)\DsNET Corp
2013-04-05 19:05:52 ----D---- C:\Users\radim\AppData\Roaming\Mozilla
2013-04-05 19:05:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-05 19:05:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-04-05 18:55:27 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-04-05 18:55:26 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-04-05 18:55:26 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-04-05 18:55:25 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-04-05 18:55:25 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-04-05 18:55:24 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-04-05 18:55:24 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-04-05 18:55:10 ----A---- C:\Windows\system32\esent.dll
2013-04-05 18:55:10 ----A---- C:\Windows\system32\drivers\nvstor.sys
2013-04-05 18:55:10 ----A---- C:\Windows\system32\drivers\nvraid.sys
2013-04-05 18:55:10 ----A---- C:\Windows\system32\drivers\amdsata.sys
2013-04-05 18:55:09 ----A---- C:\Windows\SYSWOW64\esent.dll
2013-04-05 18:55:08 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2013-04-05 18:55:08 ----A---- C:\Windows\system32\drivers\storport.sys
2013-04-05 18:55:08 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2013-04-05 18:55:08 ----A---- C:\Windows\system32\drivers\amdxata.sys
2013-04-05 18:55:07 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2013-04-05 18:55:07 ----A---- C:\Windows\system32\fsutil.exe
2013-04-05 18:34:17 ----D---- C:\Program Files (x86)\Microsoft Works
2013-04-05 18:33:11 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2013-04-05 18:32:18 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-04-05 18:30:00 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-04-05 18:28:05 ----RHD---- C:\MSOCache
2013-04-05 14:56:04 ----D---- C:\ProgramData\CyberLink
2013-04-05 14:56:02 ----D---- C:\Users\radim\AppData\Roaming\SNS
2013-04-05 11:14:52 ----D---- C:\Windows\SYSWOW64\Wat
2013-04-05 11:14:52 ----D---- C:\Windows\system32\Wat
2013-04-05 01:39:27 ----A---- C:\Windows\system32\wcncsvc.dll
2013-04-05 01:39:26 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2013-04-05 01:14:46 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-04-05 01:14:46 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-04-05 01:14:45 ----A---- C:\Windows\system32\Wdfres.dll
2013-04-05 01:04:20 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2013-04-05 01:04:20 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2013-04-05 01:04:20 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2013-04-05 01:04:20 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2013-04-05 01:04:19 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2013-04-05 01:04:19 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2013-04-05 01:04:19 ----A---- C:\Windows\system32\PresentationHost.exe
2013-04-05 01:04:19 ----A---- C:\Windows\system32\netfxperf.dll
2013-04-05 01:04:19 ----A---- C:\Windows\system32\mscoree.dll
2013-04-05 01:04:19 ----A---- C:\Windows\system32\dfshim.dll
2013-04-05 01:03:05 ----A---- C:\Windows\system32\browserchoice.exe
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\url.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-04-05 00:59:37 ----A---- C:\Windows\SYSWOW64\admparse.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\wininet.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\wextract.exe
2013-04-05 00:59:36 ----A---- C:\Windows\system32\webcheck.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\vbscript.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\urlmon.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\url.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-04-05 00:59:36 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-05 00:59:36 ----A---- C:\Windows\system32\pngfilt.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\occache.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\msrating.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\msls31.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\mshtmler.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\mshtml.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\mshta.exe
2013-04-05 00:59:36 ----A---- C:\Windows\system32\msfeedssync.exe
2013-04-05 00:59:36 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\licmgr10.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\jscript9.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\jscript.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\inseng.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\imgutil.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\iexpress.exe
2013-04-05 00:59:36 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-05 00:59:36 ----A---- C:\Windows\system32\ieui.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\iesetup.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\iertutil.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\iernonce.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\iepeers.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\ieframe.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\iedkcs32.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\ieapfltr.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\ieapfltr.dat
2013-04-05 00:59:36 ----A---- C:\Windows\system32\ieakui.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\ieaksie.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\ieakeng.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-05 00:59:36 ----A---- C:\Windows\system32\icardie.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\dxtrans.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-05 00:59:36 ----A---- C:\Windows\system32\admparse.dll
2013-04-05 00:47:23 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-04-05 00:47:23 ----A---- C:\Windows\system32\atmlib.dll
2013-04-05 00:47:22 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-04-05 00:47:22 ----A---- C:\Windows\system32\atmfd.dll
2013-04-05 00:46:03 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-04-05 00:46:03 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-04-05 00:45:59 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-04-05 00:45:59 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-04-05 00:45:56 ----A---- C:\Windows\system32\WUDFHost.exe
2013-04-05 00:45:56 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-04-05 00:45:55 ----A---- C:\Windows\system32\WUDFx.dll
2013-04-05 00:39:44 ----D---- C:\Program Files\Microsoft Silverlight
2013-04-05 00:39:44 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-04-05 00:37:16 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-04-05 00:37:16 ----A---- C:\Windows\system32\imagehlp.dll
2013-04-05 00:37:16 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-04-05 00:37:14 ----A---- C:\Windows\SYSWOW64\wmi.dll
2013-04-05 00:37:14 ----A---- C:\Windows\system32\wmi.dll
2013-04-05 00:31:12 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-04-05 00:31:11 ----A---- C:\Windows\system32\drivers\ks.sys
2013-04-04 22:58:19 ----D---- C:\Users\radim\AppData\Roaming\Bitmart
2013-04-04 22:58:10 ----D---- C:\Program Files (x86)\Restorer Ultimate
2013-04-04 22:44:42 ----A---- C:\Windows\system32\drivers\ElRawDsk.sys
2013-04-04 22:44:40 ----A---- C:\Windows\SYSWOW64\mfc45.dat
2013-04-04 22:43:49 ----A---- C:\Windows\SYSWOW64\mfc45.dll
2013-04-04 22:13:18 ----D---- C:\Program Files (x86)\Convar
2013-04-04 22:03:30 ----D---- C:\Program Files (x86)\Wise
2013-04-04 22:02:13 ----D---- C:\ProgramData\VirtualizedApplications
2013-04-04 21:56:15 ----A---- C:\Windows\SYSWOW64\VB6STKIT.DLL
2013-04-04 21:56:14 ----A---- C:\Windows\SYSWOW64\VB5DB.DLL
2013-04-04 21:56:14 ----A---- C:\Windows\SYSWOW64\MSSTDFMT.DLL
2013-04-04 21:56:14 ----A---- C:\Windows\SYSWOW64\MSREPL35.DLL
2013-04-04 21:56:14 ----A---- C:\Windows\SYSWOW64\MSRD2X35.DLL
2013-04-04 21:56:14 ----A---- C:\Windows\SYSWOW64\MSJTER35.DLL
2013-04-04 21:56:14 ----A---- C:\Windows\SYSWOW64\MSJINT35.DLL
2013-04-04 21:56:14 ----A---- C:\Windows\SYSWOW64\MSJET35.DLL
2013-04-04 21:39:20 ----A---- C:\Windows\system32\drivers\FSPFltd.sys
2013-04-04 21:39:19 ----D---- C:\Program Files\My Lockbox
2013-04-04 20:28:55 ----D---- C:\ProgramData\Microsoft Help
2013-04-04 19:51:43 ----D---- C:\Users\radim\AppData\Roaming\SoftGrid Client
2013-04-04 19:50:44 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-04-04 19:50:26 ----D---- C:\Program Files\Microsoft Office
2013-04-04 19:50:25 ----D---- C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-04-04 19:49:55 ----D---- C:\Users\radim\AppData\Roaming\TP
2013-04-04 19:24:28 ----D---- C:\Program Files (x86)\Free Hide Folder
2013-04-04 17:43:13 ----D---- C:\Users\radim\AppData\Roaming\COWON
2013-04-04 17:41:27 ----D---- C:\Program Files (x86)\JetAudio
2013-04-04 17:39:32 ----D---- C:\Users\radim\AppData\Roaming\InstallShield
2013-04-04 17:38:13 ----D---- C:\Program Files\WinRAR
2013-04-04 17:24:59 ----D---- C:\Users\radim\AppData\Roaming\WinRAR
2013-04-04 15:49:36 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-04 15:48:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-04 15:48:20 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-04 15:48:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-04 15:48:07 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2013-04-04 15:48:07 ----A---- C:\Windows\system32\xmllite.dll
2013-04-04 15:48:05 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-04-04 15:48:04 ----A---- C:\Windows\system32\win32spl.dll
2013-04-04 15:48:02 ----A---- C:\Windows\system32\odbccu32.dll
2013-04-04 15:48:02 ----A---- C:\Windows\system32\odbccr32.dll
2013-04-04 15:48:01 ----A---- C:\Windows\system32\odbctrac.dll
2013-04-04 15:48:01 ----A---- C:\Windows\system32\odbccp32.dll
2013-04-04 15:48:00 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2013-04-04 15:48:00 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2013-04-04 15:48:00 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2013-04-04 15:48:00 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2013-04-04 15:47:59 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2013-04-04 15:47:56 ----A---- C:\Windows\system32\drivers\dfsc.sys
2013-04-04 15:47:55 ----A---- C:\Windows\system32\d3d10warp.dll
2013-04-04 15:47:54 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-04-04 15:47:54 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-04-04 15:47:54 ----A---- C:\Windows\system32\d2d1.dll
2013-04-04 15:47:53 ----A---- C:\Windows\system32\DWrite.dll
2013-04-04 15:47:52 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-04-04 15:47:52 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-04-04 15:47:52 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-04-04 15:47:52 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-04-04 15:47:52 ----A---- C:\Windows\system32\d3d10_1.dll
2013-04-04 15:47:26 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2013-04-04 15:47:26 ----A---- C:\Windows\system32\poqexec.exe
2013-04-04 15:47:23 ----A---- C:\Windows\explorer.exe
2013-04-04 15:47:22 ----A---- C:\Windows\SYSWOW64\explorer.exe
2013-04-04 15:47:09 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-04-04 15:47:09 ----A---- C:\Windows\system32\tzres.dll
2013-04-04 15:46:43 ----A---- C:\Windows\system32\CPFilters.dll
2013-04-04 15:46:42 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2013-04-04 15:46:41 ----A---- C:\Windows\system32\sbe.dll
2013-04-04 15:46:40 ----A---- C:\Windows\SYSWOW64\sbe.dll
2013-04-04 15:46:35 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2013-04-04 15:46:35 ----A---- C:\Windows\system32\t2embed.dll
2013-04-04 15:45:17 ----A---- C:\Windows\SYSWOW64\quartz.dll
2013-04-04 15:45:17 ----A---- C:\Windows\system32\quartz.dll
2013-04-04 15:45:16 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-04-04 15:45:15 ----A---- C:\Windows\system32\qdvd.dll
2013-04-04 15:45:04 ----A---- C:\Windows\system32\ntshrui.dll
2013-04-04 15:45:03 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2013-04-04 15:44:56 ----A---- C:\Windows\system32\ole32.dll
2013-04-04 15:44:55 ----A---- C:\Windows\SYSWOW64\ole32.dll
2013-04-04 15:44:43 ----A---- C:\Windows\system32\taskschd.dll
2013-04-04 15:44:43 ----A---- C:\Windows\system32\schedsvc.dll
2013-04-04 15:44:42 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2013-04-04 15:44:42 ----A---- C:\Windows\system32\wmicmiplugin.dll
2013-04-04 15:44:42 ----A---- C:\Windows\system32\taskeng.exe
2013-04-04 15:44:42 ----A---- C:\Windows\system32\taskcomp.dll
2013-04-04 15:44:42 ----A---- C:\Windows\system32\schtasks.exe
2013-04-04 15:44:41 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2013-04-04 15:44:41 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2013-04-04 15:44:41 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2013-04-04 15:44:34 ----A---- C:\Windows\system32\mssrch.dll
2013-04-04 15:44:33 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2013-04-04 15:44:32 ----A---- C:\Windows\system32\tquery.dll
2013-04-04 15:44:31 ----A---- C:\Windows\SYSWOW64\tquery.dll
2013-04-04 15:44:30 ----A---- C:\Windows\system32\SearchIndexer.exe
2013-04-04 15:44:30 ----A---- C:\Windows\system32\mssph.dll
2013-04-04 15:44:29 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2013-04-04 15:44:29 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2013-04-04 15:44:29 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2013-04-04 15:44:28 ----A---- C:\Windows\SYSWOW64\mssph.dll
2013-04-04 15:44:27 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2013-04-04 15:44:27 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2013-04-04 15:44:27 ----A---- C:\Windows\system32\SearchFilterHost.exe
2013-04-04 15:44:27 ----A---- C:\Windows\system32\mssvp.dll
2013-04-04 15:44:27 ----A---- C:\Windows\system32\msscntrs.dll
2013-04-04 15:44:26 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2013-04-04 15:44:26 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2013-04-04 15:44:26 ----A---- C:\Windows\system32\mssphtb.dll
2013-04-04 15:44:10 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2013-04-04 15:44:10 ----A---- C:\Windows\system32\StructuredQuery.dll
2013-04-04 15:43:46 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2013-04-04 15:43:45 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2013-04-04 15:43:45 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2013-04-04 15:43:42 ----A---- C:\Windows\SYSWOW64\webio.dll
2013-04-04 15:43:42 ----A---- C:\Windows\system32\webio.dll
2013-04-04 15:43:35 ----A---- C:\Windows\system32\win32k.sys
2013-04-04 15:42:42 ----A---- C:\Windows\system32\msdri.dll
2013-04-04 15:42:37 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-04 15:42:28 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-04-04 15:42:28 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-04-04 15:42:16 ----A---- C:\Windows\system32\comctl32.dll
2013-04-04 15:42:15 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-04-04 15:42:06 ----A---- C:\Windows\SYSWOW64\upnp.dll
2013-04-04 15:42:06 ----A---- C:\Windows\system32\upnp.dll
2013-04-04 15:42:05 ----A---- C:\Windows\system32\winhttp.dll
2013-04-04 15:42:04 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-04-04 15:42:04 ----A---- C:\Windows\system32\wscapi.dll
2013-04-04 15:42:04 ----A---- C:\Windows\system32\WebClnt.dll
2013-04-04 15:42:04 ----A---- C:\Windows\system32\davclnt.dll
2013-04-04 15:42:03 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2013-04-04 15:42:03 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2013-04-04 15:42:03 ----A---- C:\Windows\SYSWOW64\slwga.dll
2013-04-04 15:42:03 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-04-04 15:42:03 ----A---- C:\Windows\system32\wscsvc.dll
2013-04-04 15:42:03 ----A---- C:\Windows\system32\slwga.dll
2013-04-04 15:42:00 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-04-04 15:41:59 ----A---- C:\Windows\system32\XpsPrint.dll
2013-04-04 15:41:57 ----A---- C:\Windows\system32\mfc42u.dll
2013-04-04 15:41:56 ----A---- C:\Windows\system32\mfc42.dll
2013-04-04 15:41:55 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2013-04-04 15:41:54 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2013-04-04 15:41:47 ----A---- C:\Windows\system32\shell32.dll
2013-04-04 15:41:45 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-04-04 15:41:34 ----A---- C:\Windows\system32\d3d10level9.dll
2013-04-04 15:41:33 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-04-04 15:41:31 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-04-04 15:41:30 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-04-04 15:41:29 ----A---- C:\Windows\system32\rdpwsx.dll
2013-04-04 15:41:29 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-04-04 15:41:27 ----A---- C:\Windows\system32\schannel.dll
2013-04-04 15:41:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-04-04 15:41:26 ----A---- C:\Windows\system32\lsasrv.dll
2013-04-04 15:41:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-04-04 15:41:26 ----A---- C:\Windows\system32\drivers\cng.sys
2013-04-04 15:41:25 ----A---- C:\Windows\system32\sspicli.dll
2013-04-04 15:41:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-04-04 15:41:24 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-04-04 15:41:24 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-04-04 15:41:24 ----A---- C:\Windows\system32\sspisrv.dll
2013-04-04 15:41:24 ----A---- C:\Windows\system32\secur32.dll
2013-04-04 15:41:24 ----A---- C:\Windows\system32\lsass.exe
2013-04-04 15:40:52 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-04-04 15:40:51 ----A---- C:\Windows\system32\mf.dll
2013-04-04 15:40:50 ----A---- C:\Windows\SYSWOW64\mf.dll
2013-04-04 15:40:50 ----A---- C:\Windows\system32\FntCache.dll
2013-04-04 15:40:48 ----A---- C:\Windows\system32\ExplorerFrame.dll
2013-04-04 15:40:48 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-04-04 15:40:47 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-04-04 15:40:47 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2013-04-04 15:40:47 ----A---- C:\Windows\system32\mfreadwrite.dll
2013-04-04 15:40:46 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2013-04-04 15:40:46 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2013-04-04 15:40:46 ----A---- C:\Windows\system32\XpsRasterService.dll
2013-04-04 15:40:46 ----A---- C:\Windows\system32\mfps.dll
2013-04-04 15:40:46 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-04-04 15:40:45 ----A---- C:\Windows\system32\cdd.dll
2013-04-04 15:40:30 ----A---- C:\Windows\system32\msxml6.dll
2013-04-04 15:40:29 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-04-04 15:40:29 ----A---- C:\Windows\system32\msxml3.dll
2013-04-04 15:40:28 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-04-04 15:40:21 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2013-04-04 15:40:03 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-04 15:40:02 ----A---- C:\Windows\system32\profsvc.dll
2013-04-04 15:40:00 ----A---- C:\Windows\system32\dnsapi.dll
2013-04-04 15:39:59 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2013-04-04 15:39:59 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2013-04-04 15:39:59 ----A---- C:\Windows\system32\dnsrslvr.dll
2013-04-04 15:39:59 ----A---- C:\Windows\system32\dnscacheugc.exe
2013-04-04 15:38:48 ----A---- C:\Windows\system32\dpnet.dll
2013-04-04 15:38:47 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-04-04 15:38:28 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-04-04 15:38:28 ----A---- C:\Windows\system32\wintrust.dll
2013-04-04 15:38:27 ----A---- C:\Windows\system32\wmpmde.dll
2013-04-04 15:38:26 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2013-04-04 15:38:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-04-04 15:38:25 ----A---- C:\Windows\system32\ncrypt.dll
2013-04-04 15:38:20 ----A---- C:\Windows\system32\KernelBase.dll
2013-04-04 15:38:20 ----A---- C:\Windows\system32\kernel32.dll
2013-04-04 15:38:19 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-04-04 15:38:19 ----A---- C:\Windows\system32\wow64win.dll
2013-04-04 15:38:19 ----A---- C:\Windows\system32\winsrv.dll
2013-04-04 15:38:19 ----A---- C:\Windows\system32\conhost.exe
2013-04-04 15:38:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-04 15:38:18 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-04 15:38:18 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-04-04 15:38:18 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-04-04 15:38:18 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-04-04 15:38:18 ----A---- C:\Windows\system32\ntvdm64.dll
2013-04-04 15:38:17 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-04-04 15:38:17 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-04-04 15:38:17 ----A---- C:\Windows\system32\wow64.dll
2013-04-04 15:38:16 ----A---- C:\Windows\system32\wow64cpu.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-04-04 15:38:15 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-04-04 15:38:14 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-04-04 15:38:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-04-04 15:38:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-04-04 15:38:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-04-04 15:38:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-04 15:38:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-04-04 15:38:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-04-04 15:38:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-04-04 15:38:13 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-04 15:38:13 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-04-04 15:38:13 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-04-04 15:38:13 ----A---- C:\Windows\SYSWOW64\user.exe
2013-04-04 15:37:57 ----A---- C:\Windows\system32\usp10.dll
2013-04-04 15:37:56 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-04-04 15:37:52 ----A---- C:\Windows\system32\drivers\srvnet.sys
2013-04-04 15:37:52 ----A---- C:\Windows\system32\drivers\srv2.sys
2013-04-04 15:37:52 ----A---- C:\Windows\system32\drivers\srv.sys
2013-04-04 15:37:51 ----A---- C:\Windows\system32\drivers\volsnap.sys
2013-04-04 15:37:49 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-04-04 15:37:48 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-04-04 15:37:39 ----A---- C:\Windows\system32\Wpc.dll
2013-04-04 15:37:39 ----A---- C:\Windows\system32\gameux.dll
2013-04-04 15:37:38 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-04-04 15:37:38 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-04-04 15:36:55 ----A---- C:\Windows\system32\psisdecd.dll
2013-04-04 15:36:54 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2013-04-04 15:36:44 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-04-04 15:35:42 ----A---- C:\Windows\system32\drivers\afd.sys
2013-04-04 15:35:41 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-04-04 15:35:39 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-04-04 15:35:39 ----A---- C:\Windows\system32\kerberos.dll
2013-04-04 15:35:36 ----A---- C:\Windows\system32\msi.dll
2013-04-04 15:35:35 ----A---- C:\Windows\SYSWOW64\msi.dll
2013-04-04 15:34:01 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-04-04 15:34:01 ----A---- C:\Windows\system32\synceng.dll
2013-04-04 15:33:57 ----A---- C:\Windows\system32\winload.exe
2013-04-04 15:33:56 ----A---- C:\Windows\system32\winresume.exe
2013-04-04 15:33:56 ----A---- C:\Windows\system32\kdusb.dll
2013-04-04 15:33:56 ----A---- C:\Windows\system32\kd1394.dll
2013-04-04 15:33:55 ----A---- C:\Windows\system32\kdcom.dll
2013-04-04 15:33:49 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2013-04-04 15:33:49 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2013-04-04 15:33:18 ----A---- C:\Windows\system32\umpnpmgr.dll
2013-04-04 15:33:17 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2013-04-04 15:33:17 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2013-04-04 15:33:17 ----A---- C:\Windows\SYSWOW64\devobj.dll
2013-04-04 15:33:17 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2013-04-04 15:33:06 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-04-04 15:33:06 ----A---- C:\Windows\system32\mstscax.dll
2013-04-04 15:33:05 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-04-04 15:33:05 ----A---- C:\Windows\system32\mstsc.exe
2013-04-04 15:33:04 ----A---- C:\Windows\system32\netapi32.dll
2013-04-04 15:33:04 ----A---- C:\Windows\system32\browser.dll
2013-04-04 15:33:03 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2013-04-04 15:33:03 ----A---- C:\Windows\SYSWOW64\browcli.dll
2013-04-04 15:33:03 ----A---- C:\Windows\system32\browcli.dll
2013-04-04 15:32:58 ----A---- C:\Windows\system32\wmp.dll
2013-04-04 15:32:56 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-04-04 15:32:49 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-04-04 15:32:48 ----A---- C:\Windows\system32\wmploc.DLL
2013-04-04 15:32:39 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2013-04-04 15:32:39 ----A---- C:\Windows\system32\prevhost.exe
2013-04-04 15:32:37 ----A---- C:\Windows\system32\srcore.dll
2013-04-04 15:32:36 ----A---- C:\Windows\SYSWOW64\srclient.dll
2013-04-04 15:32:33 ----A---- C:\Windows\system32\FXSCOVER.exe
2013-04-04 15:32:30 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2013-04-04 15:32:30 ----A---- C:\Windows\system32\inetcomm.dll
2013-04-04 15:32:26 ----A---- C:\Windows\system32\msvcrt.dll
2013-04-04 15:32:25 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2013-04-04 15:32:23 ----A---- C:\Windows\system32\consent.exe
2013-04-04 15:32:19 ----A---- C:\Windows\system32\localspl.dll
2013-04-04 15:32:17 ----A---- C:\Windows\system32\drivers\bowser.sys
2013-04-04 15:32:14 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2013-04-04 15:32:14 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2013-04-04 15:32:14 ----A---- C:\Windows\system32\oleaut32.dll
2013-04-04 15:32:14 ----A---- C:\Windows\system32\oleacc.dll
2013-04-04 15:32:12 ----A---- C:\Windows\system32\EncDec.dll
2013-04-04 15:32:11 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2013-04-04 15:31:44 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2013-04-04 15:31:44 ----A---- C:\Windows\system32\odbc32.dll
2013-04-04 15:31:34 ----A---- C:\Windows\system32\ntdll.dll
2013-04-04 15:31:33 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-04-04 15:31:28 ----A---- C:\Windows\system32\srvsvc.dll
2013-04-04 15:31:27 ----A---- C:\Windows\SYSWOW64\sscore.dll
2013-04-04 15:31:23 ----A---- C:\Windows\system32\spoolsv.exe
2013-04-04 15:31:23 ----A---- C:\Windows\splwow64.exe
2013-04-04 15:30:50 ----A---- C:\Windows\system32\crypt32.dll
2013-04-04 15:30:47 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-04-04 15:30:44 ----A---- C:\Windows\system32\cryptsvc.dll
2013-04-04 15:30:44 ----A---- C:\Windows\system32\cryptnet.dll
2013-04-04 15:30:43 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-04-04 15:30:41 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-04-04 15:30:00 ----A---- C:\Windows\SYSWOW64\packager.dll
2013-04-04 15:30:00 ----A---- C:\Windows\system32\packager.dll
2013-04-04 00:05:10 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2013-04-04 00:05:10 ----A---- C:\Windows\system32\rdpcore.dll
2013-04-04 00:05:09 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2013-04-03 23:58:50 ----A---- C:\Windows\system32\wups2.dll
2013-04-03 23:58:50 ----A---- C:\Windows\system32\wucltux.dll
2013-04-03 23:58:50 ----A---- C:\Windows\system32\wuaueng.dll
2013-04-03 23:58:50 ----A---- C:\Windows\system32\wuauclt.exe
2013-04-03 23:58:00 ----A---- C:\Windows\system32\wups.dll
2013-04-03 23:58:00 ----A---- C:\Windows\system32\wudriver.dll
2013-04-03 23:58:00 ----A---- C:\Windows\system32\wuapi.dll
2013-04-03 23:57:36 ----A---- C:\Windows\system32\wuwebv.dll
2013-04-03 23:57:35 ----A---- C:\Windows\system32\wuapp.exe
2013-04-03 23:36:05 ----D---- C:\Program Files\Recuva
2013-04-03 23:19:47 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-04-03 23:19:44 ----D---- C:\Windows\system32\Macromed
2013-04-03 22:44:11 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-04-03 22:44:11 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-04-03 22:44:11 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-04-03 22:44:11 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-04-03 22:44:10 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-04-03 22:44:09 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-04-03 22:44:06 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-04-03 22:44:03 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-04-03 22:44:03 ----A---- C:\Windows\system32\aswBoot.exe
2013-04-03 22:43:37 ----A---- C:\Windows\avastSS.scr
2013-04-03 22:43:22 ----D---- C:\Program Files\AVAST Software
2013-04-03 22:42:08 ----D---- C:\ProgramData\AVAST Software
2013-04-03 22:38:38 ----N---- C:\Windows\system32\MpSigStub.exe
2013-04-03 22:29:30 ----D---- C:\ProgramData\Mozilla
2013-04-03 22:27:56 ----D---- C:\Users\radim\AppData\Roaming\Adobe
2013-04-03 22:25:24 ----D---- C:\Users\radim\AppData\Roaming\Intel Corporation
2013-04-03 22:25:15 ----D---- C:\Users\radim\AppData\Roaming\Macromedia
2013-04-03 22:24:46 ----D---- C:\Users\radim\AppData\Roaming\Identities
2013-04-03 22:23:20 ----SD---- C:\Users\radim\AppData\Roaming\Microsoft
2013-04-03 22:23:20 ----D---- C:\Users\radim\AppData\Roaming\Media Center Programs
2013-04-03 22:23:10 ----SHD---- C:\Recovery
2013-04-03 22:23:10 ----SHD---- C:\ProgramData\Šablony
2013-04-03 22:23:10 ----SHD---- C:\ProgramData\Plocha
2013-04-03 22:23:10 ----SHD---- C:\ProgramData\Oblíbené položky
2013-04-03 22:23:10 ----SHD---- C:\ProgramData\Nabídka Start
2013-04-03 22:23:10 ----SHD---- C:\ProgramData\Dokumenty
2013-04-03 22:23:10 ----SHD---- C:\ProgramData\Data aplikací

======List of files/folders modified in the last 1 month======

2013-04-07 13:22:05 ----D---- C:\Windows\Temp
2013-04-07 13:21:39 ----RD---- C:\Program Files
2013-04-07 12:27:17 ----D---- C:\Windows\system32\config
2013-04-07 12:11:23 ----D---- C:\Windows\rescache
2013-04-07 12:00:34 ----D---- C:\Windows\Logs
2013-04-07 11:50:19 ----D---- C:\Windows\Prefetch
2013-04-07 09:43:06 ----D---- C:\Windows\winsxs
2013-04-07 09:33:36 ----D---- C:\Windows\System32
2013-04-07 09:33:36 ----D---- C:\Windows\inf
2013-04-07 09:33:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-07 08:18:12 ----D---- C:\Windows\SYSWOW64\winrm
2013-04-07 08:18:12 ----D---- C:\Windows\SYSWOW64\WCN
2013-04-07 08:18:12 ----D---- C:\Windows\SYSWOW64\slmgr
2013-04-07 08:18:12 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2013-04-07 08:18:12 ----D---- C:\Windows\SYSWOW64\migwiz
2013-04-07 08:18:12 ----D---- C:\Windows\SYSWOW64\en
2013-04-07 08:18:12 ----D---- C:\Windows\SYSWOW64\DriverStore
2013-04-07 08:18:12 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2013-04-07 08:18:12 ----D---- C:\Windows\system32\winrm
2013-04-07 08:18:12 ----D---- C:\Windows\system32\WCN
2013-04-07 08:18:12 ----D---- C:\Windows\system32\slmgr
2013-04-07 08:18:12 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2013-04-07 08:18:12 ----D---- C:\Windows\system32\migwiz
2013-04-07 08:18:12 ----D---- C:\Windows\system32\en
2013-04-07 08:18:12 ----D---- C:\Windows\system32\drivers\en-US
2013-04-07 08:18:12 ----D---- C:\Windows\system32\Dism
2013-04-07 08:18:12 ----D---- C:\Windows\Speech
2013-04-07 08:18:12 ----D---- C:\Windows\en-US
2013-04-07 08:18:12 ----D---- C:\Program Files\Windows Photo Viewer
2013-04-07 08:18:12 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2013-04-07 08:18:12 ----D---- C:\Program Files (x86)\Windows Defender
2013-04-07 08:14:53 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-04-07 08:14:52 ----D---- C:\Windows\servicing
2013-04-07 08:14:52 ----D---- C:\Program Files\Windows Sidebar
2013-04-07 08:14:52 ----D---- C:\Program Files\Windows Defender
2013-04-07 08:14:52 ----D---- C:\Program Files\DVD Maker
2013-04-07 08:14:50 ----D---- C:\Windows\SYSWOW64\wbem
2013-04-07 08:14:50 ----D---- C:\Windows\SYSWOW64\MUI
2013-04-07 08:14:50 ----D---- C:\Windows\SYSWOW64\drivers
2013-04-07 08:14:50 ----D---- C:\Windows\SYSWOW64\Dism
2013-04-07 08:14:50 ----D---- C:\Windows\SYSWOW64\com
2013-04-07 08:14:50 ----D---- C:\Windows\system32\oobe
2013-04-07 08:14:50 ----D---- C:\Windows\IME
2013-04-07 08:14:48 ----D---- C:\Windows\system32\MUI
2013-04-07 08:14:48 ----D---- C:\Windows\system32\drivers\UMDF
2013-04-07 08:14:48 ----D---- C:\Windows\system32\com
2013-04-07 01:29:36 ----SHD---- C:\Windows\Installer
2013-04-07 01:28:46 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-04-07 01:27:38 ----D---- C:\Windows\SysWOW64
2013-04-07 01:27:30 ----RD---- C:\Program Files (x86)
2013-04-07 01:21:09 ----A---- C:\Windows\win.ini
2013-04-07 01:20:58 ----RSD---- C:\Windows\assembly
2013-04-06 23:16:44 ----D---- C:\Windows\system32\sysprep
2013-04-06 23:04:36 ----D---- C:\Windows\Help
2013-04-06 23:02:18 ----D---- C:\Program Files (x86)\Packard Bell
2013-04-06 22:58:15 ----D---- C:\ProgramData\Adobe
2013-04-06 22:53:50 ----D---- C:\Program Files\Packard Bell
2013-04-06 22:49:13 ----HD---- C:\Program Files (x86)\Temp
2013-04-06 22:49:08 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-04-06 22:39:45 ----AD---- C:\Windows\DeployWinRE2
2013-04-06 22:36:11 ----A---- C:\Windows\system32\PLD_Framework.cmd
2013-04-06 07:20:42 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-04-06 07:20:42 ----D---- C:\Windows\system32\drivers
2013-04-06 07:20:42 ----D---- C:\Windows\system32\cs-CZ
2013-04-06 07:20:19 ----D---- C:\Windows\system32\DriverStore
2013-04-06 07:18:22 ----D---- C:\Windows
2013-04-06 00:32:40 ----D---- C:\Windows\system32\catroot
2013-04-06 00:29:58 ----RSD---- C:\Windows\Fonts
2013-04-05 21:40:36 ----D---- C:\Windows\Microsoft.NET
2013-04-05 20:25:53 ----D---- C:\Windows\Panther
2013-04-05 20:25:52 ----D---- C:\Windows\debug
2013-04-05 20:22:20 ----D---- C:\Windows\system32\Tasks
2013-04-05 20:01:24 ----D---- C:\Windows\system32\catroot2
2013-04-05 19:30:40 ----D---- C:\Windows\SYSWOW64\en-US
2013-04-05 19:30:38 ----D---- C:\Windows\system32\en-US
2013-04-05 18:33:57 ----D---- C:\Program Files (x86)\MSBuild
2013-04-05 18:33:08 ----D---- C:\Windows\ShellNew
2013-04-05 18:32:18 ----SD---- C:\ProgramData\Microsoft
2013-04-05 14:56:04 ----HD---- C:\ProgramData
2013-04-05 11:15:35 ----D---- C:\Program Files\Common Files\System
2013-04-05 11:15:31 ----D---- C:\Windows\ehome
2013-04-05 11:15:25 ----D---- C:\Program Files\Windows Mail
2013-04-05 11:15:25 ----D---- C:\Program Files (x86)\Windows Mail
2013-04-05 11:15:21 ----D---- C:\Windows\system32\wbem
2013-04-05 11:15:14 ----D---- C:\Program Files\Internet Explorer
2013-04-05 11:15:14 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-05 11:15:13 ----D---- C:\Windows\SYSWOW64\migration
2013-04-05 11:15:01 ----D---- C:\Windows\PolicyDefinitions
2013-04-05 11:15:00 ----D---- C:\Windows\system32\migration
2013-04-05 11:14:50 ----D---- C:\Windows\AppPatch
2013-04-05 11:14:25 ----D---- C:\Windows\system32\Boot
2013-04-05 11:14:10 ----D---- C:\Program Files\Windows Media Player
2013-04-05 11:14:10 ----D---- C:\Program Files (x86)\Windows Media Player
2013-04-05 11:14:06 ----D---- C:\Program Files\Windows Journal
2013-04-05 01:47:56 ----D---- C:\Windows\system32\wdi
2013-04-04 19:50:28 ----D---- C:\Program Files (x86)\Common Files
2013-04-04 17:41:26 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-04-04 00:00:23 ----D---- C:\Windows\system32\LogFiles
2013-04-03 23:19:47 ----D---- C:\Windows\Tasks
2013-04-03 22:56:29 ----D---- C:\Program Files (x86)\Adobe
2013-04-03 22:38:24 ----D---- C:\Windows\system32\restore
2013-04-03 22:25:22 ----D---- C:\Windows\system32\OEM
2013-04-03 22:25:16 ----D---- C:\ProgramData\Norton
2013-04-03 22:25:10 ----D---- C:\ProgramData\oem
2013-04-03 22:24:43 ----SHD---- C:\$Recycle.Bin
2013-04-03 22:24:34 ----HD---- C:\OEM
2013-04-03 22:23:17 ----RD---- C:\Users
2013-04-03 22:23:10 ----D---- C:\Windows\system32\Recovery
2013-04-03 22:23:10 ----D---- C:\Program Files\Windows NT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 FSProFilter;FSPro File Filter; C:\Windows\System32\Drivers\FSPFltd.sys [2010-07-22 54848]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-06-19 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\ElRawDsk.sys [2012-07-26 30752]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-02 7369728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-06 2419176]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-05-21 1108000]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-06-03 4171328]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-05-24 246304]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-06-11 868896]
R2 GREGService;GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe [2010-05-23 126904]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-06-29 255744]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 Updater Service;Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-29 243232]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8; c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-03 253656]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-04-06 867080]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe [2010-04-04 246520]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-27 115608]
S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-05 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

#4 Příspěvek od **Rudy** » 07 dub 2013 13:01

Jako první věc bych odinstaloval jeden z antivirů, které v systému máte. Mohou být navzájem v konfliktu.

raduch · #5 Příspěvek od **raduch** » 07 dub 2013 14:14

tak jsem odinstaloval norton..byl tam automaticky nainstalován se systémem..je to ale nějaká zkušební verze na pár dnů..stále mi vyskakovala nabídka na zakoupení plné ochrany.
nu tak jestli tohle byl jediný problém v logu,tak snad už bude vše v pořádku..uvidím.
jestli není nic jiného,tak zatím moc dík...

VIRY.CZ

moc prosím o kntrolu logu

moc prosím o kntrolu logu

Re: moc prosím o kntrolu logu

Re: moc prosím o kntrolu logu

Re: moc prosím o kntrolu logu

Re: moc prosím o kntrolu logu