po startu se mi objevila hlaska Windows script host s umistenim C:/windows/user.
Msconfigu jsem to zakazal a ve slozce Windows\Inf\ntvdm.vbe jsem odstranil oba soubory.
Chtel bych se zeptat zda tam nemam jeste nejake breberky
Prikladam log z RSIT.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Mira at 2013-08-04 15:47:10
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 18 GB (6%) free of 305 GB
Total RAM: 4094 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:47:11, on 4.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Windows\vm305_sti.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Opera\Opera.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\Mira.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BigDog305] C:\Windows\VM305_STI.EXE A4 TECH PC Camera V
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Bonus.SSR.FR11] "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Mira\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2057412538-1399773424-4111632120-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2057412538-1399773424-4111632120-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7908 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Windows\vm305_sti.exe" A4 TECH PC Camera V
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-754989968225481955714312822-3587140017692083011611817196-129033259-486565009
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Opera\Opera.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Mira\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2057412538-1399773424-4111632120-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2057412538-1399773424-4111632120-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-01 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-01 170912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 4081008]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-05-18 12489360]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-07-27 1028896]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Mira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-06 116648]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv]
C:\Windows\inf\ntvdm.vbe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BigDog305"=C:\Windows\VM305_STI.EXE [2007-04-09 57344]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Bonus.SSR.FR11"=C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [2011-08-19 925960]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-08-04 15:42:06 ----D---- C:\rsit
2013-08-04 15:42:06 ----D---- C:\Program Files\trend micro
2013-08-04 04:31:06 ----D---- C:\Users\Mira\AppData\Roaming\NVIDIA
2013-08-04 04:30:42 ----D---- C:\Program Files (x86)\Advanced Archive Password Recovery 4.53+key
2013-07-31 02:23:06 ----D---- C:\NvidiaLogging
2013-07-31 02:21:37 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2013-07-31 02:21:37 ----A---- C:\Windows\system32\nvaudcap64v.dll
2013-07-31 02:21:37 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2013-07-27 22:30:47 ----D---- C:\Program Files (x86)\URUSoft
2013-07-12 02:30:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-12 02:30:20 ----A---- C:\Windows\system32\ieui.dll
2013-07-12 02:30:19 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-12 02:30:19 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-12 02:30:19 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-12 02:30:19 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-12 02:30:19 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-12 02:30:19 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-12 02:30:19 ----A---- C:\Windows\system32\iesetup.dll
2013-07-12 02:30:19 ----A---- C:\Windows\system32\iernonce.dll
2013-07-12 02:30:19 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-12 02:30:18 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-12 02:30:18 ----A---- C:\Windows\system32\iertutil.dll
2013-07-12 02:30:17 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-12 02:30:17 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-12 02:30:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-12 02:30:16 ----A---- C:\Windows\system32\jscript.dll
2013-07-12 02:30:15 ----A---- C:\Windows\system32\jscript9.dll
2013-07-12 02:30:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-12 02:30:13 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-12 02:30:13 ----A---- C:\Windows\system32\urlmon.dll
2013-07-12 02:30:12 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-12 02:30:12 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-12 02:30:11 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-12 02:30:10 ----A---- C:\Windows\system32\wininet.dll
2013-07-12 02:30:08 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-12 02:30:06 ----A---- C:\Windows\system32\ieframe.dll
2013-07-12 02:30:05 ----A---- C:\Windows\system32\mshtml.dll
2013-07-12 02:30:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-11 16:47:29 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-11 16:47:29 ----A---- C:\Windows\system32\qedit.dll
2013-07-11 16:47:27 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-11 16:47:27 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-11 16:47:11 ----A---- C:\Windows\system32\win32k.sys
2013-07-11 16:46:44 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-11 16:46:44 ----A---- C:\Windows\system32\DWrite.dll
2013-07-09 19:14:11 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-07-09 19:10:35 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-07-09 19:07:10 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-07-09 19:07:10 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-07-09 19:07:10 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-07-09 19:07:10 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-07-09 19:07:10 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-07-09 19:07:10 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-07-09 19:07:10 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-07-09 19:07:10 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-07-09 19:07:10 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-07-09 19:07:10 ----A---- C:\Windows\system32\nvopencl.dll
2013-07-09 19:07:10 ----A---- C:\Windows\system32\nvoglv64.dll
2013-07-09 19:07:10 ----A---- C:\Windows\system32\NvIFR64.dll
2013-07-09 19:07:10 ----A---- C:\Windows\system32\NvFBC64.dll
2013-07-09 19:07:10 ----A---- C:\Windows\system32\nvdispgenco6432049.dll
2013-07-09 19:07:10 ----A---- C:\Windows\system32\nvdispco6432049.dll
2013-07-09 19:07:10 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-07-09 19:07:10 ----A---- C:\Windows\system32\nvcuvid.dll
2013-07-09 19:07:10 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-07-09 19:07:10 ----A---- C:\Windows\system32\nvcuda.dll
2013-07-09 19:07:10 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-07-09 19:07:09 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-07-09 19:07:09 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-07-09 19:07:09 ----A---- C:\Windows\system32\nvcompiler.dll
======List of files/folders modified in the last 1 month======
2013-08-04 15:47:11 ----D---- C:\Windows\Temp
2013-08-04 15:42:06 ----RD---- C:\Program Files
2013-08-04 15:36:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-08-04 15:27:02 ----D---- C:\ProgramData\NVIDIA
2013-08-04 15:25:54 ----D---- C:\Windows\inf
2013-08-04 15:21:26 ----D---- C:\Windows\system32\config
2013-08-04 04:31:09 ----D---- C:\Windows\SysWOW64
2013-08-04 04:30:42 ----RD---- C:\Program Files (x86)
2013-08-04 04:30:35 ----D---- C:\Windows\Prefetch
2013-08-04 02:56:53 ----D---- C:\Users\Mira\AppData\Roaming\TS3Client
2013-08-03 03:40:46 ----D---- C:\ProgramData\PMB Files
2013-08-03 02:41:54 ----D---- C:\Program Files (x86)\SpeedFan
2013-08-02 17:15:00 ----SHD---- C:\System Volume Information
2013-08-02 00:31:55 ----D---- C:\Windows\System32
2013-08-02 00:31:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-01 22:53:28 ----D---- C:\Users\Mira\AppData\Roaming\vlc
2013-08-01 19:22:06 ----D---- C:\Users\Mira\AppData\Roaming\uTorrent
2013-07-31 21:21:28 ----D---- C:\Program Files (x86)\Advanced Tactical Center
2013-07-31 02:23:03 ----RSD---- C:\Windows\assembly
2013-07-31 02:22:19 ----D---- C:\Program Files\NVIDIA Corporation
2013-07-31 02:22:18 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-07-31 02:21:46 ----D---- C:\Windows\system32\drivers
2013-07-31 02:21:45 ----D---- C:\Windows\system32\catroot
2013-07-31 02:21:44 ----D---- C:\Windows\system32\DriverStore
2013-07-29 01:31:19 ----D---- C:\ProgramData\NVIDIA Corporation
2013-07-25 14:23:29 ----D---- C:\Program Files (x86)\ABBYY FineReader 11
2013-07-14 17:43:49 ----D---- C:\Windows\Microsoft.NET
2013-07-14 03:20:34 ----SHD---- C:\Windows\Installer
2013-07-13 05:08:11 ----D---- C:\Windows\system32\catroot2
2013-07-12 18:35:59 ----D---- C:\Windows\winsxs
2013-07-12 18:34:23 ----D---- C:\Program Files\Windows Defender
2013-07-12 18:34:23 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-12 18:34:23 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-12 18:34:22 ----D---- C:\Program Files\Internet Explorer
2013-07-12 18:34:19 ----D---- C:\Program Files\Windows Journal
2013-07-12 02:31:50 ----A---- C:\Windows\system32\MRT.exe
2013-07-11 16:40:36 ----D---- C:\Windows
2013-07-09 19:12:06 ----D---- C:\Windows\SoftwareDistribution
2013-07-07 23:42:31 ----D---- C:\Users\Mira\AppData\Roaming\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-08 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-05-22 4052496]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-05-14 39712]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 vvftav;vvftav; C:\Windows\system32\drivers\vvftav.sys [2007-06-23 300800]
R3 ZSMC0305;A4 TECH PC Camera V; C:\Windows\System32\Drivers\usbVM305.sys [2007-03-08 1541120]
S3 HPFXBULKLEDM;HPFXBULKLEDM; C:\Windows\system32\drivers\hppdbulkio.sys [2011-05-10 22040]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
R2 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2010-10-27 13824]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-10-27 145920]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-07-27 14984480]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-27 1889568]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-04 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-06 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Přispějete na provoz fóra?