VIRY.CZ

Zdravim, kdyz nainstaluju League of Legends, hra funguje do prvniho restartu pc, pak jiz ne... dostavam hlasku

Program Generic Host Process for Win32 Services prestal pracovat
log:
Podpis problému:
Název události problému: APPCRASH
Název aplikace: svchost.exe
Verze aplikace: 5.1.0.0
Časové razítko aplikace: 3b866bf0
Název chybného modulu: StackHash_ea95
Verze chybného modulu: 0.0.0.0
Časové razítko chybného modulu: 00000000
Kód výjimky: c0000005
Posun výjimky: ffffffff
Verze operačního systému: 6.1.7601.2.1.0.768.2
ID národního prostředí: 1029
Další informace 1: ea95
Další informace 2: ea954f0c568ba4eccdd6538ff921bc3d
Další informace 3: c827
Další informace 4: c827be562918e5c79665e70423ef1cd3

Přečtěte si prohlášení o zásadách ochrany osobních údajů online:
http://go.microsoft.com/fwlink/?linkid= ... cid=0x0405

Pokud není k dispozici Prohlášení o zásadách ochrany osobních údajů online, přečtěte si toto prohlášení offline:
C:\Windows\system32\cs-CZ\erofflps.txt



a take Program League of Legends (TM) Client prestal pracovat
log:
Podpis problému:
Název události problému: APPCRASH
Název aplikace: League of Legends.exe
Verze aplikace: 3.3.0.199
Časové razítko aplikace: 3b866bf0
Název chybného modulu: ntdll.dll
Verze chybného modulu: 6.1.7601.17725
Časové razítko chybného modulu: 4ec49b8f
Kód výjimky: c0000005
Posun výjimky: 00033ab3
Verze operačního systému: 6.1.7601.2.1.0.768.2
ID národního prostředí: 1029
Další informace 1: 50cd
Další informace 2: 50cdaf11d637649879a9bc38de1feb3c
Další informace 3: 9079
Další informace 4: 9079c80599f3eef4d7945ee43a64ca7b

Přečtěte si prohlášení o zásadách ochrany osobních údajů online:
http://go.microsoft.com/fwlink/?linkid= ... cid=0x0405

Pokud není k dispozici Prohlášení o zásadách ochrany osobních údajů online, přečtěte si toto prohlášení offline:
C:\Windows\system32\cs-CZ\erofflps.txt



zkousel jsem vse mozne, a nahodou jsem narazil ze i tady na foru jste nekomu vyresili stejny problem... tak bych rad pozadal i radu zde

Také zdravím!

shokarta píše:Zdravim, kdyz nainstaluju League of Legends, hra funguje do prvniho restartu pc, pak jiz ne... dostavam hlasku

Program Generic Host Process for Win32 Services prestal pracovat......

............a nahodou jsem narazil ze i tady na foru jste nekomu vyresili stejny problem... tak bych rad pozadal i radu zde

To jsme odstranili. Často je tento problém virový. Jenže váš problém (tedy za předpokladu, že se to děje pouze po instalaci této hry) je v té hře samotné a my nejsme herní fórum. Jsme fórum bezpečnostní. V takovém případě musíte vyhledat pomoc na některém herním fóru.

to samozrejmne chapu... ale vzdy prvni pusteni hry je v poradku... a casto tento problem nastava ve chvili kdy mi to pise i u jicych aplikaci, nez jen teto hry... verim ze to ma neco spolecneho s nejakym virem, ktery se do hry dostane az po case...

jake by bylo tedy idealni reseni? ktery antivitus mam stahnout a zkusit?

Když tu hru odinstalujete, je všechno v pořádku?

ne neni, vim ze to neni hrou samotnou... neco se nekde deje, a ja uz to resim rok.. nekdy to jde mesic, nekdy jen jedno pusteni, nekdy pul roku... hadam ze bude vir nekde, kterej mi lita a v nejaky dobe se mi k te hre prichyti...

jestli by jste doporucil nejaky free soft na scan disku (i externiho), abych odhalil co tu mam, byl bych vdecny...


muj notas ani externi disk uz cca 4 roky nebyli pod zadnym antivirem ani windowsackym defenderem/firewallem... jsem za komplexni lan siti, a mame to tu dost dobre chranene... s pc novacek nejsem, zasadne nepoustim zadne aplikace co kde stahnu nebo sezenu... ale tak za takovou dobu verim ze se ke mne uz necvo dostalo

OK. Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=105895 .

Logfile of random's system information tool 1.08 (written by random/random)
Run by Shokarta at 2013-03-18 22:13:35
Microsoft Windows 7 Home Basic Service Pack 1
System drive C: has 231 GB (76%) free of 305 GB
Total RAM: 2813 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:13:37, on 18.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Users\Shokarta\MirandaICQ\miranda32.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Users\Shokarta\MirandaFB\miranda32.exe
C:\Program Files\trend micro\Shokarta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: miranda32 – zástupce (2).lnk = C:\Users\Shokarta\MirandaICQ\miranda32.exe
O4 - Startup: miranda32 – zástupce.lnk = C:\Users\Shokarta\MirandaFB\miranda32.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6710 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\svchost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\Shokarta\MirandaICQ\miranda32.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe" /Start
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe"
"C:\Users\Shokarta\MirandaFB\miranda32.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Total Commander\totalcmd64.exe"
"C:\Downloads\From Browser\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-03-18 3093624]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []

C:\Users\Shokarta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
miranda32 – zástupce (2).lnk - C:\Users\Shokarta\MirandaICQ\miranda32.exe
miranda32 – zástupce.lnk - C:\Users\Shokarta\MirandaFB\miranda32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-03-18 20:56:58 ----D---- C:\Users\Shokarta\AppData\Roaming\BitComet
2013-03-18 20:56:54 ----D---- C:\Program Files\BitComet
2013-03-18 20:32:34 ----D---- C:\2
2013-03-18 20:32:32 ----D---- C:\1
2013-03-18 20:08:47 ----D---- C:\Program Files\trend micro
2013-03-18 20:08:46 ----D---- C:\rsit
2013-03-18 16:59:38 ----SHD---- C:\Config.Msi
2013-03-18 16:34:56 ----D---- C:\Users\Shokarta\AppData\Roaming\ATI
2013-03-18 16:34:56 ----D---- C:\ProgramData\ATI
2013-03-18 16:34:45 ----D---- C:\Program Files (x86)\AMD AVT
2013-03-18 16:34:43 ----D---- C:\Program Files (x86)\AMD APP
2013-03-18 16:34:38 ----D---- C:\Program Files\Common Files\ATI Technologies
2013-03-18 16:33:29 ----D---- C:\ProgramData\AMD
2013-03-18 16:33:27 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2013-03-18 16:31:22 ----D---- C:\Program Files (x86)\ATI Technologies
2013-03-18 16:31:17 ----D---- C:\Program Files\ATI
2013-03-18 16:30:37 ----D---- C:\Program Files\ATI Technologies
2013-03-18 16:28:59 ----D---- C:\AMD
2013-03-18 16:04:00 ----D---- C:\Program Files\TeamSpeak 3 Client
2013-03-18 15:21:06 ----D---- C:\ProgramData\Adobe
2013-03-18 15:21:02 ----D---- C:\Program Files (x86)\Adobe
2013-03-18 13:34:47 ----D---- C:\ProgramData\PMB Files
2013-03-18 13:28:54 ----D---- C:\Program Files\CCleaner
2013-03-18 12:18:24 ----D---- C:\Windows\Sun
2013-03-18 12:17:46 ----D---- C:\ProgramData\Sun
2013-03-18 12:17:29 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-03-18 12:17:28 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-03-18 10:53:26 ----D---- C:\Users\Shokarta\AppData\Roaming\Skype
2013-03-18 10:53:16 ----RD---- C:\Program Files (x86)\Skype
2013-03-18 10:53:12 ----D---- C:\ProgramData\Skype
2013-03-18 09:00:37 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2013-03-18 09:00:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2013-03-18 09:00:36 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2013-03-18 08:02:05 ----D---- C:\Users\Shokarta\AppData\Roaming\Wargaming.net
2013-03-18 07:57:46 ----D---- C:\Program Files (x86)\Pando Networks
2013-03-18 07:55:20 ----D---- C:\Users\Shokarta\AppData\Roaming\LolClient
2013-03-18 07:55:16 ----D---- C:\Users\Shokarta\AppData\Roaming\Macromedia
2013-03-18 07:54:18 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2013-03-18 07:54:18 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2013-03-18 07:54:18 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-03-18 07:54:18 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-03-18 07:54:16 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2013-03-18 07:54:16 ----A---- C:\Windows\system32\xactengine3_7.dll
2013-03-18 07:54:15 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2013-03-18 07:54:15 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-03-18 07:54:14 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2013-03-18 07:54:14 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2013-03-18 07:54:14 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-03-18 07:54:14 ----A---- C:\Windows\system32\d3dcsx_43.dll
2013-03-18 07:54:13 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2013-03-18 07:54:13 ----A---- C:\Windows\system32\d3dx10_43.dll
2013-03-18 07:54:12 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2013-03-18 07:54:12 ----A---- C:\Windows\system32\D3DX9_43.dll
2013-03-18 07:54:11 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2013-03-18 07:54:11 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2013-03-18 07:54:11 ----A---- C:\Windows\system32\XAudio2_6.dll
2013-03-18 07:54:11 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2013-03-18 07:54:10 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2013-03-18 07:54:10 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2013-03-18 07:54:10 ----A---- C:\Windows\system32\xactengine3_6.dll
2013-03-18 07:54:10 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2013-03-18 07:54:08 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2013-03-18 07:54:08 ----A---- C:\Windows\system32\XAudio2_5.dll
2013-03-18 07:54:07 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2013-03-18 07:54:07 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2013-03-18 07:54:07 ----A---- C:\Windows\system32\xactengine3_5.dll
2013-03-18 07:54:07 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2013-03-18 07:54:06 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2013-03-18 07:54:06 ----A---- C:\Windows\system32\d3dcsx_42.dll
2013-03-18 07:54:05 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2013-03-18 07:54:05 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2013-03-18 07:54:05 ----A---- C:\Windows\system32\d3dx11_42.dll
2013-03-18 07:54:05 ----A---- C:\Windows\system32\d3dx10_42.dll
2013-03-18 07:54:04 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2013-03-18 07:54:04 ----A---- C:\Windows\system32\D3DX9_42.dll
2013-03-18 07:54:03 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2013-03-18 07:54:03 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2013-03-18 07:54:03 ----A---- C:\Windows\system32\d3dx10_41.dll
2013-03-18 07:54:03 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2013-03-18 07:54:02 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2013-03-18 07:54:02 ----A---- C:\Windows\system32\D3DX9_41.dll
2013-03-18 07:54:01 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2013-03-18 07:54:01 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2013-03-18 07:54:01 ----A---- C:\Windows\system32\XAudio2_4.dll
2013-03-18 07:54:01 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2013-03-18 07:53:59 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2013-03-18 07:53:59 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2013-03-18 07:53:59 ----A---- C:\Windows\system32\xactengine3_4.dll
2013-03-18 07:53:59 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2013-03-18 07:53:58 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2013-03-18 07:53:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2013-03-18 07:53:58 ----A---- C:\Windows\system32\d3dx10_40.dll
2013-03-18 07:53:58 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2013-03-18 07:53:57 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2013-03-18 07:53:57 ----A---- C:\Windows\system32\D3DX9_40.dll
2013-03-18 07:53:56 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2013-03-18 07:53:56 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2013-03-18 07:53:56 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2013-03-18 07:53:56 ----A---- C:\Windows\system32\XAudio2_3.dll
2013-03-18 07:53:56 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2013-03-18 07:53:56 ----A---- C:\Windows\system32\xactengine3_3.dll
2013-03-18 07:53:55 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2013-03-18 07:53:55 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2013-03-18 07:53:55 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2013-03-18 07:53:55 ----A---- C:\Windows\system32\XAudio2_2.dll
2013-03-18 07:53:55 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2013-03-18 07:53:55 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2013-03-18 07:53:53 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2013-03-18 07:53:53 ----A---- C:\Windows\system32\xactengine3_2.dll
2013-03-18 07:53:52 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-03-18 07:53:52 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-03-18 07:53:51 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-03-18 07:53:50 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2013-03-18 07:53:50 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2013-03-18 07:53:50 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2013-03-18 07:53:50 ----A---- C:\Windows\system32\XAudio2_1.dll
2013-03-18 07:53:50 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2013-03-18 07:53:50 ----A---- C:\Windows\system32\xactengine3_1.dll
2013-03-18 07:53:49 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2013-03-18 07:53:49 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2013-03-18 07:53:49 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2013-03-18 07:53:49 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2013-03-18 07:53:49 ----A---- C:\Windows\system32\d3dx10_38.dll
2013-03-18 07:53:49 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2013-03-18 07:53:48 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2013-03-18 07:53:48 ----A---- C:\Windows\system32\D3DX9_38.dll
2013-03-18 07:53:47 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2013-03-18 07:53:47 ----A---- C:\Windows\system32\XAudio2_0.dll
2013-03-18 07:53:46 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2013-03-18 07:53:46 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2013-03-18 07:53:46 ----A---- C:\Windows\system32\xactengine3_0.dll
2013-03-18 07:53:46 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2013-03-18 07:53:45 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2013-03-18 07:53:45 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2013-03-18 07:53:45 ----A---- C:\Windows\system32\d3dx10_37.dll
2013-03-18 07:53:45 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2013-03-18 07:53:43 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2013-03-18 07:53:43 ----A---- C:\Windows\system32\D3DX9_37.dll
2013-03-18 07:53:41 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2013-03-18 07:53:41 ----A---- C:\Windows\system32\xactengine2_10.dll
2013-03-18 07:53:40 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2013-03-18 07:53:40 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2013-03-18 07:53:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2013-03-18 07:53:40 ----A---- C:\Windows\system32\d3dx9_36.dll
2013-03-18 07:53:40 ----A---- C:\Windows\system32\d3dx10_36.dll
2013-03-18 07:53:40 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2013-03-18 07:53:38 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2013-03-18 07:53:38 ----A---- C:\Windows\system32\xactengine2_9.dll
2013-03-18 07:53:37 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2013-03-18 07:53:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2013-03-18 07:53:37 ----A---- C:\Windows\system32\d3dx10_35.dll
2013-03-18 07:53:37 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2013-03-18 07:53:36 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2013-03-18 07:53:36 ----A---- C:\Windows\system32\d3dx9_35.dll
2013-03-18 07:53:32 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2013-03-18 07:53:32 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2013-03-18 07:53:32 ----A---- C:\Windows\system32\xactengine2_8.dll
2013-03-18 07:53:32 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2013-03-18 07:53:31 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2013-03-18 07:53:31 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2013-03-18 07:53:31 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2013-03-18 07:53:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2013-03-18 07:53:31 ----A---- C:\Windows\system32\xinput1_3.dll
2013-03-18 07:53:31 ----A---- C:\Windows\system32\d3dx9_34.dll
2013-03-18 07:53:31 ----A---- C:\Windows\system32\d3dx10_34.dll
2013-03-18 07:53:31 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2013-03-18 07:53:29 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2013-03-18 07:53:29 ----A---- C:\Windows\system32\xactengine2_7.dll
2013-03-18 07:53:28 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2013-03-18 07:53:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2013-03-18 07:53:28 ----A---- C:\Windows\system32\d3dx10_33.dll
2013-03-18 07:53:28 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2013-03-18 07:53:27 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2013-03-18 07:53:27 ----A---- C:\Windows\system32\d3dx9_33.dll
2013-03-18 07:53:25 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2013-03-18 07:53:25 ----A---- C:\Windows\system32\xactengine2_6.dll
2013-03-18 07:53:20 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2013-03-18 07:53:20 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2013-03-18 07:53:20 ----A---- C:\Windows\system32\xactengine2_5.dll
2013-03-18 07:53:20 ----A---- C:\Windows\system32\d3dx10.dll
2013-03-18 07:53:18 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2013-03-18 07:53:18 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-03-18 07:53:15 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2013-03-18 07:53:15 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2013-03-18 07:53:15 ----A---- C:\Windows\system32\xactengine2_4.dll
2013-03-18 07:53:15 ----A---- C:\Windows\system32\x3daudio1_1.dll
2013-03-18 07:53:14 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2013-03-18 07:53:14 ----A---- C:\Windows\system32\d3dx9_31.dll
2013-03-18 07:53:10 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2013-03-18 07:53:10 ----A---- C:\Windows\system32\xactengine2_3.dll
2013-03-18 07:53:09 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2013-03-18 07:53:09 ----A---- C:\Windows\system32\xinput1_2.dll
2013-03-18 07:53:08 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2013-03-18 07:53:08 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2013-03-18 07:53:08 ----A---- C:\Windows\system32\xinput1_1.dll
2013-03-18 07:53:08 ----A---- C:\Windows\system32\xactengine2_2.dll
2013-03-18 07:53:07 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2013-03-18 07:53:07 ----A---- C:\Windows\system32\xactengine2_1.dll
2013-03-18 07:53:06 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2013-03-18 07:53:06 ----A---- C:\Windows\system32\d3dx9_30.dll
2013-03-18 07:52:59 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2013-03-18 07:52:59 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2013-03-18 07:52:59 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2013-03-18 07:52:59 ----A---- C:\Windows\system32\xactengine2_0.dll
2013-03-18 07:52:59 ----A---- C:\Windows\system32\x3daudio1_0.dll
2013-03-18 07:52:59 ----A---- C:\Windows\system32\d3dx9_29.dll
2013-03-18 07:52:58 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2013-03-18 07:52:58 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2013-03-18 07:52:58 ----A---- C:\Windows\system32\d3dx9_28.dll
2013-03-18 07:52:58 ----A---- C:\Windows\system32\d3dx9_27.dll
2013-03-18 07:52:56 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2013-03-18 07:52:56 ----A---- C:\Windows\system32\d3dx9_26.dll
2013-03-18 07:52:55 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2013-03-18 07:52:55 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2013-03-18 07:52:55 ----A---- C:\Windows\system32\d3dx9_25.dll
2013-03-18 07:52:55 ----A---- C:\Windows\system32\d3dx9_24.dll
2013-03-18 07:49:42 ----HD---- C:\Windows\msdownld.tmp
2013-03-18 07:49:34 ----D---- C:\Windows\SYSWOW64\directx
2013-03-18 07:40:54 ----D---- C:\Users\Shokarta\AppData\Roaming\vlc
2013-03-18 07:40:17 ----D---- C:\Program Files\VideoLAN
2013-03-17 23:03:30 ----D---- C:\ProgramData\SonicFocus
2013-03-17 23:03:29 ----D---- C:\Program Files (x86)\Analog Devices
2013-03-17 23:03:01 ----D---- C:\Program Files\Synaptics
2013-03-17 23:02:32 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-03-17 23:02:32 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-03-17 23:02:32 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-03-17 23:02:31 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2013-03-17 23:02:31 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-03-17 23:02:31 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-03-17 23:02:30 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2013-03-17 23:02:30 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-03-17 23:02:30 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2013-03-17 23:02:30 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2013-03-17 23:02:30 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-03-17 23:02:30 ----A---- C:\Windows\system32\wksprtPS.dll
2013-03-17 23:02:30 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-03-17 23:02:30 ----A---- C:\Windows\system32\tsgqec.dll
2013-03-17 23:02:30 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-03-17 23:02:30 ----A---- C:\Windows\system32\aaclient.dll
2013-03-17 23:02:29 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-03-17 23:02:29 ----A---- C:\Windows\system32\wksprt.exe
2013-03-17 23:02:29 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-03-17 23:02:29 ----A---- C:\Windows\system32\rdpudd.dll
2013-03-17 23:02:29 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-03-17 23:02:29 ----A---- C:\Windows\system32\rdpcorets.dll
2013-03-17 23:02:29 ----A---- C:\Windows\system32\mstsc.exe
2013-03-17 23:02:28 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-03-17 23:02:28 ----A---- C:\Windows\system32\mstscax.dll
2013-03-17 22:59:15 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-03-17 22:59:15 ----A---- C:\Windows\system32\schannel.dll
2013-03-17 22:59:15 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-03-17 22:59:15 ----A---- C:\Windows\system32\drivers\cng.sys
2013-03-17 22:59:14 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-03-17 22:59:14 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-03-17 22:59:14 ----A---- C:\Windows\system32\lsasrv.dll
2013-03-17 22:59:13 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-03-17 22:59:13 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-03-17 22:59:13 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-03-17 22:59:13 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-03-17 22:59:13 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-03-17 22:59:13 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-03-17 22:59:13 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-03-17 22:59:12 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2013-03-17 22:59:12 ----A---- C:\Windows\system32\drivers\bthport.sys
2013-03-17 22:58:54 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-03-17 22:58:54 ----A---- C:\Windows\system32\qdvd.dll
2013-03-17 22:58:52 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2013-03-17 22:58:52 ----A---- C:\Windows\SYSWOW64\esent.dll
2013-03-17 22:58:52 ----A---- C:\Windows\system32\fsutil.exe
2013-03-17 22:58:52 ----A---- C:\Windows\system32\esent.dll
2013-03-17 22:58:52 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2013-03-17 22:58:52 ----A---- C:\Windows\system32\drivers\storport.sys
2013-03-17 22:58:52 ----A---- C:\Windows\system32\drivers\nvstor.sys
2013-03-17 22:58:52 ----A---- C:\Windows\system32\drivers\nvraid.sys
2013-03-17 22:58:52 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2013-03-17 22:58:52 ----A---- C:\Windows\system32\drivers\amdxata.sys
2013-03-17 22:58:52 ----A---- C:\Windows\system32\drivers\amdsata.sys
2013-03-17 22:52:10 ----D---- C:\Users\Shokarta\AppData\Roaming\Adobe
2013-03-17 22:37:33 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-17 22:37:32 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-03-17 22:37:32 ----A---- C:\Windows\system32\elshyph.dll
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-03-17 22:37:31 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-03-17 22:37:30 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-17 22:37:30 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-03-17 22:37:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-03-17 22:37:30 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-03-17 22:37:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-17 22:37:30 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-03-17 22:37:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-03-17 22:37:30 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-03-17 22:37:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-03-17 22:37:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-03-17 22:37:28 ----A---- C:\Windows\system32\wininet.dll
2013-03-17 22:37:28 ----A---- C:\Windows\system32\urlmon.dll
2013-03-17 22:37:28 ----A---- C:\Windows\system32\url.dll
2013-03-17 22:37:28 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-17 22:37:28 ----A---- C:\Windows\system32\msrating.dll
2013-03-17 22:37:28 ----A---- C:\Windows\system32\msls31.dll
2013-03-17 22:37:28 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-17 22:37:28 ----A---- C:\Windows\system32\iesetup.dll
2013-03-17 22:37:28 ----A---- C:\Windows\system32\iertutil.dll
2013-03-17 22:37:28 ----A---- C:\Windows\system32\iernonce.dll
2013-03-17 22:37:28 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-17 22:37:28 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-17 22:37:28 ----A---- C:\Windows\system32\icardie.dll
2013-03-17 22:37:28 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-17 22:37:28 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\wextract.exe
2013-03-17 22:37:27 ----A---- C:\Windows\system32\webcheck.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\vbscript.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-17 22:37:27 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\occache.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\mshtml.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\mshta.exe
2013-03-17 22:37:27 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-17 22:37:27 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\jscript9.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\jscript.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\inseng.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\imgutil.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\iexpress.exe
2013-03-17 22:37:27 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-17 22:37:27 ----A---- C:\Windows\system32\ieui.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\iepeers.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\ieframe.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-17 22:37:27 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-17 22:36:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-03-17 22:36:04 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\XpsPrint.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\WMPhoto.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\UIAnimation.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\FntCache.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\dxgi.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\DWrite.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\d3d11.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\d3d10warp.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\d3d10level9.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\d3d10core.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\d3d10_1.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\d3d10.dll
2013-03-17 22:36:04 ----A---- C:\Windows\system32\d2d1.dll
2013-03-17 22:32:40 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-17 22:11:55 ----A---- C:\Windows\system32\MRT.INI
2013-03-17 22:10:01 ----A---- C:\Windows\system32\MRT.exe
2013-03-17 21:50:48 ----A---- C:\Windows\system32\Wdfres.dll
2013-03-17 21:50:48 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-03-17 21:50:48 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-03-17 21:42:51 ----A---- C:\Windows\system32\browserchoice.exe
2013-03-17 21:40:00 ----D---- C:\Users\Shokarta\AppData\Roaming\GHISLER
2013-03-17 21:40:00 ----D---- C:\Program Files\Total Commander
2013-03-17 21:34:26 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-03-17 21:34:26 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-03-17 21:34:26 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-03-17 21:34:26 ----A---- C:\Windows\system32\fontsub.dll
2013-03-17 21:34:26 ----A---- C:\Windows\system32\atmlib.dll
2013-03-17 21:34:26 ----A---- C:\Windows\system32\atmfd.dll
2013-03-17 21:33:32 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-03-17 21:33:32 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-03-17 21:33:31 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-03-17 21:33:31 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-03-17 21:33:30 ----A---- C:\Windows\system32\WUDFx.dll
2013-03-17 21:33:30 ----A---- C:\Windows\system32\WUDFHost.exe
2013-03-17 21:33:30 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-03-17 21:33:20 ----D---- C:\Users\Shokarta\AppData\Roaming\hpqLog
2013-03-17 21:32:32 ----A---- C:\Windows\system32\drivers\wdfcoinstaller01005.dll
2013-03-17 21:32:32 ----A---- C:\Windows\system32\drivers\HpqKbFiltr.sys
2013-03-17 21:32:32 ----A---- C:\Windows\system32\drivers\CPQBttn64.sys
2013-03-17 21:32:31 ----RA---- C:\Windows\SYSWOW64\BttnCmn.dll
2013-03-17 21:32:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-17 21:32:31 ----D---- C:\Program Files (x86)\Hewlett-Packard
2013-03-17 21:32:31 ----A---- C:\Windows\SYSWOW64\BttnCmns.dll
2013-03-17 21:32:18 ----D---- C:\Windows\QLB
2013-03-17 21:30:19 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-03-17 21:30:19 ----A---- C:\Windows\system32\imagehlp.dll
2013-03-17 21:30:19 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-03-17 21:30:18 ----A---- C:\Windows\SYSWOW64\wmi.dll
2013-03-17 21:30:18 ----A---- C:\Windows\system32\wmi.dll
2013-03-17 21:26:06 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-03-17 21:25:49 ----A---- C:\Windows\system32\sspisrv.dll
2013-03-17 21:25:49 ----A---- C:\Windows\system32\sspicli.dll
2013-03-17 21:25:49 ----A---- C:\Windows\system32\secur32.dll
2013-03-17 21:25:49 ----A---- C:\Windows\system32\lsass.exe
2013-03-17 21:25:49 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-03-17 21:25:41 ----A---- C:\Windows\system32\KernelBase.dll
2013-03-17 21:25:40 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-03-17 21:25:40 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-03-17 21:25:40 ----A---- C:\Windows\system32\wow64win.dll
2013-03-17 21:25:40 ----A---- C:\Windows\system32\kernel32.dll
2013-03-17 21:25:40 ----A---- C:\Windows\system32\conhost.exe
2013-03-17 21:25:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-03-17 21:25:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-03-17 21:25:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-03-17 21:25:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-03-17 21:25:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-03-17 21:25:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-03-17 21:25:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-03-17 21:25:39 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-03-17 21:25:39 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-03-17 21:25:39 ----A---- C:\Windows\system32\ntvdm64.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-03-17 21:25:38 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-03-17 21:25:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-03-17 21:25:37 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-03-17 21:25:37 ----A---- C:\Windows\system32\wow64cpu.dll
2013-03-17 21:25:37 ----A---- C:\Windows\system32\wow64.dll
2013-03-17 21:25:15 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-03-17 21:25:15 ----A---- C:\Windows\system32\tzres.dll
2013-03-17 21:24:59 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-03-17 21:24:59 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-03-17 21:24:59 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-03-17 21:24:59 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-03-17 21:24:59 ----A---- C:\Windows\system32\winsrv.dll
2013-03-17 21:24:58 ----A---- C:\Windows\SYSWOW64\user.exe
2013-03-17 21:23:53 ----A---- C:\Windows\system32\shell32.dll
2013-03-17 21:23:52 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-03-17 21:23:45 ----A---- C:\Windows\system32\Wpc.dll
2013-03-17 21:23:44 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-03-17 21:23:44 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-03-17 21:23:44 ----A---- C:\Windows\system32\gameux.dll
2013-03-17 21:23:15 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2013-03-17 21:23:15 ----A---- C:\Windows\system32\xmllite.dll
2013-03-17 21:23:14 ----A---- C:\Windows\system32\tquery.dll
2013-03-17 21:23:13 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2013-03-17 21:23:13 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2013-03-17 21:23:13 ----A---- C:\Windows\system32\SearchIndexer.exe
2013-03-17 21:23:13 ----A---- C:\Windows\system32\mssrch.dll
2013-03-17 21:23:12 ----A---- C:\Windows\SYSWOW64\tquery.dll
2013-03-17 21:23:12 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2013-03-17 21:23:12 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2013-03-17 21:23:12 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2013-03-17 21:23:12 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2013-03-17 21:23:12 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2013-03-17 21:23:12 ----A---- C:\Windows\SYSWOW64\mssph.dll
2013-03-17 21:23:12 ----A---- C:\Windows\system32\SearchFilterHost.exe
2013-03-17 21:23:12 ----A---- C:\Windows\system32\mssvp.dll
2013-03-17 21:23:12 ----A---- C:\Windows\system32\mssphtb.dll
2013-03-17 21:23:12 ----A---- C:\Windows\system32\mssph.dll
2013-03-17 21:23:12 ----A---- C:\Windows\system32\msscntrs.dll
2013-03-17 21:23:11 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2013-03-17 21:22:57 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2013-03-17 21:22:57 ----A---- C:\Windows\system32\ntshrui.dll
2013-03-17 21:22:52 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2013-03-17 21:22:52 ----A---- C:\Windows\system32\poqexec.exe
2013-03-17 21:22:49 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2013-03-17 21:22:49 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2013-03-17 21:22:49 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2013-03-17 21:22:49 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2013-03-17 21:22:49 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2013-03-17 21:22:49 ----A---- C:\Windows\system32\odbctrac.dll
2013-03-17 21:22:49 ----A---- C:\Windows\system32\odbccu32.dll
2013-03-17 21:22:49 ----A---- C:\Windows\system32\odbccr32.dll
2013-03-17 21:22:49 ----A---- C:\Windows\system32\odbccp32.dll
2013-03-17 21:22:46 ----A---- C:\Windows\SYSWOW64\msi.dll
2013-03-17 21:22:46 ----A---- C:\Windows\system32\msi.dll
2013-03-17 21:22:44 ----A---- C:\Windows\SYSWOW64\explorer.exe
2013-03-17 21:22:44 ----A---- C:\Windows\explorer.exe
2013-03-17 21:22:43 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2013-03-17 21:22:42 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-03-17 21:22:41 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-03-17 21:22:40 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-03-17 21:22:37 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-03-17 21:22:37 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-03-17 21:22:37 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-03-17 21:22:37 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-03-17 21:22:33 ----A---- C:\Windows\system32\quartz.dll
2013-03-17 21:22:32 ----A---- C:\Windows\SYSWOW64\quartz.dll
2013-03-17 21:22:31 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-03-17 21:22:31 ----A---- C:\Windows\system32\win32spl.dll
2013-03-17 21:22:29 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-03-17 21:22:28 ----A---- C:\Windows\system32\profsvc.dll
2013-03-17 21:22:04 ----A---- C:\Windows\system32\win32k.sys
2013-03-17 21:22:01 ----A---- C:\Windows\system32\psisdecd.dll
2013-03-17 21:22:00 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2013-03-17 21:21:59 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-03-17 21:21:59 ----A---- C:\Windows\system32\wintrust.dll
2013-03-17 21:21:57 ----A---- C:\Windows\system32\drivers\srvnet.sys
2013-03-17 21:21:57 ----A---- C:\Windows\system32\drivers\srv2.sys
2013-03-17 21:21:57 ----A---- C:\Windows\system32\drivers\srv.sys
2013-03-17 21:21:56 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-03-17 21:21:56 ----A---- C:\Windows\system32\drivers\netio.sys
2013-03-17 21:21:56 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-03-17 21:21:53 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-03-17 21:21:53 ----A---- C:\Windows\system32\nlasvc.dll
2013-03-17 21:21:53 ----A---- C:\Windows\system32\netcorehc.dll
2013-03-17 21:21:53 ----A---- C:\Windows\system32\ncsi.dll
2013-03-17 21:21:53 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-03-17 21:21:52 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-03-17 21:21:52 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-03-17 21:21:52 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-03-17 21:21:52 ----A---- C:\Windows\system32\nlaapi.dll
2013-03-17 21:21:52 ----A---- C:\Windows\system32\netevent.dll
2013-03-17 21:21:52 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-03-17 21:21:39 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-03-17 21:21:39 ----A---- C:\Windows\system32\msxml6.dll
2013-03-17 21:21:39 ----A---- C:\Windows\system32\msxml3.dll
2013-03-17 21:21:38 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2013-03-17 21:21:38 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-03-17 21:21:38 ----A---- C:\Windows\system32\msxml3r.dll
2013-03-17 21:21:37 ----A---- C:\Windows\system32\umpnpmgr.dll
2013-03-17 21:21:36 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2013-03-17 21:21:36 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2013-03-17 21:21:36 ----A---- C:\Windows\SYSWOW64\devobj.dll
2013-03-17 21:21:36 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2013-03-17 21:21:34 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2013-03-17 21:21:33 ----A---- C:\Windows\system32\cdosys.dll
2013-03-17 21:21:29 ----A---- C:\Windows\system32\oleacc.dll
2013-03-17 21:21:28 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2013-03-17 21:21:28 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2013-03-17 21:21:28 ----A---- C:\Windows\system32\oleaut32.dll
2013-03-17 21:21:25 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2013-03-17 21:21:25 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2013-03-17 21:21:25 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2013-03-17 21:21:24 ----A---- C:\Windows\system32\localspl.dll
2013-03-17 21:21:20 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-03-17 21:21:20 ----A---- C:\Windows\system32\kerberos.dll
2013-03-17 21:21:15 ----A---- C:\Windows\system32\winload.exe
2013-03-17 21:21:14 ----A---- C:\Windows\system32\winresume.exe
2013-03-17 21:21:14 ----A---- C:\Windows\system32\kdusb.dll
2013-03-17 21:21:14 ----A---- C:\Windows\system32\kdcom.dll
2013-03-17 21:21:14 ----A---- C:\Windows\system32\kd1394.dll
2013-03-17 21:21:12 ----A---- C:\Windows\SYSWOW64\webio.dll
2013-03-17 21:21:12 ----A---- C:\Windows\system32\webio.dll
2013-03-17 21:21:10 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-03-17 21:21:06 ----A---- C:\Windows\system32\CPFilters.dll
2013-03-17 21:21:05 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2013-03-17 21:21:05 ----A---- C:\Windows\system32\sbe.dll
2013-03-17 21:21:04 ----A---- C:\Windows\SYSWOW64\sbe.dll
2013-03-17 21:21:03 ----A---- C:\Windows\system32\FXSCOVER.exe
2013-03-17 21:20:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-03-17 21:20:59 ----A---- C:\Windows\system32\ncrypt.dll
2013-03-17 21:20:58 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-03-17 21:20:58 ----A---- C:\Windows\system32\usp10.dll
2013-03-17 21:20:55 ----A---- C:\Windows\system32\spoolsv.exe
2013-03-17 21:20:55 ----A---- C:\Windows\splwow64.exe
2013-03-17 21:20:53 ----A---- C:\Windows\system32\mfc42u.dll
2013-03-17 21:20:52 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2013-03-17 21:20:52 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2013-03-17 21:20:52 ----A---- C:\Windows\system32\mfc42.dll
2013-03-17 21:20:50 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2013-03-17 21:20:50 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2013-03-17 21:20:50 ----A---- C:\Windows\system32\dnsrslvr.dll
2013-03-17 21:20:50 ----A---- C:\Windows\system32\dnscacheugc.exe
2013-03-17 21:20:50 ----A---- C:\Windows\system32\dnsapi.dll
2013-03-17 21:20:49 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-03-17 21:20:49 ----A---- C:\Windows\system32\dpnet.dll
2013-03-17 21:20:48 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-03-17 21:20:48 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-03-17 21:20:46 ----A---- C:\Windows\system32\taskhost.exe
2013-03-17 21:20:44 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2013-03-17 21:20:44 ----A---- C:\Windows\system32\inetcomm.dll
2013-03-17 21:20:42 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2013-03-17 21:20:42 ----A---- C:\Windows\SYSWOW64\browcli.dll
2013-03-17 21:20:42 ----A---- C:\Windows\system32\netapi32.dll
2013-03-17 21:20:42 ----A---- C:\Windows\system32\browser.dll
2013-03-17 21:20:42 ----A---- C:\Windows\system32\browcli.dll
2013-03-17 21:20:39 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2013-03-17 21:20:39 ----A---- C:\Windows\system32\EncDec.dll
2013-03-17 21:20:37 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-03-17 21:20:37 ----A---- C:\Windows\system32\rdpwsx.dll
2013-03-17 21:20:37 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-03-17 21:20:36 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-03-17 21:20:36 ----A---- C:\Windows\system32\synceng.dll
2013-03-17 21:20:35 ----A---- C:\Windows\system32\drivers\afd.sys
2013-03-17 21:20:30 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-03-17 21:20:29 ----A---- C:\Windows\system32\csrsrv.dll
2013-03-17 21:20:28 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2013-03-17 21:20:28 ----A---- C:\Windows\system32\msvcrt.dll
2013-03-17 21:20:26 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-03-17 21:20:26 ----A---- C:\Windows\system32\ntdll.dll
2013-03-17 21:20:25 ----A---- C:\Windows\SYSWOW64\srclient.dll
2013-03-17 21:20:25 ----A---- C:\Windows\system32\srcore.dll
2013-03-17 21:20:24 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2013-03-17 21:20:24 ----A---- C:\Windows\system32\prevhost.exe
2013-03-17 21:20:22 ----A---- C:\Windows\system32\drivers\bowser.sys
2013-03-17 21:20:04 ----D---- C:\Program Files\uTorrent
2013-03-17 21:19:40 ----A---- C:\Windows\SYSWOW64\packager.dll
2013-03-17 21:19:40 ----A---- C:\Windows\system32\packager.dll
2013-03-17 21:19:28 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-03-17 21:19:28 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-03-17 21:19:28 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-03-17 21:19:28 ----A---- C:\Windows\system32\cryptsvc.dll
2013-03-17 21:19:28 ----A---- C:\Windows\system32\cryptnet.dll
2013-03-17 21:19:28 ----A---- C:\Windows\system32\crypt32.dll
2013-03-17 21:19:08 ----SHD---- C:\Windows\Installer
2013-03-17 21:17:03 ----D---- C:\Users\Shokarta\AppData\Roaming\uTorrent
2013-03-17 21:14:00 ----D---- C:\Program Files (x86)\Google
2013-03-17 21:05:05 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2013-03-17 21:05:05 ----A---- C:\Windows\system32\rdpcore.dll
2013-03-17 21:05:05 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2013-03-17 20:59:08 ----A---- C:\Windows\system32\wups2.dll
2013-03-17 20:59:08 ----A---- C:\Windows\system32\wucltux.dll
2013-03-17 20:59:08 ----A---- C:\Windows\system32\wuaueng.dll
2013-03-17 20:59:08 ----A---- C:\Windows\system32\wuauclt.exe
2013-03-17 20:58:59 ----A---- C:\Windows\system32\wups.dll
2013-03-17 20:58:59 ----A---- C:\Windows\system32\wudriver.dll
2013-03-17 20:58:59 ----A---- C:\Windows\system32\wuapi.dll
2013-03-17 20:58:46 ----A---- C:\Windows\system32\wuwebv.dll
2013-03-17 20:58:46 ----A---- C:\Windows\system32\wuapp.exe
2013-03-17 20:56:19 ----D---- C:\Users\Shokarta\AppData\Roaming\Identities
2013-03-17 20:56:03 ----SD---- C:\Users\Shokarta\AppData\Roaming\Microsoft
2013-03-17 20:55:09 ----SHD---- C:\Recovery
2013-03-17 20:55:09 ----SHD---- C:\ProgramData\Šablony
2013-03-17 20:55:09 ----SHD---- C:\ProgramData\Plocha
2013-03-17 20:55:09 ----SHD---- C:\ProgramData\Oblíbené položky
2013-03-17 20:55:09 ----SHD---- C:\ProgramData\Nabídka Start
2013-03-17 20:55:09 ----SHD---- C:\ProgramData\Dokumenty
2013-03-17 20:55:09 ----SHD---- C:\ProgramData\Data aplikací
2013-03-17 20:50:50 ----D---- C:\Windows\SoftwareDistribution
2013-03-17 20:48:36 ----D---- C:\Windows\Prefetch
2013-03-17 20:47:40 ----ASH---- C:\pagefile.sys
2013-03-17 20:47:38 ----ASH---- C:\hiberfil.sys
2013-03-17 20:46:49 ----D---- C:\Windows\Panther
2013-03-17 20:25:25 ----SHD---- C:\System Volume Information
2013-03-15 09:48:56 ----D---- C:\AppServ
2013-02-24 20:44:39 ----A---- C:\badoo.txt
2013-02-22 14:01:00 ----D---- C:\Games
2013-02-22 13:30:18 ----D---- C:\Ruzne
2013-02-22 13:29:43 ----D---- C:\KBCertifikat
2013-02-22 13:17:35 ----D---- C:\Downloads

======List of files/folders modified in the last 1 months======

2013-03-18 22:07:48 ----D---- C:\Windows\system32\config
2013-03-18 21:28:02 ----D---- C:\Windows\Temp
2013-03-18 20:56:54 ----RD---- C:\Program Files
2013-03-18 20:54:32 ----D---- C:\Windows\system32\Tasks
2013-03-18 17:26:41 ----D---- C:\Windows\Microsoft.NET
2013-03-18 17:01:27 ----RSD---- C:\Windows\assembly
2013-03-18 17:01:27 ----D---- C:\Windows\inf
2013-03-18 17:01:18 ----D---- C:\Windows\system32\en-US
2013-03-18 17:01:17 ----RD---- C:\Program Files (x86)
2013-03-18 17:01:17 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-18 17:01:16 ----D---- C:\Windows\SysWOW64
2013-03-18 17:01:16 ----D---- C:\Windows\System32
2013-03-18 16:58:38 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-18 16:58:38 ----D---- C:\Windows\system32\cs-CZ
2013-03-18 16:38:45 ----D---- C:\Windows
2013-03-18 16:34:56 ----HD---- C:\ProgramData
2013-03-18 16:34:38 ----D---- C:\Program Files\Common Files
2013-03-18 16:34:38 ----D---- C:\Program Files (x86)\Common Files
2013-03-18 16:33:30 ----D---- C:\Windows\system32\drivers
2013-03-18 16:33:29 ----D---- C:\Windows\system32\DriverStore
2013-03-18 16:33:29 ----D---- C:\Windows\system32\catroot
2013-03-18 16:32:03 ----D---- C:\Windows\system32\catroot2
2013-03-18 16:04:33 ----D---- C:\Windows\winsxs
2013-03-18 16:04:12 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-03-18 14:24:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-18 14:12:41 ----D---- C:\Windows\Logs
2013-03-18 13:30:09 ----D---- C:\Windows\debug
2013-03-18 12:24:49 ----SD---- C:\ProgramData\Microsoft
2013-03-17 23:55:25 ----D---- C:\Windows\rescache
2013-03-17 23:04:30 ----D---- C:\Windows\SYSWOW64\wbem
2013-03-17 23:04:30 ----D---- C:\Windows\system32\wbem
2013-03-17 23:04:30 ----D---- C:\Windows\system32\drivers\en-US
2013-03-17 23:04:30 ----D---- C:\Windows\PolicyDefinitions
2013-03-17 23:03:42 ----D---- C:\Windows\twain_32
2013-03-17 22:48:15 ----D---- C:\Program Files\Internet Explorer
2013-03-17 22:48:15 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-17 22:48:14 ----D---- C:\Windows\SYSWOW64\migration
2013-03-17 22:48:13 ----D---- C:\Windows\system32\migration
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\it-IT
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\es-ES
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\el-GR
2013-03-17 22:48:10 ----D---- C:\Windows\SYSWOW64\de-DE
2013-03-17 22:48:09 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-03-17 22:48:09 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-03-17 22:48:09 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-03-17 22:48:09 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-03-17 22:48:09 ----D---- C:\Windows\SYSWOW64\da-DK
2013-03-17 22:48:09 ----D---- C:\Windows\system32\zh-HK
2013-03-17 22:48:09 ----D---- C:\Windows\system32\pt-PT
2013-03-17 22:48:09 ----D---- C:\Windows\system32\pt-BR
2013-03-17 22:48:09 ----D---- C:\Windows\system32\pl-PL
2013-03-17 22:48:09 ----D---- C:\Windows\system32\ko-KR
2013-03-17 22:48:09 ----D---- C:\Windows\system32\it-IT
2013-03-17 22:48:09 ----D---- C:\Windows\system32\hu-HU
2013-03-17 22:48:08 ----D---- C:\Windows\system32\zh-TW
2013-03-17 22:48:08 ----D---- C:\Windows\system32\tr-TR
2013-03-17 22:48:08 ----D---- C:\Windows\system32\sv-SE
2013-03-17 22:48:08 ----D---- C:\Windows\system32\nl-NL
2013-03-17 22:48:08 ----D---- C:\Windows\system32\fr-FR
2013-03-17 22:48:08 ----D---- C:\Windows\system32\fi-FI
2013-03-17 22:48:08 ----D---- C:\Windows\system32\es-ES
2013-03-17 22:48:08 ----D---- C:\Windows\system32\el-GR
2013-03-17 22:48:08 ----D---- C:\Windows\system32\de-DE
2013-03-17 22:48:07 ----D---- C:\Windows\system32\zh-CN
2013-03-17 22:48:07 ----D---- C:\Windows\system32\ru-RU
2013-03-17 22:48:07 ----D---- C:\Windows\system32\nb-NO
2013-03-17 22:48:07 ----D---- C:\Windows\system32\ja-JP
2013-03-17 22:48:07 ----D---- C:\Windows\system32\da-DK
2013-03-17 22:22:35 ----D---- C:\Program Files\Common Files\System
2013-03-17 22:22:33 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-03-17 22:22:32 ----RSD---- C:\Windows\Fonts
2013-03-17 22:22:23 ----D---- C:\Windows\AppPatch
2013-03-17 22:22:13 ----D---- C:\Windows\system32\Boot
2013-03-17 21:23:06 ----D---- C:\Windows\Tasks
2013-03-17 21:02:56 ----D---- C:\Windows\system32\CodeIntegrity
2013-03-17 20:58:25 ----D---- C:\Windows\system32\restore
2013-03-17 20:56:15 ----SHD---- C:\$Recycle.Bin
2013-03-17 20:56:01 ----RD---- C:\Users
2013-03-17 20:55:09 ----D---- C:\Windows\system32\Recovery
2013-03-17 20:55:09 ----D---- C:\Program Files\Windows NT
2013-03-17 20:51:45 ----D---- C:\Windows\system32\sysprep
2013-03-17 20:46:12 ----D---- C:\Windows\Setup

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 359936]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-08 2769400]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 19000]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 361984]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 PowerManager;Power Manager; C:\Windows\svchost.exe [2001-08-24 36352]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-17 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-17 116648]

-----------------EOF-----------------

Ještě porosím o log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

ComboFix 13-03-17.01 - Shokarta 18.03.2013 22:37:20.1.2 - x64
Microsoft Windows 7 Home Basic 6.1.7601.1.1250.420.1029.18.2813.1636 [GMT 1:00]
Spuštěný z: c:\users\Shokarta\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\svchost.exe
.
Nakažená kopie c:\windows\SysWow64\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_PowerManager
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-18 do 2013-03-18 )))))))))))))))))))))))))))))))
.
.
2013-03-18 21:44 . 2013-03-18 21:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-18 19:56 . 2013-03-18 19:57 -------- d-----w- c:\program files\BitComet
2013-03-18 19:32 . 2013-03-18 19:32 -------- d-----w- C:\2
2013-03-18 19:32 . 2013-03-18 21:07 -------- d-----w- C:\1
2013-03-18 19:08 . 2013-03-18 21:13 -------- d-----w- c:\program files\trend micro
2013-03-18 19:08 . 2013-03-18 21:13 -------- d-----w- C:\rsit
2013-03-18 15:34 . 2013-03-18 15:34 -------- d-----w- c:\programdata\ATI
2013-03-18 15:34 . 2013-03-18 15:34 -------- d-----w- c:\program files (x86)\AMD AVT
2013-03-18 15:34 . 2013-03-18 15:34 -------- d-----w- c:\program files (x86)\AMD APP
2013-03-18 15:34 . 2013-03-18 15:34 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-03-18 15:34 . 2013-03-18 15:34 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2013-03-18 15:33 . 2013-03-18 15:34 -------- d-----w- c:\programdata\AMD
2013-03-18 15:33 . 2010-02-18 08:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2013-03-18 15:31 . 2013-03-18 15:31 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-03-18 15:31 . 2013-03-18 15:31 -------- d-----w- c:\program files\ATI
2013-03-18 15:30 . 2013-03-18 15:34 -------- d-----w- c:\program files\ATI Technologies
2013-03-18 15:28 . 2013-03-18 15:28 -------- d-----w- C:\AMD
2013-03-18 15:04 . 2013-03-18 15:04 -------- d-----w- c:\program files\TeamSpeak 3 Client
2013-03-18 14:21 . 2013-03-18 14:21 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2013-03-18 06:54 . 2010-06-02 03:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2013-03-18 06:53 . 2009-03-16 13:18 24920 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2013-03-18 06:52 . 2006-02-03 07:43 3830992 ----a-w- c:\windows\system32\d3dx9_29.dll
2013-03-18 06:49 . 2013-03-18 12:10 -------- d--h--w- c:\windows\msdownld.tmp
2013-03-18 06:40 . 2013-03-18 06:40 -------- d-----w- c:\program files\VideoLAN
2013-03-17 22:03 . 2013-03-17 22:03 -------- d-----w- c:\programdata\SonicFocus
2013-03-17 22:03 . 2013-03-17 22:03 -------- d-----w- c:\program files (x86)\Analog Devices
2013-03-17 22:03 . 2013-03-17 22:03 -------- d-----w- c:\program files\Synaptics
2013-03-17 22:01 . 2013-03-17 22:01 -------- d-----w- c:\users\Default\AppData\Roaming\hpqLog
2013-03-17 21:58 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-03-17 21:58 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-03-17 21:58 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2013-03-17 21:58 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2013-03-17 21:58 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2013-03-17 21:58 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2013-03-17 21:58 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2013-03-17 21:58 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2013-03-17 21:58 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2013-03-17 21:58 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2013-03-17 21:58 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2013-03-17 21:58 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2013-03-17 21:58 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2013-03-17 21:36 . 2013-03-17 21:36 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-17 21:32 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-17 21:10 . 2013-03-04 13:53 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-17 20:50 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-03-17 20:50 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-03-17 20:50 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-03-17 20:50 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-03-17 20:42 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-03-17 20:40 . 2013-03-18 00:14 -------- d-----w- c:\program files\Total Commander
2013-03-17 20:34 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-03-17 20:34 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-03-17 20:34 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-03-17 20:34 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-03-17 20:34 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-03-17 20:34 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-03-17 20:33 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-03-17 20:33 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-03-17 20:33 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-03-17 20:33 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-03-17 20:33 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-03-17 20:33 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-03-17 20:33 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-03-17 20:32 . 2009-04-29 06:48 18432 ----a-w- c:\windows\system32\drivers\HpqKbFiltr.sys
2013-03-17 20:32 . 2009-04-20 07:40 11264 ----a-w- c:\windows\system32\drivers\CPQBttn64.sys
2013-03-17 20:32 . 2006-11-02 05:04 1919968 ----a-w- c:\windows\system32\drivers\wdfcoinstaller01005.dll
2013-03-17 20:32 . 2013-03-18 19:44 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2013-03-17 20:32 . 2013-03-17 20:33 -------- d-----w- c:\program files (x86)\Hewlett-Packard
2013-03-17 20:32 . 2008-09-08 12:31 1885488 ----a-w- c:\windows\SysWow64\BttnCmns.dll
2013-03-17 20:32 . 2008-09-08 12:31 1885488 ----a-r- c:\windows\SysWow64\BttnCmn.dll
2013-03-17 20:32 . 2013-03-17 22:02 -------- d-----w- c:\windows\QLB
2013-03-17 20:30 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-03-17 20:30 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-03-17 20:30 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-03-17 20:30 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-03-17 20:30 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-03-17 20:26 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2013-03-17 20:24 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-03-17 20:24 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-03-17 20:24 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-03-17 20:24 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-03-17 20:24 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-03-17 20:24 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-03-17 20:22 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2013-03-17 20:21 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2013-03-17 20:20 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-03-17 20:19 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2013-03-17 20:19 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-03-17 20:19 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-03-17 20:19 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2013-03-17 20:19 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-03-17 20:19 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-03-17 20:19 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-03-17 20:19 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-03-17 20:19 . 2013-03-18 16:01 -------- d-sh--w- c:\windows\Installer
2013-03-17 20:14 . 2013-03-17 20:27 -------- d-----w- c:\program files (x86)\Google
2013-03-17 20:05 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-03-17 20:05 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-03-17 20:05 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-03-17 19:59 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-03-17 19:59 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-03-17 19:59 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-03-17 19:59 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-03-17 19:58 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-03-17 19:58 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-03-17 19:58 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-03-17 19:58 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-03-17 19:58 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-03-17 19:56 . 2013-03-18 11:18 -------- d-----w- c:\users\Shokarta
2013-03-17 19:50 . 2013-03-17 19:50 0 ----a-w- c:\windows\ativpsrm.bin
2013-03-17 19:46 . 2013-03-18 12:30 -------- d-----w- c:\windows\Panther
2013-03-15 08:48 . 2013-03-15 08:50 -------- d-----w- C:\AppServ
2013-02-22 13:01 . 2013-03-18 19:44 -------- d-----w- C:\Games
2013-02-22 12:30 . 2013-03-07 11:31 -------- d-----w- C:\Ruzne
2013-02-22 12:29 . 2013-02-22 10:22 -------- d-----w- C:\KBCertifikat
2013-02-22 12:17 . 2013-02-22 12:29 -------- d-----w- C:\Downloads
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-12 05:45 . 2013-03-17 20:22 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-17 20:22 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-17 20:22 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-17 20:22 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-17 20:22 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-17 20:22 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-04 04:43 . 2013-03-17 20:24 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-03-18 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-16 641704]
.
c:\users\Shokarta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
miranda32 – zástupce (2).lnk - c:\users\Shokarta\MirandaICQ\miranda32.exe [2013-3-17 828500]
miranda32 – zástupce.lnk - c:\users\Shokarta\MirandaFB\miranda32.exe [2013-3-17 828500]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-16 238080]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 361984]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-17 20:27 1666000 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-17 20:22]
.
2013-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-17 20:22]
.
.
--------- X64 Entries -----------
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.1 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\svchost.exe
c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
.
**************************************************************************
.
Celkový čas: 2013-03-18 22:51:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-18 21:51
.
Před spuštěním: Volných bajtů: 241 471 565 824
Po spuštění: Volných bajtů: 241 548 541 952
.
- - End Of File - - D0177B758C7FB5069755C8E9E5C9957C

bylo vtipne jak po restartu to napsalo at nepoustim zadne aplikace dokud se proces nedokonci, a mezi tim mi tam naskakovali okna co se klasicky pousti u win startu

CF si řídí průběh akce sám. Hlašká varuje jen uživatele, aby nic nespouštěl. Byl tam nakažený userinit a byl nahrazen čistým ze zálohy. Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Tak jsem udelal razantnejsi vec.... sformatoval sem disk, po nainstalovani winu sem hned stahnul avast a od te doby vse jede v pohode... ale provedl sem kompletni sken a na externim disku mi to naslo asi 300 infikovanejch exe souboru Win32:Jeefo... opravit to avastem neslo...

jake by bylo reseni tedy?

Zkuste to pomocí AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 .