Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Trojan

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Lenka007
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 30 čer 2015 20:08

zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Trojan

#1 Příspěvek od Lenka007 »

Ahoj, při pokusu o vstup na facebook to po mě chce zadat telefonní číslo (již je mám s účtem propojené) za účelem stažení nějaké aplikace. Ani omylem! v registrech jsem našla mršku, které se nemůžu zbavit, smazání nepomůže. Log přikládám a předem děkuji za rady.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2015-06-30 21:08:26
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 62 GB (31%) free of 200 GB
Total RAM: 6030 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:08:33, on 30.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\trend micro\Lenka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: LinkVerifierBHO - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP\LinkVerifier.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [BoryItju] regsvr32.exe "C:\ProgramData\BoryItju\EiheFtav.mbo"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
O8 - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Lenka\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Lenka\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10650 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\system32\WLANExt.exe 29403760
\??\C:\Windows\system32\conhost.exe "2066853912-20571007161455342402-521137301581661237475873055-535630972-1829234390
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"taskhost.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" c159c641-7fee-4830-bc61-28027fb3f500 1
\??\C:\Windows\system32\conhost.exe "-522522118979865612-1421892865-156223429-12177972886139627141196069751324966049
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-521121389-664134869-425254694712356918-548460591-1715208786364094521894074022
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
WDC.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Avanquest\Expert PDF 9 Professional\vspdfprsrv.exe" --background
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxEM.exe
igfxHK.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f7043b8c-138c-445d-b591-fab8ecdf9807 -SystemEventPortName:HostProcess-1f937d9e-262b-46be-a608-c54aa54db6f5 -IoCancelEventPortName:HostProcess-4b42a80b-bbc5-40a4-9315-360278081b96 -NonStateChangingEventPortName:HostProcess-9a76de1e-48aa-4462-98ad-dedd2e026287 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:22fed87f-ce26-4e99-837f-36476eba057c -DeviceGroupId:WpdFsGroup
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Lenka\Downloads\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3252114231-3576402907-3227372342-10008_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3252114231-3576402907-3227372342-10008 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\eoshqzkr.default

prefs.js - "browser.startup.homepage" - "about:Tabs"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5974A72-C81C-4DC3-BE77-A8A7BBC8864E}]
SpeedBit Link Verification Helper - C:\Program Files (x86)\DAP\LinkVerifier.dll [2015-05-31 442472]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-03 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-03 1571696]
"vspdfprsrv.exe"=C:\Program Files\Avanquest\Expert PDF 9 Professional\vspdfprsrv.exe [2013-05-17 10019328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"DownloadAccelerator"=C:\Program Files (x86)\DAP\DAP.EXE [2015-05-31 4242064]
"BoryItju"=regsvr32.exe C:\ProgramData\BoryItju\EiheFtav.mbo []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-01-11 328504]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2012-10-17 205184]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"PSUAMain"=C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [2015-02-27 40184]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSUAService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-30 21:08:26 ----D---- C:\rsit
2015-06-30 21:08:26 ----D---- C:\Program Files\trend micro
2015-06-30 20:49:17 ----D---- C:\Program Files (x86)\CCleaner
2015-06-30 10:57:16 ----D---- C:\ProgramData\BoryItju
2015-06-29 10:53:03 ----D---- C:\Program Files (x86)\ESET
2015-06-29 10:06:49 ----D---- C:\AdwCleaner
2015-06-27 16:20:33 ----D---- C:\Users\Lenka\AppData\Roaming\NVIDIA
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\XAudio2_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\xactengine3_7.dll
2015-06-27 15:30:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2015-06-27 15:30:58 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2015-06-27 15:30:57 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2015-06-27 15:30:57 ----A---- C:\Windows\system32\d3dcsx_43.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\XAudio2_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\xactengine3_6.dll
2015-06-27 15:30:55 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2015-06-27 15:30:55 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2015-06-27 15:30:54 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2015-06-27 15:30:54 ----A---- C:\Windows\system32\XAudio2_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2015-06-27 15:30:53 ----A---- C:\Windows\system32\xactengine3_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2015-06-27 15:30:52 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2015-06-27 15:30:52 ----A---- C:\Windows\system32\d3dcsx_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\system32\d3dx11_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\system32\d3dx10_42.dll
2015-06-27 15:30:50 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\D3DX9_42.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\d3dx10_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2015-06-27 15:30:49 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2015-06-27 15:30:49 ----A---- C:\Windows\system32\D3DX9_41.dll
2015-06-27 15:30:47 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2015-06-27 15:30:47 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2015-06-27 15:30:47 ----A---- C:\Windows\system32\XAudio2_4.dll
2015-06-27 15:30:47 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2015-06-27 15:30:46 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2015-06-27 15:30:46 ----A---- C:\Windows\system32\xactengine3_4.dll
2015-06-27 15:30:45 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2015-06-27 15:30:45 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2015-06-27 15:30:44 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\system32\d3dx10_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2015-06-27 15:30:43 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2015-06-27 15:30:43 ----A---- C:\Windows\system32\D3DX9_40.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\XAudio2_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\xactengine3_3.dll
2015-06-27 15:30:41 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2015-06-27 15:30:41 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2015-06-27 15:30:40 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2015-06-27 15:30:40 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2015-06-27 15:30:40 ----A---- C:\Windows\system32\XAudio2_2.dll
2015-06-27 15:30:40 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\xactengine3_2.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\d3dx10_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\XAudio2_1.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\D3DX9_39.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\xactengine3_1.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2015-06-27 15:30:35 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2015-06-27 15:30:35 ----A---- C:\Windows\system32\d3dx10_38.dll
2015-06-27 15:30:34 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2015-06-27 15:30:34 ----A---- C:\Windows\system32\D3DX9_38.dll
2015-06-27 15:30:33 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\system32\XAudio2_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\system32\xactengine3_0.dll
2015-06-27 15:30:32 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2015-06-27 15:30:32 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2015-06-27 15:30:31 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\system32\d3dx10_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2015-06-27 15:30:30 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2015-06-27 15:30:30 ----A---- C:\Windows\system32\D3DX9_37.dll
2015-06-27 15:30:28 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2015-06-27 15:30:28 ----A---- C:\Windows\system32\xactengine2_10.dll
2015-06-27 15:30:27 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\system32\d3dx10_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\d3dx9_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\d3dx10_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2015-06-27 15:30:25 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2015-06-27 15:30:25 ----A---- C:\Windows\system32\d3dx9_35.dll
2015-06-27 15:30:24 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2015-06-27 15:30:24 ----A---- C:\Windows\system32\xactengine2_8.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\d3dx9_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\d3dx10_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\d3dx9_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\d3dx10_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2015-06-27 15:30:21 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2015-06-27 15:30:21 ----A---- C:\Windows\system32\xactengine2_6.dll
2015-06-27 15:30:20 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2015-06-27 15:30:20 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2015-06-27 15:30:20 ----A---- C:\Windows\system32\xactengine2_5.dll
2015-06-27 15:30:20 ----A---- C:\Windows\system32\d3dx10.dll
2015-06-27 15:30:19 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2015-06-27 15:30:19 ----A---- C:\Windows\system32\d3dx9_32.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xinput1_2.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xactengine2_4.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xactengine2_3.dll
2015-06-27 15:30:17 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2015-06-27 15:30:17 ----A---- C:\Windows\system32\xactengine2_2.dll
2015-06-27 15:30:16 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2015-06-27 15:30:16 ----A---- C:\Windows\system32\xinput1_1.dll
2015-06-27 15:30:15 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2015-06-27 15:30:15 ----A---- C:\Windows\system32\xactengine2_1.dll
2015-06-27 15:30:12 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2015-06-27 15:30:12 ----A---- C:\Windows\system32\d3dx9_30.dll
2015-06-27 15:30:11 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\system32\xactengine2_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\system32\x3daudio1_0.dll
2015-06-27 15:30:10 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2015-06-27 15:30:10 ----A---- C:\Windows\system32\d3dx9_29.dll
2015-06-27 15:30:09 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2015-06-27 15:30:09 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2015-06-27 15:30:09 ----A---- C:\Windows\system32\d3dx9_28.dll
2015-06-27 15:30:09 ----A---- C:\Windows\system32\d3dx9_27.dll
2015-06-27 15:30:07 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2015-06-27 15:30:07 ----A---- C:\Windows\system32\d3dx9_26.dll
2015-06-27 15:30:03 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2015-06-27 15:30:03 ----A---- C:\Windows\system32\d3dx9_25.dll
2015-06-27 15:30:01 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2015-06-27 15:30:01 ----A---- C:\Windows\system32\d3dx9_24.dll
2015-06-27 15:03:27 ----D---- C:\Windows\SYSWOW64\directx
2015-06-26 16:59:04 ----D---- C:\TopCD
2015-06-25 11:59:16 ----D---- C:\Windows\SYSWOW64\NV
2015-06-25 11:59:16 ----D---- C:\Windows\system32\NV
2015-06-25 11:56:45 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-06-25 11:56:45 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvopencl.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvoglv64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvIFR64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvFBC64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcuvid.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcuda.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcompiler.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2015-06-25 11:56:44 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-06-23 08:03:17 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-06-23 08:03:17 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-06-10 16:18:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-10 16:18:16 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 16:18:16 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 16:18:16 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 16:18:15 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 16:18:15 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 16:18:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 16:18:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-10 16:18:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 16:18:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-10 16:18:11 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-10 16:18:11 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 16:18:11 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 16:18:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 16:18:10 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 16:18:10 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 16:18:09 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 16:18:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 16:18:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 16:18:08 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-10 16:18:08 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 16:18:08 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 16:18:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 16:18:05 ----A---- C:\Windows\system32\mshtml.dll
2015-06-10 16:11:07 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 16:11:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-10 16:11:06 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 16:11:06 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\wow64.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 16:11:04 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 16:11:04 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 16:11:03 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 16:11:02 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-10 16:11:01 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\logman.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\smss.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\relog.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 16:10:59 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\system32\wow64win.dll
2015-06-10 16:10:58 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 16:10:55 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-10 16:10:55 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-10 16:10:55 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 16:07:06 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 16:07:05 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-10 16:07:04 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 16:07:03 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-10 16:07:03 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 15:56:17 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 15:56:16 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 15:56:14 ----A---- C:\Windows\system32\win32k.sys
2015-06-05 12:13:18 ----A---- C:\Windows\system32\invagent.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\generaltel.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\devinv.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\appraiser.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\aepic.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\aeinv.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\acmigration.dll
2015-06-05 12:13:17 ----A---- C:\Windows\system32\aepdu.dll
2015-06-02 08:53:43 ----A---- C:\Windows\system32\nvdispgenco6435306.dll
2015-06-02 08:53:43 ----A---- C:\Windows\system32\nvdispco6435306.dll
2015-06-01 16:58:48 ----D---- C:\Users\Lenka\AppData\Roaming\AutoMapa EU Data
2015-05-31 00:07:17 ----D---- C:\Users\Lenka\AppData\Roaming\SpeedBit
2015-05-31 00:07:17 ----D---- C:\ProgramData\SpeedBit
2015-05-31 00:07:10 ----D---- C:\Program Files (x86)\DAP

======List of files/folders modified in the last 1 month======

2015-06-30 21:08:34 ----D---- C:\Windows\Prefetch
2015-06-30 21:08:30 ----D---- C:\Windows\Temp
2015-06-30 21:08:26 ----RD---- C:\Program Files
2015-06-30 20:57:49 ----D---- C:\Windows\system32\config
2015-06-30 20:52:09 ----D---- C:\Windows\System32
2015-06-30 20:52:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-30 20:52:08 ----D---- C:\Windows\inf
2015-06-30 20:51:59 ----D---- C:\Users\Lenka\AppData\Roaming\Winamp
2015-06-30 20:51:49 ----D---- C:\Windows\debug
2015-06-30 20:51:49 ----D---- C:\Windows
2015-06-30 20:49:17 ----RD---- C:\Program Files (x86)
2015-06-30 20:47:22 ----D---- C:\Windows\system32\drivers
2015-06-30 20:47:17 ----AD---- C:\ProgramData\TEMP
2015-06-30 19:15:34 ----D---- C:\Program Files (x86)\Hloubka zrady
2015-06-30 19:15:16 ----HD---- C:\ProgramData
2015-06-30 18:28:58 ----SHD---- C:\System Volume Information
2015-06-30 12:00:09 ----D---- C:\Windows\system32\Tasks
2015-06-29 13:05:30 ----D---- C:\Windows\winsxs
2015-06-29 10:16:19 ----D---- C:\Windows\SysWOW64
2015-06-27 15:30:15 ----RSD---- C:\Windows\assembly
2015-06-27 15:29:59 ----D---- C:\Windows\Microsoft.NET
2015-06-27 14:57:49 ----D---- C:\Windows\Logs
2015-06-25 11:59:14 ----D---- C:\ProgramData\NVIDIA
2015-06-25 11:57:45 ----D---- C:\Windows\system32\DriverStore
2015-06-25 11:56:56 ----D---- C:\ProgramData\NVIDIA Corporation
2015-06-23 09:28:25 ----D---- C:\Windows\system32\NDF
2015-06-21 23:34:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-21 20:48:18 ----D---- C:\Users\Lenka\AppData\Roaming\vlc
2015-06-21 20:46:58 ----D---- C:\Users\Lenka\AppData\Roaming\dvdcss
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvinitx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvapi64.dll
2015-06-17 08:48:17 ----A---- C:\Windows\system32\nvvsvc.exe
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvsvcr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvshext.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvmctray.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvsvc64.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvcpl.dll
2015-06-16 14:10:52 ----D---- C:\ProgramData\AlawarWrapper
2015-06-15 10:21:44 ----D---- C:\Users\Lenka\AppData\Roaming\SolSuite
2015-06-12 21:09:30 ----D---- C:\Program Files (x86)\Alawar
2015-06-11 04:03:39 ----D---- C:\Windows\rescache
2015-06-11 03:24:25 ----D---- C:\Program Files\Windows Media Player
2015-06-11 03:24:25 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-11 03:24:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-11 03:24:17 ----D---- C:\Windows\system32\cs-CZ
2015-06-11 03:24:13 ----D---- C:\Windows\AppPatch
2015-06-11 03:24:06 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-11 03:24:06 ----D---- C:\Program Files\Internet Explorer
2015-06-11 03:24:03 ----D---- C:\Windows\system32\en-US
2015-06-11 03:24:03 ----D---- C:\Windows\PolicyDefinitions
2015-06-11 03:23:59 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-11 03:06:37 ----D---- C:\Windows\system32\MRT
2015-06-11 03:01:44 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 15:47:38 ----D---- C:\Windows\system32\catroot2
2015-06-06 09:00:06 ----D---- C:\Program Files (x86)\Ashampoo
2015-06-06 03:16:19 ----SD---- C:\Windows\system32\CompatTel
2015-06-06 03:16:19 ----D---- C:\Windows\system32\appraiser
2015-06-03 23:04:55 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-06-03 23:04:55 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-06-03 23:04:45 ----A---- C:\Windows\system32\nvspcap64.dll
2015-06-03 23:04:45 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-06-01 18:17:36 ----D---- C:\Users\Lenka\AppData\Roaming\AlawarEntertainment
2015-05-31 00:06:42 ----D---- C:\Program Files (x86)\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-06-17 31376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-03-15 283064]
R1 NNSALPC;NNSAlpc; C:\Windows\system32\DRIVERS\NNSAlpc.sys [2015-02-09 93968]
R1 NNSHTTP;NNSHttp; C:\Windows\system32\DRIVERS\NNSHttp.sys [2015-02-09 202000]
R1 NNSHTTPS;NNSHttps; C:\Windows\system32\DRIVERS\NNSHttps.sys [2015-02-09 110864]
R1 NNSIDS;NNSids; C:\Windows\system32\DRIVERS\NNSIds.sys [2015-02-09 116496]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [2014-12-31 48400]
R1 NNSPICC;NNSPicc; C:\Windows\system32\DRIVERS\NNSPicc.sys [2015-02-09 99600]
R1 NNSPIHSW;NNSPihsw; C:\Windows\system32\DRIVERS\NNSPihsw.sys [2015-02-09 69904]
R1 NNSPOP3;NNSPop3; C:\Windows\system32\DRIVERS\NNSPop3.sys [2015-02-09 124176]
R1 NNSPROT;NNSProt; C:\Windows\system32\DRIVERS\NNSProt.sys [2015-02-09 299792]
R1 NNSPRV;NNSPrv; C:\Windows\system32\DRIVERS\NNSPrv.sys [2015-02-09 166160]
R1 NNSSMTP;NNSSmtp; C:\Windows\system32\DRIVERS\NNSSmtp.sys [2015-02-09 113424]
R1 NNSSTRM;NNSStrm; C:\Windows\system32\DRIVERS\NNSStrm.sys [2015-02-09 257296]
R1 NNSTLSC;NNSTlsc; C:\Windows\system32\DRIVERS\NNSTlsc.sys [2015-02-09 106256]
R1 PSINKNC;PSINKnc; C:\Windows\system32\DRIVERS\psinknc.sys [2015-02-25 197392]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 PSINAflt;PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [2015-02-25 163088]
R2 PSINFile;PSINFile; C:\Windows\system32\DRIVERS\PSINFile.sys [2015-02-25 121616]
R2 PSINProc;PSINProc; C:\Windows\system32\DRIVERS\PSINProc.sys [2015-02-25 124176]
R2 PSINProt;PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [2015-02-25 133904]
R2 PSINReg;PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [2015-02-25 107792]
R3 AMPPAL;Virtuální adaptér Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2013-04-11 164832]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-10-01 3828152]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2015-03-09 117912]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwsw00.sys [2013-04-18 11524096]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-03 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2015-01-29 61712]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2013-04-11 164832]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 17920]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;ASUS Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-04-11 772064]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-01-15 107320]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-04-18 621296]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-03 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-10-01 319376]
R2 NanoServiceMain;Panda Protection Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2015-02-27 142584]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-03 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-03 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R2 PandaAgent;Panda Devices Agent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2014-10-09 66808]
R2 PSUAService;Panda Product Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2015-02-27 38136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-04-18 149744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-09 107848]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-10-01 281488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-09 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-04-18 273136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-03-09 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119675
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Tro

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Lenka007
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 30 čer 2015 20:08

Re: zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Tro

#3 Příspěvek od Lenka007 »

# AdwCleaner v4.207 - Log vytvořen 01/07/2015 v 10:28:00
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-06-21.1 [Local]
# Operační system : Windows 7 Professional Service Pack 1 (x64)
# Uživatelské jméno : Lenka - LENKA-PC
# Spuštěno z : C:\Users\Lenka\Downloads\adwcleaner_4.207.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\SuperEasy Software
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperEasy Software
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
Složka Smazáno : C:\Program Files (x86)\SuperEasy Software
Složka Smazáno : C:\Program Files (x86)\Applian Technologies
Složka Smazáno : C:\Users\Lenka\AppData\Roaming\SuperEasy Software
Složka Smazáno : C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb
[/!\] Ne Smazáno ( Junction ) : C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\SpeedBit

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v38.0.1 (x86 cs)


-\\ Google Chrome v43.0.2357.130


*************************

AdwCleaner[R0].txt - [2716 bytů] - [29/06/2015 10:06:52]
AdwCleaner[R1].txt - [1930 bytů] - [30/06/2015 20:43:56]
AdwCleaner[R2].txt - [1801 bytů] - [01/07/2015 10:24:13]
AdwCleaner[S0].txt - [2530 bytů] - [29/06/2015 10:14:46]
AdwCleaner[S1].txt - [1994 bytů] - [30/06/2015 20:45:40]
AdwCleaner[S2].txt - [1686 bytů] - [01/07/2015 10:28:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1744 bytů] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119675
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Tro

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Lenka007
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 30 čer 2015 20:08

Re: zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Tro

#5 Příspěvek od Lenka007 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2015-07-01 12:31:19
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 62 GB (31%) free of 200 GB
Total RAM: 6030 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:31:20, on 1.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files\trend micro\Lenka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: LinkVerifierBHO - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP\LinkVerifier.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [BoryItju] regsvr32.exe "C:\ProgramData\BoryItju\EiheFtav.mbo"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
O8 - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Lenka\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Lenka\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10710 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\system32\WLANExt.exe 26183184
\??\C:\Windows\system32\conhost.exe "177328851216399722548373647281301664384-1348725093-15103072441891543456-2142938632
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
taskeng.exe {BBA60BA5-C30E-4796-9CD3-8A6AA4B6D07D}
ATKOSD.exe
WDC.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Avanquest\Expert PDF 9 Professional\vspdfprsrv.exe" --background
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" c159c641-7fee-4830-bc61-28027fb3f500 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1995905102-727068199243387235-95641924132895204621465117452142191507-1588738386
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
\??\C:\Windows\system32\conhost.exe "1219452211-169972459-80263203814047205471340637784-326279886-2092895254-24786893
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxEM.exe
igfxHK.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-24e3b4bf-0de5-4ee3-b898-fd5580fd309c -SystemEventPortName:HostProcess-4f530820-3e13-4b80-9026-4f0639229d5e -IoCancelEventPortName:HostProcess-f7b57916-6d01-4253-aa5e-3ac03b1b73cd -NonStateChangingEventPortName:HostProcess-e71daaf6-0a69-43a6-be88-63b2688d25b2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e681dfbd-31b8-4531-855e-c9b86ffb3f50 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
C:\Windows\System32\svchost.exe -k secsvcs
taskeng.exe {321ABA95-7283-4978-9A97-84232827BB02}
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" -critical
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe32_ Global\UsGthrCtrlFltPipeMssGthrPipe32 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lenka\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\eoshqzkr.default

prefs.js - "browser.startup.homepage" - "about:Tabs"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5974A72-C81C-4DC3-BE77-A8A7BBC8864E}]
SpeedBit Link Verification Helper - C:\Program Files (x86)\DAP\LinkVerifier.dll [2015-05-31 442472]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-03 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-03 1571696]
"vspdfprsrv.exe"=C:\Program Files\Avanquest\Expert PDF 9 Professional\vspdfprsrv.exe [2013-05-17 10019328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"DownloadAccelerator"=C:\Program Files (x86)\DAP\DAP.EXE [2015-05-31 4242064]
"BoryItju"=regsvr32.exe C:\ProgramData\BoryItju\EiheFtav.mbo []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-01-11 328504]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2012-10-17 205184]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"PSUAMain"=C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [2015-02-27 40184]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSUAService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-30 21:08:26 ----D---- C:\rsit
2015-06-30 21:08:26 ----D---- C:\Program Files\trend micro
2015-06-30 20:49:17 ----D---- C:\Program Files (x86)\CCleaner
2015-06-30 10:57:16 ----D---- C:\ProgramData\BoryItju
2015-06-29 10:53:03 ----D---- C:\Program Files (x86)\ESET
2015-06-29 10:06:49 ----D---- C:\AdwCleaner
2015-06-27 16:20:33 ----D---- C:\Users\Lenka\AppData\Roaming\NVIDIA
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\XAudio2_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\xactengine3_7.dll
2015-06-27 15:30:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2015-06-27 15:30:58 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2015-06-27 15:30:57 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2015-06-27 15:30:57 ----A---- C:\Windows\system32\d3dcsx_43.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\XAudio2_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\xactengine3_6.dll
2015-06-27 15:30:55 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2015-06-27 15:30:55 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2015-06-27 15:30:54 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2015-06-27 15:30:54 ----A---- C:\Windows\system32\XAudio2_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2015-06-27 15:30:53 ----A---- C:\Windows\system32\xactengine3_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2015-06-27 15:30:52 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2015-06-27 15:30:52 ----A---- C:\Windows\system32\d3dcsx_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\system32\d3dx11_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\system32\d3dx10_42.dll
2015-06-27 15:30:50 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\D3DX9_42.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\d3dx10_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2015-06-27 15:30:49 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2015-06-27 15:30:49 ----A---- C:\Windows\system32\D3DX9_41.dll
2015-06-27 15:30:47 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2015-06-27 15:30:47 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2015-06-27 15:30:47 ----A---- C:\Windows\system32\XAudio2_4.dll
2015-06-27 15:30:47 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2015-06-27 15:30:46 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2015-06-27 15:30:46 ----A---- C:\Windows\system32\xactengine3_4.dll
2015-06-27 15:30:45 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2015-06-27 15:30:45 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2015-06-27 15:30:44 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\system32\d3dx10_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2015-06-27 15:30:43 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2015-06-27 15:30:43 ----A---- C:\Windows\system32\D3DX9_40.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\XAudio2_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\xactengine3_3.dll
2015-06-27 15:30:41 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2015-06-27 15:30:41 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2015-06-27 15:30:40 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2015-06-27 15:30:40 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2015-06-27 15:30:40 ----A---- C:\Windows\system32\XAudio2_2.dll
2015-06-27 15:30:40 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\xactengine3_2.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\d3dx10_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\XAudio2_1.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\D3DX9_39.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\xactengine3_1.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2015-06-27 15:30:35 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2015-06-27 15:30:35 ----A---- C:\Windows\system32\d3dx10_38.dll
2015-06-27 15:30:34 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2015-06-27 15:30:34 ----A---- C:\Windows\system32\D3DX9_38.dll
2015-06-27 15:30:33 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\system32\XAudio2_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\system32\xactengine3_0.dll
2015-06-27 15:30:32 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2015-06-27 15:30:32 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2015-06-27 15:30:31 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\system32\d3dx10_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2015-06-27 15:30:30 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2015-06-27 15:30:30 ----A---- C:\Windows\system32\D3DX9_37.dll
2015-06-27 15:30:28 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2015-06-27 15:30:28 ----A---- C:\Windows\system32\xactengine2_10.dll
2015-06-27 15:30:27 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\system32\d3dx10_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\d3dx9_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\d3dx10_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2015-06-27 15:30:25 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2015-06-27 15:30:25 ----A---- C:\Windows\system32\d3dx9_35.dll
2015-06-27 15:30:24 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2015-06-27 15:30:24 ----A---- C:\Windows\system32\xactengine2_8.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\d3dx9_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\d3dx10_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\d3dx9_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\d3dx10_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2015-06-27 15:30:21 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2015-06-27 15:30:21 ----A---- C:\Windows\system32\xactengine2_6.dll
2015-06-27 15:30:20 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2015-06-27 15:30:20 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2015-06-27 15:30:20 ----A---- C:\Windows\system32\xactengine2_5.dll
2015-06-27 15:30:20 ----A---- C:\Windows\system32\d3dx10.dll
2015-06-27 15:30:19 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2015-06-27 15:30:19 ----A---- C:\Windows\system32\d3dx9_32.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xinput1_2.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xactengine2_4.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xactengine2_3.dll
2015-06-27 15:30:17 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2015-06-27 15:30:17 ----A---- C:\Windows\system32\xactengine2_2.dll
2015-06-27 15:30:16 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2015-06-27 15:30:16 ----A---- C:\Windows\system32\xinput1_1.dll
2015-06-27 15:30:15 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2015-06-27 15:30:15 ----A---- C:\Windows\system32\xactengine2_1.dll
2015-06-27 15:30:12 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2015-06-27 15:30:12 ----A---- C:\Windows\system32\d3dx9_30.dll
2015-06-27 15:30:11 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\system32\xactengine2_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\system32\x3daudio1_0.dll
2015-06-27 15:30:10 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2015-06-27 15:30:10 ----A---- C:\Windows\system32\d3dx9_29.dll
2015-06-27 15:30:09 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2015-06-27 15:30:09 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2015-06-27 15:30:09 ----A---- C:\Windows\system32\d3dx9_28.dll
2015-06-27 15:30:09 ----A---- C:\Windows\system32\d3dx9_27.dll
2015-06-27 15:30:07 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2015-06-27 15:30:07 ----A---- C:\Windows\system32\d3dx9_26.dll
2015-06-27 15:30:03 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2015-06-27 15:30:03 ----A---- C:\Windows\system32\d3dx9_25.dll
2015-06-27 15:30:01 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2015-06-27 15:30:01 ----A---- C:\Windows\system32\d3dx9_24.dll
2015-06-27 15:03:27 ----D---- C:\Windows\SYSWOW64\directx
2015-06-26 16:59:04 ----D---- C:\TopCD
2015-06-25 11:59:16 ----D---- C:\Windows\SYSWOW64\NV
2015-06-25 11:59:16 ----D---- C:\Windows\system32\NV
2015-06-25 11:56:45 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-06-25 11:56:45 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvopencl.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvoglv64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvIFR64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvFBC64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcuvid.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcuda.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcompiler.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2015-06-25 11:56:44 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-06-23 08:03:17 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-06-23 08:03:17 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-06-10 16:18:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-10 16:18:16 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 16:18:16 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 16:18:16 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 16:18:15 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 16:18:15 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 16:18:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 16:18:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-10 16:18:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 16:18:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-10 16:18:11 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-10 16:18:11 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 16:18:11 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 16:18:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 16:18:10 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 16:18:10 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 16:18:09 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 16:18:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 16:18:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 16:18:08 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-10 16:18:08 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 16:18:08 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 16:18:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 16:18:05 ----A---- C:\Windows\system32\mshtml.dll
2015-06-10 16:11:07 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 16:11:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-10 16:11:06 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 16:11:06 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\wow64.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 16:11:04 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 16:11:04 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 16:11:03 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 16:11:02 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-10 16:11:01 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\logman.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\smss.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\relog.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 16:10:59 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\system32\wow64win.dll
2015-06-10 16:10:58 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 16:10:55 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-10 16:10:55 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-10 16:10:55 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 16:07:06 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 16:07:05 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-10 16:07:04 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 16:07:03 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-10 16:07:03 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 15:56:17 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 15:56:16 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 15:56:14 ----A---- C:\Windows\system32\win32k.sys
2015-06-05 12:13:18 ----A---- C:\Windows\system32\invagent.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\generaltel.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\devinv.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\appraiser.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\aepic.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\aeinv.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\acmigration.dll
2015-06-05 12:13:17 ----A---- C:\Windows\system32\aepdu.dll
2015-06-02 08:53:43 ----A---- C:\Windows\system32\nvdispgenco6435306.dll
2015-06-02 08:53:43 ----A---- C:\Windows\system32\nvdispco6435306.dll

======List of files/folders modified in the last 1 month======

2015-07-01 12:31:19 ----D---- C:\Windows\Temp
2015-07-01 12:00:19 ----D---- C:\Windows\system32\Tasks
2015-07-01 10:42:16 ----D---- C:\Windows\Prefetch
2015-07-01 10:41:13 ----D---- C:\Windows\system32\config
2015-07-01 10:35:52 ----D---- C:\Windows\System32
2015-07-01 10:35:52 ----D---- C:\Windows\inf
2015-07-01 10:35:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-01 10:29:43 ----AD---- C:\ProgramData\TEMP
2015-07-01 10:29:16 ----D---- C:\Windows\system32\drivers
2015-07-01 10:29:02 ----D---- C:\Windows
2015-07-01 10:28:01 ----RD---- C:\Program Files (x86)
2015-07-01 10:28:00 ----HD---- C:\ProgramData
2015-06-30 21:08:26 ----RD---- C:\Program Files
2015-06-30 20:51:59 ----D---- C:\Users\Lenka\AppData\Roaming\Winamp
2015-06-30 20:51:49 ----D---- C:\Windows\debug
2015-06-30 19:15:34 ----D---- C:\Program Files (x86)\Hloubka zrady
2015-06-30 18:28:58 ----SHD---- C:\System Volume Information
2015-06-29 13:05:30 ----D---- C:\Windows\winsxs
2015-06-29 10:16:19 ----D---- C:\Windows\SysWOW64
2015-06-27 15:30:15 ----RSD---- C:\Windows\assembly
2015-06-27 15:29:59 ----D---- C:\Windows\Microsoft.NET
2015-06-27 14:57:49 ----D---- C:\Windows\Logs
2015-06-25 11:59:14 ----D---- C:\ProgramData\NVIDIA
2015-06-25 11:57:45 ----D---- C:\Windows\system32\DriverStore
2015-06-25 11:56:56 ----D---- C:\ProgramData\NVIDIA Corporation
2015-06-23 09:28:25 ----D---- C:\Windows\system32\NDF
2015-06-21 23:34:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-21 20:48:18 ----D---- C:\Users\Lenka\AppData\Roaming\vlc
2015-06-21 20:46:58 ----D---- C:\Users\Lenka\AppData\Roaming\dvdcss
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvinitx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvapi64.dll
2015-06-17 08:48:17 ----A---- C:\Windows\system32\nvvsvc.exe
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvsvcr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvshext.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvmctray.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvsvc64.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvcpl.dll
2015-06-16 14:10:52 ----D---- C:\ProgramData\AlawarWrapper
2015-06-15 10:21:44 ----D---- C:\Users\Lenka\AppData\Roaming\SolSuite
2015-06-12 21:09:30 ----D---- C:\Program Files (x86)\Alawar
2015-06-11 04:03:39 ----D---- C:\Windows\rescache
2015-06-11 03:24:25 ----D---- C:\Program Files\Windows Media Player
2015-06-11 03:24:25 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-11 03:24:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-11 03:24:17 ----D---- C:\Windows\system32\cs-CZ
2015-06-11 03:24:13 ----D---- C:\Windows\AppPatch
2015-06-11 03:24:06 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-11 03:24:06 ----D---- C:\Program Files\Internet Explorer
2015-06-11 03:24:03 ----D---- C:\Windows\system32\en-US
2015-06-11 03:24:03 ----D---- C:\Windows\PolicyDefinitions
2015-06-11 03:23:59 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-11 03:06:37 ----D---- C:\Windows\system32\MRT
2015-06-11 03:01:44 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 15:47:38 ----D---- C:\Windows\system32\catroot2
2015-06-06 09:00:06 ----D---- C:\Program Files (x86)\Ashampoo
2015-06-06 03:16:19 ----SD---- C:\Windows\system32\CompatTel
2015-06-06 03:16:19 ----D---- C:\Windows\system32\appraiser
2015-06-03 23:04:55 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-06-03 23:04:55 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-06-03 23:04:45 ----A---- C:\Windows\system32\nvspcap64.dll
2015-06-03 23:04:45 ----A---- C:\Windows\system32\nvspbridge64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-06-17 31376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-03-15 283064]
R1 NNSALPC;NNSAlpc; C:\Windows\system32\DRIVERS\NNSAlpc.sys [2015-02-09 93968]
R1 NNSHTTP;NNSHttp; C:\Windows\system32\DRIVERS\NNSHttp.sys [2015-02-09 202000]
R1 NNSHTTPS;NNSHttps; C:\Windows\system32\DRIVERS\NNSHttps.sys [2015-02-09 110864]
R1 NNSIDS;NNSids; C:\Windows\system32\DRIVERS\NNSIds.sys [2015-02-09 116496]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [2014-12-31 48400]
R1 NNSPICC;NNSPicc; C:\Windows\system32\DRIVERS\NNSPicc.sys [2015-02-09 99600]
R1 NNSPIHSW;NNSPihsw; C:\Windows\system32\DRIVERS\NNSPihsw.sys [2015-02-09 69904]
R1 NNSPOP3;NNSPop3; C:\Windows\system32\DRIVERS\NNSPop3.sys [2015-02-09 124176]
R1 NNSPROT;NNSProt; C:\Windows\system32\DRIVERS\NNSProt.sys [2015-02-09 299792]
R1 NNSPRV;NNSPrv; C:\Windows\system32\DRIVERS\NNSPrv.sys [2015-02-09 166160]
R1 NNSSMTP;NNSSmtp; C:\Windows\system32\DRIVERS\NNSSmtp.sys [2015-02-09 113424]
R1 NNSSTRM;NNSStrm; C:\Windows\system32\DRIVERS\NNSStrm.sys [2015-02-09 257296]
R1 NNSTLSC;NNSTlsc; C:\Windows\system32\DRIVERS\NNSTlsc.sys [2015-02-09 106256]
R1 PSINKNC;PSINKnc; C:\Windows\system32\DRIVERS\psinknc.sys [2015-02-25 197392]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 PSINAflt;PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [2015-02-25 163088]
R2 PSINFile;PSINFile; C:\Windows\system32\DRIVERS\PSINFile.sys [2015-02-25 121616]
R2 PSINProc;PSINProc; C:\Windows\system32\DRIVERS\PSINProc.sys [2015-02-25 124176]
R2 PSINProt;PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [2015-02-25 133904]
R2 PSINReg;PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [2015-02-25 107792]
R3 AMPPAL;Virtuální adaptér Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2013-04-11 164832]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-10-01 3828152]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2015-03-09 117912]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwsw00.sys [2013-04-18 11524096]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-03 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2015-01-29 61712]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2013-04-11 164832]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 17920]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;ASUS Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-04-11 772064]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-01-15 107320]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-04-18 621296]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-03 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-10-01 319376]
R2 NanoServiceMain;Panda Protection Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2015-02-27 142584]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-03 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-03 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R2 PandaAgent;Panda Devices Agent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2014-10-09 66808]
R2 PSUAService;Panda Product Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2015-02-27 38136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-04-18 149744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-09 107848]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-10-01 281488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-09 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-04-18 273136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-03-09 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119675
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Tro

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\ProgramData\BoryItju
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BoryItju"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Lenka007
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 30 čer 2015 20:08

Re: zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Tro

#7 Příspěvek od Lenka007 »

Hodilo mi to modrou smrt, odpojím se oc netu a zkusím znovu
Nahoru
Lenka007
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 30 čer 2015 20:08

Re: zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Tro

#8 Příspěvek od Lenka007 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2015-07-01 13:15:42
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 62 GB (31%) free of 200 GB
Total RAM: 6030 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:15:50, on 1.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Lenka\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\trend micro\Lenka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: LinkVerifierBHO - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP\LinkVerifier.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [BoryItju] regsvr32.exe "C:\ProgramData\BoryItju\EiheFtav.mbo"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
O8 - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Lenka\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Lenka\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10737 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\system32\WLANExt.exe 29589664
\??\C:\Windows\system32\conhost.exe "-2513767201385227461-171385521904360256835271376-2045179005-1050777154-1224603233
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {9484DCEA-CCE2-4586-BF9A-4B36C3ACE504}
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
ATKOSD.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
WDC.exe
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {004B58CB-E194-459D-B638-64FF8983BA19}
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" c159c641-7fee-4830-bc61-28027fb3f500 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1926076542-1538874319948907407-1751436764-867581195259308483-235165035-1727761584
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
\??\C:\Windows\system32\conhost.exe "1819626042-1405329371422149975781543014-585723539-151839062612249271761448204697
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
igfxEM.exe
igfxHK.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5a0ba2eb-6b55-4254-b0da-9aa38646df47 -SystemEventPortName:HostProcess-4ece6615-f2ea-42af-8a75-d850416f43bf -IoCancelEventPortName:HostProcess-cd005c21-dbdb-4148-a90f-a98c41c0336d -NonStateChangingEventPortName:HostProcess-08228c0f-9870-4c45-946d-aba90222da72 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ac57ead9-0522-4c2e-add3-dd7601286ea0 -DeviceGroupId:WpdFsGroup
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Users\Lenka\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Avanquest\Expert PDF 9 Professional\vspdfprsrv.exe" --background
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\Lenka\Downloads\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\eoshqzkr.default

prefs.js - "browser.startup.homepage" - "about:Tabs"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5974A72-C81C-4DC3-BE77-A8A7BBC8864E}]
SpeedBit Link Verification Helper - C:\Program Files (x86)\DAP\LinkVerifier.dll [2015-05-31 442472]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-03 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-03 1571696]
"vspdfprsrv.exe"=C:\Program Files\Avanquest\Expert PDF 9 Professional\vspdfprsrv.exe [2013-05-17 10019328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"DownloadAccelerator"=C:\Program Files (x86)\DAP\DAP.EXE [2015-05-31 4242064]
"BoryItju"=regsvr32.exe C:\ProgramData\BoryItju\EiheFtav.mbo []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-01-11 328504]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2012-10-17 205184]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"PSUAMain"=C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [2015-02-27 40184]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSUAService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-01 13:11:57 ----D---- C:\ProgramData\BoryItju
2015-07-01 13:11:52 ----D---- C:\_OTM
2015-07-01 13:06:34 ----D---- C:\Windows\Minidump
2015-06-30 21:08:26 ----D---- C:\rsit
2015-06-30 21:08:26 ----D---- C:\Program Files\trend micro
2015-06-30 20:49:17 ----D---- C:\Program Files (x86)\CCleaner
2015-06-29 10:53:03 ----D---- C:\Program Files (x86)\ESET
2015-06-29 10:06:49 ----D---- C:\AdwCleaner
2015-06-27 16:20:33 ----D---- C:\Users\Lenka\AppData\Roaming\NVIDIA
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\XAudio2_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\xactengine3_7.dll
2015-06-27 15:30:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2015-06-27 15:30:58 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2015-06-27 15:30:57 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2015-06-27 15:30:57 ----A---- C:\Windows\system32\d3dcsx_43.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\XAudio2_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\xactengine3_6.dll
2015-06-27 15:30:55 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2015-06-27 15:30:55 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2015-06-27 15:30:54 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2015-06-27 15:30:54 ----A---- C:\Windows\system32\XAudio2_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2015-06-27 15:30:53 ----A---- C:\Windows\system32\xactengine3_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2015-06-27 15:30:52 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2015-06-27 15:30:52 ----A---- C:\Windows\system32\d3dcsx_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\system32\d3dx11_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\system32\d3dx10_42.dll
2015-06-27 15:30:50 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\D3DX9_42.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\d3dx10_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2015-06-27 15:30:49 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2015-06-27 15:30:49 ----A---- C:\Windows\system32\D3DX9_41.dll
2015-06-27 15:30:47 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2015-06-27 15:30:47 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2015-06-27 15:30:47 ----A---- C:\Windows\system32\XAudio2_4.dll
2015-06-27 15:30:47 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2015-06-27 15:30:46 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2015-06-27 15:30:46 ----A---- C:\Windows\system32\xactengine3_4.dll
2015-06-27 15:30:45 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2015-06-27 15:30:45 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2015-06-27 15:30:44 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\system32\d3dx10_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2015-06-27 15:30:43 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2015-06-27 15:30:43 ----A---- C:\Windows\system32\D3DX9_40.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\XAudio2_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\xactengine3_3.dll
2015-06-27 15:30:41 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2015-06-27 15:30:41 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2015-06-27 15:30:40 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2015-06-27 15:30:40 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2015-06-27 15:30:40 ----A---- C:\Windows\system32\XAudio2_2.dll
2015-06-27 15:30:40 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\xactengine3_2.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\d3dx10_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\XAudio2_1.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\D3DX9_39.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\xactengine3_1.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2015-06-27 15:30:35 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2015-06-27 15:30:35 ----A---- C:\Windows\system32\d3dx10_38.dll
2015-06-27 15:30:34 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2015-06-27 15:30:34 ----A---- C:\Windows\system32\D3DX9_38.dll
2015-06-27 15:30:33 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\system32\XAudio2_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\system32\xactengine3_0.dll
2015-06-27 15:30:32 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2015-06-27 15:30:32 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2015-06-27 15:30:31 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\system32\d3dx10_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2015-06-27 15:30:30 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2015-06-27 15:30:30 ----A---- C:\Windows\system32\D3DX9_37.dll
2015-06-27 15:30:28 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2015-06-27 15:30:28 ----A---- C:\Windows\system32\xactengine2_10.dll
2015-06-27 15:30:27 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\system32\d3dx10_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\d3dx9_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\d3dx10_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2015-06-27 15:30:25 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2015-06-27 15:30:25 ----A---- C:\Windows\system32\d3dx9_35.dll
2015-06-27 15:30:24 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2015-06-27 15:30:24 ----A---- C:\Windows\system32\xactengine2_8.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\d3dx9_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\d3dx10_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\d3dx9_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\d3dx10_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2015-06-27 15:30:21 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2015-06-27 15:30:21 ----A---- C:\Windows\system32\xactengine2_6.dll
2015-06-27 15:30:20 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2015-06-27 15:30:20 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2015-06-27 15:30:20 ----A---- C:\Windows\system32\xactengine2_5.dll
2015-06-27 15:30:20 ----A---- C:\Windows\system32\d3dx10.dll
2015-06-27 15:30:19 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2015-06-27 15:30:19 ----A---- C:\Windows\system32\d3dx9_32.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xinput1_2.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xactengine2_4.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xactengine2_3.dll
2015-06-27 15:30:17 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2015-06-27 15:30:17 ----A---- C:\Windows\system32\xactengine2_2.dll
2015-06-27 15:30:16 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2015-06-27 15:30:16 ----A---- C:\Windows\system32\xinput1_1.dll
2015-06-27 15:30:15 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2015-06-27 15:30:15 ----A---- C:\Windows\system32\xactengine2_1.dll
2015-06-27 15:30:12 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2015-06-27 15:30:12 ----A---- C:\Windows\system32\d3dx9_30.dll
2015-06-27 15:30:11 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\system32\xactengine2_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\system32\x3daudio1_0.dll
2015-06-27 15:30:10 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2015-06-27 15:30:10 ----A---- C:\Windows\system32\d3dx9_29.dll
2015-06-27 15:30:09 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2015-06-27 15:30:09 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2015-06-27 15:30:09 ----A---- C:\Windows\system32\d3dx9_28.dll
2015-06-27 15:30:09 ----A---- C:\Windows\system32\d3dx9_27.dll
2015-06-27 15:30:07 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2015-06-27 15:30:07 ----A---- C:\Windows\system32\d3dx9_26.dll
2015-06-27 15:30:03 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2015-06-27 15:30:03 ----A---- C:\Windows\system32\d3dx9_25.dll
2015-06-27 15:30:01 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2015-06-27 15:30:01 ----A---- C:\Windows\system32\d3dx9_24.dll
2015-06-27 15:03:27 ----D---- C:\Windows\SYSWOW64\directx
2015-06-26 16:59:04 ----D---- C:\TopCD
2015-06-25 11:59:16 ----D---- C:\Windows\SYSWOW64\NV
2015-06-25 11:59:16 ----D---- C:\Windows\system32\NV
2015-06-25 11:56:45 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-06-25 11:56:45 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvopencl.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvoglv64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvIFR64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvFBC64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcuvid.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcuda.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcompiler.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2015-06-25 11:56:44 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-06-23 08:03:17 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-06-23 08:03:17 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-06-10 16:18:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-10 16:18:16 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 16:18:16 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 16:18:16 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 16:18:15 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 16:18:15 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 16:18:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 16:18:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-10 16:18:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 16:18:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-10 16:18:11 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-10 16:18:11 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 16:18:11 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 16:18:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 16:18:10 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 16:18:10 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 16:18:09 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 16:18:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 16:18:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 16:18:08 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-10 16:18:08 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 16:18:08 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 16:18:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 16:18:05 ----A---- C:\Windows\system32\mshtml.dll
2015-06-10 16:11:07 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 16:11:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-10 16:11:06 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 16:11:06 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\wow64.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 16:11:04 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 16:11:04 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 16:11:03 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 16:11:02 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-10 16:11:01 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\logman.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\smss.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\relog.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 16:10:59 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\system32\wow64win.dll
2015-06-10 16:10:58 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 16:10:55 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-10 16:10:55 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-10 16:10:55 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 16:07:06 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 16:07:05 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-10 16:07:04 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 16:07:03 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-10 16:07:03 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 15:56:17 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 15:56:16 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 15:56:14 ----A---- C:\Windows\system32\win32k.sys
2015-06-05 12:13:18 ----A---- C:\Windows\system32\invagent.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\generaltel.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\devinv.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\appraiser.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\aepic.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\aeinv.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\acmigration.dll
2015-06-05 12:13:17 ----A---- C:\Windows\system32\aepdu.dll
2015-06-02 08:53:43 ----A---- C:\Windows\system32\nvdispgenco6435306.dll
2015-06-02 08:53:43 ----A---- C:\Windows\system32\nvdispco6435306.dll

======List of files/folders modified in the last 1 month======

2015-07-01 13:14:59 ----D---- C:\Windows\Prefetch
2015-07-01 13:14:55 ----AD---- C:\ProgramData\TEMP
2015-07-01 13:14:24 ----D---- C:\Windows\Temp
2015-07-01 13:14:21 ----D---- C:\Windows\system32\config
2015-07-01 13:13:59 ----D---- C:\Windows\system32\drivers
2015-07-01 13:12:09 ----D---- C:\Windows\System32
2015-07-01 13:12:09 ----D---- C:\Windows\inf
2015-07-01 13:12:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-01 13:11:57 ----HD---- C:\ProgramData
2015-07-01 13:11:52 ----D---- C:\Windows\Tasks
2015-07-01 13:06:34 ----D---- C:\Windows
2015-07-01 12:00:19 ----D---- C:\Windows\system32\Tasks
2015-07-01 10:28:01 ----RD---- C:\Program Files (x86)
2015-06-30 21:08:26 ----RD---- C:\Program Files
2015-06-30 20:51:59 ----D---- C:\Users\Lenka\AppData\Roaming\Winamp
2015-06-30 20:51:49 ----D---- C:\Windows\debug
2015-06-30 19:15:34 ----D---- C:\Program Files (x86)\Hloubka zrady
2015-06-30 18:28:58 ----SHD---- C:\System Volume Information
2015-06-29 13:05:30 ----D---- C:\Windows\winsxs
2015-06-29 10:16:19 ----D---- C:\Windows\SysWOW64
2015-06-27 15:30:15 ----RSD---- C:\Windows\assembly
2015-06-27 15:29:59 ----D---- C:\Windows\Microsoft.NET
2015-06-27 14:57:49 ----D---- C:\Windows\Logs
2015-06-25 11:59:14 ----D---- C:\ProgramData\NVIDIA
2015-06-25 11:57:45 ----D---- C:\Windows\system32\DriverStore
2015-06-25 11:56:56 ----D---- C:\ProgramData\NVIDIA Corporation
2015-06-23 09:28:25 ----D---- C:\Windows\system32\NDF
2015-06-21 23:34:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-21 20:48:18 ----D---- C:\Users\Lenka\AppData\Roaming\vlc
2015-06-21 20:46:58 ----D---- C:\Users\Lenka\AppData\Roaming\dvdcss
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvinitx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvapi64.dll
2015-06-17 08:48:17 ----A---- C:\Windows\system32\nvvsvc.exe
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvsvcr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvshext.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvmctray.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvsvc64.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvcpl.dll
2015-06-16 14:10:52 ----D---- C:\ProgramData\AlawarWrapper
2015-06-15 10:21:44 ----D---- C:\Users\Lenka\AppData\Roaming\SolSuite
2015-06-12 21:09:30 ----D---- C:\Program Files (x86)\Alawar
2015-06-11 04:03:39 ----D---- C:\Windows\rescache
2015-06-11 03:24:25 ----D---- C:\Program Files\Windows Media Player
2015-06-11 03:24:25 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-11 03:24:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-11 03:24:17 ----D---- C:\Windows\system32\cs-CZ
2015-06-11 03:24:13 ----D---- C:\Windows\AppPatch
2015-06-11 03:24:06 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-11 03:24:06 ----D---- C:\Program Files\Internet Explorer
2015-06-11 03:24:03 ----D---- C:\Windows\system32\en-US
2015-06-11 03:24:03 ----D---- C:\Windows\PolicyDefinitions
2015-06-11 03:23:59 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-11 03:06:37 ----D---- C:\Windows\system32\MRT
2015-06-11 03:01:44 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 15:47:38 ----D---- C:\Windows\system32\catroot2
2015-06-06 09:00:06 ----D---- C:\Program Files (x86)\Ashampoo
2015-06-06 03:16:19 ----SD---- C:\Windows\system32\CompatTel
2015-06-06 03:16:19 ----D---- C:\Windows\system32\appraiser
2015-06-03 23:04:55 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-06-03 23:04:55 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-06-03 23:04:45 ----A---- C:\Windows\system32\nvspcap64.dll
2015-06-03 23:04:45 ----A---- C:\Windows\system32\nvspbridge64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-06-17 31376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-03-15 283064]
R1 NNSALPC;NNSAlpc; C:\Windows\system32\DRIVERS\NNSAlpc.sys [2015-02-09 93968]
R1 NNSHTTP;NNSHttp; C:\Windows\system32\DRIVERS\NNSHttp.sys [2015-02-09 202000]
R1 NNSHTTPS;NNSHttps; C:\Windows\system32\DRIVERS\NNSHttps.sys [2015-02-09 110864]
R1 NNSIDS;NNSids; C:\Windows\system32\DRIVERS\NNSIds.sys [2015-02-09 116496]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [2014-12-31 48400]
R1 NNSPICC;NNSPicc; C:\Windows\system32\DRIVERS\NNSPicc.sys [2015-02-09 99600]
R1 NNSPIHSW;NNSPihsw; C:\Windows\system32\DRIVERS\NNSPihsw.sys [2015-02-09 69904]
R1 NNSPOP3;NNSPop3; C:\Windows\system32\DRIVERS\NNSPop3.sys [2015-02-09 124176]
R1 NNSPROT;NNSProt; C:\Windows\system32\DRIVERS\NNSProt.sys [2015-02-09 299792]
R1 NNSPRV;NNSPrv; C:\Windows\system32\DRIVERS\NNSPrv.sys [2015-02-09 166160]
R1 NNSSMTP;NNSSmtp; C:\Windows\system32\DRIVERS\NNSSmtp.sys [2015-02-09 113424]
R1 NNSSTRM;NNSStrm; C:\Windows\system32\DRIVERS\NNSStrm.sys [2015-02-09 257296]
R1 NNSTLSC;NNSTlsc; C:\Windows\system32\DRIVERS\NNSTlsc.sys [2015-02-09 106256]
R1 PSINKNC;PSINKnc; C:\Windows\system32\DRIVERS\psinknc.sys [2015-02-25 197392]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 PSINAflt;PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [2015-02-25 163088]
R2 PSINFile;PSINFile; C:\Windows\system32\DRIVERS\PSINFile.sys [2015-02-25 121616]
R2 PSINProc;PSINProc; C:\Windows\system32\DRIVERS\PSINProc.sys [2015-02-25 124176]
R2 PSINProt;PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [2015-02-25 133904]
R2 PSINReg;PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [2015-02-25 107792]
R3 AMPPAL;Virtuální adaptér Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2013-04-11 164832]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-10-01 3828152]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2015-03-09 117912]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwsw00.sys [2013-04-18 11524096]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-03 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2015-01-29 61712]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2013-04-11 164832]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 17920]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;ASUS Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-01-15 107320]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-04-18 621296]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-03 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-10-01 319376]
R2 NanoServiceMain;Panda Protection Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2015-02-27 142584]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-03 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-03 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R2 PandaAgent;Panda Devices Agent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2014-10-09 66808]
R2 PSUAService;Panda Product Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2015-02-27 38136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-04-18 149744]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-04-11 772064]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-09 107848]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-10-01 281488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-09 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-04-18 273136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-03-09 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119675
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Tro

#9 Příspěvek od Rudy »

Šmejd se drží. Zkuste to ještě jedou se stejným skriptem, před spuštěním OTM vypněte antivir.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Lenka007
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 30 čer 2015 20:08

Re: zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Tro

#10 Příspěvek od Lenka007 »

Jo drží se mrcha :-(, antivir mám vypnutý, nelíbí se mu vaše utilitky ale tohohle šmejda si ani nevšiml, však si od Pandy něco vyslechnou :evil: Jdu na to.
Nahoru
Lenka007
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 30 čer 2015 20:08

Re: zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Tro

#11 Příspěvek od Lenka007 »

V registrech je to furt, odinstalovala jsem google chrome, o vložení RSIT logu zkusím znovu OTM

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2015-07-01 13:45:23
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 62 GB (31%) free of 200 GB
Total RAM: 6030 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:45:36, on 1.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Lenka\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\trend micro\Lenka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: LinkVerifierBHO - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP\LinkVerifier.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [BoryItju] regsvr32.exe "C:\ProgramData\BoryItju\EiheFtav.mbo"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
O8 - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Lenka\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Lenka\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10737 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\system32\WLANExt.exe 26007120
\??\C:\Windows\system32\conhost.exe "-2575526119116409115988696021567389143-1143944838-680385529790757757-492571225
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
taskeng.exe {A9B20720-6FDF-4A64-879B-F065DD805E1D}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"taskhost.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe"
ATKOSD.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
taskeng.exe {761179E8-919A-463C-9A23-E2473075C894}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
WDC.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" c159c641-7fee-4830-bc61-28027fb3f500 1
\??\C:\Windows\system32\conhost.exe "-1784060358-77832870912176361-18242706281420477833-14512302811209671886-1674021273
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1818598918-11987452921230929080-1068949435-732575510-1009962429-4135865401553721392
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\sppsvc.exe
igfxEM.exe
igfxHK.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c3801b39-b576-45a3-8bf9-58f9912032d9 -SystemEventPortName:HostProcess-6dd7d8d2-6a0c-42cc-b5c0-adf177bbfeb2 -IoCancelEventPortName:HostProcess-dfb3b509-e651-465f-b6a0-aba502276489 -NonStateChangingEventPortName:HostProcess-18feff21-c293-4778-9b51-ad938cb63b09 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7f61cbc1-4e00-4dbc-9792-94f85ac38f8d -DeviceGroupId:WpdFsGroup
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Users\Lenka\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
"C:\Program Files\Avanquest\Expert PDF 9 Professional\vspdfprsrv.exe" --background
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\Lenka\Downloads\RSITx64.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\eoshqzkr.default

prefs.js - "browser.startup.homepage" - "about:Tabs"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5974A72-C81C-4DC3-BE77-A8A7BBC8864E}]
SpeedBit Link Verification Helper - C:\Program Files (x86)\DAP\LinkVerifier.dll [2015-05-31 442472]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-03 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-03 1571696]
"vspdfprsrv.exe"=C:\Program Files\Avanquest\Expert PDF 9 Professional\vspdfprsrv.exe [2013-05-17 10019328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"DownloadAccelerator"=C:\Program Files (x86)\DAP\DAP.EXE [2015-05-31 4242064]
"BoryItju"=regsvr32.exe C:\ProgramData\BoryItju\EiheFtav.mbo []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-01-11 328504]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2012-10-17 205184]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"PSUAMain"=C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [2015-02-27 40184]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSUAService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-01 13:43:21 ----A---- C:\Windows\system32\drivers\PSKMAD.sys
2015-07-01 13:41:34 ----D---- C:\ProgramData\BoryItju
2015-07-01 13:11:52 ----D---- C:\_OTM
2015-07-01 13:06:34 ----D---- C:\Windows\Minidump
2015-06-30 21:08:26 ----D---- C:\rsit
2015-06-30 21:08:26 ----D---- C:\Program Files\trend micro
2015-06-30 20:49:17 ----D---- C:\Program Files (x86)\CCleaner
2015-06-29 10:53:03 ----D---- C:\Program Files (x86)\ESET
2015-06-29 10:06:49 ----D---- C:\AdwCleaner
2015-06-27 16:20:33 ----D---- C:\Users\Lenka\AppData\Roaming\NVIDIA
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\XAudio2_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\xactengine3_7.dll
2015-06-27 15:30:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2015-06-27 15:30:58 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2015-06-27 15:30:57 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2015-06-27 15:30:57 ----A---- C:\Windows\system32\d3dcsx_43.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\XAudio2_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\xactengine3_6.dll
2015-06-27 15:30:55 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2015-06-27 15:30:55 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2015-06-27 15:30:54 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2015-06-27 15:30:54 ----A---- C:\Windows\system32\XAudio2_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2015-06-27 15:30:53 ----A---- C:\Windows\system32\xactengine3_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2015-06-27 15:30:52 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2015-06-27 15:30:52 ----A---- C:\Windows\system32\d3dcsx_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\system32\d3dx11_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\system32\d3dx10_42.dll
2015-06-27 15:30:50 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\D3DX9_42.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\d3dx10_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2015-06-27 15:30:49 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2015-06-27 15:30:49 ----A---- C:\Windows\system32\D3DX9_41.dll
2015-06-27 15:30:47 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2015-06-27 15:30:47 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2015-06-27 15:30:47 ----A---- C:\Windows\system32\XAudio2_4.dll
2015-06-27 15:30:47 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2015-06-27 15:30:46 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2015-06-27 15:30:46 ----A---- C:\Windows\system32\xactengine3_4.dll
2015-06-27 15:30:45 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2015-06-27 15:30:45 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2015-06-27 15:30:44 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\system32\d3dx10_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2015-06-27 15:30:43 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2015-06-27 15:30:43 ----A---- C:\Windows\system32\D3DX9_40.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\XAudio2_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\xactengine3_3.dll
2015-06-27 15:30:41 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2015-06-27 15:30:41 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2015-06-27 15:30:40 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2015-06-27 15:30:40 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2015-06-27 15:30:40 ----A---- C:\Windows\system32\XAudio2_2.dll
2015-06-27 15:30:40 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\xactengine3_2.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\d3dx10_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\XAudio2_1.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\D3DX9_39.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\xactengine3_1.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2015-06-27 15:30:35 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2015-06-27 15:30:35 ----A---- C:\Windows\system32\d3dx10_38.dll
2015-06-27 15:30:34 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2015-06-27 15:30:34 ----A---- C:\Windows\system32\D3DX9_38.dll
2015-06-27 15:30:33 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\system32\XAudio2_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\system32\xactengine3_0.dll
2015-06-27 15:30:32 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2015-06-27 15:30:32 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2015-06-27 15:30:31 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\system32\d3dx10_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2015-06-27 15:30:30 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2015-06-27 15:30:30 ----A---- C:\Windows\system32\D3DX9_37.dll
2015-06-27 15:30:28 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2015-06-27 15:30:28 ----A---- C:\Windows\system32\xactengine2_10.dll
2015-06-27 15:30:27 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\system32\d3dx10_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\d3dx9_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\d3dx10_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2015-06-27 15:30:25 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2015-06-27 15:30:25 ----A---- C:\Windows\system32\d3dx9_35.dll
2015-06-27 15:30:24 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2015-06-27 15:30:24 ----A---- C:\Windows\system32\xactengine2_8.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\d3dx9_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\d3dx10_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\d3dx9_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\d3dx10_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2015-06-27 15:30:21 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2015-06-27 15:30:21 ----A---- C:\Windows\system32\xactengine2_6.dll
2015-06-27 15:30:20 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2015-06-27 15:30:20 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2015-06-27 15:30:20 ----A---- C:\Windows\system32\xactengine2_5.dll
2015-06-27 15:30:20 ----A---- C:\Windows\system32\d3dx10.dll
2015-06-27 15:30:19 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2015-06-27 15:30:19 ----A---- C:\Windows\system32\d3dx9_32.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xinput1_2.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xactengine2_4.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xactengine2_3.dll
2015-06-27 15:30:17 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2015-06-27 15:30:17 ----A---- C:\Windows\system32\xactengine2_2.dll
2015-06-27 15:30:16 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2015-06-27 15:30:16 ----A---- C:\Windows\system32\xinput1_1.dll
2015-06-27 15:30:15 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2015-06-27 15:30:15 ----A---- C:\Windows\system32\xactengine2_1.dll
2015-06-27 15:30:12 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2015-06-27 15:30:12 ----A---- C:\Windows\system32\d3dx9_30.dll
2015-06-27 15:30:11 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\system32\xactengine2_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\system32\x3daudio1_0.dll
2015-06-27 15:30:10 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2015-06-27 15:30:10 ----A---- C:\Windows\system32\d3dx9_29.dll
2015-06-27 15:30:09 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2015-06-27 15:30:09 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2015-06-27 15:30:09 ----A---- C:\Windows\system32\d3dx9_28.dll
2015-06-27 15:30:09 ----A---- C:\Windows\system32\d3dx9_27.dll
2015-06-27 15:30:07 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2015-06-27 15:30:07 ----A---- C:\Windows\system32\d3dx9_26.dll
2015-06-27 15:30:03 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2015-06-27 15:30:03 ----A---- C:\Windows\system32\d3dx9_25.dll
2015-06-27 15:30:01 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2015-06-27 15:30:01 ----A---- C:\Windows\system32\d3dx9_24.dll
2015-06-27 15:03:27 ----D---- C:\Windows\SYSWOW64\directx
2015-06-26 16:59:04 ----D---- C:\TopCD
2015-06-25 11:59:16 ----D---- C:\Windows\SYSWOW64\NV
2015-06-25 11:59:16 ----D---- C:\Windows\system32\NV
2015-06-25 11:56:45 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-06-25 11:56:45 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvopencl.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvoglv64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvIFR64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvFBC64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcuvid.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcuda.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcompiler.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2015-06-25 11:56:44 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-06-23 08:03:17 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-06-23 08:03:17 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-06-10 16:18:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-10 16:18:16 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 16:18:16 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 16:18:16 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 16:18:15 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 16:18:15 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 16:18:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 16:18:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-10 16:18:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 16:18:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-10 16:18:11 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-10 16:18:11 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 16:18:11 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 16:18:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 16:18:10 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 16:18:10 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 16:18:09 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 16:18:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 16:18:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 16:18:08 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-10 16:18:08 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 16:18:08 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 16:18:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 16:18:05 ----A---- C:\Windows\system32\mshtml.dll
2015-06-10 16:11:07 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 16:11:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-10 16:11:06 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 16:11:06 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\wow64.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 16:11:04 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 16:11:04 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 16:11:03 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 16:11:02 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-10 16:11:01 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\logman.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\smss.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\relog.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 16:10:59 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\system32\wow64win.dll
2015-06-10 16:10:58 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 16:10:55 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-10 16:10:55 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-10 16:10:55 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 16:07:06 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 16:07:05 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-10 16:07:04 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 16:07:03 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-10 16:07:03 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 15:56:17 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 15:56:16 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 15:56:14 ----A---- C:\Windows\system32\win32k.sys
2015-06-05 12:13:18 ----A---- C:\Windows\system32\invagent.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\generaltel.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\devinv.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\appraiser.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\aepic.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\aeinv.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\acmigration.dll
2015-06-05 12:13:17 ----A---- C:\Windows\system32\aepdu.dll
2015-06-02 08:53:43 ----A---- C:\Windows\system32\nvdispgenco6435306.dll
2015-06-02 08:53:43 ----A---- C:\Windows\system32\nvdispco6435306.dll

======List of files/folders modified in the last 1 month======

2015-07-01 13:45:20 ----D---- C:\Windows\Temp
2015-07-01 13:43:52 ----AD---- C:\ProgramData\TEMP
2015-07-01 13:43:36 ----D---- C:\Windows\system32\config
2015-07-01 13:43:21 ----D---- C:\Windows\system32\drivers
2015-07-01 13:42:57 ----D---- C:\Windows
2015-07-01 13:41:34 ----HD---- C:\ProgramData
2015-07-01 13:18:18 ----D---- C:\Windows\System32
2015-07-01 13:18:18 ----D---- C:\Windows\inf
2015-07-01 13:18:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-01 13:14:59 ----D---- C:\Windows\Prefetch
2015-07-01 13:11:52 ----D---- C:\Windows\Tasks
2015-07-01 12:00:19 ----D---- C:\Windows\system32\Tasks
2015-07-01 10:28:01 ----RD---- C:\Program Files (x86)
2015-06-30 21:08:26 ----RD---- C:\Program Files
2015-06-30 20:51:59 ----D---- C:\Users\Lenka\AppData\Roaming\Winamp
2015-06-30 20:51:49 ----D---- C:\Windows\debug
2015-06-30 19:15:34 ----D---- C:\Program Files (x86)\Hloubka zrady
2015-06-30 18:28:58 ----SHD---- C:\System Volume Information
2015-06-29 13:05:30 ----D---- C:\Windows\winsxs
2015-06-29 10:16:19 ----D---- C:\Windows\SysWOW64
2015-06-27 15:30:15 ----RSD---- C:\Windows\assembly
2015-06-27 15:29:59 ----D---- C:\Windows\Microsoft.NET
2015-06-27 14:57:49 ----D---- C:\Windows\Logs
2015-06-25 11:59:14 ----D---- C:\ProgramData\NVIDIA
2015-06-25 11:57:45 ----D---- C:\Windows\system32\DriverStore
2015-06-25 11:56:56 ----D---- C:\ProgramData\NVIDIA Corporation
2015-06-23 09:28:25 ----D---- C:\Windows\system32\NDF
2015-06-21 23:34:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-21 20:48:18 ----D---- C:\Users\Lenka\AppData\Roaming\vlc
2015-06-21 20:46:58 ----D---- C:\Users\Lenka\AppData\Roaming\dvdcss
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvinitx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvapi64.dll
2015-06-17 08:48:17 ----A---- C:\Windows\system32\nvvsvc.exe
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvsvcr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvshext.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvmctray.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvsvc64.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvcpl.dll
2015-06-16 14:10:52 ----D---- C:\ProgramData\AlawarWrapper
2015-06-15 10:21:44 ----D---- C:\Users\Lenka\AppData\Roaming\SolSuite
2015-06-12 21:09:30 ----D---- C:\Program Files (x86)\Alawar
2015-06-11 04:03:39 ----D---- C:\Windows\rescache
2015-06-11 03:24:25 ----D---- C:\Program Files\Windows Media Player
2015-06-11 03:24:25 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-11 03:24:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-11 03:24:17 ----D---- C:\Windows\system32\cs-CZ
2015-06-11 03:24:13 ----D---- C:\Windows\AppPatch
2015-06-11 03:24:06 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-11 03:24:06 ----D---- C:\Program Files\Internet Explorer
2015-06-11 03:24:03 ----D---- C:\Windows\system32\en-US
2015-06-11 03:24:03 ----D---- C:\Windows\PolicyDefinitions
2015-06-11 03:23:59 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-11 03:06:37 ----D---- C:\Windows\system32\MRT
2015-06-11 03:01:44 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 15:47:38 ----D---- C:\Windows\system32\catroot2
2015-06-06 09:00:06 ----D---- C:\Program Files (x86)\Ashampoo
2015-06-06 03:16:19 ----SD---- C:\Windows\system32\CompatTel
2015-06-06 03:16:19 ----D---- C:\Windows\system32\appraiser
2015-06-03 23:04:55 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-06-03 23:04:55 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-06-03 23:04:45 ----A---- C:\Windows\system32\nvspcap64.dll
2015-06-03 23:04:45 ----A---- C:\Windows\system32\nvspbridge64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-06-17 31376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-03-15 283064]
R1 NNSALPC;NNSAlpc; C:\Windows\system32\DRIVERS\NNSAlpc.sys [2015-02-09 93968]
R1 NNSHTTP;NNSHttp; C:\Windows\system32\DRIVERS\NNSHttp.sys [2015-02-09 202000]
R1 NNSHTTPS;NNSHttps; C:\Windows\system32\DRIVERS\NNSHttps.sys [2015-02-09 110864]
R1 NNSIDS;NNSids; C:\Windows\system32\DRIVERS\NNSIds.sys [2015-02-09 116496]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [2014-12-31 48400]
R1 NNSPICC;NNSPicc; C:\Windows\system32\DRIVERS\NNSPicc.sys [2015-02-09 99600]
R1 NNSPIHSW;NNSPihsw; C:\Windows\system32\DRIVERS\NNSPihsw.sys [2015-02-09 69904]
R1 NNSPOP3;NNSPop3; C:\Windows\system32\DRIVERS\NNSPop3.sys [2015-02-09 124176]
R1 NNSPROT;NNSProt; C:\Windows\system32\DRIVERS\NNSProt.sys [2015-02-09 299792]
R1 NNSPRV;NNSPrv; C:\Windows\system32\DRIVERS\NNSPrv.sys [2015-02-09 166160]
R1 NNSSMTP;NNSSmtp; C:\Windows\system32\DRIVERS\NNSSmtp.sys [2015-02-09 113424]
R1 NNSSTRM;NNSStrm; C:\Windows\system32\DRIVERS\NNSStrm.sys [2015-02-09 257296]
R1 NNSTLSC;NNSTlsc; C:\Windows\system32\DRIVERS\NNSTlsc.sys [2015-02-09 106256]
R1 PSINKNC;PSINKnc; C:\Windows\system32\DRIVERS\psinknc.sys [2015-02-25 197392]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 PSINAflt;PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [2015-02-25 163088]
R2 PSINFile;PSINFile; C:\Windows\system32\DRIVERS\PSINFile.sys [2015-02-25 121616]
R2 PSINProc;PSINProc; C:\Windows\system32\DRIVERS\PSINProc.sys [2015-02-25 124176]
R2 PSINProt;PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [2015-02-25 133904]
R2 PSINReg;PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [2015-02-25 107792]
R3 AMPPAL;Virtuální adaptér Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2013-04-11 164832]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-10-01 3828152]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2015-03-09 117912]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwsw00.sys [2013-04-18 11524096]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-03 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2013-04-11 164832]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 17920]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2015-01-29 61712]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;ASUS Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-04-11 772064]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-01-15 107320]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-04-18 621296]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-03 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-10-01 319376]
R2 NanoServiceMain;Panda Protection Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2015-02-27 142584]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-03 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-03 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R2 PandaAgent;Panda Devices Agent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2014-10-09 66808]
R2 PSUAService;Panda Product Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2015-02-27 38136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-04-18 149744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-09 107848]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-10-01 281488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-09 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-04-18 273136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-03-09 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
Lenka007
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 30 čer 2015 20:08

Re: zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Tro

#12 Příspěvek od Lenka007 »

tak to nepomohlo

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2015-07-01 13:52:08
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 62 GB (31%) free of 200 GB
Total RAM: 6030 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:52:12, on 1.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Lenka\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\trend micro\Lenka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: LinkVerifierBHO - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP\LinkVerifier.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [BoryItju] regsvr32.exe "C:\ProgramData\BoryItju\EiheFtav.mbo"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
O8 - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Lenka\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Lenka\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10481 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\system32\WLANExt.exe 25426896
\??\C:\Windows\system32\conhost.exe "-15715769381110143624-89252118081059944220663839912084060606-809837921542088180
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {C8158923-33F6-402E-9CD8-1C3BE14BDCE2}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"taskhost.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
taskeng.exe {7C530C83-A460-44D9-857F-8C3808076FF4}
ATKOSD.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
WDC.exe
"C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" c159c641-7fee-4830-bc61-28027fb3f500 1
\??\C:\Windows\system32\conhost.exe "1451852935-899562143-1580571352-1992643947-125175902017407039171009084-1999309520
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "938237752-580021577-10867436631466625804-174072087918470005963368080082008735873
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\sppsvc.exe
igfxEM.exe
igfxHK.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3de1f446-0723-4bda-ad09-b0e8c015a2cc -SystemEventPortName:HostProcess-74783fdb-e13b-4206-84bd-42294f8176a3 -IoCancelEventPortName:HostProcess-869d84dc-14b1-47aa-839c-db40e04f806a -NonStateChangingEventPortName:HostProcess-67ba7397-9b95-4ef0-a862-335b85bd8305 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:efddc4c8-780e-4fac-8de8-868050172c16 -DeviceGroupId:WpdFsGroup
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Users\Lenka\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Avanquest\Expert PDF 9 Professional\vspdfprsrv.exe" --background
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
wmiadap.exe /R /T
"C:\Users\Lenka\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\eoshqzkr.default

prefs.js - "browser.startup.homepage" - "about:Tabs"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5974A72-C81C-4DC3-BE77-A8A7BBC8864E}]
SpeedBit Link Verification Helper - C:\Program Files (x86)\DAP\LinkVerifier.dll [2015-05-31 442472]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-03 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-03 1571696]
"vspdfprsrv.exe"=C:\Program Files\Avanquest\Expert PDF 9 Professional\vspdfprsrv.exe [2013-05-17 10019328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"DownloadAccelerator"=C:\Program Files (x86)\DAP\DAP.EXE [2015-05-31 4242064]
"BoryItju"=regsvr32.exe C:\ProgramData\BoryItju\EiheFtav.mbo []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-01-11 328504]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2012-10-17 205184]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"PSUAMain"=C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [2015-02-27 40184]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSUAService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-01 13:49:32 ----D---- C:\ProgramData\BoryItju
2015-07-01 13:43:21 ----A---- C:\Windows\system32\drivers\PSKMAD.sys
2015-07-01 13:11:52 ----D---- C:\_OTM
2015-07-01 13:06:34 ----D---- C:\Windows\Minidump
2015-06-30 21:08:26 ----D---- C:\rsit
2015-06-30 21:08:26 ----D---- C:\Program Files\trend micro
2015-06-30 20:49:17 ----D---- C:\Program Files (x86)\CCleaner
2015-06-29 10:53:03 ----D---- C:\Program Files (x86)\ESET
2015-06-29 10:06:49 ----D---- C:\AdwCleaner
2015-06-27 16:20:33 ----D---- C:\Users\Lenka\AppData\Roaming\NVIDIA
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2015-06-27 15:30:59 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\XAudio2_7.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2015-06-27 15:30:59 ----A---- C:\Windows\system32\xactengine3_7.dll
2015-06-27 15:30:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2015-06-27 15:30:58 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2015-06-27 15:30:57 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2015-06-27 15:30:57 ----A---- C:\Windows\system32\d3dcsx_43.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2015-06-27 15:30:56 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\XAudio2_6.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2015-06-27 15:30:56 ----A---- C:\Windows\system32\xactengine3_6.dll
2015-06-27 15:30:55 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2015-06-27 15:30:55 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2015-06-27 15:30:54 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2015-06-27 15:30:54 ----A---- C:\Windows\system32\XAudio2_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2015-06-27 15:30:53 ----A---- C:\Windows\system32\xactengine3_5.dll
2015-06-27 15:30:53 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2015-06-27 15:30:52 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2015-06-27 15:30:52 ----A---- C:\Windows\system32\d3dcsx_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\system32\d3dx11_42.dll
2015-06-27 15:30:51 ----A---- C:\Windows\system32\d3dx10_42.dll
2015-06-27 15:30:50 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\D3DX9_42.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\d3dx10_41.dll
2015-06-27 15:30:50 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2015-06-27 15:30:49 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2015-06-27 15:30:49 ----A---- C:\Windows\system32\D3DX9_41.dll
2015-06-27 15:30:47 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2015-06-27 15:30:47 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2015-06-27 15:30:47 ----A---- C:\Windows\system32\XAudio2_4.dll
2015-06-27 15:30:47 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2015-06-27 15:30:46 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2015-06-27 15:30:46 ----A---- C:\Windows\system32\xactengine3_4.dll
2015-06-27 15:30:45 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2015-06-27 15:30:45 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2015-06-27 15:30:44 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\system32\d3dx10_40.dll
2015-06-27 15:30:44 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2015-06-27 15:30:43 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2015-06-27 15:30:43 ----A---- C:\Windows\system32\D3DX9_40.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2015-06-27 15:30:42 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\XAudio2_3.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2015-06-27 15:30:42 ----A---- C:\Windows\system32\xactengine3_3.dll
2015-06-27 15:30:41 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2015-06-27 15:30:41 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2015-06-27 15:30:40 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2015-06-27 15:30:40 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2015-06-27 15:30:40 ----A---- C:\Windows\system32\XAudio2_2.dll
2015-06-27 15:30:40 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\xactengine3_2.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\d3dx10_39.dll
2015-06-27 15:30:39 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2015-06-27 15:30:37 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\XAudio2_1.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2015-06-27 15:30:37 ----A---- C:\Windows\system32\D3DX9_39.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2015-06-27 15:30:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\xactengine3_1.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2015-06-27 15:30:36 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2015-06-27 15:30:35 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2015-06-27 15:30:35 ----A---- C:\Windows\system32\d3dx10_38.dll
2015-06-27 15:30:34 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2015-06-27 15:30:34 ----A---- C:\Windows\system32\D3DX9_38.dll
2015-06-27 15:30:33 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\system32\XAudio2_0.dll
2015-06-27 15:30:33 ----A---- C:\Windows\system32\xactengine3_0.dll
2015-06-27 15:30:32 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2015-06-27 15:30:32 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2015-06-27 15:30:31 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\system32\d3dx10_37.dll
2015-06-27 15:30:31 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2015-06-27 15:30:30 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2015-06-27 15:30:30 ----A---- C:\Windows\system32\D3DX9_37.dll
2015-06-27 15:30:28 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2015-06-27 15:30:28 ----A---- C:\Windows\system32\xactengine2_10.dll
2015-06-27 15:30:27 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\system32\d3dx10_36.dll
2015-06-27 15:30:27 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\d3dx9_36.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\d3dx10_35.dll
2015-06-27 15:30:26 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2015-06-27 15:30:25 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2015-06-27 15:30:25 ----A---- C:\Windows\system32\d3dx9_35.dll
2015-06-27 15:30:24 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2015-06-27 15:30:24 ----A---- C:\Windows\system32\xactengine2_8.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\d3dx9_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\d3dx10_34.dll
2015-06-27 15:30:23 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\d3dx9_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\d3dx10_33.dll
2015-06-27 15:30:22 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2015-06-27 15:30:21 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2015-06-27 15:30:21 ----A---- C:\Windows\system32\xactengine2_6.dll
2015-06-27 15:30:20 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2015-06-27 15:30:20 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2015-06-27 15:30:20 ----A---- C:\Windows\system32\xactengine2_5.dll
2015-06-27 15:30:20 ----A---- C:\Windows\system32\d3dx10.dll
2015-06-27 15:30:19 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2015-06-27 15:30:19 ----A---- C:\Windows\system32\d3dx9_32.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2015-06-27 15:30:18 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xinput1_2.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xactengine2_4.dll
2015-06-27 15:30:18 ----A---- C:\Windows\system32\xactengine2_3.dll
2015-06-27 15:30:17 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2015-06-27 15:30:17 ----A---- C:\Windows\system32\xactengine2_2.dll
2015-06-27 15:30:16 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2015-06-27 15:30:16 ----A---- C:\Windows\system32\xinput1_1.dll
2015-06-27 15:30:15 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2015-06-27 15:30:15 ----A---- C:\Windows\system32\xactengine2_1.dll
2015-06-27 15:30:12 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2015-06-27 15:30:12 ----A---- C:\Windows\system32\d3dx9_30.dll
2015-06-27 15:30:11 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\system32\xactengine2_0.dll
2015-06-27 15:30:11 ----A---- C:\Windows\system32\x3daudio1_0.dll
2015-06-27 15:30:10 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2015-06-27 15:30:10 ----A---- C:\Windows\system32\d3dx9_29.dll
2015-06-27 15:30:09 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2015-06-27 15:30:09 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2015-06-27 15:30:09 ----A---- C:\Windows\system32\d3dx9_28.dll
2015-06-27 15:30:09 ----A---- C:\Windows\system32\d3dx9_27.dll
2015-06-27 15:30:07 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2015-06-27 15:30:07 ----A---- C:\Windows\system32\d3dx9_26.dll
2015-06-27 15:30:03 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2015-06-27 15:30:03 ----A---- C:\Windows\system32\d3dx9_25.dll
2015-06-27 15:30:01 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2015-06-27 15:30:01 ----A---- C:\Windows\system32\d3dx9_24.dll
2015-06-27 15:03:27 ----D---- C:\Windows\SYSWOW64\directx
2015-06-26 16:59:04 ----D---- C:\TopCD
2015-06-25 11:59:16 ----D---- C:\Windows\SYSWOW64\NV
2015-06-25 11:59:16 ----D---- C:\Windows\system32\NV
2015-06-25 11:56:45 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-06-25 11:56:45 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-06-25 11:56:44 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvopencl.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvoglv64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvIFR64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\NvFBC64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcuvid.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcuda.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\nvcompiler.dll
2015-06-25 11:56:44 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2015-06-25 11:56:44 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-06-23 08:03:17 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-06-23 08:03:17 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-06-10 16:18:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-10 16:18:16 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 16:18:16 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 16:18:16 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-10 16:18:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 16:18:15 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 16:18:15 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 16:18:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 16:18:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 16:18:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-10 16:18:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-10 16:18:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 16:18:12 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 16:18:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-10 16:18:11 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-10 16:18:11 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 16:18:11 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 16:18:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 16:18:10 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 16:18:10 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 16:18:09 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 16:18:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 16:18:09 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 16:18:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 16:18:08 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-10 16:18:08 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 16:18:08 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 16:18:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 16:18:07 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 16:18:06 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 16:18:05 ----A---- C:\Windows\system32\mshtml.dll
2015-06-10 16:11:07 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 16:11:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-10 16:11:06 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 16:11:06 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 16:11:05 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 16:11:04 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\wow64.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 16:11:04 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 16:11:04 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 16:11:04 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-10 16:11:03 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 16:11:03 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 16:11:03 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 16:11:02 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 16:11:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-10 16:11:01 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-10 16:11:01 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 16:11:01 ----A---- C:\Windows\system32\logman.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-10 16:11:00 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\smss.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\relog.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 16:11:00 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-10 16:10:59 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 16:10:59 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 16:10:59 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-10 16:10:58 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-10 16:10:58 ----A---- C:\Windows\system32\wow64win.dll
2015-06-10 16:10:58 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 16:10:57 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 16:10:56 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 16:10:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 16:10:55 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-10 16:10:55 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-10 16:10:55 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 16:10:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-10 16:10:54 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 16:10:54 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 16:07:06 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 16:07:05 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-10 16:07:04 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 16:07:04 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 16:07:03 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-10 16:07:03 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 15:56:17 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 15:56:16 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 15:56:14 ----A---- C:\Windows\system32\win32k.sys
2015-06-05 12:13:18 ----A---- C:\Windows\system32\invagent.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\generaltel.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\devinv.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\appraiser.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\aepic.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\aeinv.dll
2015-06-05 12:13:18 ----A---- C:\Windows\system32\acmigration.dll
2015-06-05 12:13:17 ----A---- C:\Windows\system32\aepdu.dll
2015-06-02 08:53:43 ----A---- C:\Windows\system32\nvdispgenco6435306.dll
2015-06-02 08:53:43 ----A---- C:\Windows\system32\nvdispco6435306.dll

======List of files/folders modified in the last 1 month======

2015-07-01 13:51:30 ----AD---- C:\ProgramData\TEMP
2015-07-01 13:51:10 ----D---- C:\Windows\Temp
2015-07-01 13:51:04 ----D---- C:\Windows\system32\config
2015-07-01 13:50:54 ----D---- C:\Windows\system32\drivers
2015-07-01 13:50:49 ----D---- C:\Windows\system32\catroot2
2015-07-01 13:49:32 ----HD---- C:\ProgramData
2015-07-01 13:49:16 ----D---- C:\Windows\System32
2015-07-01 13:49:16 ----D---- C:\Windows\inf
2015-07-01 13:49:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-01 13:47:06 ----D---- C:\Program Files (x86)\Google
2015-07-01 13:47:05 ----SHD---- C:\Windows\Installer
2015-07-01 13:46:43 ----D---- C:\Windows\Prefetch
2015-07-01 13:42:57 ----D---- C:\Windows
2015-07-01 13:11:52 ----D---- C:\Windows\Tasks
2015-07-01 12:00:19 ----D---- C:\Windows\system32\Tasks
2015-07-01 10:28:01 ----RD---- C:\Program Files (x86)
2015-06-30 21:08:26 ----RD---- C:\Program Files
2015-06-30 20:51:59 ----D---- C:\Users\Lenka\AppData\Roaming\Winamp
2015-06-30 20:51:49 ----D---- C:\Windows\debug
2015-06-30 19:15:34 ----D---- C:\Program Files (x86)\Hloubka zrady
2015-06-30 18:28:58 ----SHD---- C:\System Volume Information
2015-06-29 13:05:30 ----D---- C:\Windows\winsxs
2015-06-29 10:16:19 ----D---- C:\Windows\SysWOW64
2015-06-27 15:30:15 ----RSD---- C:\Windows\assembly
2015-06-27 15:29:59 ----D---- C:\Windows\Microsoft.NET
2015-06-27 14:57:49 ----D---- C:\Windows\Logs
2015-06-25 11:59:14 ----D---- C:\ProgramData\NVIDIA
2015-06-25 11:57:45 ----D---- C:\Windows\system32\DriverStore
2015-06-25 11:56:56 ----D---- C:\ProgramData\NVIDIA Corporation
2015-06-23 09:28:25 ----D---- C:\Windows\system32\NDF
2015-06-21 23:34:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-21 20:48:18 ----D---- C:\Users\Lenka\AppData\Roaming\vlc
2015-06-21 20:46:58 ----D---- C:\Users\Lenka\AppData\Roaming\dvdcss
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvinitx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvapi64.dll
2015-06-17 08:48:17 ----A---- C:\Windows\system32\nvvsvc.exe
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvsvcr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvshext.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvmctray.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvsvc64.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvcpl.dll
2015-06-16 14:10:52 ----D---- C:\ProgramData\AlawarWrapper
2015-06-15 10:21:44 ----D---- C:\Users\Lenka\AppData\Roaming\SolSuite
2015-06-12 21:09:30 ----D---- C:\Program Files (x86)\Alawar
2015-06-11 04:03:39 ----D---- C:\Windows\rescache
2015-06-11 03:24:25 ----D---- C:\Program Files\Windows Media Player
2015-06-11 03:24:25 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-11 03:24:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-11 03:24:17 ----D---- C:\Windows\system32\cs-CZ
2015-06-11 03:24:13 ----D---- C:\Windows\AppPatch
2015-06-11 03:24:06 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-11 03:24:06 ----D---- C:\Program Files\Internet Explorer
2015-06-11 03:24:03 ----D---- C:\Windows\system32\en-US
2015-06-11 03:24:03 ----D---- C:\Windows\PolicyDefinitions
2015-06-11 03:23:59 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-11 03:06:37 ----D---- C:\Windows\system32\MRT
2015-06-11 03:01:44 ----A---- C:\Windows\system32\MRT.exe
2015-06-06 09:00:06 ----D---- C:\Program Files (x86)\Ashampoo
2015-06-06 03:16:19 ----SD---- C:\Windows\system32\CompatTel
2015-06-06 03:16:19 ----D---- C:\Windows\system32\appraiser
2015-06-03 23:04:55 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-06-03 23:04:55 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-06-03 23:04:45 ----A---- C:\Windows\system32\nvspcap64.dll
2015-06-03 23:04:45 ----A---- C:\Windows\system32\nvspbridge64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-06-17 31376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-03-15 283064]
R1 NNSALPC;NNSAlpc; C:\Windows\system32\DRIVERS\NNSAlpc.sys [2015-02-09 93968]
R1 NNSHTTP;NNSHttp; C:\Windows\system32\DRIVERS\NNSHttp.sys [2015-02-09 202000]
R1 NNSHTTPS;NNSHttps; C:\Windows\system32\DRIVERS\NNSHttps.sys [2015-02-09 110864]
R1 NNSIDS;NNSids; C:\Windows\system32\DRIVERS\NNSIds.sys [2015-02-09 116496]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [2014-12-31 48400]
R1 NNSPICC;NNSPicc; C:\Windows\system32\DRIVERS\NNSPicc.sys [2015-02-09 99600]
R1 NNSPIHSW;NNSPihsw; C:\Windows\system32\DRIVERS\NNSPihsw.sys [2015-02-09 69904]
R1 NNSPOP3;NNSPop3; C:\Windows\system32\DRIVERS\NNSPop3.sys [2015-02-09 124176]
R1 NNSPROT;NNSProt; C:\Windows\system32\DRIVERS\NNSProt.sys [2015-02-09 299792]
R1 NNSPRV;NNSPrv; C:\Windows\system32\DRIVERS\NNSPrv.sys [2015-02-09 166160]
R1 NNSSMTP;NNSSmtp; C:\Windows\system32\DRIVERS\NNSSmtp.sys [2015-02-09 113424]
R1 NNSSTRM;NNSStrm; C:\Windows\system32\DRIVERS\NNSStrm.sys [2015-02-09 257296]
R1 NNSTLSC;NNSTlsc; C:\Windows\system32\DRIVERS\NNSTlsc.sys [2015-02-09 106256]
R1 PSINKNC;PSINKnc; C:\Windows\system32\DRIVERS\psinknc.sys [2015-02-25 197392]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 PSINAflt;PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [2015-02-25 163088]
R2 PSINFile;PSINFile; C:\Windows\system32\DRIVERS\PSINFile.sys [2015-02-25 121616]
R2 PSINProc;PSINProc; C:\Windows\system32\DRIVERS\PSINProc.sys [2015-02-25 124176]
R2 PSINProt;PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [2015-02-25 133904]
R2 PSINReg;PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [2015-02-25 107792]
R3 AMPPAL;Virtuální adaptér Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2013-04-11 164832]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-10-01 3828152]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2015-03-09 117912]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwsw00.sys [2013-04-18 11524096]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-03 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2015-01-29 61712]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2013-04-11 164832]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 17920]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;ASUS Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-01-15 107320]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-04-18 621296]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-03 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-10-01 319376]
R2 NanoServiceMain;Panda Protection Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2015-02-27 142584]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-03 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-03 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R2 PandaAgent;Panda Devices Agent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2014-10-09 66808]
R2 PSUAService;Panda Product Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2015-02-27 38136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-04-18 149744]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-04-11 772064]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-10-01 281488]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-04-18 273136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-03-09 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119675
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Tro

#13 Příspěvek od Rudy »

Pustíme na to ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.
Po skončení akce dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Lenka007
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 30 čer 2015 20:08

Re: zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Tro

#14 Příspěvek od Lenka007 »

ComboFix 15-06-30.01 - Lenka 01.07.2015 14:34:08.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.6030.4273 [GMT 2:00]
Spuštěný z: c:\users\Lenka\Downloads\ComboFix.exe
AV: Panda Internet Security 2015 *Enabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
FW: Panda Firewall *Enabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
SP: Panda Internet Security 2015 *Enabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-06-01 do 2015-07-01 )))))))))))))))))))))))))))))))
.
.
2015-07-01 12:38 . 2015-07-01 12:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-01 12:11 . 2015-07-01 12:11 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D8320173-A933-4A14-B0E4-B4F2D35E5858}\offreg.4712.dll
2015-07-01 11:49 . 2015-07-01 11:49 -------- d-----w- c:\programdata\BoryItju
2015-07-01 11:43 . 2015-01-29 17:21 61712 ----a-w- c:\windows\system32\drivers\PSKMAD.sys
2015-07-01 11:11 . 2015-07-01 11:11 -------- d-----w- C:\_OTM
2015-06-30 19:08 . 2015-07-01 11:52 -------- d-----w- c:\program files\trend micro
2015-06-30 19:08 . 2015-07-01 10:35 -------- d-----w- C:\rsit
2015-06-30 18:49 . 2015-06-30 18:49 -------- d-----w- c:\program files (x86)\CCleaner
2015-06-30 16:29 . 2015-06-12 07:50 12221144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D8320173-A933-4A14-B0E4-B4F2D35E5858}\mpengine.dll
2015-06-29 08:53 . 2015-06-29 08:53 -------- d-----w- c:\program files (x86)\ESET
2015-06-29 08:06 . 2015-07-01 08:28 -------- d-----w- C:\AdwCleaner
2015-06-27 14:20 . 2015-06-27 14:20 -------- d-----w- c:\users\Lenka\AppData\Roaming\NVIDIA
2015-06-26 14:59 . 2015-06-26 14:59 -------- d-----w- C:\TopCD
2015-06-25 09:59 . 2015-06-25 09:59 -------- d-----w- c:\windows\SysWow64\NV
2015-06-25 09:59 . 2015-06-25 09:59 -------- d-----w- c:\windows\system32\NV
2015-06-23 06:03 . 2015-05-19 03:29 46768 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2015-06-23 06:03 . 2015-05-19 03:14 57520 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2015-06-10 14:11 . 2015-05-25 18:19 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-06-10 14:10 . 2015-05-25 18:19 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-06-10 14:07 . 2015-04-29 18:22 14635008 ----a-w- c:\windows\system32\wmp.dll
2015-06-10 13:56 . 2015-04-24 18:17 633856 ----a-w- c:\windows\system32\comctl32.dll
2015-06-10 13:56 . 2015-04-24 17:56 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2015-06-10 13:56 . 2015-05-25 17:08 3206144 ----a-w- c:\windows\system32\win32k.sys
2015-06-05 10:13 . 2015-05-22 18:18 700416 ----a-w- c:\windows\system32\generaltel.dll
2015-06-05 10:13 . 2015-05-22 18:18 757248 ----a-w- c:\windows\system32\invagent.dll
2015-06-05 10:13 . 2015-05-22 18:18 423424 ----a-w- c:\windows\system32\devinv.dll
2015-06-05 10:13 . 2015-05-22 18:18 1021440 ----a-w- c:\windows\system32\appraiser.dll
2015-06-05 10:13 . 2015-05-22 18:18 45568 ----a-w- c:\windows\system32\acmigration.dll
2015-06-05 10:13 . 2015-05-22 18:13 1119232 ----a-w- c:\windows\system32\aeinv.dll
2015-06-05 10:13 . 2015-05-21 13:19 193536 ----a-w- c:\windows\system32\aepic.dll
2015-06-05 10:13 . 2015-05-22 18:18 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-06-02 06:53 . 2015-05-28 07:04 1898312 ----a-w- c:\windows\system32\nvdispco6435306.dll
2015-06-02 06:53 . 2015-05-28 07:04 1557832 ----a-w- c:\windows\system32\nvdispgenco6435306.dll
2015-06-01 14:58 . 2015-06-01 14:58 -------- d-----w- c:\users\Lenka\AppData\Roaming\AutoMapa EU Data
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-21 21:34 . 2015-03-10 17:39 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-06-21 21:34 . 2015-03-10 17:39 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-17 09:10 . 2013-12-10 07:13 938752 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-06-17 09:10 . 2013-12-10 07:13 1099992 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-06-17 09:10 . 2013-12-10 07:13 176904 ----a-w- c:\windows\system32\nvinitx.dll
2015-06-17 09:10 . 2013-12-10 07:13 155280 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-06-17 09:10 . 2013-12-10 07:13 12855416 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-06-17 09:10 . 2013-12-10 07:12 3395648 ----a-w- c:\windows\system32\nvapi64.dll
2015-06-17 06:48 . 2015-03-09 11:37 937616 ----a-w- c:\windows\system32\nvvsvc.exe
2015-06-17 06:48 . 2015-03-09 11:37 74896 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-06-17 06:48 . 2015-03-09 11:37 62792 ----a-w- c:\windows\system32\nvshext.dll
2015-06-17 06:48 . 2015-03-09 11:37 385168 ----a-w- c:\windows\system32\nvmctray.dll
2015-06-17 06:48 . 2015-03-09 11:37 2558792 ----a-w- c:\windows\system32\nvsvcr.dll
2015-06-17 06:48 . 2015-03-09 11:37 1059472 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-06-17 06:48 . 2015-03-09 11:37 6873232 ----a-w- c:\windows\system32\nvcpl.dll
2015-06-17 06:48 . 2015-03-09 11:37 3492168 ----a-w- c:\windows\system32\nvsvc64.dll
2015-06-11 01:01 . 2015-03-09 11:13 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-06-03 21:04 . 2015-03-09 09:53 1320304 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-06-03 21:04 . 2015-03-09 09:53 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-06-03 21:04 . 2015-03-09 09:53 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-06-03 21:04 . 2015-03-09 09:53 1571696 ----a-w- c:\windows\system32\nvspcap64.dll
2015-06-02 14:11 . 2015-03-09 11:37 4421614 ----a-w- c:\windows\system32\nvcoproc.bin
2015-05-30 22:07 . 2015-05-30 22:07 172032 ----a-w- c:\windows\SysWow64\AniGIF.ocx
2015-05-25 18:19 . 2015-06-10 14:11 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 14:11 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-25 18:01 . 2015-06-10 14:11 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-25 18:01 . 2015-06-10 14:11 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-10 14:11 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-19 03:14 . 2015-03-09 09:40 61616 ----a-w- c:\windows\system32\nvaudcap64v.dll
2015-05-12 06:27 . 2015-05-29 19:19 1898312 ----a-w- c:\windows\system32\nvdispco6435286.dll
2015-05-12 06:27 . 2015-05-29 19:19 1557648 ----a-w- c:\windows\system32\nvdispgenco6435286.dll
2015-05-01 13:17 . 2015-05-14 01:00 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-14 01:00 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-20 03:17 . 2015-05-13 05:13 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-04-20 03:17 . 2015-05-13 05:13 1179136 ----a-w- c:\windows\system32\FntCache.dll
2015-04-20 02:56 . 2015-05-13 05:13 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-04-18 03:10 . 2015-05-13 05:18 460800 ----a-w- c:\windows\system32\certcli.dll
2015-04-18 02:56 . 2015-05-13 05:18 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-04-13 03:28 . 2015-05-13 05:13 328704 ----a-w- c:\windows\system32\services.exe
2015-04-11 03:19 . 2015-05-29 19:00 69888 ----a-w- c:\windows\system32\drivers\stream.sys
2015-04-08 03:29 . 2015-05-13 05:13 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-04-08 03:29 . 2015-05-13 05:13 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-04-08 03:14 . 2015-05-13 05:13 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D5974A72-C81C-4DC3-BE77-A8A7BBC8864E}]
2015-05-30 22:07 442472 ----a-w- c:\program files (x86)\DAP\LinkVerifier.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"DownloadAccelerator"="c:\program files (x86)\DAP\DAP.EXE" [2015-05-30 4242064]
"BoryItju"="c:\programdata\BoryItju\EiheFtav.mbo" [2015-07-01 315392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2013-01-11 328504]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-10-17 205184]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-27 291608]
"PSUAMain"="c:\program files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" [2015-02-26 40184]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2012-03-26 449168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys;c:\windows\SYSNATIVE\DRIVERS\InputFilter_FlexDef2b.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSAlpc.sys [x]
S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttp.sys [x]
S1 NNSHTTPS;NNSHTTPS;c:\windows\system32\DRIVERS\NNSHttps.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttps.sys [x]
S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys;c:\windows\SYSNATIVE\DRIVERS\NNSIds.sys [x]
S1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys;c:\windows\SYSNATIVE\DRIVERS\NNSNAHSL.sys [x]
S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPicc.sys [x]
S1 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPihsw.sys [x]
S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPop3.sys [x]
S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys;c:\windows\SYSNATIVE\DRIVERS\NNSProt.sys [x]
S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPrv.sys [x]
S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSSmtp.sys [x]
S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys;c:\windows\SYSNATIVE\DRIVERS\NNSStrm.sys [x]
S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSTlsc.sys [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys;c:\windows\SYSNATIVE\DRIVERS\psinknc.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 NanoServiceMain;Panda Protection Service;c:\program files (x86)\Panda Security\Panda Security Protection\PSANHost.exe;c:\program files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PandaAgent;Panda Devices Agent;c:\program files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe;c:\program files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [x]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys;c:\windows\SYSNATIVE\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProt.sys [x]
S2 PSINReg;PSINReg;c:\windows\system32\DRIVERS\PSINReg.sys;c:\windows\SYSNATIVE\DRIVERS\PSINReg.sys [x]
S2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Security Protection\PSUAService.exe;c:\program files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Virtuální adaptér Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys;c:\windows\SYSNATIVE\DRIVERS\PSKMAD.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-06-03 2754704]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-06-03 1571696]
"vspdfprsrv.exe"="c:\program files\Avanquest\Expert PDF 9 Professional\vspdfprsrv.exe" [2013-05-17 10019328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:Tabs
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Download with &DAP - c:\program files (x86)\DAP\dapextie.htm
IE: &Verify with DAP - c:\program files (x86)\DAP\dapverify.htm
IE: Download &all with DAP - c:\program files (x86)\DAP\dapextie2.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.43.1
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files (x86)\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files (x86)\DAP\dapie.dll
FF - ProfilePath - c:\users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\eoshqzkr.default\
FF - prefs.js: browser.startup.homepage - about:Tabs
FF - prefs.js: network.proxy.ftp - 109.231.140.170
FF - prefs.js: network.proxy.ftp_port - 8081
FF - prefs.js: network.proxy.http - 109.231.140.170
FF - prefs.js: network.proxy.http_port - 8081
FF - prefs.js: network.proxy.socks - 109.231.140.170
FF - prefs.js: network.proxy.socks_port - 8081
FF - prefs.js: network.proxy.ssl - 109.231.140.170
FF - prefs.js: network.proxy.ssl_port - 8081
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-{039BC111-5D42-BD22-5D57-C7073E40209A}_is1 - c:\program files (x86)\SuperEasy Software\Video Converter 2\unins000.exe
AddRemove-{08A25478-C5DD-4EA7-B168-3D687CA987FF} - c:\program files\InstallShield Installation Information\{08A25478-C5DD-4EA7-B168-3D687CA987FF}\Sims3SP05Setup.exe
AddRemove-{117B6BF6-82C3-420C-B284-9247C8568E53} - c:\program files\InstallShield Installation Information\{117B6BF6-82C3-420C-B284-9247C8568E53}\setup.exe
AddRemove-{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43} - c:\program files\InstallShield Installation Information\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}\Sims3SP07Setup.exe
AddRemove-{3BBFD444-5FAB-49F6-98B1-A1954E831399} - c:\program files\InstallShield Installation Information\{3BBFD444-5FAB-49F6-98B1-A1954E831399}\Sims3EP06Setup.exe
AddRemove-{3DE92282-CB49-434F-81BF-94E5B380E889} - c:\program files\InstallShield Installation Information\{3DE92282-CB49-434F-81BF-94E5B380E889}\Sims3EP08Setup.exe
AddRemove-{45057FCE-5784-48BE-8176-D9D00AF56C3C} - c:\program files\InstallShield Installation Information\{45057FCE-5784-48BE-8176-D9D00AF56C3C}\setup.exe
AddRemove-{71828142-5A24-4BD0-97E7-976DA08CE6CF} - c:\program files\InstallShield Installation Information\{71828142-5A24-4BD0-97E7-976DA08CE6CF}\setup.exe
AddRemove-{7B11296A-F894-449C-8DF6-6AAAA7D4D118} - c:\program files\InstallShield Installation Information\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}\Sims3SP04Setup.exe
AddRemove-{910F4A29-1134-49E0-AD8B-56E4A3152BD1} - c:\program files\InstallShield Installation Information\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}\setup.exe
AddRemove-{9B2506E3-9A3F-45B5-96BF-509CAD584650} - c:\program files\InstallShield Installation Information\{9B2506E3-9A3F-45B5-96BF-509CAD584650}\Sims3SP06Setup.exe
AddRemove-{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09} - c:\program files\InstallShield Installation Information\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}\Sims3EP11Setup.exe
AddRemove-{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1} - c:\program files\InstallShield Installation Information\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}\Sims3EP07Setup.exe
AddRemove-{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC} - c:\program files\InstallShield Installation Information\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}\setup.exe
AddRemove-{C05D8CDB-417D-4335-A38C-A0659EDFD6B8} - c:\program files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe
AddRemove-{C12631C6-804D-4B32-B0DD-8A496462F106} - c:\program files\InstallShield Installation Information\{C12631C6-804D-4B32-B0DD-8A496462F106}\Sims3EP05Setup.exe
AddRemove-{D0087539-3C57-44E0-BEE7-D779D546CBE1} - c:\program files\InstallShield Installation Information\{D0087539-3C57-44E0-BEE7-D779D546CBE1}\Sims3SP09Setup.exe
AddRemove-{DB21639E-FE55-432C-BCA2-0C5249E3F79E} - c:\program files\InstallShield Installation Information\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}\Sims3EP10Setup.exe
AddRemove-{E1868CAE-E3B9-4099-8C18-AA8944D336FD} - c:\program files\InstallShield Installation Information\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}\Sims3SP08Setup.exe
AddRemove-{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC} - c:\program files\InstallShield Installation Information\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}\Sims3EP04Setup.exe
AddRemove-{ED436EA8-4145-4703-AE5D-4D09DD24AF5A} - c:\program files\InstallShield Installation Information\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}\setup.exe
AddRemove-{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36} - c:\program files\InstallShield Installation Information\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}\Sims3EP09Setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_160_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_160_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_160_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_160_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-07-01 14:40:46
ComboFix-quarantined-files.txt 2015-07-01 12:40
.
Před spuštěním: Volných bajtů: 65 132 875 776
Po spuštění: Volných bajtů: 64 961 167 360
.
- - End Of File - - 7FB4DA0C1EFBFF93FB5D6E987EB5673A
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119675
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zablokovaný facebook-zřejmě červ Win32/PSW.Papras.CX Tro

#15 Příspěvek od Rudy »

Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Folder::
c:\programdata\BoryItju

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BoryItju"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“