Prosim o kontrolu.

[NeoFan]

mam pocit,ze mam daku haved.obcasne mi to zaseka a aj reproduktori obcasne zachrastia.

Logfile of random's system information tool 1.09 (written by random/random)
Run by miso at 2014-01-05 22:19:16
Microsoft Windows 7 Professional N Service Pack 1
System drive C: has 7 GB (24%) free of 30 GB
Total RAM: 7679 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:19:20 PM, on 1/5/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
D:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\miso\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
D:\Program Files\AVAST Software\Avast\AvastUI.exe
D:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\miso.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "D:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\miso\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Skype] "D:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\miso\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Facebook Messenger.lnk = C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O9 - Extra button: Odoslat do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslat do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 8504 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"D:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"D:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\miso\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe"
"D:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
taskeng.exe {A13FF295-015F-4A6E-8A67-337369B32EA0}
"D:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"E:\download\RSITx64(1).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2811220215-2768408660-1131186198-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2811220215-2768408660-1131186198-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\
jid1-4P0kohSJxU1qGg@jetpack

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-21 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-21 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-21 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-21 1138536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=C:\Users\miso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-21 138096]
"Skype"=D:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-15 20588704]
"uTorrent"=C:\Users\miso\AppData\Roaming\uTorrent\uTorrent.exe [2013-12-22 1142864]
"DAEMON Tools Lite"=D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=D:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-21 3764024]
"BCSSync"=D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe
Facebook Messenger.lnk - C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-05 22:19:16 ----D---- C:\rsit
2014-01-05 22:19:16 ----D---- C:\Program Files\trend micro
2013-12-31 01:22:44 ----D---- C:\Users\miso\AppData\Roaming\dvdcss
2013-12-29 18:33:12 ----D---- C:\Windows\rescache
2013-12-29 00:12:25 ----A---- C:\restart.bat
2013-12-28 19:09:45 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-12-28 19:09:45 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-12-28 19:09:44 ----D---- C:\Program Files (x86)\OpenAL
2013-12-28 19:09:44 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2013-12-28 19:09:44 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2013-12-28 19:09:44 ----A---- C:\Windows\system32\wrap_oal.dll
2013-12-28 19:09:44 ----A---- C:\Windows\system32\OpenAL32.dll
2013-12-28 19:09:18 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2013-12-28 19:09:18 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2013-12-28 19:09:18 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2013-12-28 19:09:18 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-12-28 19:09:18 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-12-28 19:09:18 ----A---- C:\Windows\system32\xactengine3_7.dll
2013-12-28 19:09:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2013-12-28 19:09:17 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-12-28 19:09:16 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2013-12-28 19:09:16 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2013-12-28 19:09:16 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-12-28 19:09:16 ----A---- C:\Windows\system32\d3dcsx_43.dll
2013-12-28 19:09:15 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2013-12-28 19:09:15 ----A---- C:\Windows\system32\d3dx10_43.dll
2013-12-28 19:09:14 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2013-12-28 19:09:14 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2013-12-28 19:09:14 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2013-12-28 19:09:14 ----A---- C:\Windows\system32\XAudio2_6.dll
2013-12-28 19:09:14 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2013-12-28 19:09:14 ----A---- C:\Windows\system32\D3DX9_43.dll
2013-12-28 19:09:13 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2013-12-28 19:09:13 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2013-12-28 19:09:13 ----A---- C:\Windows\system32\xactengine3_6.dll
2013-12-28 19:09:13 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2013-12-28 19:09:12 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2013-12-28 19:09:12 ----A---- C:\Windows\system32\XAudio2_5.dll
2013-12-28 19:09:09 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2013-12-28 19:09:09 ----A---- C:\Windows\system32\xactengine3_5.dll
2013-12-28 19:09:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2013-12-28 19:09:08 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2013-12-28 19:09:05 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2013-12-28 19:09:05 ----A---- C:\Windows\system32\d3dcsx_42.dll
2013-12-28 19:09:04 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2013-12-28 19:09:04 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2013-12-28 19:09:04 ----A---- C:\Windows\system32\d3dx11_42.dll
2013-12-28 19:09:04 ----A---- C:\Windows\system32\d3dx10_42.dll
2013-12-28 19:09:03 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2013-12-28 19:09:03 ----A---- C:\Windows\system32\D3DX9_42.dll
2013-12-28 19:09:02 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2013-12-28 19:09:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2013-12-28 19:09:02 ----A---- C:\Windows\system32\d3dx10_41.dll
2013-12-28 19:09:02 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2013-12-28 19:09:01 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2013-12-28 19:09:01 ----A---- C:\Windows\system32\D3DX9_41.dll
2013-12-28 19:09:00 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2013-12-28 19:09:00 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2013-12-28 19:09:00 ----A---- C:\Windows\system32\XAudio2_4.dll
2013-12-28 19:09:00 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2013-12-28 19:08:59 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2013-12-28 19:08:59 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2013-12-28 19:08:59 ----A---- C:\Windows\system32\xactengine3_4.dll
2013-12-28 19:08:59 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2013-12-28 19:08:58 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2013-12-28 19:08:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2013-12-28 19:08:58 ----A---- C:\Windows\system32\d3dx10_40.dll
2013-12-28 19:08:58 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2013-12-28 19:08:54 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2013-12-28 19:08:54 ----A---- C:\Windows\system32\D3DX9_40.dll
2013-12-28 19:08:52 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2013-12-28 19:08:52 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2013-12-28 19:08:52 ----A---- C:\Windows\system32\XAudio2_3.dll
2013-12-28 19:08:52 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2013-12-28 19:08:51 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2013-12-28 19:08:51 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2013-12-28 19:08:51 ----A---- C:\Windows\system32\xactengine3_3.dll
2013-12-28 19:08:51 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2013-12-28 19:08:50 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2013-12-28 19:08:50 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2013-12-28 19:08:50 ----A---- C:\Windows\system32\XAudio2_2.dll
2013-12-28 19:08:50 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2013-12-28 19:08:49 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2013-12-28 19:08:49 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2013-12-28 19:08:49 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2013-12-28 19:08:49 ----A---- C:\Windows\system32\xactengine3_2.dll
2013-12-28 19:08:49 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-12-28 19:08:49 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-12-28 19:08:48 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2013-12-28 19:08:48 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-12-28 19:08:47 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2013-12-28 19:08:47 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2013-12-28 19:08:47 ----A---- C:\Windows\system32\XAudio2_1.dll
2013-12-28 19:08:47 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2013-12-28 19:08:46 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2013-12-28 19:08:46 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2013-12-28 19:08:46 ----A---- C:\Windows\system32\xactengine3_1.dll
2013-12-28 19:08:46 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2013-12-28 19:08:44 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2013-12-28 19:08:44 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2013-12-28 19:08:44 ----A---- C:\Windows\system32\d3dx10_38.dll
2013-12-28 19:08:44 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2013-12-28 19:08:40 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2013-12-28 19:08:40 ----A---- C:\Windows\system32\D3DX9_38.dll
2013-12-28 19:08:38 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2013-12-28 19:08:38 ----A---- C:\Windows\system32\XAudio2_0.dll
2013-12-28 19:08:37 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2013-12-28 19:08:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2013-12-28 19:08:37 ----A---- C:\Windows\system32\xactengine3_0.dll
2013-12-28 19:08:37 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2013-12-28 19:08:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2013-12-28 19:08:36 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2013-12-28 19:08:35 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2013-12-28 19:08:35 ----A---- C:\Windows\system32\d3dx10_37.dll
2013-12-28 19:08:32 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2013-12-28 19:08:32 ----A---- C:\Windows\system32\D3DX9_37.dll
2013-12-28 19:08:31 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2013-12-28 19:08:31 ----A---- C:\Windows\system32\xactengine2_10.dll
2013-12-28 19:08:29 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2013-12-28 19:08:29 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2013-12-28 19:08:29 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2013-12-28 19:08:29 ----A---- C:\Windows\system32\d3dx9_36.dll
2013-12-28 19:08:29 ----A---- C:\Windows\system32\d3dx10_36.dll
2013-12-28 19:08:29 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2013-12-28 19:08:28 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2013-12-28 19:08:28 ----A---- C:\Windows\system32\xactengine2_9.dll
2013-12-28 19:08:27 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2013-12-28 19:08:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2013-12-28 19:08:27 ----A---- C:\Windows\system32\d3dx10_35.dll
2013-12-28 19:08:27 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2013-12-28 19:08:26 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2013-12-28 19:08:26 ----A---- C:\Windows\system32\d3dx9_35.dll
2013-12-28 19:08:25 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2013-12-28 19:08:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2013-12-28 19:08:25 ----A---- C:\Windows\system32\xactengine2_8.dll
2013-12-28 19:08:25 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2013-12-28 19:08:24 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2013-12-28 19:08:24 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2013-12-28 19:08:24 ----A---- C:\Windows\system32\d3dx10_34.dll
2013-12-28 19:08:24 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2013-12-28 19:08:22 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2013-12-28 19:08:22 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2013-12-28 19:08:22 ----A---- C:\Windows\system32\xinput1_3.dll
2013-12-28 19:08:22 ----A---- C:\Windows\system32\d3dx9_34.dll
2013-12-28 19:08:21 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2013-12-28 19:08:21 ----A---- C:\Windows\system32\xactengine2_7.dll
2013-12-28 19:08:20 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2013-12-28 19:08:20 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2013-12-28 19:08:20 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2013-12-28 19:08:20 ----A---- C:\Windows\system32\d3dx9_33.dll
2013-12-28 19:08:20 ----A---- C:\Windows\system32\d3dx10_33.dll
2013-12-28 19:08:20 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2013-12-28 19:08:18 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2013-12-28 19:08:18 ----A---- C:\Windows\system32\xactengine2_6.dll
2013-12-28 19:08:17 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2013-12-28 19:08:17 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2013-12-28 19:08:17 ----A---- C:\Windows\system32\xactengine2_5.dll
2013-12-28 19:08:17 ----A---- C:\Windows\system32\d3dx10.dll
2013-12-28 19:08:16 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2013-12-28 19:08:16 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-12-28 19:08:15 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2013-12-28 19:08:15 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2013-12-28 19:08:15 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2013-12-28 19:08:15 ----A---- C:\Windows\system32\xactengine2_4.dll
2013-12-28 19:08:15 ----A---- C:\Windows\system32\x3daudio1_1.dll
2013-12-28 19:08:15 ----A---- C:\Windows\system32\d3dx9_31.dll
2013-12-28 19:08:14 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2013-12-28 19:08:14 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2013-12-28 19:08:14 ----A---- C:\Windows\system32\xinput1_2.dll
2013-12-28 19:08:14 ----A---- C:\Windows\system32\xactengine2_3.dll
2013-12-28 19:08:10 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2013-12-28 19:08:10 ----A---- C:\Windows\system32\xactengine2_2.dll
2013-12-28 19:08:09 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2013-12-28 19:08:09 ----A---- C:\Windows\system32\xinput1_1.dll
2013-12-28 19:08:05 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2013-12-28 19:08:05 ----A---- C:\Windows\system32\xactengine2_1.dll
2013-12-28 19:07:53 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2013-12-28 19:07:53 ----A---- C:\Windows\system32\d3dx9_30.dll
2013-12-28 19:07:50 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2013-12-28 19:07:50 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2013-12-28 19:07:50 ----A---- C:\Windows\system32\xactengine2_0.dll
2013-12-28 19:07:50 ----A---- C:\Windows\system32\x3daudio1_0.dll
2013-12-28 19:07:48 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2013-12-28 19:07:48 ----A---- C:\Windows\system32\d3dx9_29.dll
2013-12-28 19:07:47 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2013-12-28 19:07:47 ----A---- C:\Windows\system32\d3dx9_28.dll
2013-12-28 19:07:45 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2013-12-28 19:07:45 ----A---- C:\Windows\system32\d3dx9_27.dll
2013-12-28 19:07:44 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2013-12-28 19:07:44 ----A---- C:\Windows\system32\d3dx9_26.dll
2013-12-28 19:07:39 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2013-12-28 19:07:39 ----A---- C:\Windows\system32\d3dx9_25.dll
2013-12-28 19:07:36 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2013-12-28 19:07:36 ----A---- C:\Windows\system32\d3dx9_24.dll
2013-12-28 01:44:38 ----D---- C:\Users\miso\AppData\Roaming\TeamViewer
2013-12-28 01:44:05 ----D---- C:\Program Files (x86)\TeamViewer
2013-12-26 23:53:34 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-12-26 23:53:31 ----D---- C:\Users\miso\AppData\Roaming\DAEMON Tools Lite
2013-12-26 23:52:17 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-12-26 18:15:22 ----D---- C:\Program Files (x86)\Adobe
2013-12-26 18:15:05 ----D---- C:\ProgramData\Adobe
2013-12-26 00:31:48 ----RD---- C:\Sandbox
2013-12-26 00:31:15 ----D---- C:\Users\miso\AppData\Roaming\Opera Software
2013-12-26 00:28:43 ----A---- C:\Windows\Sandboxie.ini
2013-12-24 02:32:41 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-12-24 02:32:41 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-12-24 02:32:41 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-12-24 02:32:41 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-12-24 02:32:41 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-12-24 02:32:41 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-12-24 02:32:41 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-12-24 00:40:10 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2013-12-24 00:39:46 ----D---- C:\Windows\PCHEALTH
2013-12-24 00:39:46 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2013-12-24 00:39:46 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-12-24 00:38:03 ----D---- C:\Program Files\Microsoft Office
2013-12-23 03:01:10 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-23 03:01:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-23 03:01:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-23 03:01:09 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-23 03:01:09 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-23 03:01:09 ----A---- C:\Windows\system32\ieui.dll
2013-12-23 03:01:08 ----A---- C:\Windows\system32\iesetup.dll
2013-12-23 03:01:08 ----A---- C:\Windows\system32\iernonce.dll
2013-12-23 03:01:08 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-23 03:01:07 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-23 03:01:07 ----A---- C:\Windows\system32\mshtml.dll
2013-12-23 03:01:07 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-23 03:01:07 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-23 03:01:07 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-23 03:01:07 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-23 03:01:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-23 03:01:06 ----A---- C:\Windows\system32\iertutil.dll
2013-12-23 03:01:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-23 03:01:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-23 03:01:05 ----A---- C:\Windows\system32\wininet.dll
2013-12-23 03:01:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-23 03:01:04 ----A---- C:\Windows\system32\urlmon.dll
2013-12-23 03:01:04 ----A---- C:\Windows\system32\ieframe.dll
2013-12-23 03:01:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-23 03:01:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-23 03:01:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-23 03:01:01 ----A---- C:\Windows\system32\jscript9.dll
2013-12-22 16:36:31 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-22 16:36:31 ----A---- C:\Windows\SYSWOW64\explorer.exe
2013-12-22 16:36:31 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-22 16:36:31 ----A---- C:\Windows\explorer.exe
2013-12-22 16:36:29 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2013-12-22 16:36:29 ----A---- C:\Windows\system32\drivers\bthport.sys
2013-12-22 16:36:25 ----A---- C:\Windows\SYSWOW64\esent.dll
2013-12-22 16:36:25 ----A---- C:\Windows\system32\fsutil.exe
2013-12-22 16:36:25 ----A---- C:\Windows\system32\esent.dll
2013-12-22 16:36:25 ----A---- C:\Windows\system32\drivers\amdxata.sys
2013-12-22 16:36:24 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2013-12-22 16:36:24 ----A---- C:\Windows\system32\drivers\storport.sys
2013-12-22 16:36:24 ----A---- C:\Windows\system32\drivers\nvstor.sys
2013-12-22 16:36:24 ----A---- C:\Windows\system32\drivers\nvraid.sys
2013-12-22 16:36:24 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2013-12-22 16:36:24 ----A---- C:\Windows\system32\drivers\amdsata.sys
2013-12-22 16:36:22 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2013-12-22 16:36:19 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-12-22 16:36:19 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-12-22 16:36:18 ----A---- C:\Windows\system32\spoolsv.exe
2013-12-22 16:36:18 ----A---- C:\Windows\splwow64.exe
2013-12-22 14:43:37 ----D---- C:\Users\miso\AppData\Roaming\OpenOffice
2013-12-22 14:29:43 ----D---- C:\Program Files (x86)\Google
2013-12-22 07:03:32 ----D---- C:\Windows\Prefetch
2013-12-22 07:03:25 ----SHD---- C:\System Volume Information
2013-12-22 07:03:25 ----ASH---- C:\hiberfil.sys
2013-12-22 07:02:27 ----D---- C:\Windows\Panther
2013-12-22 02:33:13 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2013-12-22 02:33:04 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2013-12-22 02:33:03 ----DC---- C:\Windows\system32\DRVSTORE
2013-12-22 02:27:48 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-12-22 02:25:01 ----D---- C:\Windows\Migration
2013-12-22 02:21:34 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-12-22 02:18:53 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-22 02:18:53 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\wextract.exe
2013-12-22 02:18:51 ----A---- C:\Windows\system32\webcheck.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\vbscript.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\url.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-22 02:18:51 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-22 02:18:51 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\occache.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\msrating.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\msls31.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\mshta.exe
2013-12-22 02:18:51 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-22 02:18:51 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\jscript.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\inseng.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\imgutil.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\iexpress.exe
2013-12-22 02:18:51 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\iepeers.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\ieapfltr.dat
2013-12-22 02:18:51 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\icardie.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\elshyph.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-22 02:09:30 ----D---- C:\Users\miso\AppData\Roaming\uTorrent
2013-12-22 00:50:17 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-12-22 00:30:28 ----D---- C:\Windows\SYSWOW64\Wat
2013-12-22 00:30:28 ----D---- C:\Windows\system32\Wat
2013-12-21 23:56:07 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-12-21 23:55:37 ----D---- C:\Program Files\Microsoft Analysis Services
2013-12-21 23:55:37 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2013-12-21 23:55:28 ----D---- C:\Program Files (x86)\Microsoft Office
2013-12-21 23:55:24 ----D---- C:\ProgramData\Microsoft Help
2013-12-21 23:43:30 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-12-21 23:43:30 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-12-21 23:43:30 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-12-21 23:43:28 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2013-12-21 23:43:28 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-12-21 23:43:28 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-12-21 23:43:26 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2013-12-21 23:43:26 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-12-21 23:43:26 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2013-12-21 23:43:26 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-12-21 23:43:26 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2013-12-21 23:43:26 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-12-21 23:43:26 ----A---- C:\Windows\system32\wksprtPS.dll
2013-12-21 23:43:26 ----A---- C:\Windows\system32\wksprt.exe
2013-12-21 23:43:26 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-12-21 23:43:26 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-12-21 23:43:26 ----A---- C:\Windows\system32\tsgqec.dll
2013-12-21 23:43:26 ----A---- C:\Windows\system32\rdpudd.dll
2013-12-21 23:43:26 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-12-21 23:43:26 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-12-21 23:43:26 ----A---- C:\Windows\system32\aaclient.dll
2013-12-21 23:43:25 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-12-21 23:43:25 ----A---- C:\Windows\system32\rdpcorets.dll
2013-12-21 23:43:25 ----A---- C:\Windows\system32\mstscax.dll
2013-12-21 23:43:25 ----A---- C:\Windows\system32\mstsc.exe
2013-12-21 23:35:42 ----A---- C:\Windows\system32\browserchoice.exe
2013-12-21 23:18:55 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-12-21 23:18:54 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-12-21 23:18:54 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-12-21 23:18:54 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-12-21 23:18:53 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-12-21 23:18:52 ----A---- C:\Windows\system32\WUDFx.dll
2013-12-21 23:18:52 ----A---- C:\Windows\system32\WUDFHost.exe
2013-12-21 23:11:47 ----D---- C:\Windows\system32\MRT
2013-12-21 23:11:44 ----A---- C:\Windows\system32\MRT.exe
2013-12-21 23:10:50 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-12-21 23:10:49 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-12-21 23:10:49 ----A---- C:\Windows\system32\UIAnimation.dll
2013-12-21 23:10:49 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-21 23:10:42 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-12-21 23:10:42 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-12-21 23:10:42 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-12-21 23:10:42 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-12-21 23:10:42 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-12-21 23:10:42 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-12-21 23:10:42 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-12-21 23:10:42 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-12-21 23:10:42 ----A---- C:\Windows\system32\dxgi.dll
2013-12-21 23:10:42 ----A---- C:\Windows\system32\d3d10warp.dll
2013-12-21 23:10:42 ----A---- C:\Windows\system32\d3d10level9.dll
2013-12-21 23:10:42 ----A---- C:\Windows\system32\d3d10core.dll
2013-12-21 23:10:42 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-12-21 23:10:42 ----A---- C:\Windows\system32\d3d10_1.dll
2013-12-21 23:10:41 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-12-21 23:10:41 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-12-21 23:10:41 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-12-21 23:10:41 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-12-21 23:10:41 ----A---- C:\Windows\system32\XpsPrint.dll
2013-12-21 23:10:41 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-12-21 23:10:41 ----A---- C:\Windows\system32\FntCache.dll
2013-12-21 23:10:41 ----A---- C:\Windows\system32\DWrite.dll
2013-12-21 23:10:41 ----A---- C:\Windows\system32\d3d10.dll
2013-12-21 23:10:40 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-12-21 23:10:40 ----A---- C:\Windows\system32\d2d1.dll
2013-12-21 23:10:17 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-12-21 23:10:16 ----A---- C:\Windows\SYSWOW64\wmi.dll
2013-12-21 23:10:16 ----A---- C:\Windows\system32\wmi.dll
2013-12-21 23:07:40 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-12-21 23:07:40 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-12-21 23:07:40 ----A---- C:\Windows\system32\certutil.exe
2013-12-21 23:07:40 ----A---- C:\Windows\system32\certenc.dll
2013-12-21 23:07:19 ----A---- C:\Windows\system32\wow64win.dll
2013-12-21 23:07:18 ----A---- C:\Windows\system32\ntvdm64.dll
2013-12-21 23:07:17 ----A---- C:\Windows\system32\wow64cpu.dll
2013-12-21 23:06:49 ----A---- C:\Windows\system32\consent.exe
2013-12-21 23:06:49 ----A---- C:\Windows\system32\appinfo.dll
2013-12-21 23:06:40 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-12-21 23:06:40 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-12-21 23:06:40 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-12-21 23:06:40 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-12-21 23:06:37 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2013-12-21 23:06:37 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2013-12-21 23:06:37 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2013-12-21 23:06:34 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-21 23:06:34 ----A---- C:\Windows\system32\tzres.dll
2013-12-21 23:06:30 ----A---- C:\Windows\SYSWOW64\sbe.dll
2013-12-21 23:06:30 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2013-12-21 23:06:30 ----A---- C:\Windows\system32\sbe.dll
2013-12-21 23:06:30 ----A---- C:\Windows\system32\CPFilters.dll
2013-12-21 23:06:27 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-12-21 23:06:27 ----A---- C:\Windows\system32\wintrust.dll
2013-12-21 23:06:11 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2013-12-21 23:06:11 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-12-21 23:06:11 ----A---- C:\Windows\system32\xmllite.dll
2013-12-21 23:06:11 ----A---- C:\Windows\system32\comctl32.dll
2013-12-21 23:06:09 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-12-21 23:06:09 ----A---- C:\Windows\system32\qdvd.dll
2013-12-21 23:06:07 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-12-21 23:05:35 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-12-21 23:05:35 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-12-21 23:05:35 ----A---- C:\Windows\system32\winsrv.dll
2013-12-21 23:05:35 ----A---- C:\Windows\system32\KernelBase.dll
2013-12-21 23:05:35 ----A---- C:\Windows\system32\kernel32.dll
2013-12-21 23:05:35 ----A---- C:\Windows\system32\conhost.exe
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-12-21 23:05:34 ----A---- C:\Windows\system32\smss.exe
2013-12-21 23:05:34 ----A---- C:\Windows\system32\csrsrv.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-12-21 23:05:33 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-12-21 23:05:33 ----A---- C:\Windows\system32\apisetschema.dll
2013-12-21 23:05:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-12-21 23:05:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-12-21 23:05:27 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-12-21 23:05:27 ----A---- C:\Windows\system32\advapi32.dll
2013-12-21 23:05:26 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-12-21 23:05:26 ----A---- C:\Windows\system32\tdh.dll
2013-12-21 23:05:26 ----A---- C:\Windows\system32\ntdll.dll
2013-12-21 23:05:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-12-21 23:05:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-12-21 23:05:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-12-21 23:05:25 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-12-21 23:05:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-12-21 23:05:25 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-12-21 23:05:25 ----A---- C:\Windows\system32\wow64.dll
2013-12-21 23:05:24 ----A---- C:\Windows\SYSWOW64\user.exe
2013-12-21 23:05:03 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-12-21 23:05:01 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2013-12-21 23:05:01 ----A---- C:\Windows\system32\cdosys.dll
2013-12-21 23:05:00 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-12-21 23:05:00 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-12-21 23:04:56 ----A---- C:\Windows\system32\drivers\bowser.sys
2013-12-21 23:04:52 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-12-21 23:04:52 ----A---- C:\Windows\system32\netcorehc.dll
2013-12-21 23:04:52 ----A---- C:\Windows\system32\ncsi.dll
2013-12-21 23:04:51 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-12-21 23:04:51 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-12-21 23:04:51 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-12-21 23:04:51 ----A---- C:\Windows\system32\nlasvc.dll
2013-12-21 23:04:51 ----A---- C:\Windows\system32\nlaapi.dll
2013-12-21 23:04:51 ----A---- C:\Windows\system32\netevent.dll
2013-12-21 23:04:51 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-12-21 23:04:51 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-12-21 23:04:47 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-12-21 23:04:47 ----A---- C:\Windows\system32\rpcrt4.dll
2013-12-21 23:04:42 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-12-21 23:04:42 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-12-21 23:04:42 ----A---- C:\Windows\system32\Wpc.dll
2013-12-21 23:04:42 ----A---- C:\Windows\system32\gameux.dll
2013-12-21 23:04:35 ----A---- C:\Windows\system32\d3d11.dll
2013-12-21 23:04:34 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-12-21 23:04:23 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2013-12-21 23:04:23 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2013-12-21 23:04:23 ----A---- C:\Windows\system32\mfc42u.dll
2013-12-21 23:04:23 ----A---- C:\Windows\system32\mfc42.dll
2013-12-21 23:04:21 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2013-12-21 23:04:21 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2013-12-21 23:04:21 ----A---- C:\Windows\system32\oleaut32.dll
2013-12-21 23:04:21 ----A---- C:\Windows\system32\oleacc.dll
2013-12-21 23:04:11 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-12-21 23:04:11 ----A---- C:\Windows\system32\win32spl.dll
2013-12-21 23:04:09 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2013-12-21 23:04:09 ----A---- C:\Windows\system32\ntshrui.dll
2013-12-21 23:04:06 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-12-21 23:03:57 ----A---- C:\Windows\system32\win32k.sys
2013-12-21 23:03:56 ----A---- C:\Windows\system32\wwansvc.dll
2013-12-21 23:03:56 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-12-21 23:03:52 ----A---- C:\Windows\system32\tquery.dll
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\tquery.dll
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\mssph.dll
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2013-12-21 23:03:51 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2013-12-21 23:03:51 ----A---- C:\Windows\system32\SearchIndexer.exe
2013-12-21 23:03:51 ----A---- C:\Windows\system32\SearchFilterHost.exe
2013-12-21 23:03:51 ----A---- C:\Windows\system32\mssvp.dll
2013-12-21 23:03:51 ----A---- C:\Windows\system32\mssrch.dll
2013-12-21 23:03:51 ----A---- C:\Windows\system32\mssphtb.dll
2013-12-21 23:03:51 ----A---- C:\Windows\system32\mssph.dll
2013-12-21 23:03:51 ----A---- C:\Windows\system32\msscntrs.dll
2013-12-21 23:03:46 ----A---- C:\Windows\system32\shell32.dll
2013-12-21 23:03:45 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-12-21 23:03:45 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-12-21 23:03:45 ----A---- C:\Windows\system32\shdocvw.dll
2013-12-21 23:03:37 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-12-21 23:03:37 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-12-21 23:03:37 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-12-21 23:03:37 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-12-21 23:03:37 ----A---- C:\Windows\system32\sspisrv.dll
2013-12-21 23:03:37 ----A---- C:\Windows\system32\sspicli.dll
2013-12-21 23:03:37 ----A---- C:\Windows\system32\secur32.dll
2013-12-21 23:03:37 ----A---- C:\Windows\system32\schannel.dll
2013-12-21 23:03:37 ----A---- C:\Windows\system32\ncrypt.dll
2013-12-21 23:03:37 ----A---- C:\Windows\system32\lsass.exe
2013-12-21 23:03:37 ----A---- C:\Windows\system32\lsasrv.dll
2013-12-21 23:03:37 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-12-21 23:03:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-12-21 23:03:37 ----A---- C:\Windows\system32\drivers\cng.sys
2013-12-21 23:03:32 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-12-21 23:03:32 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-12-21 23:03:32 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-12-21 23:03:32 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-21 23:03:32 ----A---- C:\Windows\system32\credui.dll
2013-12-21 23:03:32 ----A---- C:\Windows\system32\authui.dll
2013-12-21 23:03:29 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-12-21 23:03:29 ----A---- C:\Windows\system32\qedit.dll
2013-12-21 23:03:29 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-12-21 23:03:28 ----A---- C:\Windows\SYSWOW64\srclient.dll
2013-12-21 23:03:28 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-12-21 23:03:28 ----A---- C:\Windows\system32\srcore.dll
2013-12-21 23:03:28 ----A---- C:\Windows\system32\msxml6.dll
2013-12-21 23:03:28 ----A---- C:\Windows\system32\msxml3.dll
2013-12-21 23:03:27 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2013-12-21 23:03:27 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-12-21 23:03:27 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2013-12-21 23:03:27 ----A---- C:\Windows\system32\msxml3r.dll
2013-12-21 23:03:27 ----A---- C:\Windows\system32\EncDec.dll
2013-12-21 23:03:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-12-21 23:03:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-12-21 23:03:22 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-12-21 23:03:22 ----A---- C:\Windows\system32\cryptsvc.dll
2013-12-21 23:03:22 ----A---- C:\Windows\system32\cryptnet.dll
2013-12-21 23:03:22 ----A---- C:\Windows\system32\crypt32.dll
2013-12-21 23:03:15 ----A---- C:\Windows\system32\poqexec.exe
2013-12-21 23:03:14 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2013-12-21 23:03:11 ----A---- C:\Windows\system32\drivers\netio.sys
2013-12-21 23:03:11 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-12-21 23:03:09 ----A---- C:\Windows\system32\mswsock.dll
2013-12-21 23:03:09 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-12-21 23:03:08 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-12-21 23:03:05 ----A---- C:\Windows\system32\scavengeui.dll
2013-12-21 23:02:54 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-12-21 23:02:54 ----A---- C:\Windows\system32\cryptdlg.dll
2013-12-21 23:02:49 ----A---- C:\Windows\system32\Wdfres.dll
2013-12-21 23:02:49 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-12-21 23:02:49 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-12-21 23:02:46 ----A---- C:\Windows\SYSWOW64\webio.dll
2013-12-21 23:02:46 ----A---- C:\Windows\system32\webio.dll
2013-12-21 23:02:45 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-21 23:02:45 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-21 23:02:45 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-12-21 23:02:43 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-21 23:02:43 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-21 23:02:43 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-21 23:02:43 ----A---- C:\Windows\system32\wscript.exe
2013-12-21 23:02:43 ----A---- C:\Windows\system32\scrrun.dll
2013-12-21 23:02:43 ----A---- C:\Windows\system32\cscript.exe
2013-12-21 23:02:41 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-12-21 23:02:41 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2013-12-21 23:02:41 ----A---- C:\Windows\system32\usp10.dll
2013-12-21 23:02:41 ----A---- C:\Windows\system32\msvcrt.dll
2013-12-21 23:02:40 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-12-21 23:02:40 ----A---- C:\Windows\system32\atmfd.dll
2013-12-21 23:02:39 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-12-21 23:02:39 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-12-21 23:02:39 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-12-21 23:02:39 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-12-21 23:02:39 ----A---- C:\Windows\system32\lpk.dll
2013-12-21 23:02:39 ----A---- C:\Windows\system32\fontsub.dll
2013-12-21 23:02:39 ----A---- C:\Windows\system32\dciman32.dll
2013-12-21 23:02:39 ----A---- C:\Windows\system32\atmlib.dll
2013-12-21 23:02:37 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-12-21 23:02:37 ----A---- C:\Windows\SYSWOW64\quartz.dll
2013-12-21 23:02:37 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-12-21 23:02:37 ----A---- C:\Windows\system32\WebClnt.dll
2013-12-21 23:02:37 ----A---- C:\Windows\system32\quartz.dll
2013-12-21 23:02:37 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-12-21 23:02:37 ----A---- C:\Windows\system32\davclnt.dll
2013-12-21 23:02:36 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-12-21 23:02:36 ----A---- C:\Windows\system32\taskhost.exe
2013-12-21 23:02:36 ----A---- C:\Windows\system32\gdi32.dll
2013-12-21 23:02:23 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2013-12-21 23:02:23 ----A---- C:\Windows\system32\psisdecd.dll
2013-12-21 23:02:19 ----A---- C:\Windows\SYSWOW64\msi.dll
2013-12-21 23:02:19 ----A---- C:\Windows\system32\msi.dll
2013-12-21 23:02:19 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-12-21 23:02:18 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-12-21 23:02:17 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-12-21 23:02:15 ----A---- C:\Windows\system32\localspl.dll
2013-12-21 23:02:12 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2013-12-21 23:02:12 ----A---- C:\Windows\SYSWOW64\browcli.dll
2013-12-21 23:02:12 ----A---- C:\Windows\system32\netapi32.dll
2013-12-21 23:02:12 ----A---- C:\Windows\system32\browser.dll
2013-12-21 23:02:12 ----A---- C:\Windows\system32\browcli.dll
2013-12-21 23:02:11 ----A---- C:\Windows\system32\drivers\srvnet.sys
2013-12-21 23:02:11 ----A---- C:\Windows\system32\drivers\srv2.sys
2013-12-21 23:02:11 ----A---- C:\Windows\system32\drivers\srv.sys
2013-12-21 23:02:11 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-12-21 23:02:11 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-12-21 23:02:11 ----A---- C:\Windows\system32\cdd.dll
2013-12-21 23:02:10 ----A---- C:\Windows\system32\drivers\afd.sys
2013-12-21 23:02:09 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2013-12-21 23:02:09 ----A---- C:\Windows\system32\profsvc.dll
2013-12-21 23:02:09 ----A---- C:\Windows\system32\prevhost.exe
2013-12-21 23:02:07 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2013-12-21 23:02:07 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2013-12-21 23:02:07 ----A---- C:\Windows\system32\dnsrslvr.dll
2013-12-21 23:02:07 ----A---- C:\Windows\system32\dnscacheugc.exe
2013-12-21 23:02:07 ----A---- C:\Windows\system32\dnsapi.dll
2013-12-21 23:02:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-12-21 23:02:06 ----A---- C:\Windows\system32\kerberos.dll
2013-12-21 23:02:05 ----A---- C:\Windows\system32\winresume.exe
2013-12-21 23:02:05 ----A---- C:\Windows\system32\winload.exe
2013-12-21 23:02:05 ----A---- C:\Windows\system32\kdusb.dll
2013-12-21 23:02:05 ----A---- C:\Windows\system32\kdcom.dll
2013-12-21 23:02:05 ----A---- C:\Windows\system32\kd1394.dll
2013-12-21 23:02:03 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-21 23:02:03 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-21 23:02:01 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2013-12-21 23:02:01 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2013-12-21 23:02:01 ----A---- C:\Windows\SYSWOW64\devobj.dll
2013-12-21 23:02:01 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2013-12-21 23:02:01 ----A---- C:\Windows\system32\umpnpmgr.dll
2013-12-21 23:02:00 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-21 23:02:00 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-21 23:02:00 ----A---- C:\Windows\system32\FXSCOVER.exe
2013-12-21 23:01:59 ----A---- C:\Windows\system32\odbccu32.dll
2013-12-21 23:01:59 ----A---- C:\Windows\system32\odbccr32.dll
2013-12-21 23:01:59 ----A---- C:\Windows\system32\odbccp32.dll
2013-12-21 23:01:58 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2013-12-21 23:01:58 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2013-12-21 23:01:58 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2013-12-21 23:01:58 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2013-12-21 23:01:58 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2013-12-21 23:01:58 ----A---- C:\Windows\system32\odbctrac.dll
2013-12-21 23:01:57 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-12-21 23:01:57 ----A---- C:\Windows\system32\synceng.dll
2013-12-21 23:01:53 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2013-12-21 23:01:53 ----A---- C:\Windows\system32\inetcomm.dll
2013-12-21 23:01:51 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-12-21 23:01:49 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-21 23:01:49 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-12-21 23:01:49 ----A---- C:\Windows\system32\rdpwsx.dll
2013-12-21 23:01:49 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-12-21 23:01:49 ----A---- C:\Windows\system32\msieftp.dll
2013-12-21 23:01:49 ----A---- C:\Windows\system32\dpnet.dll
2013-12-21 23:01:48 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-12-21 23:01:48 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-12-21 23:01:48 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-12-21 23:01:47 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-12-21 23:01:45 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2013-12-21 22:59:38 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-12-21 22:59:38 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-12-21 22:59:38 ----A---- C:\Windows\system32\nshwfp.dll
2013-12-21 22:59:38 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-12-21 22:59:38 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-12-21 22:49:33 ----A---- C:\Windows\SYSWOW64\packager.dll
2013-12-21 22:49:33 ----A---- C:\Windows\system32\packager.dll
2013-12-21 22:33:10 ----D---- C:\Users\miso\AppData\Roaming\Dropbox
2013-12-21 22:26:52 ----D---- C:\Users\miso\AppData\Roaming\Skype
2013-12-21 22:26:40 ----D---- C:\Users\miso\AppData\Roaming\Macromedia
2013-12-21 22:26:40 ----D---- C:\Users\miso\AppData\Roaming\Adobe
2013-12-21 22:26:28 ----D---- C:\ProgramData\Skype
2013-12-21 22:26:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-21 22:26:07 ----D---- C:\Windows\SYSWOW64\Macromed
2013-12-21 22:26:03 ----D---- C:\Windows\system32\Macromed
2013-12-21 22:24:21 ----D---- C:\Users\miso\AppData\Roaming\vlc
2013-12-21 22:21:03 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2013-12-21 22:20:59 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2013-12-21 22:16:41 ----D---- C:\Users\miso\AppData\Roaming\AVAST Software
2013-12-21 22:16:20 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-12-21 22:16:20 ----A---- C:\Windows\system32\drivers\aswstm.sys
2013-12-21 22:16:17 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-12-21 22:16:14 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-12-21 22:16:14 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-12-21 22:16:14 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-12-21 22:16:14 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-12-21 22:16:14 ----A---- C:\Windows\system32\aswBoot.exe
2013-12-21 22:16:13 ----A---- C:\Windows\avastSS.scr
2013-12-21 22:15:20 ----D---- C:\ProgramData\AVAST Software
2013-12-21 22:14:41 ----D---- C:\Users\miso\AppData\Roaming\Mozilla
2013-12-21 22:14:34 ----D---- C:\ProgramData\Mozilla
2013-12-21 22:14:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 22:13:40 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2013-12-21 22:13:40 ----A---- C:\Windows\system32\rdpcore.dll
2013-12-21 22:13:40 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2013-12-21 22:12:21 ----SHD---- C:\Windows\Installer
2013-12-21 22:09:57 ----D---- C:\Users\miso\AppData\Roaming\Identities
2013-12-21 22:09:54 ----A---- C:\Windows\system32\wups2.dll
2013-12-21 22:09:54 ----A---- C:\Windows\system32\wucltux.dll
2013-12-21 22:09:54 ----A---- C:\Windows\system32\wuaueng.dll
2013-12-21 22:09:54 ----A---- C:\Windows\system32\wuauclt.exe
2013-12-21 22:09:52 ----A---- C:\Windows\system32\wups.dll
2013-12-21 22:09:52 ----A---- C:\Windows\system32\wudriver.dll
2013-12-21 22:09:52 ----A---- C:\Windows\system32\wuapi.dll
2013-12-21 22:09:50 ----A---- C:\Windows\system32\wuwebv.dll
2013-12-21 22:09:50 ----A---- C:\Windows\system32\wuapp.exe
2013-12-21 22:09:48 ----SD---- C:\Users\miso\AppData\Roaming\Microsoft
2013-12-21 22:09:35 ----SHD---- C:\Recovery
2013-12-21 22:09:32 ----D---- C:\Windows\SoftwareDistribution
2013-12-18 17:16:44 ----A---- C:\Windows\system32\drivers\VBoxUSB.sys
2013-12-18 17:16:44 ----A---- C:\Windows\system32\drivers\VBoxNetFlt.sys
2013-12-18 17:16:44 ----A---- C:\Windows\system32\drivers\VBoxNetAdp.sys
2013-12-18 17:13:30 ----A---- C:\Windows\system32\VBoxNetFltNobj.dll

======List of files/folders modified in the last 1 month======

2014-01-05 22:19:17 ----D---- C:\Windows\Temp
2014-01-05 22:19:16 ----RD---- C:\Program Files
2014-01-05 22:13:10 ----D---- C:\Windows\System32
2014-01-05 22:13:10 ----D---- C:\Windows\inf
2014-01-05 22:13:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-05 22:10:10 ----D---- C:\Windows\system32\config
2014-01-05 22:05:59 ----D---- C:\Windows\system32\DriverStore
2014-01-05 22:05:59 ----D---- C:\Windows\system32\catroot
2014-01-05 22:05:16 ----D---- C:\Windows\system32\Tasks
2014-01-05 22:05:15 ----D---- C:\Windows
2014-01-05 14:44:59 ----D---- C:\Windows\system32\wdi
2014-01-04 20:18:31 ----RSD---- C:\Windows\assembly
2013-12-30 22:26:48 ----D---- C:\Windows\SysWOW64
2013-12-28 19:09:45 ----RD---- C:\Program Files (x86)
2013-12-28 19:08:22 ----D---- C:\Windows\Logs
2013-12-28 19:07:55 ----D---- C:\Windows\Microsoft.NET
2013-12-28 19:07:01 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-12-28 14:32:45 ----D---- C:\Windows\winsxs
2013-12-28 14:31:45 ----D---- C:\Program Files\Internet Explorer
2013-12-28 14:31:45 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-28 14:22:19 ----D---- C:\Windows\system32\catroot2
2013-12-28 14:11:33 ----D---- C:\Windows\SYSWOW64\migration
2013-12-28 14:11:33 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-28 14:11:33 ----D---- C:\Windows\system32\migration
2013-12-28 14:11:33 ----D---- C:\Windows\system32\en-US
2013-12-28 14:11:33 ----D---- C:\Windows\PolicyDefinitions
2013-12-28 14:10:22 ----D---- C:\Windows\servicing
2013-12-28 01:44:13 ----RSD---- C:\Windows\Fonts
2013-12-27 01:06:46 ----D---- C:\Windows\system32\drivers
2013-12-26 23:52:17 ----HD---- C:\ProgramData
2013-12-26 18:15:22 ----D---- C:\Program Files (x86)\Common Files
2013-12-24 00:40:47 ----D---- C:\Windows\ShellNew
2013-12-24 00:40:33 ----D---- C:\Program Files (x86)\MSBuild
2013-12-24 00:39:46 ----SD---- C:\ProgramData\Microsoft
2013-12-24 00:38:02 ----A---- C:\Windows\win.ini
2013-12-22 14:29:45 ----D---- C:\Windows\Tasks
2013-12-22 07:05:45 ----D---- C:\Windows\system32\sysprep
2013-12-22 07:03:37 ----D---- C:\Windows\CSC
2013-12-22 03:17:46 ----D---- C:\Program Files\Common Files\System
2013-12-22 03:17:45 ----D---- C:\Windows\AppPatch
2013-12-22 00:30:34 ----D---- C:\Windows\system32\drivers\en-US
2013-12-22 00:30:34 ----D---- C:\Program Files\Windows Defender
2013-12-22 00:30:34 ----D---- C:\Program Files (x86)\Windows Defender
2013-12-22 00:30:32 ----D---- C:\Windows\SYSWOW64\wbem
2013-12-22 00:30:32 ----D---- C:\Windows\system32\wbem
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\it-IT
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\es-ES
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\el-GR
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\de-DE
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\da-DK
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-22 00:30:21 ----D---- C:\Windows\system32\zh-HK
2013-12-22 00:30:21 ----D---- C:\Windows\system32\tr-TR
2013-12-22 00:30:21 ----D---- C:\Windows\system32\sv-SE
2013-12-22 00:30:21 ----D---- C:\Windows\system32\pt-PT
2013-12-22 00:30:21 ----D---- C:\Windows\system32\pt-BR
2013-12-22 00:30:21 ----D---- C:\Windows\system32\pl-PL
2013-12-22 00:30:21 ----D---- C:\Windows\system32\nl-NL
2013-12-22 00:30:21 ----D---- C:\Windows\system32\ko-KR
2013-12-22 00:30:21 ----D---- C:\Windows\system32\it-IT
2013-12-22 00:30:21 ----D---- C:\Windows\system32\hu-HU
2013-12-22 00:30:21 ----D---- C:\Windows\system32\fr-FR
2013-12-22 00:30:21 ----D---- C:\Windows\system32\fi-FI
2013-12-22 00:30:21 ----D---- C:\Windows\system32\es-ES
2013-12-22 00:30:21 ----D---- C:\Windows\system32\el-GR
2013-12-22 00:30:21 ----D---- C:\Windows\system32\Boot
2013-12-22 00:30:20 ----D---- C:\Windows\system32\zh-TW
2013-12-22 00:30:20 ----D---- C:\Windows\system32\zh-CN
2013-12-22 00:30:20 ----D---- C:\Windows\system32\ru-RU
2013-12-22 00:30:20 ----D---- C:\Windows\system32\nb-NO
2013-12-22 00:30:20 ----D---- C:\Windows\system32\ja-JP
2013-12-22 00:30:20 ----D---- C:\Windows\system32\de-DE
2013-12-22 00:30:20 ----D---- C:\Windows\system32\da-DK
2013-12-22 00:30:20 ----D---- C:\Windows\system32\cs-CZ
2013-12-22 00:30:20 ----D---- C:\Program Files\Windows Journal
2013-12-22 00:17:20 ----D---- C:\Windows\ModemLogs
2013-12-21 23:11:46 ----D---- C:\Windows\debug
2013-12-21 22:16:37 ----D---- C:\Windows\system32\CodeIntegrity
2013-12-21 22:09:54 ----SHD---- C:\$Recycle.Bin
2013-12-21 22:09:45 ----RD---- C:\Users
2013-12-21 22:09:41 ----D---- C:\Windows\system32\restore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-12-21 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-21 207904]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [2013-12-21 28184]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-12-21 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-12-21 1034464]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-12-21 422216]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-26 283064]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2013-12-18 252688]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2013-12-18 126736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-12-21 78648]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 9319936]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-20 306176]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2013-12-21 79672]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-09-15 1061888]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-12-18 140560]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2013-12-18 154896]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 9319936]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2013-12-18 113936]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-20 203776]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-21 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-22 116648]
S2 SkypeUpdate;Skype Updater; D:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-21 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-22 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-21 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Márty84]

Zdravim

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[NeoFan]

zdravim

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
http://www.malwarebytes.org

Database version: v2014.01.06.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
miso :: MISO-PC [administrator]

Protection: Enabled

1/6/2014 10:31:21 PM
MBAM-log-2014-01-07 (07-17-59).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 536679
Time elapsed: 51 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)


Folders Detected: 0
(No malicious items detected)

Files Detected: 8
C:\Users\miso\Documents\cgminer-3.7.2-windows\cgminer-3.7.2-windows\cgminer-nogpu.exe (PUP.Optional.Cgminer) -> No action taken.
C:\Users\miso\Documents\cgminer-3.7.2-windows\cgminer-3.7.2-windows\cgminer.exe (PUP.Optional.Cgminer) -> No action taken.
E:\download\DTLite4481-0347.exe (PUP.Optional.OpenCandy) -> No action taken.
E:\download\pooler-cpuminer-2.3.2-win32.zip (PUP.BitCoinMiner) -> No action taken.
E:\download\SFInstaller_SFFZ_filezilla_8992693_(1).exe (PUP.Optional.Spigot.A) -> No action taken.
E:\download\SFInstaller_SFFZ_filezilla_8992693_.exe (PUP.Optional.Spigot.A) -> No action taken.
E:\download\pooler-cpuminer-2.3.2-win32\minerd.exe (PUP.BitCoinMiner) -> No action taken.
E:\New folder (7)\usb zaloha 22.10.2012\DTLite4454-0315.exe (PUP.Optional.OpenCandy) -> No action taken.

(end)

[Márty84]

Nalezy nechte odstranit, pak MBAM odinstalujte.


Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

[NeoFan]

# AdwCleaner v3.016 - Report created 08/01/2014 at 01:21:09
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Professional N Service Pack 1 (64 bits)
# Username : miso - MISO-PC
# Running from : C:\Users\miso\Desktop\adwcleaner(2).exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [979 octets] - [08/01/2014 01:19:35]
AdwCleaner[R1].txt - [900 octets] - [08/01/2014 01:21:09]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [959 octets] ##########

[Márty84]

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zase zkopirujte.


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

[NeoFan]

rogue killer daco najde a potom prestane fungovat a spadne


# AdwCleaner v3.016 - Report created 08/01/2014 at 13:46:28
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Professional N Service Pack 1 (64 bits)
# Username : miso - MISO-PC
# Running from : C:\Users\miso\Desktop\adwcleaner(2).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [979 octets] - [08/01/2014 01:19:35]
AdwCleaner[R1].txt - [1038 octets] - [08/01/2014 01:21:09]
AdwCleaner[R2].txt - [1099 octets] - [08/01/2014 13:45:43]
AdwCleaner[S0].txt - [1023 octets] - [08/01/2014 13:46:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1083 octets] ##########

[Márty84]

rogue killer daco najde a potom prestane fungovat a spadne

Zkuste ho spustit v nouzovem rezimu

[NeoFan]

to iste...

[Márty84]

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

[NeoFan]

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Professional N SP1 [6.1 Build 7601] (x64)
Date : 2014/01/08 20:24:22

-- Controller Map ----------------------------------------------------------
+ ATA Channel 1 (1) [ATA]
- WDC WD20EARX-00PASB0 ATA Device
+ ATA Channel 0 (0) [ATA]
- TSSTcorp CDDVDW SH-224DB ATA Device
+ ATA Channel 1 (1) [ATA]
- KINGSTON SV100S232G ATA Device
+ Standard Dual Channel PCI IDE Controller [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Standard Dual Channel PCI IDE Controller [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) WDC WD20EARX-00PASB0 : 2000.3 GB [0/3/0, pd1]
(2) KINGSTON SV100S232G : 32.0 GB [1/1/0, pd1] - jm

----------------------------------------------------------------------------
(1) WDC WD20EARX-00PASB0
----------------------------------------------------------------------------
Model : WDC WD20EARX-00PASB0
Firmware : 51.0AB51
Serial Number : WD-WMAZA7701760
Disk Size : 2000.3 GB (8.4/137.4/2000.3)
Buffer Size : Unknown
Queue Depth : 32
# of Sectors : 3907029168
Rotation Rate : Unknown
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600
Power On Hours : 11474 hours
Power On Count : 472 count
Temparature : 35 C (95 F)
Health Status : Good
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000001 Read Error Rate
03 177 167 _21 000000001806 Spin-Up Time
04 100 100 __0 00000000033E Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 200 200 __0 000000000000 Seek Error Rate
09 _85 _85 __0 000000002CD2 Power-On Hours
0A 100 100 __0 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C 100 100 __0 0000000001D8 Power Cycle Count
C0 200 200 __0 00000000002F Power-off Retract Count
C1 180 180 __0 00000000F0B5 Load/Unload Cycle Count
C2 115 105 __0 000000000023 Temperature
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 200 200 __0 000000000000 Uncorrectable Sector Count
C7 200 199 __0 000000000002 UltraDMA CRC Error Count
C8 200 200 __0 000000000000 Write Error Rate

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 4137 4137 3730 3137 3630
020: 0000 0000 0032 3531 2E30 3531 3531 5744 4320 5744
030: 3230 4541 5258 2D30 3050 4230 4230 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 170E 170E 0004 0044 0040
080: 01FE 0000 746B 7D61 4123 BC41 BC41 4123 407F 00D5
090: 00D5 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 88B0 E8E0 0000 0000 0000 6003 6003 0000 5001 4EE2
110: B173 EAA3 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 3035 3035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A2A5

----------------------------------------------------------------------------
(2) KINGSTON SV100S232G
----------------------------------------------------------------------------
Model : KINGSTON SV100S232G
Firmware : 111012
Serial Number : 32GBC0047405
Disk Size : 32.0 GB (8.4/32.0/32.0)
Buffer Size : Unknown
Queue Depth : 32
# of Sectors : 62533296
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 14894 hours
Power On Count : 224 count
Temparature : 45 C (113 F)
Health Status : Good (100 %)
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM
APM Level : 0000h [OFF]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Read Error Rate
02 100 100 _50 000000000000 Throughput Performance
03 100 100 _50 000000000000 Spin-Up Time
05 100 100 _50 000000000000 Reallocated Sectors Count
07 100 100 _50 000000000000 Seek Error Rate
08 100 100 _50 000000000000 Seek Time Performance
09 100 100 __0 000000003A2E Power-On Hours
0A 100 100 _50 000000000000 Spin Retry Count
0C 100 100 __0 0000000000E0 Power Cycle Count
A8 100 100 __0 000000000000 SATA PHY Error Count
AF 100 100 _10 000000000000 Bad Cluster Table Count (ECC Fail Count)
C0 100 100 __0 000000000000 Unexpected Power Loss Count
C2 _45 100 _20 00330027002D Temperature
C5 100 100 __0 000000000000 Current Pending Sector Count
F0 100 100 _50 000000000000 Unknown
AA 100 100 _10 000000810022 Bad Block Count
AD 100 100 __0 0E841987172F Erase Count

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 3332 4742 4330 3034 3734 2020 2020 2020 2020 2020
020: 0000 0000 0000 3131 3130 2020 2020 4B49 4E47 5354
030: 4F4E 2053 5631 3030 5332 4720 4720 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: 2EB0 03BA 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0044 0040
080: 01F0 0000 346B 7D09 4063 BC01 BC01 4063 203F 0006
090: 0006 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 2EB0 03BA 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 4004
120: 4004 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 00A5

[Márty84]

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[NeoFan]

ComboFix 14-01-08.03 - miso 01/10/2014 11:46:03.1.4 - x64
Microsoft Windows 7 Professional N 6.1.7601.1.1252.1.1033.18.7679.4822 [GMT 1:00]
Running from: c:\users\miso\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Internet Security *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2013-12-10 to 2014-01-10 )))))))))))))))))))))))))))))))
.
.
2014-01-10 10:49 . 2014-01-10 10:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-09 01:43 . 2014-01-09 01:43 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF206909-7913-4E59-9248-47D2C02E77D7}\offreg.dll
2014-01-08 17:30 . 2014-01-08 17:30 -------- d-----w- c:\program files (x86)\Astroburn Lite
2014-01-08 17:30 . 2014-01-08 17:30 -------- d-----w- c:\programdata\Astroburn Lite
2014-01-08 00:19 . 2014-01-08 12:46 -------- d-----w- C:\AdwCleaner
2014-01-07 20:52 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF206909-7913-4E59-9248-47D2C02E77D7}\mpengine.dll
2014-01-06 21:30 . 2014-01-06 21:30 -------- d-----w- c:\programdata\Malwarebytes
2014-01-05 21:19 . 2014-01-05 21:19 -------- d-----w- C:\rsit
2014-01-05 21:19 . 2014-01-05 21:19 -------- d-----w- c:\program files\trend micro
2013-12-29 17:33 . 2013-12-29 17:33 -------- d-----w- c:\windows\rescache
2013-12-28 23:12 . 2014-01-05 22:02 51 ----a-w- C:\sleep.bat
2013-12-28 18:08 . 2009-03-16 13:18 24920 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2013-12-28 18:07 . 2006-03-31 11:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2013-12-28 00:44 . 2013-12-28 00:44 -------- d-----w- c:\program files (x86)\TeamViewer
2013-12-26 22:53 . 2013-12-26 22:53 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-12-26 22:52 . 2013-12-26 22:55 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-12-26 17:15 . 2013-12-26 17:15 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-12-26 01:04 . 2014-01-08 22:43 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-12-24 01:32 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-12-24 01:32 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-12-24 01:32 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-12-24 01:32 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-12-24 01:32 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-12-24 01:32 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-12-24 01:32 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-12-23 23:40 . 2013-12-23 23:40 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2013-12-23 23:39 . 2013-12-23 23:39 -------- d-----w- c:\windows\PCHEALTH
2013-12-23 23:39 . 2013-12-23 23:39 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2013-12-23 23:39 . 2013-12-23 23:39 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2013-12-23 23:38 . 2013-12-23 23:38 -------- d-----w- c:\program files\Microsoft Office
2013-12-22 15:36 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-22 13:29 . 2013-12-22 13:29 -------- d-----w- c:\program files (x86)\Google
2013-12-22 06:04 . 2013-12-22 06:04 0 ----a-w- c:\windows\ativpsrm.bin
2013-12-22 06:02 . 2014-01-05 22:28 -------- d-----w- c:\windows\Panther
2013-12-22 01:33 . 2013-12-18 16:19 252688 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2013-12-22 01:33 . 2013-12-18 16:16 126736 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2013-12-22 01:33 . 2013-12-22 01:33 -------- dc----w- c:\windows\system32\DRVSTORE
2013-12-22 01:25 . 2013-12-22 01:25 -------- d-----w- c:\windows\Migration
2013-12-22 01:21 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-21 23:50 . 2013-12-23 23:39 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-12-21 23:30 . 2013-12-21 23:30 -------- d-----w- c:\windows\SysWow64\Wat
2013-12-21 23:30 . 2013-12-21 23:30 -------- d-----w- c:\windows\system32\Wat
2013-12-21 23:28 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-12-21 22:56 . 2013-12-21 22:56 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2013-12-21 22:55 . 2013-12-21 22:55 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-12-21 22:55 . 2013-12-21 22:55 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2013-12-21 22:55 . 2013-12-23 23:43 -------- d-----w- c:\programdata\Microsoft Help
2013-12-21 22:35 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-12-21 22:18 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-12-21 22:18 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-12-21 22:18 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-12-21 22:18 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-12-21 22:18 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-12-21 22:18 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-12-21 22:18 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-12-21 22:11 . 2013-12-21 22:12 -------- d-----w- c:\windows\system32\MRT
2013-12-21 22:07 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2013-12-21 22:07 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-12-21 22:07 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-12-21 22:07 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-12-21 22:07 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-12-21 22:07 . 2012-11-30 05:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-12-21 22:07 . 2012-11-30 05:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2013-12-21 22:05 . 2013-08-02 02:14 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-12-21 22:04 . 2011-02-23 04:55 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2013-12-21 22:03 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-21 22:02 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-12-21 22:01 . 2011-06-15 10:02 163840 ----a-w- c:\windows\system32\odbccp32.dll
2013-12-21 21:59 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-12-21 21:59 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-12-21 21:59 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-12-21 21:59 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-12-21 21:59 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-12-21 21:53 . 2014-01-05 20:47 -------- d-----w- C:\avast! sandbox
2013-12-21 21:49 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2013-12-21 21:49 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-12-21 21:26 . 2013-12-21 21:26 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-12-21 21:26 . 2013-12-21 21:26 -------- d-----w- c:\programdata\Skype
2013-12-21 21:26 . 2013-12-21 21:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-21 21:26 . 2013-12-21 21:26 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-21 21:26 . 2013-12-21 21:26 -------- d-----w- c:\windows\SysWow64\Macromed
2013-12-21 21:26 . 2013-12-21 21:26 -------- d-----w- c:\windows\system32\Macromed
2013-12-21 21:21 . 2013-12-21 21:21 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-12-21 21:20 . 2013-12-21 21:20 439648 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2013-12-21 21:16 . 2013-12-21 21:16 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2013-12-21 21:16 . 2013-12-21 21:16 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-21 21:16 . 2013-12-21 21:16 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-21 21:16 . 2013-12-21 21:16 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-12-21 21:16 . 2013-12-21 21:16 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-21 21:16 . 2013-12-21 21:16 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-12-21 21:16 . 2013-12-21 21:16 334136 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-21 21:16 . 2013-12-21 21:16 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-21 21:16 . 2013-12-21 21:16 43152 ----a-w- c:\windows\avastSS.scr
2013-12-21 21:15 . 2013-12-21 21:15 -------- d-----w- c:\programdata\AVAST Software
2013-12-21 21:14 . 2013-12-21 21:14 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-12-21 21:13 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-12-21 21:13 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-12-21 21:13 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-12-21 21:12 . 2014-01-07 18:07 -------- d-sh--w- c:\windows\Installer
2013-12-21 21:09 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-12-21 21:09 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-12-21 21:09 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-12-21 21:09 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-12-21 21:09 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-12-21 21:09 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-12-21 21:09 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-12-21 21:09 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-12-21 21:09 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-12-21 21:09 . 2013-12-26 22:46 -------- d-----w- c:\users\miso
2013-12-21 21:09 . 2013-12-21 21:09 -------- d-----w- C:\Recovery
2013-12-18 16:16 . 2013-12-18 16:16 154896 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2013-12-18 16:16 . 2013-12-18 16:16 140560 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2013-12-18 16:16 . 2013-12-18 16:16 113936 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys
2013-12-18 16:13 . 2013-12-18 16:13 204048 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\miso\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\miso\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\miso\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="d:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-15 20588704]
"uTorrent"="c:\users\miso\AppData\Roaming\uTorrent\uTorrent.exe" [2013-12-22 1142864]
"DAEMON Tools Lite"="d:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="d:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-21 3764024]
"BCSSync"="d:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-12-18 30714312]
Facebook Messenger.lnk - c:\users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;d:\program files (x86)\Skype\Updater\Updater.exe;d:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys;c:\windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-22 13:29 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-21 21:26]
.
2014-01-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2811220215-2768408660-1131186198-1000Core.job
- c:\users\miso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-21 21:12]
.
2014-01-10 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2811220215-2768408660-1131186198-1000UA.job
- c:\users\miso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-21 21:12]
.
2014-01-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-22 13:29]
.
2014-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-22 13:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-21 21:16 287280 ----a-w- d:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\miso\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\miso\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\miso\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\miso\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4 92.60.48.2
FF - ProfilePath - c:\users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-10 11:51:36
ComboFix-quarantined-files.txt 2014-01-10 10:51
.
Pre-Run: 2,841,223,168 bytes free
Post-Run: 2,761,039,872 bytes free
.
- - End Of File - - 1E3D8137ED83E10B6BF42588B787BA0B
5FB38429D5D77768867C76DCBDB35194

[Márty84]

Vypnete trvale Windows Defender



Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2811220215-2768408660-1131186198-1000UA.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2811220215-2768408660-1131186198-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\Adobe Flash Player Updater.job

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
"uTorrent"=-
"DAEMON Tools Lite"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=-
"Adobe ARM"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
SkypeUpdate

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[NeoFan]

ComboFix 14-01-08.03 - miso 01/10/2014 22:35:49.2.4 - x64
Microsoft Windows 7 Professional N 6.1.7601.1.1252.1.1033.18.7679.5146 [GMT 1:00]
Running from: c:\users\miso\Desktop\ComboFix.exe
Command switches used :: c:\users\miso\Desktop\CFScript
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Internet Security *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2811220215-2768408660-1131186198-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2811220215-2768408660-1131186198-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2811220215-2768408660-1131186198-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2811220215-2768408660-1131186198-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Files Created from 2013-12-10 to 2014-01-10 )))))))))))))))))))))))))))))))
.
.
2014-01-08 17:30 . 2014-01-08 17:30 -------- d-----w- c:\program files (x86)\Astroburn Lite
2014-01-08 17:30 . 2014-01-08 17:30 -------- d-----w- c:\programdata\Astroburn Lite
2014-01-08 00:19 . 2014-01-08 12:46 -------- d-----w- C:\AdwCleaner
2014-01-07 20:52 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF206909-7913-4E59-9248-47D2C02E77D7}\mpengine.dll
2014-01-06 21:30 . 2014-01-06 21:30 -------- d-----w- c:\programdata\Malwarebytes
2014-01-05 21:19 . 2014-01-05 21:19 -------- d-----w- C:\rsit
2014-01-05 21:19 . 2014-01-05 21:19 -------- d-----w- c:\program files\trend micro
2013-12-29 17:33 . 2013-12-29 17:33 -------- d-----w- c:\windows\rescache
2013-12-28 23:12 . 2014-01-05 22:02 51 ----a-w- C:\sleep.bat
2013-12-28 18:08 . 2009-03-16 13:18 24920 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2013-12-28 18:07 . 2006-03-31 11:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2013-12-28 00:44 . 2013-12-28 00:44 -------- d-----w- c:\program files (x86)\TeamViewer
2013-12-26 22:53 . 2013-12-26 22:53 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-12-26 22:52 . 2013-12-26 22:55 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-12-26 17:15 . 2013-12-26 17:15 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-12-26 01:04 . 2014-01-10 15:46 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-12-24 01:32 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-12-24 01:32 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-12-24 01:32 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-12-24 01:32 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-12-24 01:32 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-12-24 01:32 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-12-24 01:32 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-12-23 23:40 . 2013-12-23 23:40 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2013-12-23 23:39 . 2013-12-23 23:39 -------- d-----w- c:\windows\PCHEALTH
2013-12-23 23:39 . 2013-12-23 23:39 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2013-12-23 23:39 . 2013-12-23 23:39 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2013-12-23 23:38 . 2013-12-23 23:38 -------- d-----w- c:\program files\Microsoft Office
2013-12-22 15:36 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-22 13:29 . 2013-12-22 13:29 -------- d-----w- c:\program files (x86)\Google
2013-12-22 06:04 . 2013-12-22 06:04 0 ----a-w- c:\windows\ativpsrm.bin
2013-12-22 06:02 . 2014-01-05 22:28 -------- d-----w- c:\windows\Panther
2013-12-22 01:33 . 2013-12-18 16:19 252688 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2013-12-22 01:33 . 2013-12-18 16:16 126736 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2013-12-22 01:33 . 2013-12-22 01:33 -------- dc----w- c:\windows\system32\DRVSTORE
2013-12-22 01:25 . 2013-12-22 01:25 -------- d-----w- c:\windows\Migration
2013-12-22 01:21 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-21 23:50 . 2013-12-23 23:39 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-12-21 23:30 . 2013-12-21 23:30 -------- d-----w- c:\windows\SysWow64\Wat
2013-12-21 23:30 . 2013-12-21 23:30 -------- d-----w- c:\windows\system32\Wat
2013-12-21 23:28 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-12-21 22:56 . 2013-12-21 22:56 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2013-12-21 22:55 . 2013-12-21 22:55 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-12-21 22:55 . 2013-12-21 22:55 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2013-12-21 22:55 . 2013-12-23 23:43 -------- d-----w- c:\programdata\Microsoft Help
2013-12-21 22:35 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-12-21 22:18 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-12-21 22:18 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-12-21 22:18 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-12-21 22:18 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-12-21 22:18 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-12-21 22:18 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-12-21 22:18 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-12-21 22:11 . 2013-12-21 22:12 -------- d-----w- c:\windows\system32\MRT
2013-12-21 22:07 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2013-12-21 22:07 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-12-21 22:07 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-12-21 22:07 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-12-21 22:07 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-12-21 22:07 . 2012-11-30 05:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-12-21 22:07 . 2012-11-30 05:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2013-12-21 22:05 . 2013-08-02 02:14 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-12-21 22:04 . 2011-02-23 04:55 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2013-12-21 22:03 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-21 22:02 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-12-21 22:01 . 2011-06-15 10:02 163840 ----a-w- c:\windows\system32\odbccp32.dll
2013-12-21 21:59 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-12-21 21:59 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-12-21 21:59 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-12-21 21:59 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-12-21 21:59 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-12-21 21:53 . 2014-01-05 20:47 -------- d-----w- C:\avast! sandbox
2013-12-21 21:49 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2013-12-21 21:49 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-12-21 21:26 . 2013-12-21 21:26 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-12-21 21:26 . 2013-12-21 21:26 -------- d-----w- c:\programdata\Skype
2013-12-21 21:26 . 2013-12-21 21:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-21 21:26 . 2013-12-21 21:26 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-21 21:26 . 2013-12-21 21:26 -------- d-----w- c:\windows\SysWow64\Macromed
2013-12-21 21:26 . 2013-12-21 21:26 -------- d-----w- c:\windows\system32\Macromed
2013-12-21 21:21 . 2013-12-21 21:21 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-12-21 21:20 . 2013-12-21 21:20 439648 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2013-12-21 21:16 . 2013-12-21 21:16 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2013-12-21 21:16 . 2013-12-21 21:16 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-21 21:16 . 2013-12-21 21:16 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-21 21:16 . 2013-12-21 21:16 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-12-21 21:16 . 2013-12-21 21:16 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-21 21:16 . 2013-12-21 21:16 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-12-21 21:16 . 2013-12-21 21:16 334136 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-21 21:16 . 2013-12-21 21:16 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-21 21:16 . 2013-12-21 21:16 43152 ----a-w- c:\windows\avastSS.scr
2013-12-21 21:15 . 2013-12-21 21:15 -------- d-----w- c:\programdata\AVAST Software
2013-12-21 21:14 . 2013-12-21 21:14 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-12-21 21:13 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-12-21 21:13 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-12-21 21:13 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-12-21 21:12 . 2014-01-07 18:07 -------- d-sh--w- c:\windows\Installer
2013-12-21 21:09 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-12-21 21:09 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-12-21 21:09 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-12-21 21:09 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-12-21 21:09 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-12-21 21:09 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-12-21 21:09 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-12-21 21:09 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-12-21 21:09 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-12-21 21:09 . 2013-12-26 22:46 -------- d-----w- c:\users\miso
2013-12-21 21:09 . 2013-12-21 21:09 -------- d-----w- C:\Recovery
2013-12-18 16:16 . 2013-12-18 16:16 154896 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2013-12-18 16:16 . 2013-12-18 16:16 140560 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2013-12-18 16:16 . 2013-12-18 16:16 113936 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys
2013-12-18 16:13 . 2013-12-18 16:13 204048 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\miso\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\miso\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\miso\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="d:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-21 3764024]
.
c:\users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-12-18 30714312]
Facebook Messenger.lnk - c:\users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys;c:\windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-22 13:29 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-21 21:16 287280 ----a-w- d:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\miso\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\miso\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\miso\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\miso\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4 92.60.48.2
FF - ProfilePath - c:\users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\
.
.
------------------------ Other Running Processes ------------------------
.
d:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Completion time: 2014-01-10 22:43:03 - machine was rebooted
ComboFix-quarantined-files.txt 2014-01-10 21:43
ComboFix2.txt 2014-01-10 10:51
.
Pre-Run: 3,970,686,976 bytes free
Post-Run: 3,750,195,200 bytes free
.
- - End Of File - - B71138601C18DF13F5D2C6A57EB405F4
5FB38429D5D77768867C76DCBDB35194