Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Škodlivé programy

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
xPajas
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 zář 2012 22:19

Škodlivé programy

#1 Příspěvek od xPajas »

Zdravím,

mám nový ntb od asusu s předinstalovaným OS a je tam dost nainstalovaných kravin. Na začátku jsem tyto programy začal mazat a s nimi se mi smazali různé funkce klávesnice, pokazil se mi explorer.exe atd. Zdá se mi, že ntb pořád komunikuje s nějakými servery a brzdí mi tak internet a mám pomalou odezvu. Posílám log a potřeboval bych poradit, co bych mohl smazat a co ne. Předem děkuji.

http://leteckaposta.cz/978660599
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119515
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Škodlivé programy

#2 Příspěvek od Rudy »

Také zdravím!
Buď dejte log přímo do postu na fórum, nebo jej zabalte v jiném formátu. WinRarem tohle neotevřu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
xPajas
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 zář 2012 22:19

Re: Škodlivé programy

#3 Příspěvek od xPajas »

Používám 7zip, tady je log:


Logfile of random's system information tool 1.09 (written by random/random)
Run by Pavel at 2012-09-24 21:51:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 7 GB (3%) free of 191 GB
Total RAM: 8097 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:51:23, on 24.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Pavel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3225826
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: BitTorrentControl_v12 - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [SessionLogon] C:\ExpressGateUtil\SessionLogon.exe
O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2563066766-1230321987-857231328-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2563066766-1230321987-857231328-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: CyberLink Product - 2012/08/23 20:15:54 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15591 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2563066766-1230321987-857231328-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2563066766-1230321987-857231328-1001UA.job
C:\Windows\tasks\MATLAB R2012b Startup Accelerator.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\0habdb41.default

"{22C7F6C6-8D67-4534-92B5-529A0EC09405}"=C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll [2010-09-17 185680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-18 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}]
BitTorrentControl_v12 Toolbar - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17 234832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-18 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - BitTorrentControl_v12 Toolbar - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-04-13 2018032]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [2011-02-23 731472]
"FLxHCIm"=C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [2011-02-25 40448]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [2010-07-10 984400]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]
"SessionLogon"=C:\ExpressGateUtil\SessionLogon.exe []
"VAWinAgent"=C:\ExpressGateUtil\VAWinAgent.exe [2010-08-13 21504]
"RemoteControl10"=C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-11-12 75048]
"UpdatePSTShortCut"=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-11-25 222504]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-04-26 3111744]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"Google Update"=C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-25 116648]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe /autorun []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe [2009-07-18 257440]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\SysWOW64\nvinit.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"vidc.mjpg"=pvmjpg30.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2012-09-24 21:15:33 ----D---- C:\rsit
2012-09-24 21:15:33 ----D---- C:\Program Files (x86)\trend micro
2012-09-24 20:11:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-09-23 03:00:46 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2012-09-23 03:00:45 ----A---- C:\Windows\SysWOW64\vbscript.dll
2012-09-23 03:00:45 ----A---- C:\Windows\SysWOW64\ieui.dll
2012-09-23 03:00:44 ----A---- C:\Windows\SysWOW64\urlmon.dll
2012-09-23 03:00:44 ----A---- C:\Windows\SysWOW64\url.dll
2012-09-23 03:00:44 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2012-09-23 03:00:43 ----A---- C:\Windows\SysWOW64\wininet.dll
2012-09-23 03:00:43 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2012-09-23 03:00:42 ----A---- C:\Windows\SysWOW64\jscript9.dll
2012-09-23 03:00:42 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-09-23 03:00:41 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2012-09-23 03:00:41 ----A---- C:\Windows\SysWOW64\iertutil.dll
2012-09-23 03:00:40 ----A---- C:\Windows\SysWOW64\mshtml.dll
2012-09-23 03:00:34 ----A---- C:\Windows\SysWOW64\ieframe.dll
2012-09-20 10:40:52 ----D---- C:\Program Files (x86)\Common Files\Wolfram Research
2012-09-20 10:40:52 ----D---- C:\Program Files (x86)\Common Files\ResearchSoft
2012-09-18 18:19:57 ----D---- C:\Program Files (x86)\PANDORA.TV
2012-09-18 18:19:45 ----D---- C:\Program Files (x86)\The KMPlayer
2012-09-18 18:19:25 ----D---- C:\ProgramData\Ask
2012-09-18 16:20:41 ----D---- C:\Users\Pavel\AppData\Roaming\Subversion
2012-09-18 16:20:28 ----D---- C:\Users\Pavel\AppData\Roaming\MathWorks
2012-09-18 11:43:54 ----D---- C:\ProgramData\Sun
2012-09-18 11:43:53 ----D---- C:\Program Files (x86)\Common Files\Java
2012-09-18 11:43:47 ----A---- C:\Windows\SysWOW64\npDeployJava1.dll
2012-09-18 11:43:47 ----A---- C:\Windows\SysWOW64\javaws.exe
2012-09-18 11:43:47 ----A---- C:\Windows\SysWOW64\deployJava1.dll
2012-09-18 11:43:42 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-09-18 11:43:42 ----A---- C:\Windows\SysWOW64\javaw.exe
2012-09-18 11:43:42 ----A---- C:\Windows\SysWOW64\java.exe
2012-09-18 11:43:30 ----D---- C:\Program Files (x86)\Java
2012-09-18 08:42:33 ----D---- C:\Program Files (x86)\Common Files\Adobe
2012-09-18 08:42:33 ----D---- C:\Program Files (x86)\Adobe
2012-09-18 08:41:15 ----D---- C:\ProgramData\Adobe
2012-09-17 17:32:23 ----D---- C:\Program Files (x86)\Counter-Strike 1.6 V35
2012-09-17 16:56:31 ----D---- C:\Users\Pavel\AppData\Roaming\GarenaPlus
2012-09-17 16:55:09 ----D---- C:\Program Files (x86)\Garena Plus
2012-09-17 16:55:05 ----D---- C:\ProgramData\GarenaMessenger
2012-09-13 22:45:41 ----D---- C:\Users\Pavel\AppData\Roaming\Mathematica
2012-09-13 22:45:04 ----D---- C:\ProgramData\Mathematica
2012-09-13 22:41:55 ----A---- C:\Windows\SysWOW64\mlmodule32.dll
2012-09-13 22:41:55 ----A---- C:\Windows\SysWOW64\ml32i3.dll
2012-09-13 22:41:55 ----A---- C:\Windows\SysWOW64\ml32i2.dll
2012-09-13 22:41:55 ----A---- C:\Windows\SysWOW64\ml32i1.dll
2012-09-13 17:25:35 ----D---- C:\Users\Pavel\AppData\Roaming\Mozilla
2012-09-13 17:25:32 ----D---- C:\Program Files (x86)\Conduit
2012-09-13 17:25:30 ----D---- C:\Program Files (x86)\BitTorrentControl_v12
2012-09-13 17:25:21 ----D---- C:\Program Files (x86)\BitTorrent
2012-09-13 17:24:47 ----D---- C:\Users\Pavel\AppData\Roaming\BitTorrent
2012-09-12 18:59:46 ----D---- C:\Users\Pavel\AppData\Roaming\FLEXnet
2012-09-12 18:59:44 ----D---- C:\Users\Pavel\AppData\Roaming\Nuance
2012-09-12 18:59:41 ----D---- C:\Users\Pavel\AppData\Roaming\Zeon
2012-09-12 12:08:00 ----A---- C:\Windows\SysWOW64\d3d10level9.dll
2012-09-11 13:17:17 ----D---- C:\Program Files (x86)\MSXML 4.0
2012-09-10 22:05:19 ----A---- C:\Windows\unvise32.exe
2012-09-10 22:02:16 ----D---- C:\Program Files (x86)\Common Files\Pinnacle
2012-09-10 22:01:24 ----D---- C:\ProgramData\Pinnacle Studio Ultimate
2012-09-10 21:57:50 ----D---- C:\Program Files (x86)\Common Files\Pegasus Imaging
2012-09-10 21:57:48 ----D---- C:\ProgramData\Studio 15
2012-09-10 21:57:48 ----D---- C:\ProgramData\Pinnacle Studio Plus
2012-09-10 21:57:48 ----D---- C:\Program Files (x86)\Pinnacle
2012-09-10 21:57:48 ----D---- C:\Program Files (x86)\Common Files\Yahoo!
2012-09-10 21:56:15 ----D---- C:\ProgramData\Pinnacle
2012-09-03 16:07:26 ----D---- C:\Users\Pavel\AppData\Roaming\TS3Client
2012-09-01 18:11:42 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2012-09-01 18:11:39 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2012-09-01 18:11:37 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2012-09-01 18:11:32 ----D---- C:\Program Files (x86)\Focus Home Interactive
2012-09-01 11:24:55 ----A---- C:\Windows\SysWOW64\xmllite.dll
2012-09-01 11:24:54 ----A---- C:\Windows\SysWOW64\srclient.dll
2012-09-01 11:24:52 ----A---- C:\Windows\SysWOW64\explorer.exe
2012-09-01 11:24:52 ----A---- C:\Windows\explorer.exe
2012-09-01 11:24:49 ----A---- C:\Windows\SysWOW64\ntshrui.dll
2012-09-01 11:24:47 ----A---- C:\Windows\SysWOW64\tquery.dll
2012-09-01 11:24:47 ----A---- C:\Windows\SysWOW64\SearchProtocolHost.exe
2012-09-01 11:24:47 ----A---- C:\Windows\SysWOW64\SearchIndexer.exe
2012-09-01 11:24:47 ----A---- C:\Windows\SysWOW64\mssrch.dll
2012-09-01 11:24:47 ----A---- C:\Windows\SysWOW64\mssph.dll
2012-09-01 11:24:46 ----A---- C:\Windows\SysWOW64\SearchFilterHost.exe
2012-09-01 11:24:46 ----A---- C:\Windows\SysWOW64\mssvp.dll
2012-09-01 11:24:45 ----A---- C:\Windows\SysWOW64\mssphtb.dll
2012-09-01 11:24:45 ----A---- C:\Windows\SysWOW64\msscntrs.dll
2012-09-01 11:24:40 ----A---- C:\Windows\SysWOW64\win32spl.dll
2012-09-01 11:24:40 ----A---- C:\Windows\splwow64.exe
2012-09-01 11:24:38 ----A---- C:\Windows\SysWOW64\XpsPrint.dll
2012-09-01 11:24:31 ----A---- C:\Windows\SysWOW64\msi.dll
2012-09-01 11:24:27 ----A---- C:\Windows\SysWOW64\esent.dll
2012-09-01 11:24:26 ----A---- C:\Windows\SysWOW64\fsutil.exe
2012-09-01 11:18:15 ----A---- C:\Windows\SysWOW64\prevhost.exe
2012-09-01 11:06:04 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-09-01 11:05:08 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-09-01 11:04:42 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2012-09-01 11:04:33 ----D---- C:\Program Files (x86)\Microsoft Office
2012-09-01 11:04:30 ----D---- C:\ProgramData\Microsoft Help
2012-09-01 11:04:21 ----RHD---- C:\MSOCache
2012-08-31 19:30:28 ----D---- C:\Users\Pavel\AppData\Roaming\FastStone
2012-08-31 19:28:42 ----D---- C:\Program Files (x86)\FastStone Image Viewer
2012-08-27 23:58:14 ----D---- C:\ProgramData\TamoSoft
2012-08-27 23:57:48 ----D---- C:\Program Files (x86)\CommViewWiFi
2012-08-26 22:56:06 ----D---- C:\Users\Pavel\AppData\Roaming\QIP
2012-08-25 16:09:38 ----D---- C:\Users\Pavel\AppData\Roaming\Macromedia
2012-08-25 12:53:56 ----D---- C:\Windows\SysWOW64\cs
2012-08-25 12:53:48 ----D---- C:\Windows\SysWOW64\XPSViewer
2012-08-25 12:53:48 ----D---- C:\Windows\SysWOW64\drivers\cs-CZ
2012-08-25 12:53:48 ----D---- C:\Windows\cs-CZ
2012-08-24 15:12:03 ----D---- C:\Windows\SysWOW64\Wat
2012-08-24 12:19:09 ----A---- C:\Windows\SysWOW64\imagehlp.dll
2012-08-24 12:19:08 ----A---- C:\Windows\SysWOW64\wmi.dll
2012-08-24 12:19:08 ----A---- C:\Windows\SysWOW64\wintrust.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SysWOW64\odbctrac.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SysWOW64\odbcjt32.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SysWOW64\odbccu32.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SysWOW64\odbccr32.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SysWOW64\odbccp32.dll
2012-08-24 11:37:37 ----A---- C:\Windows\SysWOW64\DWrite.dll
2012-08-24 11:37:29 ----A---- C:\Windows\SysWOW64\poqexec.exe
2012-08-24 11:37:28 ----A---- C:\Windows\SysWOW64\quartz.dll
2012-08-24 11:37:28 ----A---- C:\Windows\SysWOW64\qdvd.dll
2012-08-24 11:37:24 ----A---- C:\Windows\SysWOW64\webio.dll
2012-08-24 11:37:22 ----A---- C:\Windows\SysWOW64\msxml6.dll
2012-08-24 11:37:21 ----A---- C:\Windows\SysWOW64\msxml3r.dll
2012-08-24 11:37:21 ----A---- C:\Windows\SysWOW64\msxml3.dll
2012-08-24 11:37:12 ----A---- C:\Windows\SysWOW64\shell32.dll
2012-08-24 11:37:09 ----A---- C:\Windows\SysWOW64\schannel.dll
2012-08-24 11:37:09 ----A---- C:\Windows\SysWOW64\ncrypt.dll
2012-08-24 11:37:08 ----A---- C:\Windows\SysWOW64\sspicli.dll
2012-08-24 11:37:08 ----A---- C:\Windows\SysWOW64\secur32.dll
2012-08-24 11:37:00 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2012-08-24 11:37:00 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2012-08-24 11:35:53 ----A---- C:\Windows\SysWOW64\psisdecd.dll
2012-08-24 11:35:47 ----A---- C:\Windows\SysWOW64\crypt32.dll
2012-08-24 11:35:46 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2012-08-24 11:35:46 ----A---- C:\Windows\SysWOW64\cryptnet.dll
2012-08-24 11:35:40 ----A---- C:\Windows\SysWOW64\netapi32.dll
2012-08-24 11:35:40 ----A---- C:\Windows\SysWOW64\browcli.dll
2012-08-24 11:35:35 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2012-08-24 11:35:34 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-24 11:35:34 ----A---- C:\Windows\SysWOW64\setup16.exe
2012-08-24 11:35:34 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2012-08-24 11:35:34 ----A---- C:\Windows\SysWOW64\kernel32.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-24 11:35:33 ----A---- C:\Windows\SysWOW64\wow32.dll
2012-08-24 11:35:33 ----A---- C:\Windows\SysWOW64\instnm.exe
2012-08-24 11:35:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-08-24 11:35:31 ----A---- C:\Windows\SysWOW64\user.exe
2012-08-24 11:35:28 ----A---- C:\Windows\SysWOW64\drvinst.exe
2012-08-24 11:35:28 ----A---- C:\Windows\SysWOW64\devrtl.dll
2012-08-24 11:35:28 ----A---- C:\Windows\SysWOW64\devobj.dll
2012-08-24 11:35:28 ----A---- C:\Windows\SysWOW64\cfgmgr32.dll
2012-08-24 11:35:16 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2012-08-24 11:35:15 ----A---- C:\Windows\SysWOW64\msvcrt.dll
2012-08-24 11:35:11 ----A---- C:\Windows\SysWOW64\oleacc.dll
2012-08-24 11:35:10 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2012-08-24 11:35:09 ----A---- C:\Windows\SysWOW64\EncDec.dll
2012-08-24 11:35:03 ----A---- C:\Windows\SysWOW64\tzres.dll
2012-08-24 11:34:52 ----A---- C:\Windows\SysWOW64\cdosys.dll
2012-08-24 11:34:49 ----A---- C:\Windows\SysWOW64\ntdll.dll
2012-08-24 11:34:48 ----A---- C:\Windows\SysWOW64\packager.dll
2012-08-24 11:16:58 ----D---- C:\Windows\Minidump
2012-08-24 05:48:38 ----A---- C:\Windows\AsToolCDVer.txt
2012-08-24 05:48:38 ----A---- C:\Windows\AsRunBar.txt
2012-08-24 05:48:12 ----D---- C:\eSupport
2012-08-24 05:46:39 ----D---- C:\WIMAPPLY
2012-08-24 05:26:52 ----A---- C:\devlist.txt
2012-08-24 05:18:48 ----A---- C:\Windows\AsChkDev.txt
2012-08-24 05:14:52 ----A---- C:\Windows\SysWOW64\msxml3a.dll
2012-08-24 05:14:52 ----A---- C:\Windows\SysWOW64\msvcr71.dll
2012-08-24 05:14:52 ----A---- C:\Windows\SysWOW64\msvcp71.dll
2012-08-24 05:11:00 ----D---- C:\Program Files (x86)\CyberLink
2012-08-24 05:10:59 ----D---- C:\ProgramData\Temp
2012-08-24 05:10:59 ----D---- C:\ProgramData\CyberLink
2012-08-24 05:10:07 ----HD---- C:\ExpressGateUtil
2012-08-24 05:08:46 ----D---- C:\Windows\SysWOW64\ASUS_Screensaver dir
2012-08-24 05:08:46 ----A---- C:\Windows\SysWOW64\ASUS_Screensaver.scr
2012-08-24 05:08:44 ----A---- C:\Windows\AsScrPro.exe
2012-08-24 05:08:43 ----A---- C:\Windows\SysWOW64\ACEngSvr.exe
2012-08-24 05:08:36 ----D---- C:\ProgramData\P4G
2012-08-24 05:06:28 ----D---- C:\Program Files (x86)\Common Files\Atheros
2012-08-24 05:06:27 ----D---- C:\Program Files (x86)\Bluetooth Suite
2012-08-24 05:05:20 ----D---- C:\Program Files (x86)\Atheros
2012-08-24 05:05:14 ----D---- C:\ProgramData\Atheros
2012-08-24 05:03:07 ----D---- C:\ProgramData\SonicFocus
2012-08-24 05:03:05 ----D---- C:\Windows\SysWOW64\RTCOM
2012-08-24 05:02:57 ----A---- C:\Windows\SysWOW64\SFCOM.dll
2012-08-24 05:02:56 ----N---- C:\Windows\RtlExUpd.dll
2012-08-24 05:02:56 ----HD---- C:\Program Files (x86)\Temp
2012-08-24 05:02:56 ----D---- C:\Program Files (x86)\Realtek
2012-08-24 05:02:54 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2012-08-24 05:02:36 ----D---- C:\ProgramData\AmUStor
2012-08-24 05:02:36 ----D---- C:\Program Files (x86)\AmIcoSingLun
2012-08-24 05:01:40 ----A---- C:\Windows\AsPatch10430001.exe
2012-08-24 05:00:41 ----A---- C:\Windows\SysWOW64\log.txt
2012-08-24 05:00:40 ----D---- C:\Program Files (x86)\Common Files\postureAgent
2012-08-24 05:00:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-08-24 05:00:31 ----D---- C:\Windows\SysWOW64\NV
2012-08-24 04:59:43 ----D---- C:\ProgramData\NVIDIA
2012-08-24 04:59:04 ----D---- C:\ProgramData\NVIDIA Corporation
2012-08-24 04:59:02 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-08-24 04:58:54 ----A---- C:\Windows\SysWOW64\OpenCL.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SysWOW64\nvwgf2um.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SysWOW64\nvumdshim.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SysWOW64\nvoptimusmft.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SysWOW64\nvoglv32.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SysWOW64\nvinit.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SysWOW64\nvdecodemft.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SysWOW64\nvd3dum.dll
2012-08-24 04:58:53 ----A---- C:\Windows\SysWOW64\nvcuvid.dll
2012-08-24 04:58:53 ----A---- C:\Windows\SysWOW64\nvcuvenc.dll
2012-08-24 04:58:53 ----A---- C:\Windows\SysWOW64\nvcuda.dll
2012-08-24 04:58:53 ----A---- C:\Windows\SysWOW64\nvcompiler.dll
2012-08-24 04:58:53 ----A---- C:\Windows\SysWOW64\nvapi.dll
2012-08-24 04:58:11 ----D---- C:\NvidiaLogs
2012-08-24 04:57:15 ----D---- C:\ProgramData\Intel
2012-08-24 04:56:07 ----D---- C:\Program Files (x86)\Common Files\Intel
2012-08-24 04:54:20 ----D---- C:\Program Files (x86)\Intel
2012-08-24 04:54:20 ----A---- C:\Windows\SysWOW64\CSVer.dll
2012-08-24 04:54:16 ----D---- C:\Intel
2012-08-24 04:52:49 ----D---- C:\Windows\SoftwareDistribution
2012-08-24 04:49:03 ----ASH---- C:\hiberfil.sys
2012-08-24 04:49:02 ----SHD---- C:\System Volume Information
2012-08-24 04:49:02 ----ASH---- C:\pagefile.sys
2012-08-23 22:58:32 ----D---- C:\Users\Pavel\AppData\Roaming\WinRAR
2012-08-23 22:57:41 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2012-08-23 22:57:41 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2012-08-23 22:57:05 ----D---- C:\Program Files (x86)\Winamp Detect
2012-08-23 22:56:56 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2012-08-23 22:56:52 ----D---- C:\Users\Pavel\AppData\Roaming\Winamp
2012-08-23 22:56:52 ----D---- C:\Program Files (x86)\Winamp
2012-08-23 22:55:24 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2012-08-23 22:54:07 ----D---- C:\Users\Pavel\AppData\Roaming\Skype
2012-08-23 22:54:04 ----D---- C:\Program Files (x86)\Common Files\Skype
2012-08-23 22:54:01 ----RD---- C:\Program Files (x86)\Skype
2012-08-23 22:53:59 ----D---- C:\ProgramData\Skype
2012-08-23 21:46:34 ----D---- C:\Users\Pavel\AppData\Roaming\.purple
2012-08-23 21:46:06 ----D---- C:\Program Files (x86)\Pidgin
2012-08-23 21:44:40 ----D---- C:\Users\Pavel\AppData\Roaming\DAEMON Tools Pro
2012-08-23 21:44:38 ----D---- C:\Program Files (x86)\DAEMON Tools Pro
2012-08-23 21:43:59 ----D---- C:\ProgramData\DAEMON Tools Pro
2012-08-23 21:36:29 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2012-08-23 21:36:28 ----D---- C:\Program Files (x86)\Microsoft Security Client
2012-08-23 21:34:15 ----D---- C:\Users\Pavel\AppData\Roaming\Adobe
2012-08-23 20:49:11 ----A---- C:\Windows\SysWOW64\rdpcore.dll
2012-08-23 20:39:36 ----D---- C:\Users\Pavel\AppData\Roaming\ASUS WebStorage
2012-08-23 20:36:52 ----D---- C:\Users\Pavel\AppData\Roaming\Identities
2012-08-23 20:36:47 ----D---- C:\Users\Pavel\AppData\Roaming\Google
2012-08-23 20:36:37 ----D---- C:\ProgramData\FolderView
2012-08-23 20:36:36 ----HD---- C:\ASUS.DAT
2012-08-23 20:36:33 ----SD---- C:\Users\Pavel\AppData\Roaming\Microsoft
2012-08-23 20:36:33 ----D---- C:\Users\Pavel\AppData\Roaming\Media Center Programs

======List of files/folders modified in the last 3 months======

2012-09-24 21:43:53 ----D---- C:\Windows\Temp
2012-09-24 21:43:25 ----D---- C:\Windows\Prefetch
2012-09-24 21:15:33 ----RD---- C:\Program Files (x86)
2012-09-23 03:18:33 ----D---- C:\Windows\winsxs
2012-09-23 03:16:41 ----D---- C:\Windows\SysWOW64\migration
2012-09-23 03:16:41 ----D---- C:\Windows\SysWOW64
2012-09-23 03:16:41 ----D---- C:\Windows\System32
2012-09-23 03:16:41 ----D---- C:\Program Files (x86)\Internet Explorer
2012-09-21 14:47:27 ----RSD---- C:\Windows\Fonts
2012-09-20 10:40:52 ----D---- C:\Program Files (x86)\Common Files
2012-09-18 18:19:25 ----HD---- C:\ProgramData
2012-09-18 18:19:25 ----D---- C:\Windows
2012-09-18 16:11:21 ----D---- C:\Windows\Tasks
2012-09-18 16:11:16 ----RSD---- C:\Windows\assembly
2012-09-18 15:43:36 ----RD---- C:\Program Files
2012-09-18 15:39:06 ----SHD---- C:\Windows\Installer
2012-09-17 17:25:01 ----D---- C:\Windows\inf
2012-09-12 18:59:44 ----D---- C:\ProgramData\Nuance
2012-09-03 16:27:53 ----D---- C:\Windows\Microsoft.NET
2012-09-01 22:35:51 ----D---- C:\Windows\SysWOW64\en-US
2012-09-01 22:35:51 ----D---- C:\Windows\SysWOW64\cs-CZ
2012-09-01 22:35:51 ----D---- C:\Windows\AppPatch
2012-09-01 18:19:22 ----A---- C:\Windows\win.ini
2012-09-01 18:16:56 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2012-09-01 11:07:06 ----D---- C:\Windows\ShellNew
2012-09-01 11:06:18 ----D---- C:\Program Files (x86)\MSBuild
2012-09-01 11:06:04 ----SD---- C:\ProgramData\Microsoft
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Media Player
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Mail
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Defender
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Common Files\System
2012-08-25 12:53:58 ----D---- C:\Windows\servicing
2012-08-25 12:53:56 ----D---- C:\Windows\SysWOW64\winrm
2012-08-25 12:53:56 ----D---- C:\Windows\SysWOW64\slmgr
2012-08-25 12:53:56 ----D---- C:\Windows\SysWOW64\migwiz
2012-08-25 12:53:56 ----D---- C:\Windows\ehome
2012-08-25 12:53:48 ----D---- C:\Windows\SysWOW64\WCN
2012-08-25 12:53:48 ----D---- C:\Windows\SysWOW64\wbem
2012-08-25 12:53:48 ----D---- C:\Windows\SysWOW64\Printing_Admin_Scripts
2012-08-25 12:53:48 ----D---- C:\Windows\SysWOW64\MUI
2012-08-25 12:53:48 ----D---- C:\Windows\SysWOW64\DriverStore
2012-08-25 12:53:48 ----D---- C:\Windows\SysWOW64\drivers
2012-08-25 12:53:48 ----D---- C:\Windows\SysWOW64\Dism
2012-08-25 12:53:48 ----D---- C:\Windows\SysWOW64\com
2012-08-25 12:53:48 ----D---- C:\Windows\IME
2012-08-25 12:53:47 ----D---- C:\Windows\PolicyDefinitions
2012-08-25 11:26:02 ----D---- C:\Windows\rescache
2012-08-25 01:24:24 ----D---- C:\Windows\SysWOW64\sysprep
2012-08-25 01:24:24 ----D---- C:\Windows\SysWOW64\es-ES
2012-08-25 01:24:24 ----D---- C:\Windows\SysWOW64\drivers\UMDF
2012-08-25 01:24:06 ----D---- C:\Windows\es-ES
2012-08-25 01:23:53 ----D---- C:\Windows\SysWOW64\ru-RU
2012-08-25 01:23:28 ----D---- C:\Windows\pt-PT
2012-08-25 01:23:27 ----D---- C:\Windows\SysWOW64\pt-PT
2012-08-25 01:22:56 ----D---- C:\Windows\it-IT
2012-08-25 01:22:54 ----D---- C:\Windows\SysWOW64\oobe
2012-08-25 01:22:54 ----D---- C:\Windows\SysWOW64\it-IT
2012-08-25 01:22:46 ----D---- C:\Windows\SysWOW64\Setup
2012-08-25 01:22:15 ----D---- C:\Windows\SysWOW64\zh-TW
2012-08-25 01:22:07 ----D---- C:\Windows\zh-TW
2012-08-25 01:22:06 ----D---- C:\Windows\Globalization
2012-08-24 21:08:45 ----D---- C:\Windows\SysWOW64\he-IL
2012-08-24 21:06:37 ----D---- C:\Windows\SysWOW64\el-GR
2012-08-24 21:04:17 ----D---- C:\Windows\SysWOW64\de-DE
2012-08-24 21:04:17 ----D---- C:\Windows\de-DE
2012-08-24 21:01:54 ----D---- C:\Windows\fr-FR
2012-08-24 21:01:53 ----D---- C:\Windows\SysWOW64\fr-FR
2012-08-24 21:00:00 ----D---- C:\Windows\SysWOW64\nl-NL
2012-08-24 21:00:00 ----D---- C:\Windows\nl-NL
2012-08-24 20:57:54 ----D---- C:\Windows\SysWOW64\ar-SA
2012-08-24 20:54:54 ----D---- C:\Windows\Logs
2012-08-24 15:13:23 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-08-24 12:12:57 ----D---- C:\Windows\debug
2012-08-24 05:48:18 ----D---- C:\Windows\ASUS
2012-08-24 05:26:48 ----D---- C:\Windows\Log
2012-08-24 04:59:34 ----D---- C:\Windows\Help
2012-08-23 20:50:39 ----D---- C:\ProgramData\Partner
2012-08-23 20:50:39 ----D---- C:\Program Files (x86)\Google
2012-08-23 20:49:22 ----D---- C:\Program Files (x86)\ASUS
2012-08-23 20:41:29 ----D---- C:\Program Files (x86)\Microsoft
2012-08-23 20:39:37 ----D---- C:\ProgramData\ChangeFolderView
2012-08-23 20:38:30 ----D---- C:\ProgramData\Trend Micro
2012-08-23 20:36:50 ----SHD---- C:\$Recycle.Bin
2012-08-23 20:36:33 ----RD---- C:\Users
2012-08-23 20:35:28 ----SHD---- C:\Recovery
2012-08-23 14:26:59 ----D---- C:\Windows\Panther

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys []
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys []
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys []
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys []
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\DRIVERS\FLxHCIc.sys []
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver; C:\Windows\system32\DRIVERS\FLxHCIh.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys []
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys []
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys []
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys []
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys []
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys []
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys []
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys []
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys []
S3 TS_AR5416;[CommView] Atheros AR5008 Wireless Network Adapter Service 7.7; C:\Windows\system32\DRIVERS\ts_athwx.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe []
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 12600]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe []
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-14 2009704]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 VideAceWindowsService;VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [2010-08-21 77312]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-04-17 247152]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/08/23 20:15:54; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-13 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-17 267480]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------
Nahoru
xPajas
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 zář 2012 22:19

Re: Škodlivé programy

#4 Příspěvek od xPajas »

a info:


info.txt logfile of random's system information tool 1.09 2012-09-24 21:51:25

======Uninstall list======

Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Reader X (10.1.0) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}\Setup.exe
ASUS AI Recovery-->MsiExec.exe /I{38253529-D97D-4901-AE53-5CC9736D3A2E}
ASUS FancyStart-->MsiExec.exe /I{2B81872B-A054-48DA-BE3B-FA5C164C303A}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Video Magic-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
ASUS Video Magic-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
ASUS WebStorage-->C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe
ASUS_Screensaver-->C:\Windows\system32\ASUS_Screensaver.scr /u
AsusVibe2.0-->C:\Program Files (x86)\Asus\AsusVibe\unins000.exe
Atheros Client Installation Program-->C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
BitTorrent-->"C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /UNINSTALL
BitTorrentControl_v12 Toolbar-->C:\Program Files (x86)\BitTorrentControl_v12\uninstall.exe toolbar
Bookworm Deluxe-->C:\Program Files (x86)\Asus\Game Park\Bookworm Deluxe\Uninstall.exe
Cities XL 2012-->C:\Program Files (x86)\Focus Home Interactive\Cities XL 2012\uninst.exe
CommView for WiFi-->C:\PROGRA~2\COMMVI~1\CV.exe /u
Control ActiveX de Windows Live Mesh para conexiones remotas-->MsiExec.exe /I{04668DF2-D32F-4555-9C7E-35523DCD6544}
Contrôle ActiveX Windows Live Mesh pour connexions à distance-->MsiExec.exe /I{55D003F4-9599-44BF-BA9E-95D060730DD3}
Controlo ActiveX do Windows Live Mesh para Ligações Remotas-->MsiExec.exe /I{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}
Cooking Dash-->C:\Program Files (x86)\Asus\Game Park\Cooking Dash\Uninstall.exe
Counter-Strike 1.6 V35-->C:\Program Files (x86)\Counter-Strike 1.6 V35\Uninstal.exe
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink MediaEspresso-->"C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe" /z-uninstall
CyberLink MediaEspresso-->"C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
CyberLink PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
CyberLink PowerDVD 10-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
CyberLink PowerDVD 10-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Pro-->C:\Program Files (x86)\DAEMON Tools Pro\uninst.exe
ExpressGate Cloud-->"C:\Program Files (x86)\InstallShield Installation Information\{499DED08-6FA8-4749-8E94-8526CC9D1CA8}\setup.exe" -runfromtemp -l0x0409 -removeonly
ExpressGate Cloud-->MsiExec.exe /X{499DED08-6FA8-4749-8E94-8526CC9D1CA8}
FastStone Image Viewer 4.6-->C:\Program Files (x86)\FastStone Image Viewer\uninst.exe
Galeria de Fotografias do Windows Live-->MsiExec.exe /X{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}
Galería fotográfica de Windows Live-->MsiExec.exe /X{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}
Galerie de photos Windows Live-->MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710}
Game Park Console-->"C:\Program Files (x86)\Asus\Game Park\GameConsole\unins000.exe"
Garena Plus-->C:\Program Files (x86)\Garena Plus\uninst.exe
Governor of Poker-->C:\Program Files (x86)\Asus\Game Park\Governor of Poker\Uninstall.exe
Hotel Dash Suite Success-->C:\Program Files (x86)\Asus\Game Park\Hotel Dash Suite Success\Uninstall.exe
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Java 7 Update 7-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217007FF}
Jewel Quest 3-->C:\Program Files (x86)\Asus\Game Park\Jewel Quest 3\Uninstall.exe
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Knoll Light Factory EZ Studio 15-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 15\Plugins\RTFx\klfezstudio.log
Luxor 3-->C:\Program Files (x86)\Asus\Game Park\Luxor 3\Uninstall.exe
Mahjongg dimensions-->C:\Program Files (x86)\Asus\Game Park\Mahjongg dimensions\Uninstall.exe
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox 15.0.1 (x86 cs)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nuance PDF Reader-->MsiExec.exe /X{B480904D-F73F-4673-B034-8A5F492C9184}
Pandora Service-->"C:\Program Files (x86)\PANDORA.TV\PanService\unins000.exe"
Pidgin-->C:\Program Files (x86)\Pidgin\pidgin-uninst.exe
Pinnacle Studio 15 Ultimate Plugins-->MsiExec.exe /I{EB5DF19E-75D5-4FF1-AE23-2A9A2E0F2BDD}
Pinnacle Studio 15-->MsiExec.exe /I{1362E602-9625-42D3-B57F-CDA9D26F9DA8}
Plants vs Zombies-->C:\Program Files (x86)\Asus\Game Park\Plants vs Zombies\Uninstall.exe
Raccolta foto di Windows Live-->MsiExec.exe /X{ED16B700-D91F-44B0-867C-7EB5253CA38D}
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
Red Giant ToonIt Studio 15-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 15\Plugins\RTFx\rgtoonitstudio.log
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Skype™ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
SonicMaster-->MsiExec.exe /I{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}
syncables desktop SE-->MsiExec.exe /X{341697D8-9923-445E-B42A-529E5A99CB7A}
TeamSpeak 3 Client-->"C:\Program Files (x86)\TeamSpeak 3 Client\uninstall.exe"
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{17F99FCE-8F03-4439-860A-25C5A5434E18}
Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}
Windows Live Essentials-->MsiExec.exe /I{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}
Windows Live Essentials-->MsiExec.exe /I{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}
Windows Live Essentials-->MsiExec.exe /I{ABD534B7-E951-470E-92C2-CD5AF1735726}
Windows Live Essentials-->MsiExec.exe /I{B618C3BF-5142-4630-81DD-F96864F97C7E}
Windows Live Essentials-->MsiExec.exe /I{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}
Windows Live Essentials-->MsiExec.exe /I{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Fotogalerie-->MsiExec.exe /X{B113D18C-67B0-4FB7-B329-E89B66194AE6}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{0D261C88-454B-46FE-B43B-640E621BDA11}
Windows Live Mail-->MsiExec.exe /I{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}
Windows Live Mail-->MsiExec.exe /I{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
Windows Live Mail-->MsiExec.exe /I{A0B91308-6666-4249-8FF6-1E11AFD75FE1}
Windows Live Mail-->MsiExec.exe /I{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}
Windows Live Mail-->MsiExec.exe /I{B1239994-A850-44E2-BED8-E70A21124E16}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}
Windows Live Mail-->MsiExec.exe /I{DBAA2B17-D596-4195-A169-BA2166B0D69B}
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen-->MsiExec.exe /I{C32CE55C-12BA-4951-8797-0967FDEF556F}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh ActiveX control for remote connections-->MsiExec.exe /I{C5398A89-516C-4DAF-BA07-EE7949090E56}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}
Windows Live Mesh-->MsiExec.exe /I{039480EE-6933-4845-88B8-77FD0C3D059D}
Windows Live Mesh-->MsiExec.exe /I{2C865FB0-051E-4D22-AC62-428E035AEAF0}
Windows Live Mesh-->MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886}
Windows Live Mesh-->MsiExec.exe /I{46872828-6453-4138-BE1C-CE35FBF67978}
Windows Live Mesh-->MsiExec.exe /I{7496FD31-E5CB-4AE4-82D3-31099558BF6A}
Windows Live Mesh-->MsiExec.exe /I{78DAE910-CA72-450E-AD22-772CB1A00678}
Windows Live Mesh-->MsiExec.exe /I{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}
Windows Live Mesh-->MsiExec.exe /I{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Mesh-->MsiExec.exe /I{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}
Windows Live Mesh-->MsiExec.exe /I{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}
Windows Live Messenger-->MsiExec.exe /X{0A9256E0-C924-46DE-921B-F6C4548A1C64}
Windows Live Messenger-->MsiExec.exe /X{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}
Windows Live Messenger-->MsiExec.exe /X{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}
Windows Live Messenger-->MsiExec.exe /X{4A275FD1-2F24-4274-8C01-813F5AD1A92D}
Windows Live Messenger-->MsiExec.exe /X{5F6E678A-7E61-448A-86CB-BC2AD1E04138}
Windows Live Messenger-->MsiExec.exe /X{6057E21C-ABE9-4059-AE3E-3BEB9925E660}
Windows Live Messenger-->MsiExec.exe /X{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}
Windows Live Messenger-->MsiExec.exe /X{6986737B-F286-40D1-87AF-938339DCF6AB}
Windows Live Messenger-->MsiExec.exe /X{6A563426-3474-41C6-B847-42B39F1485B2}
Windows Live Messenger-->MsiExec.exe /X{709E38A9-7F80-4598-96CC-44B0D553FECE}
Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
Windows Live Messenger-->MsiExec.exe /X{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}
Windows Live Movie Maker-->MsiExec.exe /X{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}
Windows Live Movie Maker-->MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
Windows Live Movie Maker-->MsiExec.exe /X{7465A996-0FCA-4D2D-A52C-F833B0829B5B}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}
Windows Live Movie Maker-->MsiExec.exe /X{BF022D76-9F72-4203-B8FA-6522DC66DFDA}
Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}
Windows Live Movie Maker-->MsiExec.exe /X{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}
Windows Live Movie Maker-->MsiExec.exe /X{E4E88B54-4777-4659-967A-2EED1E6AFD83}
Windows Live Movie Maker-->MsiExec.exe /X{FF105207-8423-4E13-B0B1-50753170B245}
Windows Live Movie Maker-->MsiExec.exe /X{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}
Windows Live Photo Common-->MsiExec.exe /X{168E7302-890A-4138-9109-A225ACAF7AD1}
Windows Live Photo Common-->MsiExec.exe /X{29373E24-AC72-424E-8F2A-FB0F9436F21F}
Windows Live Photo Common-->MsiExec.exe /X{370F888E-42A7-4911-9E34-7D74632E17EB}
Windows Live Photo Common-->MsiExec.exe /X{4D83F339-5A5C-4B21-8FD3-5D407B981E72}
Windows Live Photo Common-->MsiExec.exe /X{73FC3510-6421-40F7-9503-EDAE4D0CF70D}
Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}
Windows Live Photo Common-->MsiExec.exe /X{A41A708E-3BE6-4561-855D-44027C1CF0F8}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}
Windows Live Photo Common-->MsiExec.exe /X{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}
Windows Live Photo Common-->MsiExec.exe /X{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}
Windows Live Photo Common-->MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{05E379CC-F626-4E7D-8354-463865B303BF}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{128133D3-037A-4C62-B1B7-55666A10587A}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{37B33B16-2535-49E7-8990-32668708A0A3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{40BFD84C-64CD-42CC-9909-8734C50429C6}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{506FC723-8E6C-4417-9CFF-351F99130425}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{77477AEA-5757-47D8-8B33-939F43D82218}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{D299197D-CDEA-41A6-A363-F532DE4114FD}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}
Windows Live Writer Resources-->MsiExec.exe /X{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}
Windows Live Writer Resources-->MsiExec.exe /X{2511AAD7-82DF-4B97-B0B3-E1B933317010}
Windows Live Writer Resources-->MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194}
Windows Live Writer Resources-->MsiExec.exe /X{6807427D-8D68-4D30-AF5B-0B38F8F948C8}
Windows Live Writer Resources-->MsiExec.exe /X{7FF11E53-C002-4F40-8D68-6BE751E5DD62}
Windows Live Writer Resources-->MsiExec.exe /X{93E464B3-D075-4989-87FD-A828B5C308B1}
Windows Live Writer Resources-->MsiExec.exe /X{C29FC15D-E84B-4EEC-8505-4DED94414C59}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer Resources-->MsiExec.exe /X{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}
Windows Live Writer Resources-->MsiExec.exe /X{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}
Windows Live Writer Resources-->MsiExec.exe /X{F52C5BE7-3F57-464E-8A54-908402E43CE8}
Windows Live Writer-->MsiExec.exe /X{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}
Windows Live Writer-->MsiExec.exe /X{1A82AE99-84D3-486D-BAD6-675982603E14}
Windows Live Writer-->MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F}
Windows Live Writer-->MsiExec.exe /X{48C0DC5E-820A-44F2-890E-29B68EDD3C78}
Windows Live Writer-->MsiExec.exe /X{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}
Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}
Windows Live Writer-->MsiExec.exe /X{804DE397-F82C-4867-9085-E0AA539A3294}
Windows Live Writer-->MsiExec.exe /X{859D4022-B76D-40DE-96EF-C90CDA263F44}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Live Writer-->MsiExec.exe /X{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}
Windows Live Writer-->MsiExec.exe /X{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}
Windows Live Writer-->MsiExec.exe /X{E62E0550-C098-43A2-B54B-03FB1E634483}
Windows Live 影像中心-->MsiExec.exe /X{EEF99142-3357-402C-B298-DEC303E12D92}
Windows Live 程式集-->MsiExec.exe /I{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}
Windows Live-->MsiExec.exe /I{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}
World of Goo-->C:\Program Files (x86)\Asus\Game Park\World of Goo\Uninstall.exe
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις-->MsiExec.exe /I{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}
Συλλογή φωτογραφιών του Windows Live-->MsiExec.exe /X{C00C2A91-6CB3-483F-80B3-2958E29468F1}
Основные компоненты Windows Live-->MsiExec.exe /I{E83DC314-C926-4214-AD58-147691D6FE9F}
Почта Windows Live-->MsiExec.exe /I{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}
Фотоальбом Windows Live-->MsiExec.exe /X{77F69CA1-E53D-4D77-8BA3-FA07606CC851}
Элемент управления Windows Live Mesh ActiveX для удаленных подключений-->MsiExec.exe /I{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}
גלריית התמונות של Windows Live-->MsiExec.exe /X{CE929F09-3853-4180-BD90-30764BFF7136}
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים-->MsiExec.exe /I{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}
بريد Windows Live-->MsiExec.exe /I{0A4C4B29-5A9D-4910-A13C-B920D5758744}
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة-->MsiExec.exe /I{E18B30AA-6E2D-480C-B918-AF61009F4010}
معرض صور Windows Live-->MsiExec.exe /X{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}
適用遠端連線的 Windows Live Mesh ActiveX 控制項-->MsiExec.exe /I{622DE1BE-9EDE-49D3-B349-29D64760342A}

======System event log======

Computer Name: WIN-VRDC5SK5CKV
Event Code: 7040
Message: Režim spuštění služby Windows Search byl změněn z auto start na disabled.
Record Number: 3549
Source Name: Service Control Manager
Time Written: 20120823122656.396651-000
Event Type: Informace
User: ELMO2\Administrator

Computer Name: WIN-VRDC5SK5CKV
Event Code: 1
Message: Došlo ke změně systémového času na hodnotu ‎2012‎-‎08‎-‎23T12:26:53.146000000Z z hodnoty ‎2012‎-‎08‎-‎24T03:26:53.146322200Z.
Record Number: 3548
Source Name: Microsoft-Windows-Kernel-General
Time Written: 20120823122653.146000-000
Event Type: Informace
User: ELMO2\Administrator

Computer Name: WIN-VRDC5SK5CKV
Event Code: 104
Message: Byl vymazán soubor protokolu Setup.
Record Number: 3547
Source Name: Microsoft-Windows-Eventlog
Time Written: 20120823122653.286400-000
Event Type: Informace
User: ELMO2\Administrator

Computer Name: WIN-VRDC5SK5CKV
Event Code: 104
Message: Byl vymazán soubor protokolu Application.
Record Number: 3546
Source Name: Microsoft-Windows-Eventlog
Time Written: 20120823122653.270800-000
Event Type: Informace
User: ELMO2\Administrator

Computer Name: WIN-VRDC5SK5CKV
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 3545
Source Name: Microsoft-Windows-Eventlog
Time Written: 20120823122653.270800-000
Event Type: Informace
User: ELMO2\Administrator

=====Application event log=====

Computer Name: ELMO2
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1947
Source Name: Microsoft-Windows-EventSystem
Time Written: 20120823123012.000000-000
Event Type: Informace
User:

Computer Name: ELMO2
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.


Record Number: 1946
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120823122659.816501-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: WIN-VRDC5SK5CKV
Event Code: 1003
Message: Služba Windows Search byla spuštěna.

Record Number: 1945
Source Name: Microsoft-Windows-Search
Time Written: 20120823122658.000000-000
Event Type: Informace
User:

Computer Name: WIN-VRDC5SK5CKV
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.

Record Number: 1944
Source Name: Microsoft-Windows-Search
Time Written: 20120823122656.000000-000
Event Type: Informace
User:

Computer Name: WIN-VRDC5SK5CKV
Event Code: 103
Message: Windows (4416) Windows: Databázový stroj zastavil instanci (0).
Record Number: 1943
Source Name: ESENT
Time Written: 20120823122656.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: WIN-VRDC5SK5CKV
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-VRDC5SK5CKV$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2c8
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 4243
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120823122658.635287-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-VRDC5SK5CKV
Event Code: 1100
Message: Služba protokolování událostí byla ukončena.
Record Number: 4242
Source Name: Microsoft-Windows-Eventlog
Time Written: 20120823122659.676101-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-VRDC5SK5CKV
Event Code: 4738
Message: Byl změněn uživatelský účet.

Předmět:
ID zabezpečení: S-1-5-21-2563066766-1230321987-857231328-500
Název účtu: Administrator
Doména účtu: WIN-VRDC5SK5CKV
ID přihlášení: 0x413c0

Cílový účet:
ID zabezpečení: S-1-5-21-2563066766-1230321987-857231328-500
Název účtu: Administrator
Doména účtu: WIN-VRDC5SK5CKV

Změněné atributy:
Název účtu SAM: -
Zobrazovaný název: -
Zaregistrovaný název uživatele: -
Domovský adresář: -
Domovská jednotka: -
Cesta skriptu: -
Cesta profilu: -
Pracovní stanice uživatele: -
Poslední nastavení hesla: -
Vypršení platnosti účtu: -
ID primární skupiny: -
Povolené delegování: -
Původní hodnota UAC: 0x211
Nová hodnota UAC: 0x211
Řízení účtu uživatele: -
Parametry uživatele: -
Historie identifikátoru zabezpečení: -
Přihlašovací hodiny: -

Další informace:
Oprávnění: -
Record Number: 4241
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120823122656.084650-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-VRDC5SK5CKV
Event Code: 4616
Message: Systémový čas byl změněn.

Předmět:
ID zabezpečení: S-1-5-21-2563066766-1230321987-857231328-500
Název účtu: Administrator
Doména účtu: WIN-VRDC5SK5CKV
ID přihlášení: 0x413c0

Informace o procesu:
ID procesu: 0xd40
Název: C:\Preload64\Patch\SETTIMEZ.EXE

Předchozí čas: ‎2012‎-‎08‎-‎24T03:26:53.146322200Z
Nový čas: ‎2012‎-‎08‎-‎23T12:26:53.146000000Z

Tato událost je generována, pokud je změněn systémový čas. Je normální, že systémový čas, který používá systémové oprávnění, se mění pravidelně. Jiné změny systémového času mohou označovat pokusy o manipulaci s počítačem.
Record Number: 4240
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120823122653.146000-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-VRDC5SK5CKV
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-2563066766-1230321987-857231328-500
Název účtu: Administrator
Název domény: WIN-VRDC5SK5CKV
ID přihlášení: 0x413c0
Record Number: 4239
Source Name: Microsoft-Windows-Eventlog
Time Written: 20120823122653.270800-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Trend Micro\AMSP;C:\Program Files (x86)\Pinnacle\Shared Files\;C:\Program Files\MATLAB\R2012b\runtime\win64;C:\Program Files\MATLAB\R2012b\bin
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=8
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"configsetroot"=%SystemRoot%\ConfigSetRoot

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119515
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Škodlivé programy

#5 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files (x86)\BitTorrentControl_v12
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2563066766-1230321987-857231328-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2563066766-1230321987-857231328-1001UA.job
C:\ProgramData\Ask
C:\Program Files (x86)\Conduit
C:\Windows\unvise32.exe

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
xPajas
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 zář 2012 22:19

Re: Škodlivé programy

#6 Příspěvek od xPajas »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Pavel at 2012-09-29 15:07:48
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 97 GB (51%) free of 191 GB
Total RAM: 8097 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:07:50, on 29.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\ASUS\APRP\aprp.exe
C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3225826
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - (no file)
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [SessionLogon] C:\ExpressGateUtil\SessionLogon.exe
O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2563066766-1230321987-857231328-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2563066766-1230321987-857231328-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: CyberLink Product - 2012/08/23 20:15:54 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15507 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
taskeng.exe {1AA7B61F-E81F-4855-9CB8-AC0777B5A08A}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files\Trend Micro\Titanium\TiMiniService.exe"
"C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe"
\??\C:\Windows\system32\conhost.exe "-1787130089-50398346141750999614176825245375997618783029851472679810949222537
C:\ExpressGateUtil\VAWinService.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2728
"taskhost.exe"
taskeng.exe {D1423ADF-AAC4-46E2-A53E-D6C38D6D4985}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\P4G\BatteryLife.exe"
taskeng.exe {F38AD706-86E0-43D5-A4DE-28CF4CF1A41D}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 580491EE-FD01-7426-7D18-5283A7423CCC -Reinvoke
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\ASUS\APRP\aprp.exe"
"C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
"C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\ExpressGateUtil\VAWinAgent.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5744.1.664117429\327204804" --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2405 --ignored=" --type=renderer " /prefetch:12
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/NewScoring/OmniboxSearchSuggest/8/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="5744.2.1906077587\1775839268" /prefetch:3
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/NewScoring/OmniboxSearchSuggest/8/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="5744.3.1099182722\200237001" /prefetch:3
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/NewScoring/OmniboxSearchSuggest/8/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="5744.4.125286327\836645509" /prefetch:3
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/NewScoring/OmniboxSearchSuggest/8/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="5744.5.1311062763\312164097" /prefetch:3
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5744.6.293284910\1935120156" --lang=cs --ignored=" --type=renderer " /prefetch:13
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /ArmUpdateExe:"C:\ProgramData\Adobe\ARM\Reader_10.1.0\15961" /MODE:1 /PRODUCT:Reader /VERSION:10 /LANG:CZE
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Pavel\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\MATLAB R2012b Startup Accelerator.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\0habdb41.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\0habdb41.default\extensions\
{7473b6bd-4691-4744-a82b-7854eb3d70b6}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17 235344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll [2010-09-17 264528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll [2010-09-17 185680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-18 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17 234832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-18 157672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VizorHtmlDialog.exe"=C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [2010-10-08 1123664]
"Trend Micro Client Framework"=C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [2010-10-12 192520]
"Trend Micro Titanium"=C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [2010-09-17 322384]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-06-01 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-06-01 391960]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-06-01 419096]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-08-11 324096]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-03-21 2207848]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-13 617120]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-13 379552]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 1271168]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-04-26 3111744]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"Google Update"=C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-25 116648]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe /autorun []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2012-08-24 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-18 11785832]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-04-13 2018032]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [2011-02-23 731472]
"FLxHCIm"=C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [2011-02-25 40448]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [2010-07-10 984400]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]
"SessionLogon"=C:\ExpressGateUtil\SessionLogon.exe []
"VAWinAgent"=C:\ExpressGateUtil\VAWinAgent.exe [2010-08-13 21504]
"RemoteControl10"=C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-11-12 75048]
"UpdatePSTShortCut"=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-11-25 222504]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-05-24 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
Nahoru
xPajas
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 zář 2012 22:19

Re: Škodlivé programy

#7 Příspěvek od xPajas »

======List of files/folders created in the last 3 months======

2012-09-29 15:06:54 ----SHD---- C:\Config.Msi
2012-09-29 15:02:30 ----D---- C:\_OTM
2012-09-26 00:30:54 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-09-25 14:16:48 ----D---- C:\Program Files (x86)\Otočná mapka
2012-09-25 00:10:57 ----D---- C:\Program Files (x86)\uTorrentControl_v2
2012-09-25 00:10:48 ----D---- C:\Program Files (x86)\uTorrent
2012-09-25 00:10:11 ----D---- C:\Users\Pavel\AppData\Roaming\uTorrent
2012-09-24 21:15:33 ----D---- C:\rsit
2012-09-24 21:15:33 ----D---- C:\Program Files (x86)\trend micro
2012-09-24 20:11:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-09-23 03:00:46 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-09-23 03:00:46 ----A---- C:\Windows\system32\mshtmled.dll
2012-09-23 03:00:45 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-09-23 03:00:45 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-09-23 03:00:45 ----A---- C:\Windows\system32\ieUnatt.exe
2012-09-23 03:00:45 ----A---- C:\Windows\system32\ieui.dll
2012-09-23 03:00:44 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-09-23 03:00:44 ----A---- C:\Windows\SYSWOW64\url.dll
2012-09-23 03:00:44 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-09-23 03:00:44 ----A---- C:\Windows\system32\urlmon.dll
2012-09-23 03:00:44 ----A---- C:\Windows\system32\url.dll
2012-09-23 03:00:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-09-23 03:00:43 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-09-23 03:00:43 ----A---- C:\Windows\system32\wininet.dll
2012-09-23 03:00:43 ----A---- C:\Windows\system32\msfeeds.dll
2012-09-23 03:00:43 ----A---- C:\Windows\system32\jscript9.dll
2012-09-23 03:00:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-09-23 03:00:42 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-09-23 03:00:42 ----A---- C:\Windows\system32\vbscript.dll
2012-09-23 03:00:42 ----A---- C:\Windows\system32\jsproxy.dll
2012-09-23 03:00:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-09-23 03:00:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-09-23 03:00:41 ----A---- C:\Windows\system32\jscript.dll
2012-09-23 03:00:41 ----A---- C:\Windows\system32\iertutil.dll
2012-09-23 03:00:40 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-09-23 03:00:39 ----A---- C:\Windows\system32\mshtml.dll
2012-09-23 03:00:35 ----A---- C:\Windows\system32\ieframe.dll
2012-09-23 03:00:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-09-20 10:40:53 ----D---- C:\Program Files\Common Files\Wolfram Research
2012-09-18 18:19:57 ----D---- C:\Program Files (x86)\PANDORA.TV
2012-09-18 18:19:45 ----D---- C:\Program Files (x86)\The KMPlayer
2012-09-18 16:20:41 ----D---- C:\Users\Pavel\AppData\Roaming\Subversion
2012-09-18 16:20:28 ----D---- C:\Users\Pavel\AppData\Roaming\MathWorks
2012-09-18 15:43:36 ----D---- C:\Program Files\MATLAB
2012-09-18 11:43:54 ----D---- C:\ProgramData\Sun
2012-09-18 11:43:47 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-09-18 11:43:47 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-09-18 11:43:47 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-09-18 11:43:42 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-09-18 11:43:42 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-09-18 11:43:42 ----A---- C:\Windows\SYSWOW64\java.exe
2012-09-18 11:43:30 ----D---- C:\Program Files (x86)\Java
2012-09-18 08:42:33 ----D---- C:\Program Files (x86)\Adobe
2012-09-18 08:41:15 ----D---- C:\ProgramData\Adobe
2012-09-17 17:32:23 ----D---- C:\Program Files (x86)\Counter-Strike 1.6 V35
2012-09-17 16:56:31 ----D---- C:\Users\Pavel\AppData\Roaming\GarenaPlus
2012-09-17 16:55:09 ----D---- C:\Program Files (x86)\Garena Plus
2012-09-17 16:55:05 ----D---- C:\ProgramData\GarenaMessenger
2012-09-13 22:45:41 ----D---- C:\Users\Pavel\AppData\Roaming\Mathematica
2012-09-13 22:45:04 ----D---- C:\ProgramData\Mathematica
2012-09-13 22:41:55 ----A---- C:\Windows\SYSWOW64\mlmodule32.dll
2012-09-13 22:41:55 ----A---- C:\Windows\SYSWOW64\ml32i3.dll
2012-09-13 22:41:55 ----A---- C:\Windows\SYSWOW64\ml32i2.dll
2012-09-13 22:41:55 ----A---- C:\Windows\SYSWOW64\ml32i1.dll
2012-09-13 22:41:55 ----A---- C:\Windows\system32\mlmodule64.dll
2012-09-13 22:41:55 ----A---- C:\Windows\system32\ml64i3.dll
2012-09-13 22:41:55 ----A---- C:\Windows\system32\ml64i2.dll
2012-09-13 22:40:38 ----D---- C:\Program Files\Wolfram Research
2012-09-13 17:25:35 ----D---- C:\Users\Pavel\AppData\Roaming\Mozilla
2012-09-13 17:25:21 ----D---- C:\Program Files (x86)\BitTorrent
2012-09-12 18:59:46 ----D---- C:\Users\Pavel\AppData\Roaming\FLEXnet
2012-09-12 18:59:44 ----D---- C:\Users\Pavel\AppData\Roaming\Nuance
2012-09-12 18:59:41 ----D---- C:\Users\Pavel\AppData\Roaming\Zeon
2012-09-12 12:08:01 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-09-12 12:08:00 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-09-12 12:08:00 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-09-12 12:08:00 ----A---- C:\Windows\system32\d3d10level9.dll
2012-09-12 12:07:59 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-09-12 12:07:59 ----A---- C:\Windows\system32\drivers\netio.sys
2012-09-12 12:07:59 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-09-11 13:17:17 ----D---- C:\Program Files (x86)\MSXML 4.0
2012-09-10 22:01:24 ----D---- C:\ProgramData\Pinnacle Studio Ultimate
2012-09-10 21:57:48 ----D---- C:\ProgramData\Studio 15
2012-09-10 21:57:48 ----D---- C:\ProgramData\Pinnacle Studio Plus
2012-09-10 21:57:48 ----D---- C:\Program Files (x86)\Pinnacle
2012-09-10 21:56:15 ----D---- C:\ProgramData\Pinnacle
2012-09-03 16:07:26 ----D---- C:\Users\Pavel\AppData\Roaming\TS3Client
2012-09-01 18:20:09 ----A---- C:\Windows\system32\drivers\bthport.sys
2012-09-01 18:11:42 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2012-09-01 18:11:39 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2012-09-01 18:11:37 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2012-09-01 18:11:32 ----D---- C:\Program Files (x86)\Focus Home Interactive
2012-09-01 11:24:55 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2012-09-01 11:24:55 ----A---- C:\Windows\system32\xmllite.dll
2012-09-01 11:24:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-09-01 11:24:54 ----A---- C:\Windows\system32\srcore.dll
2012-09-01 11:24:52 ----A---- C:\Windows\SYSWOW64\explorer.exe
2012-09-01 11:24:52 ----A---- C:\Windows\explorer.exe
2012-09-01 11:24:49 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-09-01 11:24:49 ----A---- C:\Windows\system32\ntshrui.dll
2012-09-01 11:24:48 ----A---- C:\Windows\system32\tquery.dll
2012-09-01 11:24:48 ----A---- C:\Windows\system32\SearchIndexer.exe
2012-09-01 11:24:48 ----A---- C:\Windows\system32\mssrch.dll
2012-09-01 11:24:47 ----A---- C:\Windows\SYSWOW64\tquery.dll
2012-09-01 11:24:47 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2012-09-01 11:24:47 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2012-09-01 11:24:47 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2012-09-01 11:24:47 ----A---- C:\Windows\SYSWOW64\mssph.dll
2012-09-01 11:24:47 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2012-09-01 11:24:46 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2012-09-01 11:24:46 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2012-09-01 11:24:46 ----A---- C:\Windows\system32\SearchFilterHost.exe
2012-09-01 11:24:46 ----A---- C:\Windows\system32\mssvp.dll
2012-09-01 11:24:46 ----A---- C:\Windows\system32\mssphtb.dll
2012-09-01 11:24:46 ----A---- C:\Windows\system32\mssph.dll
2012-09-01 11:24:45 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2012-09-01 11:24:45 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2012-09-01 11:24:45 ----A---- C:\Windows\system32\msscntrs.dll
2012-09-01 11:24:42 ----A---- C:\Windows\system32\win32spl.dll
2012-09-01 11:24:41 ----A---- C:\Windows\system32\spoolsv.exe
2012-09-01 11:24:40 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-09-01 11:24:40 ----A---- C:\Windows\splwow64.exe
2012-09-01 11:24:39 ----A---- C:\Windows\system32\XpsPrint.dll
2012-09-01 11:24:38 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2012-09-01 11:24:33 ----A---- C:\Windows\system32\profsvc.dll
2012-09-01 11:24:33 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2012-09-01 11:24:32 ----A---- C:\Windows\system32\msi.dll
2012-09-01 11:24:31 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-09-01 11:24:30 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2012-09-01 11:24:30 ----A---- C:\Windows\system32\drivers\usbport.sys
2012-09-01 11:24:30 ----A---- C:\Windows\system32\drivers\usbohci.sys
2012-09-01 11:24:30 ----A---- C:\Windows\system32\drivers\usbhub.sys
2012-09-01 11:24:30 ----A---- C:\Windows\system32\drivers\usbehci.sys
2012-09-01 11:24:30 ----A---- C:\Windows\system32\drivers\usbd.sys
2012-09-01 11:24:30 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2012-09-01 11:24:27 ----A---- C:\Windows\SYSWOW64\esent.dll
2012-09-01 11:24:27 ----A---- C:\Windows\system32\fsutil.exe
2012-09-01 11:24:27 ----A---- C:\Windows\system32\esent.dll
2012-09-01 11:24:27 ----A---- C:\Windows\system32\drivers\storport.sys
2012-09-01 11:24:27 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-09-01 11:24:26 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2012-09-01 11:24:26 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2012-09-01 11:24:26 ----A---- C:\Windows\system32\drivers\nvstor.sys
2012-09-01 11:24:26 ----A---- C:\Windows\system32\drivers\nvraid.sys
2012-09-01 11:24:26 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2012-09-01 11:24:26 ----A---- C:\Windows\system32\drivers\amdxata.sys
2012-09-01 11:24:26 ----A---- C:\Windows\system32\drivers\amdsata.sys
2012-09-01 11:18:15 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2012-09-01 11:18:15 ----A---- C:\Windows\system32\prevhost.exe
2012-09-01 11:07:05 ----D---- C:\Program Files\Common Files\DESIGNER
2012-09-01 11:06:27 ----D---- C:\Program Files\Microsoft Synchronization Services
2012-09-01 11:06:04 ----D---- C:\Program Files\Microsoft Sync Framework
2012-09-01 11:06:04 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-09-01 11:06:04 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-09-01 11:05:08 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-09-01 11:04:42 ----D---- C:\Program Files\Microsoft Analysis Services
2012-09-01 11:04:42 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2012-09-01 11:04:33 ----D---- C:\Program Files (x86)\Microsoft Office
2012-09-01 11:04:31 ----D---- C:\Program Files\Microsoft Office
2012-09-01 11:04:30 ----D---- C:\ProgramData\Microsoft Help
2012-09-01 11:04:21 ----RHD---- C:\MSOCache
2012-08-31 19:30:28 ----D---- C:\Users\Pavel\AppData\Roaming\FastStone
2012-08-31 19:28:42 ----D---- C:\Program Files (x86)\FastStone Image Viewer
2012-08-27 23:58:14 ----D---- C:\ProgramData\TamoSoft
2012-08-27 23:57:48 ----D---- C:\Program Files (x86)\CommViewWiFi
2012-08-27 23:57:48 ----A---- C:\Windows\system32\drivers\ts_athwx.sys
2012-08-26 22:56:06 ----D---- C:\Users\Pavel\AppData\Roaming\QIP
2012-08-25 16:09:38 ----D---- C:\Users\Pavel\AppData\Roaming\Macromedia
2012-08-25 12:54:30 ----A---- C:\Windows\system32\perfi005.dat
2012-08-25 12:54:30 ----A---- C:\Windows\system32\perfh005.dat
2012-08-25 12:54:30 ----A---- C:\Windows\system32\perfd005.dat
2012-08-25 12:54:30 ----A---- C:\Windows\system32\perfc005.dat
2012-08-25 12:53:56 ----D---- C:\Windows\SYSWOW64\cs
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\XPSViewer
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\drivers\cs-CZ
2012-08-25 12:53:48 ----D---- C:\Windows\cs-CZ
2012-08-25 12:53:46 ----D---- C:\Windows\system32\cs
2012-08-25 12:53:35 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-08-24 17:48:35 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2012-08-24 15:12:03 ----D---- C:\Windows\SYSWOW64\Wat
2012-08-24 15:12:03 ----D---- C:\Windows\system32\Wat
2012-08-24 12:26:12 ----A---- C:\Windows\system32\browserchoice.exe
2012-08-24 12:19:09 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2012-08-24 12:19:09 ----A---- C:\Windows\system32\imagehlp.dll
2012-08-24 12:19:09 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-08-24 12:19:08 ----A---- C:\Windows\SYSWOW64\wmi.dll
2012-08-24 12:19:08 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-08-24 12:19:08 ----A---- C:\Windows\system32\wmi.dll
2012-08-24 12:19:08 ----A---- C:\Windows\system32\wintrust.dll
2012-08-24 12:12:56 ----A---- C:\Windows\system32\MRT.exe
2012-08-24 11:37:41 ----A---- C:\Windows\system32\odbctrac.dll
2012-08-24 11:37:41 ----A---- C:\Windows\system32\odbccu32.dll
2012-08-24 11:37:41 ----A---- C:\Windows\system32\odbccr32.dll
2012-08-24 11:37:41 ----A---- C:\Windows\system32\odbccp32.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2012-08-24 11:37:37 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-08-24 11:37:37 ----A---- C:\Windows\system32\DWrite.dll
2012-08-24 11:37:29 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2012-08-24 11:37:29 ----A---- C:\Windows\system32\poqexec.exe
2012-08-24 11:37:28 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-08-24 11:37:28 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-08-24 11:37:28 ----A---- C:\Windows\system32\quartz.dll
2012-08-24 11:37:27 ----A---- C:\Windows\system32\qdvd.dll
2012-08-24 11:37:27 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2012-08-24 11:37:27 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2012-08-24 11:37:27 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2012-08-24 11:37:24 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-08-24 11:37:24 ----A---- C:\Windows\system32\webio.dll
2012-08-24 11:37:22 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-08-24 11:37:22 ----A---- C:\Windows\system32\msxml6.dll
2012-08-24 11:37:22 ----A---- C:\Windows\system32\msxml3.dll
2012-08-24 11:37:21 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-08-24 11:37:21 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-08-24 11:37:21 ----A---- C:\Windows\system32\msxml3r.dll
2012-08-24 11:37:20 ----A---- C:\Windows\system32\csrsrv.dll
2012-08-24 11:37:14 ----A---- C:\Windows\system32\shell32.dll
2012-08-24 11:37:12 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-08-24 11:37:11 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-08-24 11:37:11 ----A---- C:\Windows\system32\rdpwsx.dll
2012-08-24 11:37:11 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-08-24 11:37:10 ----A---- C:\Windows\system32\schannel.dll
2012-08-24 11:37:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-08-24 11:37:10 ----A---- C:\Windows\system32\drivers\cng.sys
2012-08-24 11:37:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-08-24 11:37:09 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-08-24 11:37:09 ----A---- C:\Windows\system32\sspicli.dll
2012-08-24 11:37:09 ----A---- C:\Windows\system32\ncrypt.dll
2012-08-24 11:37:09 ----A---- C:\Windows\system32\lsass.exe
2012-08-24 11:37:09 ----A---- C:\Windows\system32\lsasrv.dll
2012-08-24 11:37:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-08-24 11:37:08 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-08-24 11:37:08 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-08-24 11:37:08 ----A---- C:\Windows\system32\sspisrv.dll
2012-08-24 11:37:08 ----A---- C:\Windows\system32\secur32.dll
2012-08-24 11:37:02 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-08-24 11:37:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-08-24 11:37:00 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-08-24 11:35:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2012-08-24 11:35:56 ----A---- C:\Windows\system32\drivers\srv2.sys
2012-08-24 11:35:56 ----A---- C:\Windows\system32\drivers\srv.sys
2012-08-24 11:35:54 ----A---- C:\Windows\system32\psisdecd.dll
2012-08-24 11:35:53 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2012-08-24 11:35:52 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-08-24 11:35:51 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-08-24 11:35:51 ----A---- C:\Windows\system32\drivers\afd.sys
2012-08-24 11:35:47 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-08-24 11:35:47 ----A---- C:\Windows\system32\cryptsvc.dll
2012-08-24 11:35:47 ----A---- C:\Windows\system32\cryptnet.dll
2012-08-24 11:35:47 ----A---- C:\Windows\system32\crypt32.dll
2012-08-24 11:35:46 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-08-24 11:35:46 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-08-24 11:35:40 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-08-24 11:35:40 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-08-24 11:35:40 ----A---- C:\Windows\system32\netapi32.dll
2012-08-24 11:35:40 ----A---- C:\Windows\system32\browser.dll
2012-08-24 11:35:40 ----A---- C:\Windows\system32\browcli.dll
2012-08-24 11:35:36 ----A---- C:\Windows\system32\KernelBase.dll
2012-08-24 11:35:36 ----A---- C:\Windows\system32\kernel32.dll
2012-08-24 11:35:35 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-08-24 11:35:35 ----A---- C:\Windows\system32\wow64win.dll
2012-08-24 11:35:35 ----A---- C:\Windows\system32\winsrv.dll
2012-08-24 11:35:35 ----A---- C:\Windows\system32\conhost.exe
2012-08-24 11:35:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-24 11:35:34 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-24 11:35:34 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-08-24 11:35:34 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-08-24 11:35:34 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-08-24 11:35:34 ----A---- C:\Windows\system32\wow64.dll
2012-08-24 11:35:34 ----A---- C:\Windows\system32\ntvdm64.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-24 11:35:33 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-08-24 11:35:33 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-08-24 11:35:33 ----A---- C:\Windows\system32\wow64cpu.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-24 11:35:31 ----A---- C:\Windows\SYSWOW64\user.exe
2012-08-24 11:35:28 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2012-08-24 11:35:28 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2012-08-24 11:35:28 ----A---- C:\Windows\SYSWOW64\devobj.dll
2012-08-24 11:35:28 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2012-08-24 11:35:28 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-08-24 11:35:16 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2012-08-24 11:35:16 ----A---- C:\Windows\system32\inetcomm.dll
2012-08-24 11:35:15 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-08-24 11:35:15 ----A---- C:\Windows\system32\msvcrt.dll
2012-08-24 11:35:12 ----A---- C:\Windows\system32\win32k.sys
2012-08-24 11:35:11 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2012-08-24 11:35:11 ----A---- C:\Windows\system32\oleacc.dll
2012-08-24 11:35:11 ----A---- C:\Windows\system32\localspl.dll
2012-08-24 11:35:10 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2012-08-24 11:35:10 ----A---- C:\Windows\system32\oleaut32.dll
2012-08-24 11:35:09 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2012-08-24 11:35:09 ----A---- C:\Windows\system32\EncDec.dll
2012-08-24 11:35:03 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-08-24 11:35:03 ----A---- C:\Windows\system32\tzres.dll
2012-08-24 11:34:52 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-08-24 11:34:51 ----A---- C:\Windows\system32\cdosys.dll
2012-08-24 11:34:49 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-08-24 11:34:49 ----A---- C:\Windows\system32\ntdll.dll
2012-08-24 11:34:48 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-08-24 11:34:48 ----A---- C:\Windows\system32\packager.dll
2012-08-24 11:16:58 ----D---- C:\Windows\Minidump
2012-08-24 05:48:38 ----A---- C:\Windows\AsToolCDVer.txt
2012-08-24 05:48:38 ----A---- C:\Windows\AsRunBar.txt
2012-08-24 05:48:12 ----D---- C:\eSupport
2012-08-24 05:46:39 ----D---- C:\WIMAPPLY
2012-08-24 05:26:52 ----A---- C:\devlist.txt
2012-08-24 05:18:48 ----A---- C:\Windows\AsChkDev.txt
2012-08-24 05:14:52 ----A---- C:\Windows\SYSWOW64\msxml3a.dll
2012-08-24 05:14:52 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2012-08-24 05:14:52 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2012-08-24 05:11:00 ----D---- C:\Program Files (x86)\CyberLink
2012-08-24 05:10:59 ----D---- C:\ProgramData\Temp
2012-08-24 05:10:59 ----D---- C:\ProgramData\CyberLink
2012-08-24 05:10:07 ----HD---- C:\ExpressGateUtil
2012-08-24 05:08:57 ----D---- C:\Program Files\ASUS
2012-08-24 05:08:57 ----A---- C:\Windows\system32\ServiceFilter.ini
2012-08-24 05:08:57 ----A---- C:\Windows\system32\RemoveFont.ini
2012-08-24 05:08:57 ----A---- C:\Windows\system32\FBAgent.exe
2012-08-24 05:08:57 ----A---- C:\Windows\system32\FastBoot.ini
2012-08-24 05:08:57 ----A---- C:\Windows\system32\Defrag.ini
2012-08-24 05:08:57 ----A---- C:\Windows\system32\BootTime.ini
2012-08-24 05:08:57 ----A---- C:\Windows\system32\AutoRunFilter.ini
2012-08-24 05:08:46 ----D---- C:\Windows\SYSWOW64\ASUS_Screensaver dir
2012-08-24 05:08:46 ----A---- C:\Windows\SYSWOW64\ASUS_Screensaver.scr
2012-08-24 05:08:44 ----A---- C:\Windows\AsScrPro.exe
2012-08-24 05:08:43 ----A---- C:\Windows\SYSWOW64\ACEngSvr.exe
2012-08-24 05:08:36 ----D---- C:\ProgramData\P4G
2012-08-24 05:08:36 ----D---- C:\Program Files\P4G
2012-08-24 05:06:27 ----D---- C:\Program Files (x86)\Bluetooth Suite
2012-08-24 05:05:20 ----D---- C:\Program Files (x86)\Atheros
2012-08-24 05:05:20 ----A---- C:\Windows\system32\athrx.sys
2012-08-24 05:05:14 ----D---- C:\ProgramData\Atheros
2012-08-24 05:03:50 ----A---- C:\Windows\system32\RTNUninst64.dll
2012-08-24 05:03:50 ----A---- C:\Windows\system32\RtNicProp64.dll
2012-08-24 05:03:50 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2012-08-24 05:03:07 ----D---- C:\ProgramData\SonicFocus
2012-08-24 05:03:05 ----D---- C:\Windows\SYSWOW64\RTCOM
2012-08-24 05:03:05 ----D---- C:\Program Files\Realtek
2012-08-24 05:02:59 ----N---- C:\Windows\system32\drivers\SamSfPa.dat
2012-08-24 05:02:58 ----A---- C:\Windows\system32\WavesGUILib.dll
2012-08-24 05:02:57 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SRSWOW64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SRSTSX64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SRSTSH64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SRSHP64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFSAPO64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFProc64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFNHK64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFHAPO64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFDAPO64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFComm64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFCOM64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFAPO64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RtPgEx64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RtkCfg64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RtkAPO64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RtkApi64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RTEEP64A.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RTEEL64A.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RTEEG64A.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RTEED64A.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RTCOM64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RP3DHT64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RP3DAA64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RCoRes64.dat
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RCoInst64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2012-08-24 05:02:56 ----N---- C:\Windows\RtlExUpd.dll
2012-08-24 05:02:56 ----HD---- C:\Program Files (x86)\Temp
2012-08-24 05:02:56 ----D---- C:\Program Files (x86)\Realtek
2012-08-24 05:02:56 ----A---- C:\Windows\system32\FMAPO64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\AERTAR64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\AERTAC64.dll
2012-08-24 05:02:36 ----D---- C:\ProgramData\AmUStor
2012-08-24 05:02:36 ----D---- C:\Program Files (x86)\AmIcoSingLun
2012-08-24 05:02:31 ----D---- C:\Program Files\Elantech
2012-08-24 05:01:40 ----A---- C:\Windows\AsPatch10430001.exe
2012-08-24 05:01:35 ----D---- C:\Program Files\Fresco Logic Inc
2012-08-24 05:00:43 ----A---- C:\Windows\system32\drivers\IntelMEFWVer.dll
2012-08-24 05:00:41 ----A---- C:\Windows\SYSWOW64\log.txt
2012-08-24 05:00:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-08-24 05:00:37 ----A---- C:\Windows\system32\drivers\HECIx64.sys
2012-08-24 05:00:31 ----D---- C:\Windows\SYSWOW64\NV
2012-08-24 05:00:31 ----D---- C:\Windows\system32\NV
2012-08-24 04:59:43 ----D---- C:\ProgramData\NVIDIA
2012-08-24 04:59:04 ----D---- C:\ProgramData\NVIDIA Corporation
2012-08-24 04:59:02 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\nvoptimusmft.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\OpenCL.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvwgf2umx.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvumdshimx.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvoptimusmft.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvoglv64.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvinitx.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvgenco642040.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvdispco642090.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvdecodemft.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvd3dumx.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2012-08-24 04:58:54 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2012-08-24 04:58:53 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2012-08-24 04:58:53 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2012-08-24 04:58:53 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2012-08-24 04:58:53 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2012-08-24 04:58:53 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2012-08-24 04:58:53 ----A---- C:\Windows\system32\nvcuvid.dll
2012-08-24 04:58:53 ----A---- C:\Windows\system32\nvcuvenc.dll
2012-08-24 04:58:53 ----A---- C:\Windows\system32\nvcuda.dll
2012-08-24 04:58:53 ----A---- C:\Windows\system32\nvcompiler.dll
2012-08-24 04:58:53 ----A---- C:\Windows\system32\nvapi64.dll
2012-08-24 04:58:12 ----D---- C:\Program Files\NVIDIA Corporation
2012-08-24 04:58:11 ----D---- C:\NvidiaLogs
2012-08-24 04:57:15 ----D---- C:\ProgramData\Intel
2012-08-24 04:56:08 ----D---- C:\Program Files\Common Files\Intel
2012-08-24 04:54:20 ----D---- C:\Program Files (x86)\Intel
2012-08-24 04:54:20 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2012-08-24 04:54:16 ----D---- C:\Intel
2012-08-24 04:52:49 ----D---- C:\Windows\SoftwareDistribution
2012-08-24 04:49:03 ----ASH---- C:\hiberfil.sys
2012-08-24 04:49:02 ----SHD---- C:\System Volume Information
2012-08-24 04:49:02 ----ASH---- C:\pagefile.sys
2012-08-23 22:58:32 ----D---- C:\Users\Pavel\AppData\Roaming\WinRAR
2012-08-23 22:58:26 ----D---- C:\Program Files\WinRAR
2012-08-23 22:57:41 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2012-08-23 22:57:41 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2012-08-23 22:57:05 ----D---- C:\Program Files (x86)\Winamp Detect
2012-08-23 22:56:52 ----D---- C:\Users\Pavel\AppData\Roaming\Winamp
2012-08-23 22:56:52 ----D---- C:\Program Files (x86)\Winamp
2012-08-23 22:55:24 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2012-08-23 22:54:07 ----D---- C:\Users\Pavel\AppData\Roaming\Skype
2012-08-23 22:54:01 ----RD---- C:\Program Files (x86)\Skype
2012-08-23 22:53:59 ----D---- C:\ProgramData\Skype
2012-08-23 21:47:02 ----N---- C:\Windows\system32\MpSigStub.exe
2012-08-23 21:46:34 ----D---- C:\Users\Pavel\AppData\Roaming\.purple
2012-08-23 21:46:06 ----D---- C:\Program Files (x86)\Pidgin
2012-08-23 21:44:43 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2012-08-23 21:44:40 ----D---- C:\Users\Pavel\AppData\Roaming\DAEMON Tools Pro
2012-08-23 21:44:38 ----D---- C:\Program Files (x86)\DAEMON Tools Pro
2012-08-23 21:43:59 ----D---- C:\ProgramData\DAEMON Tools Pro
2012-08-23 21:42:45 ----D---- C:\Program Files\7-Zip
2012-08-23 21:36:29 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-08-23 21:36:28 ----D---- C:\Program Files (x86)\Microsoft Security Client
2012-08-23 21:36:26 ----D---- C:\Program Files\Microsoft Security Client
2012-08-23 21:34:15 ----D---- C:\Users\Pavel\AppData\Roaming\Adobe
2012-08-23 20:49:32 ----A---- C:\Windows\system32\drivers\athrx.sys
2012-08-23 20:49:11 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-08-23 20:49:11 ----A---- C:\Windows\system32\rdpcore.dll
2012-08-23 20:49:11 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-08-23 20:41:44 ----A---- C:\Windows\system32\wups2.dll
2012-08-23 20:41:44 ----A---- C:\Windows\system32\wuauclt.exe
2012-08-23 20:41:43 ----A---- C:\Windows\system32\wucltux.dll
2012-08-23 20:41:43 ----A---- C:\Windows\system32\wuaueng.dll
2012-08-23 20:41:24 ----A---- C:\Windows\system32\wups.dll
2012-08-23 20:41:24 ----A---- C:\Windows\system32\wudriver.dll
2012-08-23 20:41:24 ----A---- C:\Windows\system32\wuapi.dll
2012-08-23 20:41:20 ----A---- C:\Windows\system32\wuwebv.dll
2012-08-23 20:41:20 ----A---- C:\Windows\system32\wuapp.exe
2012-08-23 20:39:36 ----D---- C:\Users\Pavel\AppData\Roaming\ASUS WebStorage
2012-08-23 20:36:52 ----D---- C:\Users\Pavel\AppData\Roaming\Identities
2012-08-23 20:36:47 ----D---- C:\Users\Pavel\AppData\Roaming\Google
2012-08-23 20:36:39 ----A---- C:\Windows\system32\acovcnt.exe
2012-08-23 20:36:37 ----D---- C:\ProgramData\FolderView
2012-08-23 20:36:36 ----HD---- C:\ASUS.DAT
2012-08-23 20:36:33 ----SD---- C:\Users\Pavel\AppData\Roaming\Microsoft
2012-08-23 20:36:33 ----D---- C:\Users\Pavel\AppData\Roaming\Media Center Programs

======List of files/folders modified in the last 3 months======

2012-09-29 15:07:50 ----D---- C:\Program Files\Trend Micro
2012-09-29 15:07:24 ----SHD---- C:\Windows\Installer
2012-09-29 15:07:10 ----D---- C:\Windows\Temp
2012-09-29 15:06:42 ----D---- C:\Windows\SysWOW64
2012-09-29 15:05:25 ----D---- C:\Windows\system32\config
2012-09-29 15:05:03 ----D---- C:\Windows\Prefetch
2012-09-29 15:04:35 ----D---- C:\Windows\system32\Tasks
2012-09-29 15:04:16 ----D---- C:\Windows\system32\drivers
2012-09-29 15:02:31 ----RD---- C:\Program Files (x86)
2012-09-29 15:02:31 ----HD---- C:\ProgramData
2012-09-29 15:02:31 ----D---- C:\Windows\Tasks
2012-09-29 15:02:31 ----D---- C:\Windows
2012-09-26 03:00:29 ----D---- C:\Windows\winsxs
2012-09-26 03:00:27 ----AD---- C:\Windows\System32
2012-09-26 00:30:48 ----D---- C:\Windows\system32\catroot
2012-09-23 03:19:38 ----D---- C:\Windows\system32\wdi
2012-09-23 03:16:41 ----D---- C:\Windows\SYSWOW64\migration
2012-09-23 03:16:41 ----D---- C:\Windows\system32\migration
2012-09-23 03:16:41 ----D---- C:\Program Files\Internet Explorer
2012-09-23 03:16:41 ----D---- C:\Program Files (x86)\Internet Explorer
2012-09-23 03:01:15 ----D---- C:\Windows\system32\catroot2
2012-09-21 14:47:27 ----RSD---- C:\Windows\Fonts
2012-09-20 10:40:53 ----D---- C:\Program Files\Common Files
2012-09-20 10:40:52 ----D---- C:\Program Files (x86)\Common Files
2012-09-18 16:11:16 ----RSD---- C:\Windows\assembly
2012-09-18 15:43:36 ----RD---- C:\Program Files
2012-09-18 15:38:55 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-09-17 17:25:01 ----D---- C:\Windows\inf
2012-09-17 17:25:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-09-13 11:41:07 ----D---- C:\Windows\system32\DriverStore
2012-09-12 18:59:44 ----D---- C:\ProgramData\Nuance
2012-09-03 16:27:53 ----D---- C:\Windows\Microsoft.NET
2012-09-01 22:35:51 ----D---- C:\Windows\SYSWOW64\en-US
2012-09-01 22:35:51 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-09-01 22:35:51 ----D---- C:\Windows\system32\en-US
2012-09-01 22:35:51 ----D---- C:\Windows\system32\cs-CZ
2012-09-01 22:35:51 ----D---- C:\Windows\AppPatch
2012-09-01 18:19:22 ----A---- C:\Windows\win.ini
2012-09-01 18:15:33 ----D---- C:\Program Files\Common Files\System
2012-09-01 11:07:06 ----D---- C:\Windows\ShellNew
2012-09-01 11:06:18 ----D---- C:\Program Files (x86)\MSBuild
2012-09-01 11:06:04 ----SD---- C:\ProgramData\Microsoft
2012-08-25 12:53:59 ----D---- C:\Program Files\Windows Sidebar
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Media Player
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Mail
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Defender
2012-08-25 12:53:58 ----D---- C:\Windows\servicing
2012-08-25 12:53:58 ----D---- C:\Program Files\Windows Photo Viewer
2012-08-25 12:53:58 ----D---- C:\Program Files\Windows Media Player
2012-08-25 12:53:58 ----D---- C:\Program Files\Windows Mail
2012-08-25 12:53:58 ----D---- C:\Program Files\Windows Journal
2012-08-25 12:53:58 ----D---- C:\Program Files\Windows Defender
2012-08-25 12:53:58 ----D---- C:\Program Files\DVD Maker
2012-08-25 12:53:56 ----D---- C:\Windows\SYSWOW64\winrm
2012-08-25 12:53:56 ----D---- C:\Windows\SYSWOW64\slmgr
2012-08-25 12:53:56 ----D---- C:\Windows\SYSWOW64\migwiz
2012-08-25 12:53:56 ----D---- C:\Windows\ehome
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\WCN
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\wbem
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\MUI
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\DriverStore
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\drivers
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\Dism
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\com
2012-08-25 12:53:48 ----D---- C:\Windows\IME
2012-08-25 12:53:47 ----D---- C:\Windows\system32\winrm
2012-08-25 12:53:47 ----D---- C:\Windows\system32\sysprep
2012-08-25 12:53:47 ----D---- C:\Windows\system32\oobe
2012-08-25 12:53:47 ----D---- C:\Windows\system32\migwiz
2012-08-25 12:53:47 ----D---- C:\Windows\PolicyDefinitions
2012-08-25 12:53:46 ----D---- C:\Windows\system32\slmgr
2012-08-25 12:53:46 ----D---- C:\Windows\system32\Boot
2012-08-25 12:53:35 ----D---- C:\Windows\system32\WCN
2012-08-25 12:53:35 ----D---- C:\Windows\system32\MUI
2012-08-25 12:53:35 ----D---- C:\Windows\system32\drivers\UMDF
2012-08-25 12:53:35 ----D---- C:\Windows\system32\Dism
2012-08-25 12:53:33 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2012-08-25 12:53:32 ----D---- C:\Windows\system32\wbem
2012-08-25 12:53:32 ----D---- C:\Windows\system32\com
2012-08-25 11:26:02 ----D---- C:\Windows\rescache
2012-08-25 01:24:24 ----D---- C:\Windows\SYSWOW64\sysprep
2012-08-25 01:24:24 ----D---- C:\Windows\SYSWOW64\es-ES
2012-08-25 01:24:24 ----D---- C:\Windows\SYSWOW64\drivers\UMDF
2012-08-25 01:24:11 ----D---- C:\Windows\system32\es-ES
2012-08-25 01:24:06 ----D---- C:\Windows\es-ES
2012-08-25 01:23:53 ----D---- C:\Windows\SYSWOW64\ru-RU
2012-08-25 01:23:44 ----D---- C:\Windows\system32\ru-RU
2012-08-25 01:23:28 ----D---- C:\Windows\pt-PT
2012-08-25 01:23:27 ----D---- C:\Windows\SYSWOW64\pt-PT
2012-08-25 01:23:20 ----D---- C:\Windows\system32\pt-PT
2012-08-25 01:22:56 ----D---- C:\Windows\it-IT
2012-08-25 01:22:54 ----D---- C:\Windows\SYSWOW64\oobe
2012-08-25 01:22:54 ----D---- C:\Windows\SYSWOW64\it-IT
2012-08-25 01:22:46 ----D---- C:\Windows\SYSWOW64\Setup
2012-08-25 01:22:44 ----D---- C:\Windows\system32\it-IT
2012-08-25 01:22:36 ----D---- C:\Windows\system32\Setup
2012-08-25 01:22:15 ----D---- C:\Windows\SYSWOW64\zh-TW
2012-08-25 01:22:07 ----D---- C:\Windows\zh-TW
2012-08-25 01:22:06 ----D---- C:\Windows\system32\zh-TW
2012-08-25 01:22:06 ----D---- C:\Windows\Globalization
2012-08-24 21:08:45 ----D---- C:\Windows\SYSWOW64\he-IL
2012-08-24 21:08:38 ----D---- C:\Windows\system32\he-IL
2012-08-24 21:06:37 ----D---- C:\Windows\SYSWOW64\el-GR
2012-08-24 21:06:30 ----D---- C:\Windows\system32\el-GR
2012-08-24 21:04:17 ----D---- C:\Windows\SYSWOW64\de-DE
2012-08-24 21:04:17 ----D---- C:\Windows\de-DE
2012-08-24 21:04:10 ----D---- C:\Windows\system32\de-DE
2012-08-24 21:01:54 ----D---- C:\Windows\fr-FR
2012-08-24 21:01:53 ----D---- C:\Windows\SYSWOW64\fr-FR
2012-08-24 21:01:46 ----D---- C:\Windows\system32\fr-FR
2012-08-24 21:00:00 ----D---- C:\Windows\SYSWOW64\nl-NL
2012-08-24 21:00:00 ----D---- C:\Windows\nl-NL
2012-08-24 20:59:59 ----D---- C:\Windows\system32\nl-NL
2012-08-24 20:57:54 ----D---- C:\Windows\SYSWOW64\ar-SA
2012-08-24 20:57:44 ----D---- C:\Windows\system32\ar-SA
2012-08-24 20:54:54 ----D---- C:\Windows\Logs
2012-08-24 15:13:23 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-08-24 12:12:57 ----D---- C:\Windows\debug
2012-08-24 05:48:18 ----D---- C:\Windows\ASUS
2012-08-24 05:26:48 ----D---- C:\Windows\Log
2012-08-24 04:59:34 ----D---- C:\Windows\Help
2012-08-23 20:58:21 ----D---- C:\Windows\system32\LogFiles
2012-08-23 20:50:39 ----D---- C:\ProgramData\Partner
2012-08-23 20:50:39 ----D---- C:\Program Files\Google
2012-08-23 20:50:39 ----D---- C:\Program Files (x86)\Google
2012-08-23 20:49:22 ----D---- C:\Program Files (x86)\ASUS
2012-08-23 20:41:29 ----D---- C:\Program Files (x86)\Microsoft
2012-08-23 20:40:06 ----D---- C:\Windows\system32\restore
2012-08-23 20:39:37 ----D---- C:\ProgramData\ChangeFolderView
2012-08-23 20:38:30 ----D---- C:\ProgramData\Trend Micro
2012-08-23 20:36:50 ----SHD---- C:\$Recycle.Bin
2012-08-23 20:36:33 ----RD---- C:\Users
2012-08-23 20:35:28 ----SHD---- C:\Recovery
2012-08-23 20:35:28 ----D---- C:\Windows\system32\Recovery
2012-08-23 14:26:59 ----D---- C:\Windows\Panther

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 203888]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-03-08 25960]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-23 283200]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2010-09-17 105552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2010-09-17 90704]
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2010-09-17 144464]
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-10-07 2770944]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\DRIVERS\FLxHCIc.sys [2011-02-25 302592]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver; C:\Windows\system32\DRIVERS\FLxHCIh.sys [2011-02-25 81920]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-05-24 12259712]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-22 2815976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TS_AR5416;[CommView] Atheros AR5008 Wireless Network Adapter Service 7.7; C:\Windows\system32\DRIVERS\ts_athwx.sys [2010-03-02 2103336]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-01-25 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 12600]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-06 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-14 2009704]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 VideAceWindowsService;VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [2010-08-21 77312]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-04-17 247152]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/08/23 20:15:54; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-13 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-17 267480]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-24 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119515
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Škodlivé programy

#8 Příspěvek od Rudy »

OTM nemazal. Zkuste to ještě jednou a před skenem vypněte antivir. V pravém okně OTM se při mazání musí zobrazovat průběh.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
xPajas
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 zář 2012 22:19

Re: Škodlivé programy

#9 Příspěvek od xPajas »

All processes killed
========== FILES ==========
File/Folder C:\Program Files (x86)\BitTorrentControl_v12 not found.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2563066766-1230321987-857231328-1001Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2563066766-1230321987-857231328-1001UA.job moved successfully.
C:\ProgramData\Ask\APN-Stub\PTV\Local folder moved successfully.
C:\ProgramData\Ask\APN-Stub\PTV folder moved successfully.
C:\ProgramData\Ask\APN-Stub folder moved successfully.
C:\ProgramData\Ask folder moved successfully.
C:\Program Files (x86)\Conduit\Community Alerts folder moved successfully.
C:\Program Files (x86)\Conduit folder moved successfully.
C:\Windows\unvise32.exe moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Pavel
->Temp folder emptied: 7403367273 bytes
->Temporary Internet Files folder emptied: 8347686 bytes
->Java cache emptied: 779270 bytes
->FireFox cache emptied: 19892340 bytes
->Google Chrome cache emptied: 257942508 bytes
->Flash cache emptied: 1393 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 282141944 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 7,603.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Pavel
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 09292012_150230

Files moved on Reboot...
C:\Users\Pavel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Něco se přesunulo, něco se nenašlo.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119515
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Škodlivé programy

#10 Příspěvek od Rudy »

OK. Dvouklikem na soubor C:\Program Files\trend micro\Pavel.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3225826
R3 - URLSearchHook: (no name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - (no file)
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakobec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
xPajas
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 zář 2012 22:19

Re: Škodlivé programy

#11 Příspěvek od xPajas »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Pavel at 2012-09-29 19:30:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 95 GB (50%) free of 191 GB
Total RAM: 8097 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:30:36, on 29.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2563066766-1230321987-857231328-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2563066766-1230321987-857231328-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: CyberLink Product - 2012/08/23 20:15:54 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14738 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
taskeng.exe {D9F80B56-0374-4305-B675-77EFA4BA5585}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files\Trend Micro\Titanium\TiMiniService.exe"
C:\ExpressGateUtil\VAWinService.exe
"C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe"
\??\C:\Windows\system32\conhost.exe "1758340769-1656080537-1709581901-320007517-323961387-1614765743-873781707-1382606471
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2512
"taskhost.exe"
taskeng.exe {E15FBCF7-4ED8-4F8C-9721-D8205D5CE0E9}
"C:\Program Files\Microsoft Security Client\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey FB38178F-25F4-FF6C-2A05-292700AAA9E5 -Reinvoke
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\P4G\BatteryLife.exe"
taskeng.exe {11D75466-9E9D-4C02-AA68-6E936C27932C}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\AsScrPro.exe"
"C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
"C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\ExpressGateUtil\VAWinAgent.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
ATKOSD.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6544.1.1406766244\865901110" --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2405 --ignored=" --type=renderer " /prefetch:12
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/NewScoring/OmniboxSearchSuggest/8/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="6544.2.1138420922\1536743137" /prefetch:3
"C:\Program Files (x86)\Pidgin\pidgin.exe"
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/NewScoring/OmniboxSearchSuggest/8/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="6544.3.402008553\1345037202" /prefetch:3
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Pavel\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\MATLAB R2012b Startup Accelerator.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\0habdb41.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\0habdb41.default\extensions\
{7473b6bd-4691-4744-a82b-7854eb3d70b6}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17 235344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll [2010-09-17 264528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll [2010-09-17 185680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-18 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17 234832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-18 157672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VizorHtmlDialog.exe"=C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [2010-10-08 1123664]
"Trend Micro Client Framework"=C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [2010-10-12 192520]
"Trend Micro Titanium"=C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [2010-09-17 322384]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-06-01 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-06-01 391960]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-06-01 419096]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-08-11 324096]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-03-21 2207848]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-13 617120]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-13 379552]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 1271168]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-04-26 3111744]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"Google Update"=C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-25 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2012-08-24 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-18 11785832]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-04-13 2018032]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [2011-02-23 731472]
"FLxHCIm"=C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [2011-02-25 40448]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [2010-07-10 984400]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]
"VAWinAgent"=C:\ExpressGateUtil\VAWinAgent.exe [2010-08-13 21504]
"RemoteControl10"=C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-11-12 75048]
"UpdatePSTShortCut"=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-11-25 222504]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-05-24 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
Nahoru
xPajas
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 zář 2012 22:19

Re: Škodlivé programy

#12 Příspěvek od xPajas »

======List of files/folders created in the last 3 months======

2012-09-29 19:30:32 ----D---- C:\rsit
2012-09-29 19:21:49 ----D---- C:\Program Files\CCleaner
2012-09-29 15:06:54 ----SHD---- C:\Config.Msi
2012-09-26 00:30:54 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-09-25 14:16:48 ----D---- C:\Program Files (x86)\Otočná mapka
2012-09-25 00:10:57 ----D---- C:\Program Files (x86)\uTorrentControl_v2
2012-09-25 00:10:48 ----D---- C:\Program Files (x86)\uTorrent
2012-09-25 00:10:11 ----D---- C:\Users\Pavel\AppData\Roaming\uTorrent
2012-09-24 21:15:33 ----D---- C:\Program Files (x86)\trend micro
2012-09-24 20:11:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-09-23 03:00:46 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-09-23 03:00:46 ----A---- C:\Windows\system32\mshtmled.dll
2012-09-23 03:00:45 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-09-23 03:00:45 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-09-23 03:00:45 ----A---- C:\Windows\system32\ieUnatt.exe
2012-09-23 03:00:45 ----A---- C:\Windows\system32\ieui.dll
2012-09-23 03:00:44 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-09-23 03:00:44 ----A---- C:\Windows\SYSWOW64\url.dll
2012-09-23 03:00:44 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-09-23 03:00:44 ----A---- C:\Windows\system32\urlmon.dll
2012-09-23 03:00:44 ----A---- C:\Windows\system32\url.dll
2012-09-23 03:00:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-09-23 03:00:43 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-09-23 03:00:43 ----A---- C:\Windows\system32\wininet.dll
2012-09-23 03:00:43 ----A---- C:\Windows\system32\msfeeds.dll
2012-09-23 03:00:43 ----A---- C:\Windows\system32\jscript9.dll
2012-09-23 03:00:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-09-23 03:00:42 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-09-23 03:00:42 ----A---- C:\Windows\system32\vbscript.dll
2012-09-23 03:00:42 ----A---- C:\Windows\system32\jsproxy.dll
2012-09-23 03:00:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-09-23 03:00:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-09-23 03:00:41 ----A---- C:\Windows\system32\jscript.dll
2012-09-23 03:00:41 ----A---- C:\Windows\system32\iertutil.dll
2012-09-23 03:00:40 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-09-23 03:00:39 ----A---- C:\Windows\system32\mshtml.dll
2012-09-23 03:00:35 ----A---- C:\Windows\system32\ieframe.dll
2012-09-23 03:00:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-09-20 10:40:53 ----D---- C:\Program Files\Common Files\Wolfram Research
2012-09-18 18:19:57 ----D---- C:\Program Files (x86)\PANDORA.TV
2012-09-18 18:19:45 ----D---- C:\Program Files (x86)\The KMPlayer
2012-09-18 16:20:41 ----D---- C:\Users\Pavel\AppData\Roaming\Subversion
2012-09-18 16:20:28 ----D---- C:\Users\Pavel\AppData\Roaming\MathWorks
2012-09-18 15:43:36 ----D---- C:\Program Files\MATLAB
2012-09-18 11:43:54 ----D---- C:\ProgramData\Sun
2012-09-18 11:43:47 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-09-18 11:43:47 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-09-18 11:43:47 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-09-18 11:43:42 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-09-18 11:43:42 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-09-18 11:43:42 ----A---- C:\Windows\SYSWOW64\java.exe
2012-09-18 11:43:30 ----D---- C:\Program Files (x86)\Java
2012-09-18 08:42:33 ----D---- C:\Program Files (x86)\Adobe
2012-09-18 08:41:15 ----D---- C:\ProgramData\Adobe
2012-09-17 17:32:23 ----D---- C:\Program Files (x86)\Counter-Strike 1.6 V35
2012-09-17 16:56:31 ----D---- C:\Users\Pavel\AppData\Roaming\GarenaPlus
2012-09-17 16:55:09 ----D---- C:\Program Files (x86)\Garena Plus
2012-09-17 16:55:05 ----D---- C:\ProgramData\GarenaMessenger
2012-09-13 22:45:41 ----D---- C:\Users\Pavel\AppData\Roaming\Mathematica
2012-09-13 22:45:04 ----D---- C:\ProgramData\Mathematica
2012-09-13 22:41:55 ----A---- C:\Windows\SYSWOW64\mlmodule32.dll
2012-09-13 22:41:55 ----A---- C:\Windows\SYSWOW64\ml32i3.dll
2012-09-13 22:41:55 ----A---- C:\Windows\SYSWOW64\ml32i2.dll
2012-09-13 22:41:55 ----A---- C:\Windows\SYSWOW64\ml32i1.dll
2012-09-13 22:41:55 ----A---- C:\Windows\system32\mlmodule64.dll
2012-09-13 22:41:55 ----A---- C:\Windows\system32\ml64i3.dll
2012-09-13 22:41:55 ----A---- C:\Windows\system32\ml64i2.dll
2012-09-13 22:40:38 ----D---- C:\Program Files\Wolfram Research
2012-09-13 17:25:35 ----D---- C:\Users\Pavel\AppData\Roaming\Mozilla
2012-09-13 17:25:21 ----D---- C:\Program Files (x86)\BitTorrent
2012-09-12 18:59:46 ----D---- C:\Users\Pavel\AppData\Roaming\FLEXnet
2012-09-12 18:59:44 ----D---- C:\Users\Pavel\AppData\Roaming\Nuance
2012-09-12 18:59:41 ----D---- C:\Users\Pavel\AppData\Roaming\Zeon
2012-09-12 12:08:01 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-09-12 12:08:00 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-09-12 12:08:00 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-09-12 12:08:00 ----A---- C:\Windows\system32\d3d10level9.dll
2012-09-12 12:07:59 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-09-12 12:07:59 ----A---- C:\Windows\system32\drivers\netio.sys
2012-09-12 12:07:59 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-09-11 13:17:17 ----D---- C:\Program Files (x86)\MSXML 4.0
2012-09-10 22:01:24 ----D---- C:\ProgramData\Pinnacle Studio Ultimate
2012-09-10 21:57:48 ----D---- C:\ProgramData\Studio 15
2012-09-10 21:57:48 ----D---- C:\ProgramData\Pinnacle Studio Plus
2012-09-10 21:57:48 ----D---- C:\Program Files (x86)\Pinnacle
2012-09-10 21:56:15 ----D---- C:\ProgramData\Pinnacle
2012-09-03 16:07:26 ----D---- C:\Users\Pavel\AppData\Roaming\TS3Client
2012-09-01 18:20:09 ----A---- C:\Windows\system32\drivers\bthport.sys
2012-09-01 18:11:42 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2012-09-01 18:11:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2012-09-01 18:11:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2012-09-01 18:11:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2012-09-01 18:11:39 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2012-09-01 18:11:38 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2012-09-01 18:11:37 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2012-09-01 18:11:32 ----D---- C:\Program Files (x86)\Focus Home Interactive
2012-09-01 11:24:55 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2012-09-01 11:24:55 ----A---- C:\Windows\system32\xmllite.dll
2012-09-01 11:24:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-09-01 11:24:54 ----A---- C:\Windows\system32\srcore.dll
2012-09-01 11:24:52 ----A---- C:\Windows\SYSWOW64\explorer.exe
2012-09-01 11:24:52 ----A---- C:\Windows\explorer.exe
2012-09-01 11:24:49 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-09-01 11:24:49 ----A---- C:\Windows\system32\ntshrui.dll
2012-09-01 11:24:48 ----A---- C:\Windows\system32\tquery.dll
2012-09-01 11:24:48 ----A---- C:\Windows\system32\SearchIndexer.exe
2012-09-01 11:24:48 ----A---- C:\Windows\system32\mssrch.dll
2012-09-01 11:24:47 ----A---- C:\Windows\SYSWOW64\tquery.dll
2012-09-01 11:24:47 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2012-09-01 11:24:47 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2012-09-01 11:24:47 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2012-09-01 11:24:47 ----A---- C:\Windows\SYSWOW64\mssph.dll
2012-09-01 11:24:47 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2012-09-01 11:24:46 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2012-09-01 11:24:46 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2012-09-01 11:24:46 ----A---- C:\Windows\system32\SearchFilterHost.exe
2012-09-01 11:24:46 ----A---- C:\Windows\system32\mssvp.dll
2012-09-01 11:24:46 ----A---- C:\Windows\system32\mssphtb.dll
2012-09-01 11:24:46 ----A---- C:\Windows\system32\mssph.dll
2012-09-01 11:24:45 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2012-09-01 11:24:45 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2012-09-01 11:24:45 ----A---- C:\Windows\system32\msscntrs.dll
2012-09-01 11:24:42 ----A---- C:\Windows\system32\win32spl.dll
2012-09-01 11:24:41 ----A---- C:\Windows\system32\spoolsv.exe
2012-09-01 11:24:40 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-09-01 11:24:40 ----A---- C:\Windows\splwow64.exe
2012-09-01 11:24:39 ----A---- C:\Windows\system32\XpsPrint.dll
2012-09-01 11:24:38 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2012-09-01 11:24:33 ----A---- C:\Windows\system32\profsvc.dll
2012-09-01 11:24:33 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2012-09-01 11:24:32 ----A---- C:\Windows\system32\msi.dll
2012-09-01 11:24:31 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-09-01 11:24:30 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2012-09-01 11:24:30 ----A---- C:\Windows\system32\drivers\usbport.sys
2012-09-01 11:24:30 ----A---- C:\Windows\system32\drivers\usbohci.sys
2012-09-01 11:24:30 ----A---- C:\Windows\system32\drivers\usbhub.sys
2012-09-01 11:24:30 ----A---- C:\Windows\system32\drivers\usbehci.sys
2012-09-01 11:24:30 ----A---- C:\Windows\system32\drivers\usbd.sys
2012-09-01 11:24:30 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2012-09-01 11:24:27 ----A---- C:\Windows\SYSWOW64\esent.dll
2012-09-01 11:24:27 ----A---- C:\Windows\system32\fsutil.exe
2012-09-01 11:24:27 ----A---- C:\Windows\system32\esent.dll
2012-09-01 11:24:27 ----A---- C:\Windows\system32\drivers\storport.sys
2012-09-01 11:24:27 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-09-01 11:24:26 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2012-09-01 11:24:26 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2012-09-01 11:24:26 ----A---- C:\Windows\system32\drivers\nvstor.sys
2012-09-01 11:24:26 ----A---- C:\Windows\system32\drivers\nvraid.sys
2012-09-01 11:24:26 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2012-09-01 11:24:26 ----A---- C:\Windows\system32\drivers\amdxata.sys
2012-09-01 11:24:26 ----A---- C:\Windows\system32\drivers\amdsata.sys
2012-09-01 11:18:15 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2012-09-01 11:18:15 ----A---- C:\Windows\system32\prevhost.exe
2012-09-01 11:07:05 ----D---- C:\Program Files\Common Files\DESIGNER
2012-09-01 11:06:27 ----D---- C:\Program Files\Microsoft Synchronization Services
2012-09-01 11:06:04 ----D---- C:\Program Files\Microsoft Sync Framework
2012-09-01 11:06:04 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-09-01 11:06:04 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-09-01 11:05:08 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-09-01 11:04:42 ----D---- C:\Program Files\Microsoft Analysis Services
2012-09-01 11:04:42 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2012-09-01 11:04:33 ----D---- C:\Program Files (x86)\Microsoft Office
2012-09-01 11:04:31 ----D---- C:\Program Files\Microsoft Office
2012-09-01 11:04:30 ----D---- C:\ProgramData\Microsoft Help
2012-09-01 11:04:21 ----RHD---- C:\MSOCache
2012-08-31 19:30:28 ----D---- C:\Users\Pavel\AppData\Roaming\FastStone
2012-08-31 19:28:42 ----D---- C:\Program Files (x86)\FastStone Image Viewer
2012-08-27 23:58:14 ----D---- C:\ProgramData\TamoSoft
2012-08-27 23:57:48 ----D---- C:\Program Files (x86)\CommViewWiFi
2012-08-27 23:57:48 ----A---- C:\Windows\system32\drivers\ts_athwx.sys
2012-08-26 22:56:06 ----D---- C:\Users\Pavel\AppData\Roaming\QIP
2012-08-25 16:09:38 ----D---- C:\Users\Pavel\AppData\Roaming\Macromedia
2012-08-25 12:54:30 ----A---- C:\Windows\system32\perfi005.dat
2012-08-25 12:54:30 ----A---- C:\Windows\system32\perfh005.dat
2012-08-25 12:54:30 ----A---- C:\Windows\system32\perfd005.dat
2012-08-25 12:54:30 ----A---- C:\Windows\system32\perfc005.dat
2012-08-25 12:53:56 ----D---- C:\Windows\SYSWOW64\cs
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\XPSViewer
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\drivers\cs-CZ
2012-08-25 12:53:48 ----D---- C:\Windows\cs-CZ
2012-08-25 12:53:46 ----D---- C:\Windows\system32\cs
2012-08-25 12:53:35 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-08-24 17:48:35 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2012-08-24 15:12:03 ----D---- C:\Windows\SYSWOW64\Wat
2012-08-24 15:12:03 ----D---- C:\Windows\system32\Wat
2012-08-24 12:26:12 ----A---- C:\Windows\system32\browserchoice.exe
2012-08-24 12:19:09 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2012-08-24 12:19:09 ----A---- C:\Windows\system32\imagehlp.dll
2012-08-24 12:19:09 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-08-24 12:19:08 ----A---- C:\Windows\SYSWOW64\wmi.dll
2012-08-24 12:19:08 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-08-24 12:19:08 ----A---- C:\Windows\system32\wmi.dll
2012-08-24 12:19:08 ----A---- C:\Windows\system32\wintrust.dll
2012-08-24 12:12:56 ----A---- C:\Windows\system32\MRT.exe
2012-08-24 11:37:41 ----A---- C:\Windows\system32\odbctrac.dll
2012-08-24 11:37:41 ----A---- C:\Windows\system32\odbccu32.dll
2012-08-24 11:37:41 ----A---- C:\Windows\system32\odbccr32.dll
2012-08-24 11:37:41 ----A---- C:\Windows\system32\odbccp32.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2012-08-24 11:37:40 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2012-08-24 11:37:37 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-08-24 11:37:37 ----A---- C:\Windows\system32\DWrite.dll
2012-08-24 11:37:29 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2012-08-24 11:37:29 ----A---- C:\Windows\system32\poqexec.exe
2012-08-24 11:37:28 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-08-24 11:37:28 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-08-24 11:37:28 ----A---- C:\Windows\system32\quartz.dll
2012-08-24 11:37:27 ----A---- C:\Windows\system32\qdvd.dll
2012-08-24 11:37:27 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2012-08-24 11:37:27 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2012-08-24 11:37:27 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2012-08-24 11:37:24 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-08-24 11:37:24 ----A---- C:\Windows\system32\webio.dll
2012-08-24 11:37:22 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-08-24 11:37:22 ----A---- C:\Windows\system32\msxml6.dll
2012-08-24 11:37:22 ----A---- C:\Windows\system32\msxml3.dll
2012-08-24 11:37:21 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-08-24 11:37:21 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-08-24 11:37:21 ----A---- C:\Windows\system32\msxml3r.dll
2012-08-24 11:37:20 ----A---- C:\Windows\system32\csrsrv.dll
2012-08-24 11:37:14 ----A---- C:\Windows\system32\shell32.dll
2012-08-24 11:37:12 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-08-24 11:37:11 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-08-24 11:37:11 ----A---- C:\Windows\system32\rdpwsx.dll
2012-08-24 11:37:11 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-08-24 11:37:10 ----A---- C:\Windows\system32\schannel.dll
2012-08-24 11:37:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-08-24 11:37:10 ----A---- C:\Windows\system32\drivers\cng.sys
2012-08-24 11:37:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-08-24 11:37:09 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-08-24 11:37:09 ----A---- C:\Windows\system32\sspicli.dll
2012-08-24 11:37:09 ----A---- C:\Windows\system32\ncrypt.dll
2012-08-24 11:37:09 ----A---- C:\Windows\system32\lsass.exe
2012-08-24 11:37:09 ----A---- C:\Windows\system32\lsasrv.dll
2012-08-24 11:37:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-08-24 11:37:08 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-08-24 11:37:08 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-08-24 11:37:08 ----A---- C:\Windows\system32\sspisrv.dll
2012-08-24 11:37:08 ----A---- C:\Windows\system32\secur32.dll
2012-08-24 11:37:02 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-08-24 11:37:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-08-24 11:37:00 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-08-24 11:35:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2012-08-24 11:35:56 ----A---- C:\Windows\system32\drivers\srv2.sys
2012-08-24 11:35:56 ----A---- C:\Windows\system32\drivers\srv.sys
2012-08-24 11:35:54 ----A---- C:\Windows\system32\psisdecd.dll
2012-08-24 11:35:53 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2012-08-24 11:35:52 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-08-24 11:35:51 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-08-24 11:35:51 ----A---- C:\Windows\system32\drivers\afd.sys
2012-08-24 11:35:47 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-08-24 11:35:47 ----A---- C:\Windows\system32\cryptsvc.dll
2012-08-24 11:35:47 ----A---- C:\Windows\system32\cryptnet.dll
2012-08-24 11:35:47 ----A---- C:\Windows\system32\crypt32.dll
2012-08-24 11:35:46 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-08-24 11:35:46 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-08-24 11:35:40 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-08-24 11:35:40 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-08-24 11:35:40 ----A---- C:\Windows\system32\netapi32.dll
2012-08-24 11:35:40 ----A---- C:\Windows\system32\browser.dll
2012-08-24 11:35:40 ----A---- C:\Windows\system32\browcli.dll
2012-08-24 11:35:36 ----A---- C:\Windows\system32\KernelBase.dll
2012-08-24 11:35:36 ----A---- C:\Windows\system32\kernel32.dll
2012-08-24 11:35:35 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-08-24 11:35:35 ----A---- C:\Windows\system32\wow64win.dll
2012-08-24 11:35:35 ----A---- C:\Windows\system32\winsrv.dll
2012-08-24 11:35:35 ----A---- C:\Windows\system32\conhost.exe
2012-08-24 11:35:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-24 11:35:34 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-24 11:35:34 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-08-24 11:35:34 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-08-24 11:35:34 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-08-24 11:35:34 ----A---- C:\Windows\system32\wow64.dll
2012-08-24 11:35:34 ----A---- C:\Windows\system32\ntvdm64.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-24 11:35:33 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-24 11:35:33 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-08-24 11:35:33 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-08-24 11:35:33 ----A---- C:\Windows\system32\wow64cpu.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-24 11:35:32 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-24 11:35:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-24 11:35:31 ----A---- C:\Windows\SYSWOW64\user.exe
2012-08-24 11:35:28 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2012-08-24 11:35:28 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2012-08-24 11:35:28 ----A---- C:\Windows\SYSWOW64\devobj.dll
2012-08-24 11:35:28 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2012-08-24 11:35:28 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-08-24 11:35:16 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2012-08-24 11:35:16 ----A---- C:\Windows\system32\inetcomm.dll
2012-08-24 11:35:15 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-08-24 11:35:15 ----A---- C:\Windows\system32\msvcrt.dll
2012-08-24 11:35:12 ----A---- C:\Windows\system32\win32k.sys
2012-08-24 11:35:11 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2012-08-24 11:35:11 ----A---- C:\Windows\system32\oleacc.dll
2012-08-24 11:35:11 ----A---- C:\Windows\system32\localspl.dll
2012-08-24 11:35:10 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2012-08-24 11:35:10 ----A---- C:\Windows\system32\oleaut32.dll
2012-08-24 11:35:09 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2012-08-24 11:35:09 ----A---- C:\Windows\system32\EncDec.dll
2012-08-24 11:35:03 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-08-24 11:35:03 ----A---- C:\Windows\system32\tzres.dll
2012-08-24 11:34:52 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-08-24 11:34:51 ----A---- C:\Windows\system32\cdosys.dll
2012-08-24 11:34:49 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-08-24 11:34:49 ----A---- C:\Windows\system32\ntdll.dll
2012-08-24 11:34:48 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-08-24 11:34:48 ----A---- C:\Windows\system32\packager.dll
2012-08-24 11:16:58 ----D---- C:\Windows\Minidump
2012-08-24 05:48:38 ----A---- C:\Windows\AsToolCDVer.txt
2012-08-24 05:48:38 ----A---- C:\Windows\AsRunBar.txt
2012-08-24 05:48:12 ----D---- C:\eSupport
2012-08-24 05:46:39 ----D---- C:\WIMAPPLY
2012-08-24 05:26:52 ----A---- C:\devlist.txt
2012-08-24 05:18:48 ----A---- C:\Windows\AsChkDev.txt
2012-08-24 05:14:52 ----A---- C:\Windows\SYSWOW64\msxml3a.dll
2012-08-24 05:14:52 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2012-08-24 05:14:52 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2012-08-24 05:11:00 ----D---- C:\Program Files (x86)\CyberLink
2012-08-24 05:10:59 ----D---- C:\ProgramData\Temp
2012-08-24 05:10:59 ----D---- C:\ProgramData\CyberLink
2012-08-24 05:10:07 ----HD---- C:\ExpressGateUtil
2012-08-24 05:08:57 ----D---- C:\Program Files\ASUS
2012-08-24 05:08:57 ----A---- C:\Windows\system32\ServiceFilter.ini
2012-08-24 05:08:57 ----A---- C:\Windows\system32\RemoveFont.ini
2012-08-24 05:08:57 ----A---- C:\Windows\system32\FBAgent.exe
2012-08-24 05:08:57 ----A---- C:\Windows\system32\FastBoot.ini
2012-08-24 05:08:57 ----A---- C:\Windows\system32\Defrag.ini
2012-08-24 05:08:57 ----A---- C:\Windows\system32\BootTime.ini
2012-08-24 05:08:57 ----A---- C:\Windows\system32\AutoRunFilter.ini
2012-08-24 05:08:46 ----D---- C:\Windows\SYSWOW64\ASUS_Screensaver dir
2012-08-24 05:08:46 ----A---- C:\Windows\SYSWOW64\ASUS_Screensaver.scr
2012-08-24 05:08:44 ----A---- C:\Windows\AsScrPro.exe
2012-08-24 05:08:43 ----A---- C:\Windows\SYSWOW64\ACEngSvr.exe
2012-08-24 05:08:36 ----D---- C:\ProgramData\P4G
2012-08-24 05:08:36 ----D---- C:\Program Files\P4G
2012-08-24 05:06:27 ----D---- C:\Program Files (x86)\Bluetooth Suite
2012-08-24 05:05:20 ----D---- C:\Program Files (x86)\Atheros
2012-08-24 05:05:20 ----A---- C:\Windows\system32\athrx.sys
2012-08-24 05:05:14 ----D---- C:\ProgramData\Atheros
2012-08-24 05:03:50 ----A---- C:\Windows\system32\RTNUninst64.dll
2012-08-24 05:03:50 ----A---- C:\Windows\system32\RtNicProp64.dll
2012-08-24 05:03:50 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2012-08-24 05:03:07 ----D---- C:\ProgramData\SonicFocus
2012-08-24 05:03:05 ----D---- C:\Windows\SYSWOW64\RTCOM
2012-08-24 05:03:05 ----D---- C:\Program Files\Realtek
2012-08-24 05:02:59 ----N---- C:\Windows\system32\drivers\SamSfPa.dat
2012-08-24 05:02:58 ----A---- C:\Windows\system32\WavesGUILib.dll
2012-08-24 05:02:57 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SRSWOW64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SRSTSX64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SRSTSH64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SRSHP64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFSAPO64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFProc64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFNHK64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFHAPO64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFDAPO64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFComm64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFCOM64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\SFAPO64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RtPgEx64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RtkCfg64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RtkAPO64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RtkApi64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RTEEP64A.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RTEEL64A.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RTEEG64A.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RTEED64A.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RTCOM64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RP3DHT64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RP3DAA64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RCoRes64.dat
2012-08-24 05:02:57 ----A---- C:\Windows\system32\RCoInst64.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2012-08-24 05:02:57 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2012-08-24 05:02:56 ----N---- C:\Windows\RtlExUpd.dll
2012-08-24 05:02:56 ----HD---- C:\Program Files (x86)\Temp
2012-08-24 05:02:56 ----D---- C:\Program Files (x86)\Realtek
2012-08-24 05:02:56 ----A---- C:\Windows\system32\FMAPO64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\AERTAR64.dll
2012-08-24 05:02:56 ----A---- C:\Windows\system32\AERTAC64.dll
2012-08-24 05:02:36 ----D---- C:\ProgramData\AmUStor
2012-08-24 05:02:36 ----D---- C:\Program Files (x86)\AmIcoSingLun
2012-08-24 05:02:31 ----D---- C:\Program Files\Elantech
2012-08-24 05:01:40 ----A---- C:\Windows\AsPatch10430001.exe
2012-08-24 05:01:35 ----D---- C:\Program Files\Fresco Logic Inc
2012-08-24 05:00:43 ----A---- C:\Windows\system32\drivers\IntelMEFWVer.dll
2012-08-24 05:00:41 ----A---- C:\Windows\SYSWOW64\log.txt
2012-08-24 05:00:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-08-24 05:00:37 ----A---- C:\Windows\system32\drivers\HECIx64.sys
2012-08-24 05:00:31 ----D---- C:\Windows\SYSWOW64\NV
2012-08-24 05:00:31 ----D---- C:\Windows\system32\NV
2012-08-24 04:59:43 ----D---- C:\ProgramData\NVIDIA
2012-08-24 04:59:04 ----D---- C:\ProgramData\NVIDIA Corporation
2012-08-24 04:59:02 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\nvoptimusmft.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2012-08-24 04:58:54 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\OpenCL.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvwgf2umx.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvumdshimx.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvoptimusmft.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvoglv64.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvinitx.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvgenco642040.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvdispco642090.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvdecodemft.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\nvd3dumx.dll
2012-08-24 04:58:54 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2012-08-24 04:58:54 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2012-08-24 04:58:53 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2012-08-24 04:58:53 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2012-08-24 04:58:53 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2012-08-24 04:58:53 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2012-08-24 04:58:53 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2012-08-24 04:58:53 ----A---- C:\Windows\system32\nvcuvid.dll
2012-08-24 04:58:53 ----A---- C:\Windows\system32\nvcuvenc.dll
2012-08-24 04:58:53 ----A---- C:\Windows\system32\nvcuda.dll
2012-08-24 04:58:53 ----A---- C:\Windows\system32\nvcompiler.dll
2012-08-24 04:58:53 ----A---- C:\Windows\system32\nvapi64.dll
2012-08-24 04:58:12 ----D---- C:\Program Files\NVIDIA Corporation
2012-08-24 04:58:11 ----D---- C:\NvidiaLogs
2012-08-24 04:57:15 ----D---- C:\ProgramData\Intel
2012-08-24 04:56:08 ----D---- C:\Program Files\Common Files\Intel
2012-08-24 04:54:20 ----D---- C:\Program Files (x86)\Intel
2012-08-24 04:54:20 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2012-08-24 04:54:16 ----D---- C:\Intel
2012-08-24 04:52:49 ----D---- C:\Windows\SoftwareDistribution
2012-08-24 04:49:03 ----ASH---- C:\hiberfil.sys
2012-08-24 04:49:02 ----SHD---- C:\System Volume Information
2012-08-24 04:49:02 ----ASH---- C:\pagefile.sys
2012-08-23 22:58:32 ----D---- C:\Users\Pavel\AppData\Roaming\WinRAR
2012-08-23 22:58:26 ----D---- C:\Program Files\WinRAR
2012-08-23 22:57:41 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2012-08-23 22:57:41 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2012-08-23 22:57:05 ----D---- C:\Program Files (x86)\Winamp Detect
2012-08-23 22:56:52 ----D---- C:\Users\Pavel\AppData\Roaming\Winamp
2012-08-23 22:56:52 ----D---- C:\Program Files (x86)\Winamp
2012-08-23 22:55:24 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2012-08-23 22:54:07 ----D---- C:\Users\Pavel\AppData\Roaming\Skype
2012-08-23 22:54:01 ----RD---- C:\Program Files (x86)\Skype
2012-08-23 22:53:59 ----D---- C:\ProgramData\Skype
2012-08-23 21:47:02 ----N---- C:\Windows\system32\MpSigStub.exe
2012-08-23 21:46:34 ----D---- C:\Users\Pavel\AppData\Roaming\.purple
2012-08-23 21:46:06 ----D---- C:\Program Files (x86)\Pidgin
2012-08-23 21:44:43 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2012-08-23 21:44:40 ----D---- C:\Users\Pavel\AppData\Roaming\DAEMON Tools Pro
2012-08-23 21:44:38 ----D---- C:\Program Files (x86)\DAEMON Tools Pro
2012-08-23 21:43:59 ----D---- C:\ProgramData\DAEMON Tools Pro
2012-08-23 21:42:45 ----D---- C:\Program Files\7-Zip
2012-08-23 21:36:29 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-08-23 21:36:28 ----D---- C:\Program Files (x86)\Microsoft Security Client
2012-08-23 21:36:26 ----D---- C:\Program Files\Microsoft Security Client
2012-08-23 21:34:15 ----D---- C:\Users\Pavel\AppData\Roaming\Adobe
2012-08-23 20:49:32 ----A---- C:\Windows\system32\drivers\athrx.sys
2012-08-23 20:49:11 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-08-23 20:49:11 ----A---- C:\Windows\system32\rdpcore.dll
2012-08-23 20:49:11 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-08-23 20:41:44 ----A---- C:\Windows\system32\wups2.dll
2012-08-23 20:41:44 ----A---- C:\Windows\system32\wuauclt.exe
2012-08-23 20:41:43 ----A---- C:\Windows\system32\wucltux.dll
2012-08-23 20:41:43 ----A---- C:\Windows\system32\wuaueng.dll
2012-08-23 20:41:24 ----A---- C:\Windows\system32\wups.dll
2012-08-23 20:41:24 ----A---- C:\Windows\system32\wudriver.dll
2012-08-23 20:41:24 ----A---- C:\Windows\system32\wuapi.dll
2012-08-23 20:41:20 ----A---- C:\Windows\system32\wuwebv.dll
2012-08-23 20:41:20 ----A---- C:\Windows\system32\wuapp.exe
2012-08-23 20:39:36 ----D---- C:\Users\Pavel\AppData\Roaming\ASUS WebStorage
2012-08-23 20:36:52 ----D---- C:\Users\Pavel\AppData\Roaming\Identities
2012-08-23 20:36:47 ----D---- C:\Users\Pavel\AppData\Roaming\Google
2012-08-23 20:36:39 ----A---- C:\Windows\system32\acovcnt.exe
2012-08-23 20:36:37 ----D---- C:\ProgramData\FolderView
2012-08-23 20:36:36 ----HD---- C:\ASUS.DAT
2012-08-23 20:36:33 ----SD---- C:\Users\Pavel\AppData\Roaming\Microsoft
2012-08-23 20:36:33 ----D---- C:\Users\Pavel\AppData\Roaming\Media Center Programs

======List of files/folders modified in the last 3 months======

2012-09-29 19:30:36 ----D---- C:\Program Files\Trend Micro
2012-09-29 19:30:09 ----D---- C:\Windows\Temp
2012-09-29 19:28:18 ----D---- C:\Windows\system32\config
2012-09-29 19:28:17 ----D---- C:\Windows\inf
2012-09-29 19:27:35 ----D---- C:\Windows\system32\Tasks
2012-09-29 19:27:15 ----D---- C:\Windows\system32\drivers
2012-09-29 19:27:14 ----D---- C:\Windows
2012-09-29 19:22:54 ----D---- C:\Windows\Panther
2012-09-29 19:22:54 ----D---- C:\Windows\Logs
2012-09-29 19:22:54 ----D---- C:\Windows\debug
2012-09-29 19:21:49 ----RD---- C:\Program Files
2012-09-29 15:07:24 ----SHD---- C:\Windows\Installer
2012-09-29 15:06:42 ----D---- C:\Windows\SysWOW64
2012-09-29 15:05:03 ----D---- C:\Windows\Prefetch
2012-09-29 15:02:31 ----RD---- C:\Program Files (x86)
2012-09-29 15:02:31 ----HD---- C:\ProgramData
2012-09-29 15:02:31 ----D---- C:\Windows\Tasks
2012-09-26 03:00:29 ----D---- C:\Windows\winsxs
2012-09-26 03:00:27 ----AD---- C:\Windows\System32
2012-09-26 00:30:48 ----D---- C:\Windows\system32\catroot
2012-09-23 03:19:38 ----D---- C:\Windows\system32\wdi
2012-09-23 03:16:41 ----D---- C:\Windows\SYSWOW64\migration
2012-09-23 03:16:41 ----D---- C:\Windows\system32\migration
2012-09-23 03:16:41 ----D---- C:\Program Files\Internet Explorer
2012-09-23 03:16:41 ----D---- C:\Program Files (x86)\Internet Explorer
2012-09-23 03:01:15 ----D---- C:\Windows\system32\catroot2
2012-09-21 14:47:27 ----RSD---- C:\Windows\Fonts
2012-09-20 10:40:53 ----D---- C:\Program Files\Common Files
2012-09-20 10:40:52 ----D---- C:\Program Files (x86)\Common Files
2012-09-18 16:11:16 ----RSD---- C:\Windows\assembly
2012-09-18 15:38:55 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-09-17 17:25:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-09-13 11:41:07 ----D---- C:\Windows\system32\DriverStore
2012-09-12 18:59:44 ----D---- C:\ProgramData\Nuance
2012-09-03 16:27:53 ----D---- C:\Windows\Microsoft.NET
2012-09-01 22:35:51 ----D---- C:\Windows\SYSWOW64\en-US
2012-09-01 22:35:51 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-09-01 22:35:51 ----D---- C:\Windows\system32\en-US
2012-09-01 22:35:51 ----D---- C:\Windows\system32\cs-CZ
2012-09-01 22:35:51 ----D---- C:\Windows\AppPatch
2012-09-01 18:19:22 ----A---- C:\Windows\win.ini
2012-09-01 18:15:33 ----D---- C:\Program Files\Common Files\System
2012-09-01 11:07:06 ----D---- C:\Windows\ShellNew
2012-09-01 11:06:18 ----D---- C:\Program Files (x86)\MSBuild
2012-09-01 11:06:04 ----SD---- C:\ProgramData\Microsoft
2012-08-25 12:53:59 ----D---- C:\Program Files\Windows Sidebar
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Media Player
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Mail
2012-08-25 12:53:59 ----D---- C:\Program Files (x86)\Windows Defender
2012-08-25 12:53:58 ----D---- C:\Windows\servicing
2012-08-25 12:53:58 ----D---- C:\Program Files\Windows Photo Viewer
2012-08-25 12:53:58 ----D---- C:\Program Files\Windows Media Player
2012-08-25 12:53:58 ----D---- C:\Program Files\Windows Mail
2012-08-25 12:53:58 ----D---- C:\Program Files\Windows Journal
2012-08-25 12:53:58 ----D---- C:\Program Files\Windows Defender
2012-08-25 12:53:58 ----D---- C:\Program Files\DVD Maker
2012-08-25 12:53:56 ----D---- C:\Windows\SYSWOW64\winrm
2012-08-25 12:53:56 ----D---- C:\Windows\SYSWOW64\slmgr
2012-08-25 12:53:56 ----D---- C:\Windows\SYSWOW64\migwiz
2012-08-25 12:53:56 ----D---- C:\Windows\ehome
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\WCN
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\wbem
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\MUI
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\DriverStore
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\drivers
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\Dism
2012-08-25 12:53:48 ----D---- C:\Windows\SYSWOW64\com
2012-08-25 12:53:48 ----D---- C:\Windows\IME
2012-08-25 12:53:47 ----D---- C:\Windows\system32\winrm
2012-08-25 12:53:47 ----D---- C:\Windows\system32\sysprep
2012-08-25 12:53:47 ----D---- C:\Windows\system32\oobe
2012-08-25 12:53:47 ----D---- C:\Windows\system32\migwiz
2012-08-25 12:53:47 ----D---- C:\Windows\PolicyDefinitions
2012-08-25 12:53:46 ----D---- C:\Windows\system32\slmgr
2012-08-25 12:53:46 ----D---- C:\Windows\system32\Boot
2012-08-25 12:53:35 ----D---- C:\Windows\system32\WCN
2012-08-25 12:53:35 ----D---- C:\Windows\system32\MUI
2012-08-25 12:53:35 ----D---- C:\Windows\system32\drivers\UMDF
2012-08-25 12:53:35 ----D---- C:\Windows\system32\Dism
2012-08-25 12:53:33 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2012-08-25 12:53:32 ----D---- C:\Windows\system32\wbem
2012-08-25 12:53:32 ----D---- C:\Windows\system32\com
2012-08-25 11:26:02 ----D---- C:\Windows\rescache
2012-08-25 01:24:24 ----D---- C:\Windows\SYSWOW64\sysprep
2012-08-25 01:24:24 ----D---- C:\Windows\SYSWOW64\es-ES
2012-08-25 01:24:24 ----D---- C:\Windows\SYSWOW64\drivers\UMDF
2012-08-25 01:24:11 ----D---- C:\Windows\system32\es-ES
2012-08-25 01:24:06 ----D---- C:\Windows\es-ES
2012-08-25 01:23:53 ----D---- C:\Windows\SYSWOW64\ru-RU
2012-08-25 01:23:44 ----D---- C:\Windows\system32\ru-RU
2012-08-25 01:23:28 ----D---- C:\Windows\pt-PT
2012-08-25 01:23:27 ----D---- C:\Windows\SYSWOW64\pt-PT
2012-08-25 01:23:20 ----D---- C:\Windows\system32\pt-PT
2012-08-25 01:22:56 ----D---- C:\Windows\it-IT
2012-08-25 01:22:54 ----D---- C:\Windows\SYSWOW64\oobe
2012-08-25 01:22:54 ----D---- C:\Windows\SYSWOW64\it-IT
2012-08-25 01:22:46 ----D---- C:\Windows\SYSWOW64\Setup
2012-08-25 01:22:44 ----D---- C:\Windows\system32\it-IT
2012-08-25 01:22:36 ----D---- C:\Windows\system32\Setup
2012-08-25 01:22:15 ----D---- C:\Windows\SYSWOW64\zh-TW
2012-08-25 01:22:07 ----D---- C:\Windows\zh-TW
2012-08-25 01:22:06 ----D---- C:\Windows\system32\zh-TW
2012-08-25 01:22:06 ----D---- C:\Windows\Globalization
2012-08-24 21:08:45 ----D---- C:\Windows\SYSWOW64\he-IL
2012-08-24 21:08:38 ----D---- C:\Windows\system32\he-IL
2012-08-24 21:06:37 ----D---- C:\Windows\SYSWOW64\el-GR
2012-08-24 21:06:30 ----D---- C:\Windows\system32\el-GR
2012-08-24 21:04:17 ----D---- C:\Windows\SYSWOW64\de-DE
2012-08-24 21:04:17 ----D---- C:\Windows\de-DE
2012-08-24 21:04:10 ----D---- C:\Windows\system32\de-DE
2012-08-24 21:01:54 ----D---- C:\Windows\fr-FR
2012-08-24 21:01:53 ----D---- C:\Windows\SYSWOW64\fr-FR
2012-08-24 21:01:46 ----D---- C:\Windows\system32\fr-FR
2012-08-24 21:00:00 ----D---- C:\Windows\SYSWOW64\nl-NL
2012-08-24 21:00:00 ----D---- C:\Windows\nl-NL
2012-08-24 20:59:59 ----D---- C:\Windows\system32\nl-NL
2012-08-24 20:57:54 ----D---- C:\Windows\SYSWOW64\ar-SA
2012-08-24 20:57:44 ----D---- C:\Windows\system32\ar-SA
2012-08-24 15:13:23 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-08-24 05:48:18 ----D---- C:\Windows\ASUS
2012-08-24 05:26:48 ----D---- C:\Windows\Log
2012-08-24 04:59:34 ----D---- C:\Windows\Help
2012-08-23 20:58:21 ----D---- C:\Windows\system32\LogFiles
2012-08-23 20:50:39 ----D---- C:\ProgramData\Partner
2012-08-23 20:50:39 ----D---- C:\Program Files\Google
2012-08-23 20:50:39 ----D---- C:\Program Files (x86)\Google
2012-08-23 20:49:22 ----D---- C:\Program Files (x86)\ASUS
2012-08-23 20:41:29 ----D---- C:\Program Files (x86)\Microsoft
2012-08-23 20:40:06 ----D---- C:\Windows\system32\restore
2012-08-23 20:39:37 ----D---- C:\ProgramData\ChangeFolderView
2012-08-23 20:38:30 ----D---- C:\ProgramData\Trend Micro
2012-08-23 20:36:50 ----SHD---- C:\$Recycle.Bin
2012-08-23 20:36:33 ----RD---- C:\Users
2012-08-23 20:35:28 ----SHD---- C:\Recovery
2012-08-23 20:35:28 ----D---- C:\Windows\system32\Recovery

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 203888]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-03-08 25960]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-23 283200]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2010-09-17 105552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2010-09-17 90704]
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2010-09-17 144464]
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-10-07 2770944]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\DRIVERS\FLxHCIc.sys [2011-02-25 302592]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver; C:\Windows\system32\DRIVERS\FLxHCIh.sys [2011-02-25 81920]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-05-24 12259712]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-22 2815976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TS_AR5416;[CommView] Atheros AR5008 Wireless Network Adapter Service 7.7; C:\Windows\system32\DRIVERS\ts_athwx.sys [2010-03-02 2103336]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-01-25 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 12600]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-06 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-14 2009704]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 VideAceWindowsService;VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [2010-08-21 77312]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-04-17 247152]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/08/23 20:15:54; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-13 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-17 267480]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-24 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119515
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Škodlivé programy

#13 Příspěvek od Rudy »

Vše smazáno, log již vypadá OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
xPajas
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 zář 2012 22:19

Re: Škodlivé programy

#14 Příspěvek od xPajas »

Děkuji a co ty ASUSácké utilitky, ani nevím, k čemu jsou a ani nevím, které tam jsou navíc...
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119515
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Škodlivé programy

#15 Příspěvek od Rudy »

xPajas píše:Děkuji a co ty ASUSácké utilitky, ani nevím, k čemu jsou a ani nevím, které tam jsou navíc...
Teoreticky je můžete odinstalovat. Pokud je nepoužíváte, není co řešit.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“