Preventivka - občasné zaseknutí myšky a protokol ICMP

[mandel99]

ESET PROTOKOL:

Kód: Vybrat vše

Čas						Událost															Zdroj				Cíl				Protokol
----------------------------------------------------------------------------------------------------------
29.12.2013 21:47:57	Detekováno zneužití skrytého kanálu v ICMP paketu	192.168.1.100	107.1.94.142	ICMP			
29.12.2013 21:47:47	Detekováno zneužití skrytého kanálu v ICMP paketu	192.168.1.100	101.78.148.14	ICMP			
29.12.2013 21:47:37	Detekováno zneužití skrytého kanálu v ICMP paketu	192.168.1.100	90.83.94.114	ICMP			
28.12.2013 19:38:19	Detekováno zneužití skrytého kanálu v ICMP paketu	192.168.1.100	202.164.25.17	ICMP			
28.12.2013 19:38:09	Detekováno zneužití skrytého kanálu v ICMP paketu	192.168.1.100	192.31.14.14	ICMP			
28.12.2013 19:37:59	Detekováno zneužití skrytého kanálu v ICMP paketu	192.168.1.100	173.227.255.65	ICMP			
27.12.2013 17:16:56	Detekováno zneužití skrytého kanálu v ICMP paketu	192.168.1.100	212.66.146.2	ICMP			
27.12.2013 17:16:46	Detekováno zneužití skrytého kanálu v ICMP paketu	192.168.1.100	211.175.70.66	ICMP			
27.12.2013 17:16:36	Detekováno zneužití skrytého kanálu v ICMP paketu	192.168.1.100	209.163.206.113	ICMP			
26.12.2013 6:55:18	Detekováno zneužití skrytého kanálu v ICMP paketu	192.168.1.100	216.228.123.197	ICMP			
26.12.2013 6:55:08	Detekováno zneužití skrytého kanálu v ICMP paketu	192.168.1.100	216.228.112.5	ICMP			
26.12.2013 6:54:59	Detekováno zneužití skrytého kanálu v ICMP paketu	192.168.1.100	213.179.145.146	ICMP

RSIT LOG:

Kód: Vybrat vše

info.txt logfile of random's system information tool 1.09 2013-12-29 22:02:41

======Uninstall list======

-->MsiExec /X{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
7-Zip 9.20 (x64 edition)-->MsiExec.exe /I{23170F69-40C1-2702-0920-000001000000}
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}
Adobe Download Assistant-->msiexec /qb /x {9866E5F0-121F-E018-E2D1-2E1770847ABF}
Adobe Download Assistant-->MsiExec.exe /I{9866E5F0-121F-E018-E2D1-2E1770847ABF}
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe -maintain plugin
Adobe Photoshop CS6-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}"
Adobe Reader X (10.1.8) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Amnesia-->C:\Program Files (x86)\TopCD\Amnesia\Uninstall.exe
Apple Application Support-->MsiExec.exe /I{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Audacity 2.0.3-->"C:\Program Files (x86)\Audacity\unins000.exe"
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)-->C:\PROGRA~1\DIFX\F4092DA208C2C970\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfdx6_95B9C4C4739674B910F22E6D0FB93B9D8DD7E72A\pccsmcfdx64.inf
Bully Scholarship Edition-->MsiExec.exe /X{A724605D-B399-4304-B8C7-33B3EF7D4677}
Canon Easy-PhotoPrint EX-->C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll
Canon Easy-WebPrint EX-->"C:\Program Files (x86)\Canon\Easy-WebPrint EX\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.ini
Canon IJ Network Scan Utility-->"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSU.exe" /UninstallRemove C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\uninst.ini
Canon IJ Network Tool-->C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNUU.exe
Canon Inkjet Printer/Scanner/Fax Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R
Canon MG5200 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series\DelDrv64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series /L0x0005
Canon MP Navigator EX 4.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 4.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 4.0\uninst.ini
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CD-LabelPrint-->"C:\Program Files (x86)\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{3823EC5A-1CA4-42CA-9D5B-F94ABD65410D}" "1029" "0"
Facebook Video Calling 1.2.0.287-->MsiExec.exe /X{B92C5909-1D37-4C51-8397-A28BB28E5DC3}
FormatFactory 2.96-->C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Geeks3D FurMark 1.11.0-->"C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark_1.11.0\unins000.exe"
Google Earth-->MsiExec.exe /X{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
Google Talk Plugin-->MsiExec.exe /I{2A83AD05-56E6-3FBD-8752-B4143162EF59}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8301}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8302}
Grand Theft Auto: Episodes From Liberty City-->"C:\Program Files (x86)\InstallShield Installation Information\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}\setup.exe" -runfromtemp -l0x0009 -removeonly
Grand Theft Auto: Episodes from Liberty City-->MsiExec.exe /I{5454083B-1308-4485-BF17-111000038701}
Grand Theft Auto: Episodes from Liberty City-->MsiExec.exe /I{5454083B-1308-4485-BF17-111000038702}
Grand Theft Auto: Episodes from Liberty City-->MsiExec.exe /I{5454083B-1308-4485-BF17-111000038703}
Grand Theft Auto: Episodes from Liberty City-->MsiExec.exe /I{5454083B-1308-4485-BF17-111000038704}
Graphical Installer for NSIS-->"C:\Program Files (x86)\NSIS\Graphical Installer\Graphical Uninstaller.exe"
GTA San Andreas-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9  -removeonly
IETester v0.5.2 (remove only)-->"C:\Program Files (x86)\Core Services\IETester\uninstall.exe"
Java 7 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217013FF}
K-Lite Codec Pack 9.1.0 (64-bit)-->"C:\Program Files\K-Lite Codec Pack x64\unins000.exe"
Microsoft .NET Framework 4.5.1 (CSY)-->MsiExec.exe /X{50813B8C-FCBB-3C61-8039-EAAA93029066}
Microsoft .NET Framework 4.5.1 (čeština)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\CSY\\Setup.exe /repair /x86 /x64 /lcid 1029
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft Image Composite Editor-->MsiExec.exe /I{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-1000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-1000-0000000FF1CE}
Microsoft Office Office 32-bit Components 2010-->MsiExec.exe /X{90140000-0043-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-1000-0000000FF1CE}
Microsoft Office Professional 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall SINGLEIMAGE /dll OSETUP.DLL
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-1000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-1000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-1000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-1000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-0043-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-1000-0000000FF1CE}
Microsoft Office Single Image 2010-->MsiExec.exe /X{90140000-003D-0000-1000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-1000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft_VC100_CRT_SP1_x64-->MsiExec.exe /I{680EDA59-9266-44B4-949E-0C24F65DFF82}
Microsoft_VC100_CRT_SP1_x86-->MsiExec.exe /I{E3B64CC5-C011-40C0-92BC-7316CD5E5688}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Mozilla Firefox 26.0 (x86 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird 24.2.0 (x86 cs)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
Mp3tag v2.57-->C:\Program Files (x86)\Mp3tag\Mp3tagUninstall.EXE
MSVC80_x64_v2-->MsiExec.exe /I{4D668D4F-FAA2-4726-834C-31F4614F312E}
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x64-->MsiExec.exe /I{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP3 Parser (KB2721691)-->MsiExec.exe /I{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}
MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}
MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}
Nokia Suite-->C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}\Installer.exe
Nokia Suite-->MsiExec.exe /X{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}
Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
Nullsoft Install System-->"C:\Program Files (x86)\NSIS\uninst-nsis.exe"
NVIDIA GeForce Experience 1.8.1-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{A56EB740-E73C-49FA-8008-F2E6F8406FF1}\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač HD audia 1.3.26.4-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{8BC835D6-D230-481F-97FF-E991A2AE0A6F}\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladače grafiky 331.82-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{8BC835D6-D230-481F-97FF-E991A2AE0A6F}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /I{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}
NVIDIA Systémový software PhysX 9.13.0725-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{8BC835D6-D230-481F-97FF-E991A2AE0A6F}\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA Virtual Audio 1.2.19-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{A56EB740-E73C-49FA-8008-F2E6F8406FF1}\NVI2.DLL",UninstallPackage VirtualAudio.Driver
Opera Stable 18.0.1284.68-->"C:\Program Files (x86)\Opera\Launcher.exe" /uninstall
Oracle VM VirtualBox 4.2.6-->MsiExec.exe /I{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}
PC Connectivity Solution-->MsiExec.exe /I{6B722793-E77B-41F5-BAB3-6C9832274E75}
PDF Settings CS6-->MsiExec.exe /I{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}
Pharaoh-->C:\Windows\IsUninst.exe -fC:\SIERRA\Pharaoh\Uninst.isu
Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe"
Registrace uživatele zařízení Canon MG5200 series-->C:\Program Files (x86)\Canon\IJEREG\MG5200 series\UNINST.EXE
RocketDock 1.3.5-->"C:\Program Files (x86)\RocketDock\unins000.exe"
SAMSUNG Mobile Composite Device Software-->C:\Windows\SysWOW64\Samsung_USB_Drivers\6\SSBCUninstall.exe
SAMSUNG Mobile Modem Driver Set-->C:\Windows\SysWOW64\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Drive Software-->C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\SysWOW64\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\SysWOW64\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{8E99BFFF-3DFD-4FEF-AF09-FB6BFA486BBE}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{ADA7039B-E8A3-4C08-AE29-DD3BDDAC2ECA}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{A2F2E3C4-887C-4A3B-B73A-576984420D12}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2760781) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{95FC4D5E-0C1A-435A-9759-E8656BCB358B}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{43ADD46C-BD44-49BB-AB04-E1A42F2DD7AB}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{8A1AE697-FB15-4C7D-A002-E2F0B1BEE737}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{DEE523DB-C590-45D3-B658-73F93062D7B3}" "1029" "0"
Security Update for Microsoft Outlook 2010 (KB2837597) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{75888FAF-1EF8-4734-A7EE-B3B9E701BF0E}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{235F521F-C627-4957-A641-C4C161F78531}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{EE3A99C9-FD8F-4923-9F82-27365DA4B873}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-1000-0000000FF1CE}" "{2E7C03CB-FE0A-4B95-BA37-742CD596760C}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0405-1000-0000000FF1CE}" "{FF4FCFC2-4935-49E4-B35E-5FCF7343412B}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{A3364707-2F53-4C83-8F68-C9877A9080C7}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{F3FAAB68-7697-4B1F-A23A-72312565AEAB}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0405-1000-0000000FF1CE}" "{62E2481E-63BB-4481-A0CE-071D6D663B1B}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{BFFA0FE1-0823-4382-9DD3-49DA02375BBA}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 6.11-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
Sony Mobile Update Engine-->C:\Program Files (x86)\Sony Mobile\Update Engine\uninst.exe
Sony PC Companion 2.10.181-->"C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -runfromtemp -l0x0409  -removeonly
TeamViewer 8-->C:\Program Files (x86)\TeamViewer\Version8\uninstall.exe
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
TuneUp Utilities 2011-->C:\Program Files (x86)\TuneUp Utilities 2011\TUInstallHelper.exe --Trigger-Uninstall
Universal Extractor 1.6.1-->"C:\Program Files (x86)\Universal Extractor\unins000.exe"
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}" "1029" "0"
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{59446CD0-D49A-4154-BDD5-59CB3B6F89AC}" "1029" "0"
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{79C725A1-3964-421C-A528-78C1C083C7C7}" "1029" "0"
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}" "1029" "0"
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}" "1029" "0"
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{EBD18DE5-BC84-4B57-9A30-097044871F9A}" "1029" "0"
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{4AD36582-256B-433D-8593-F31773A15CA4}" "1029" "0"
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{4AD36582-256B-433D-8593-F31773A15CA4}" "1029" "0"
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{F216169C-2B40-429B-8370-B5BA06EC5423}" "1029" "0"
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{F216169C-2B40-429B-8370-B5BA06EC5423}" "1029" "0"
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{B6AD7E27-012A-4B63-82BA-AF62893E5435}" "1029" "0"
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{07DC9C6C-E916-4F42-8677-716930ED0393}" "1029" "0"
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{14F6B53A-6703-40EA-9566-0A09E62866E5}" "1029" "0"
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{14F6B53A-6703-40EA-9566-0A09E62866E5}" "1029" "0"
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}" "1029" "0"
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{BA61259D-63F0-4177-A0E1-E4064EC2B470}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{1C381677-BE03-49CC-AFCA-242AA6094621}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{1C381677-BE03-49CC-AFCA-242AA6094621}" "1029" "0"
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-1000-0000000FF1CE}" "{6360575E-DA5C-459E-A615-0FD18FD37C97}" "1029" "0"
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{762C2438-9257-42BC-BD3D-6D02EC138D18}" "1029" "0"
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{DF33B92A-5381-4F03-AB54-2D67086B357E}" "1029" "0"
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{A82E26EF-680E-427D-B7D0-FD7997DDC217}" "1029" "0"
VIA Platforma Ovladače zařízení-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} 
VLC media player 2.1.1-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
vReveal 3-->C:\Program Files (x86)\vReveal 3\Uninstall.exe
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Movie Maker 2.6-->MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088}
Windows Movie Maker-->C:\Program Files\Movie Maker\uninst.exe

======System event log======

Computer Name: mandel-PC
Event Code: 7036
Message: Stav služby Služba Plánovač multimédií byl změněn na: Zastaveno
Record Number: 62083
Source Name: Service Control Manager
Time Written: 20130113193240.286518-000
Event Type: Informace
User: 

Computer Name: mandel-PC
Event Code: 7036
Message: Stav služby Funkčnost aplikací byl změněn na: Zastaveno
Record Number: 62082
Source Name: Service Control Manager
Time Written: 20130113192030.554780-000
Event Type: Informace
User: 

Computer Name: mandel-PC
Event Code: 7036
Message: Stav služby Adobe Flash Player Update Service byl změněn na: Zastaveno
Record Number: 62081
Source Name: Service Control Manager
Time Written: 20130113191200.273593-000
Event Type: Informace
User: 

Computer Name: mandel-PC
Event Code: 7036
Message: Stav služby Adobe Flash Player Update Service byl změněn na: Spuštěno
Record Number: 62080
Source Name: Service Control Manager
Time Written: 20130113191200.273593-000
Event Type: Informace
User: 

Computer Name: mandel-PC
Event Code: 7036
Message: Stav služby Funkčnost aplikací byl změněn na: Spuštěno
Record Number: 62079
Source Name: Service Control Manager
Time Written: 20130113190900.382304-000
Event Type: Informace
User: 

=====Application event log=====

Computer Name: mandel-PC
Event Code: 900
Message: Služba Ochrana softwaru se spouští.

Record Number: 16797
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20130406132839.000000-000
Event Type: Informace
User: 

Computer Name: mandel-PC
Event Code: 0
Message: 
Record Number: 16796
Source Name: gupdate
Time Written: 20130406084501.000000-000
Event Type: Informace
User: 

Computer Name: mandel-PC
Event Code: 0
Message: 
Record Number: 16795
Source Name: gupdate
Time Written: 20130406084500.000000-000
Event Type: Informace
User: 

Computer Name: mandel-PC
Event Code: 9013
Message: Nebylo možné spustit Správce oken plochy, protože rozvržení bylo zakázáno spuštěnou aplikací.
Record Number: 16794
Source Name: Desktop Window Manager
Time Written: 20130406080240.000000-000
Event Type: Informace
User: 

Computer Name: mandel-PC
Event Code: 9010
Message: Proces (Pharaoh) zadal požadavek na zakázání Správce oken plochy.
Record Number: 16793
Source Name: Desktop Window Manager
Time Written: 20130406080240.000000-000
Event Type: Informace
User: 

=====Security event log=====

Computer Name: mandel-PC
Event Code: 4634
Message: Účet byl odhlášen.

Předmět:
	ID zabezpečení:		S-1-5-7
	Název účtu:		ANONYMOUS LOGON
	Doména účtu:		NT AUTHORITY
	ID přihlášení:		0x1aeb617

Typ přihlášení:			3

Tato událost je generována, pokud je zničena relace přihlášení. Může být spojena s událostí přihlášení pomocí hodnoty ID přihlášení. Hodnoty ID přihlášení jsou jednoznačné pouze v rámci jednotlivých restartů stejného počítače.
Record Number: 570226
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130312225026.009833-000
Event Type: Úspěšný audit
User: 

Computer Name: mandel-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
	ID zabezpečení:		S-1-0-0
	Název účtu:		-
	Doména účtu:		-
	ID přihlášení:		0x0

Typ přihlášení:			3

Nové přihlášení:
	ID zabezpečení:		S-1-5-7
	Název účtu:		ANONYMOUS LOGON
	Doména účtu:		NT AUTHORITY
	ID přihlášení:		0x1b2ee87
	GUID přihlášení:		{00000000-0000-0000-0000-000000000000}

Informace o procesu:
	ID procesu:		0x0
	Název procesu:		-

Informace o síti:
	Název pracovní stanice:	HTPC-PC
	Adresa zdrojové sítě	192.168.1.102
	Zdrojový port:		49435

Podrobné informace o ověření:
	Proces přihlášení:		NtLmSsp 
	Balíček ověření:	NTLM
	Přenosové služby:	-
	Název balíčku (pouze NTLM):	NTLM V1
	Délka klíče:		128

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
	- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
	- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
	- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
	- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 570225
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130312224821.953737-000
Event Type: Úspěšný audit
User: 

Computer Name: mandel-PC
Event Code: 4634
Message: Účet byl odhlášen.

Předmět:
	ID zabezpečení:		S-1-5-7
	Název účtu:		ANONYMOUS LOGON
	Doména účtu:		NT AUTHORITY
	ID přihlášení:		0x1b1b748

Typ přihlášení:			3

Tato událost je generována, pokud je zničena relace přihlášení. Může být spojena s událostí přihlášení pomocí hodnoty ID přihlášení. Hodnoty ID přihlášení jsou jednoznačné pouze v rámci jednotlivých restartů stejného počítače.
Record Number: 570224
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130312224732.261895-000
Event Type: Úspěšný audit
User: 

Computer Name: mandel-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
	ID zabezpečení:		S-1-0-0
	Název účtu:		-
	Doména účtu:		-
	ID přihlášení:		0x0

Typ přihlášení:			3

Nové přihlášení:
	ID zabezpečení:		S-1-5-7
	Název účtu:		ANONYMOUS LOGON
	Doména účtu:		NT AUTHORITY
	ID přihlášení:		0x1b1b748
	GUID přihlášení:		{00000000-0000-0000-0000-000000000000}

Informace o procesu:
	ID procesu:		0x0
	Název procesu:		-

Informace o síti:
	Název pracovní stanice:	HTPC-PC
	Adresa zdrojové sítě	192.168.1.102
	Zdrojový port:		49430

Podrobné informace o ověření:
	Proces přihlášení:		NtLmSsp 
	Balíček ověření:	NTLM
	Přenosové služby:	-
	Název balíčku (pouze NTLM):	NTLM V1
	Délka klíče:		128

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
	- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
	- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
	- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
	- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 570223
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130312224721.899302-000
Event Type: Úspěšný audit
User: 

Computer Name: mandel-PC
Event Code: 4634
Message: Účet byl odhlášen.

Předmět:
	ID zabezpečení:		S-1-5-7
	Název účtu:		ANONYMOUS LOGON
	Doména účtu:		NT AUTHORITY
	ID přihlášení:		0x1af521a

Typ přihlášení:			3

Tato událost je generována, pokud je zničena relace přihlášení. Může být spojena s událostí přihlášení pomocí hodnoty ID přihlášení. Hodnoty ID přihlášení jsou jednoznačné pouze v rámci jednotlivých restartů stejného počítače.
Record Number: 570222
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130312224701.997164-000
Event Type: Úspěšný audit
User: 

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\PC Connectivity Solution\;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Samsung\Samsung PC Studio 3\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"VBOX_INSTALL_PATH"=C:\Program Files\Oracle\VirtualBox\

-----------------EOF-----------------

[Rudy]

Zdravím!
Potřeboval bych vidět obsah souboru log.txt. Soubor info.txt mi není k ničemu.

[mandel99]

Taktéž zdravím, a pěkný večer,

log odeslán v příloze.

Děkuji

[Rudy]

Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[mandel99]

LOG AdwCleaner:

# AdwCleaner v3.016 - Report created 29/12/2013 at 23:10:08
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : mandel - MANDEL-PC
# Running from : C:\Users\mandel\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Program Files (x86)\goforfiles
Folder Deleted : C:\Users\mandel\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\mandel\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\mandel\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\mandel\AppData\Roaming\Mozilla\Firefox\Profiles\j2k9bjg7.default\Extensions\flashfirebug@o-minds.com
Folder Deleted : C:\Users\mandel\AppData\Roaming\Mozilla\Firefox\Profiles\j2k9bjg7.default\Extensions\r2d2b2g@mozilla.org
Folder Deleted : C:\Users\mandel\AppData\Roaming\Mozilla\Firefox\Profiles\j2k9bjg7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
Folder Deleted : C:\Users\mandel\AppData\Roaming\Mozilla\Firefox\Profiles\j2k9bjg7.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
File Deleted : C:\END
File Deleted : C:\Windows\System32\Tasks\GoforFilesUpdate

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\GoforFiles

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\mandel\AppData\Roaming\Mozilla\Firefox\Profiles\j2k9bjg7.default\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.toolbar@ask.com.install-event-fired", true);

-\\ Google Chrome v

[ File : C:\Users\mandel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3900 octets] - [29/12/2013 23:09:29]
AdwCleaner[S0].txt - [3794 octets] - [29/12/2013 23:10:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3854 octets] ##########

[Rudy]

Dejte nový log RSIT.

[mandel99]

LOG RSIT:

Kód: Vybrat vše

Logfile of random's system information tool 1.09 (written by random/random)
Run by mandel at 2013-12-30 09:57:27
Microsoft Windows 7 Ultimate  Service Pack 1
System drive C: has 172 GB (56%) free of 305 GB
Total RAM: 4094 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:57:31, on 30.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Users\mandel\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe
C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\mandel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"                                                                                                                                                                                      
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10180 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"taskhost.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2440
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:2296
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-34943863-1580160794-815372253446508503790963723-168742987197840441718423037
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe" 
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" 
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\RocketDock\RocketDock.exe" 
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Users\mandel\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" 
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4144.0.29017748\411083676" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23,28 --gpu-vendor-id=0x10de --gpu-device-id=0x1244 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3182 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.3.998979773\365499122" /prefetch:673131151
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.4.1556142627\312518454" /prefetch:673131151
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.5.1087792313\2104168738" /prefetch:673131151
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.6.1722405964\1084192074" /prefetch:673131151
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.7.260669015\113222165" /prefetch:673131151
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.9.1635725128\580315167" /prefetch:673131151
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.11.1426053572\121147553" /prefetch:673131151
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.14.99595360\2136570295" /prefetch:673131151
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.16.1168537449\803815650" /prefetch:673131151
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.17.745409521\232001587" /prefetch:673131151
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe" 
"taskhost.exe"
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --instant-process --disable-html-notifications --enable-software-compositing --channel="4144.52.995465573\1479992736" /prefetch:673131151
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.53.2134376080\722284931" /prefetch:673131151
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.54.487683815\1659117294" /prefetch:673131151
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.85.724352285\1792067790" /prefetch:673131151
"C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe" 
"C:\Program Files (x86)\Notepad++\notepad++.exe" "C:\Users\mandel\AppData\Local\Temp\fz3temp-1\head.php"
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.91.1584638205\1786303386" /prefetch:673131151
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.94.1757079013\1545603894" /prefetch:673131151
"C:\Users\mandel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R6_Beta_ArmB/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 beta:r2 espv:210 suppress_on_srp:1 use_remote_ntp_on_startup:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/Disabled/OmniboxBundledExperimentV1/SearchHistoryDisable_POSTPERIOD/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=0/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4144.95.1106953601\713013586" /prefetch:673131151
C:\Windows\system32\AUDIODG.EXE 0x65c
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe20_ Global\UsGthrCtrlFltPipeMssGthrPipe20 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536 
"C:\Users\mandel\Desktop\RSITx64.exe" 

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-910604437-1546421213-2902785752-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-910604437-1546421213-2902785752-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-910604437-1546421213-2902785752-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-910604437-1546421213-2902785752-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\mandel\AppData\Roaming\Mozilla\Firefox\Profiles\j2k9bjg7.default

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.13.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-03-07 4081008]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-14 1028384]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\mandel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-11 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-05-06 3037296]

C:\Users\mandel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\mandel\AppData\Roaming\Dropbox\bin\Dropbox.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pictureviewer.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\quicktimeplayer.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\singles2.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave9"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"VIDC.LAGS"=lagarith.dll
"aux2"=wdmaud.drv
"wave8"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-12-30 01:56:32 ----D---- C:\ProgramData\Team MediaPortal
2013-12-29 23:09:21 ----D---- C:\AdwCleaner
2013-12-29 22:02:34 ----D---- C:\Program Files\trend micro
2013-12-29 22:02:33 ----D---- C:\rsit
2013-12-28 02:46:25 ----D---- C:\ProgramData\fltk.org
2013-12-27 22:10:32 ----D---- C:\Program Files (x86)\AviSynth 2.5
2013-12-26 07:55:05 ----D---- C:\Program Files (x86)\vReveal 3
2013-12-22 22:16:29 ----A---- C:\Windows\system32\drivers\ggsemc.sys
2013-12-22 22:16:27 ----A---- C:\Windows\system32\drivers\ggflt.sys
2013-12-22 22:14:03 ----D---- C:\ProgramData\Sony Mobile
2013-12-22 22:13:29 ----D---- C:\Program Files (x86)\Sony Mobile
2013-12-20 20:53:49 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2013-12-20 20:53:49 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2013-12-20 20:51:22 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2013-12-20 20:51:22 ----A---- C:\Windows\system32\nvspcap64.dll
2013-12-20 20:49:24 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-12-20 20:48:21 ----D---- C:\ProgramData\NVIDIA
2013-12-20 20:48:00 ----A---- C:\Windows\system32\nvvsvc.exe
2013-12-20 20:48:00 ----A---- C:\Windows\system32\nvsvc64.dll
2013-12-20 20:48:00 ----A---- C:\Windows\system32\nvshext.dll
2013-12-20 20:48:00 ----A---- C:\Windows\system32\nvmctray.dll
2013-12-20 20:48:00 ----A---- C:\Windows\system32\nvcpl.dll
2013-12-20 20:40:39 ----A---- C:\Windows\system32\nvaudcap64v.dll
2013-12-20 20:40:31 ----A---- C:\Windows\system32\nvdispgenco6433182.dll
2013-12-20 20:40:31 ----A---- C:\Windows\system32\nvdispco6433182.dll
2013-12-20 20:40:28 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-12-20 20:40:27 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-12-20 20:40:27 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-12-20 20:40:27 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-12-20 20:40:27 ----A---- C:\Windows\system32\nvumdshimx.dll
2013-12-20 20:40:26 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-12-20 20:40:25 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-12-20 20:40:25 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2013-12-20 20:40:25 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-12-20 20:40:25 ----A---- C:\Windows\system32\nvopencl.dll
2013-12-20 20:40:25 ----A---- C:\Windows\system32\nvoglv64.dll
2013-12-20 20:40:25 ----A---- C:\Windows\system32\nvoglshim64.dll
2013-12-20 20:40:25 ----A---- C:\Windows\system32\nvinitx.dll
2013-12-20 20:40:24 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-12-20 20:40:24 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-12-20 20:40:24 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-12-20 20:40:24 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-12-20 20:40:24 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-12-20 20:40:24 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-12-20 20:40:24 ----A---- C:\Windows\system32\NvIFR64.dll
2013-12-20 20:40:24 ----A---- C:\Windows\system32\NvFBC64.dll
2013-12-20 20:40:24 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-12-20 20:40:24 ----A---- C:\Windows\system32\nvcuvid.dll
2013-12-20 20:40:24 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-12-20 20:40:23 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-12-20 20:40:23 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-12-20 20:40:23 ----A---- C:\Windows\system32\nvcuda.dll
2013-12-20 20:40:23 ----A---- C:\Windows\system32\nvcompiler.dll
2013-12-20 20:40:23 ----A---- C:\Windows\system32\nvapi64.dll
2013-12-20 13:07:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-12-19 09:15:40 ----D---- C:\Program Files (x86)\Applian Technologies
2013-12-19 09:15:20 ----D---- C:\ProgramData\Applian
2013-12-13 23:18:45 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-13 23:18:44 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-13 23:18:43 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-13 23:18:40 ----A---- C:\Windows\system32\wmp.dll
2013-12-13 23:10:25 ----D---- C:\Windows\Migration
2013-12-13 23:06:06 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-13 23:06:05 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-13 23:06:05 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-13 23:06:05 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-13 23:06:05 ----A---- C:\Windows\system32\ieui.dll
2013-12-13 23:06:04 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-13 23:06:04 ----A---- C:\Windows\system32\iesetup.dll
2013-12-13 23:06:04 ----A---- C:\Windows\system32\iernonce.dll
2013-12-13 23:06:04 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-13 23:06:04 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-13 23:06:04 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-13 23:06:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-13 23:06:02 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-13 23:06:02 ----A---- C:\Windows\system32\mshtml.dll
2013-12-13 23:06:02 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-13 23:06:02 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-13 23:06:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-13 23:06:01 ----A---- C:\Windows\system32\iertutil.dll
2013-12-13 23:06:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-13 23:06:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-13 23:06:00 ----A---- C:\Windows\system32\wininet.dll
2013-12-13 23:05:59 ----A---- C:\Windows\system32\urlmon.dll
2013-12-13 23:05:58 ----A---- C:\Windows\system32\ieframe.dll
2013-12-13 23:05:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-13 23:05:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-13 23:05:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-13 23:05:54 ----A---- C:\Windows\system32\jscript9.dll
2013-12-13 22:39:42 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-13 22:39:42 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-13 22:39:38 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-13 22:39:38 ----A---- C:\Windows\system32\tzres.dll
2013-12-13 22:39:31 ----A---- C:\Windows\system32\msieftp.dll
2013-12-13 22:39:30 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-13 22:39:28 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-13 22:39:28 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-13 22:39:28 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-13 22:39:27 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-13 22:39:26 ----A---- C:\Windows\system32\win32k.sys
2013-12-13 22:39:15 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-13 22:39:15 ----A---- C:\Windows\system32\wscript.exe
2013-12-13 22:39:15 ----A---- C:\Windows\system32\scrrun.dll
2013-12-13 22:39:15 ----A---- C:\Windows\system32\cscript.exe
2013-12-13 22:39:14 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-13 22:39:14 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-13 22:37:47 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-12-13 22:37:47 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-12-13 22:37:47 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-12-13 22:37:47 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-12-13 22:37:47 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-12-13 22:37:46 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-12-13 22:37:46 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-12-13 22:31:58 ----A---- C:\Windows\AsTaskSched.dll
2013-12-13 22:30:25 ----N---- C:\Windows\difxapi.dll
2013-12-13 22:30:21 ----D---- C:\Program Files (x86)\VIA
2013-12-13 22:28:56 ----A---- C:\Windows\Language_trs.ini
2013-12-13 22:28:09 ----A---- C:\Windows\system32\VIASysFx.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\VIAPropPageExt.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\ViaMicArrayPropPageExt.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\ViaMicArrayAPO.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\ViakaraokeSrv.exe
2013-12-13 22:28:09 ----A---- C:\Windows\system32\ViaKaraokePropPageExt.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\ViaKaraokeApo.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\nQPropPageExt.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\nQAPO.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\Dts2PropPageExt.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\Dts2APO.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\drivers\viahduaa.sys
2013-12-11 22:11:10 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-12-11 18:28:58 ----D---- C:\SymCache
2013-12-07 02:15:57 ----A---- C:\Windows\system32\unrar.dll
2013-12-07 02:15:57 ----A---- C:\Windows\system32\lagarith.dll
2013-12-07 02:15:54 ----A---- C:\Windows\system32\ff_vfw.dll
2013-12-05 15:21:57 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-12-05 15:16:49 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-05 15:16:49 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-05 15:16:40 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-05 15:16:40 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-05 15:16:40 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-05 15:16:40 ----A---- C:\Windows\system32\elshyph.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-05 15:16:35 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-05 15:16:34 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-05 15:16:34 ----A---- C:\Windows\system32\msrating.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\msls31.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-05 15:16:34 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\wextract.exe
2013-12-05 15:16:33 ----A---- C:\Windows\system32\webcheck.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\vbscript.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\url.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\occache.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\mshta.exe
2013-12-05 15:16:33 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\jscript.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\inseng.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\imgutil.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\iexpress.exe
2013-12-05 15:16:33 ----A---- C:\Windows\system32\iepeers.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\ieapfltr.dat
2013-12-05 15:16:33 ----A---- C:\Windows\system32\icardie.dll
2013-12-05 14:20:33 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-12-05 14:20:33 ----A---- C:\Windows\system32\advapi32.dll
2013-12-05 14:20:31 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-12-05 14:20:30 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-12-05 14:20:30 ----A---- C:\Windows\system32\tdh.dll
2013-12-05 14:20:29 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-12-05 14:20:29 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-12-05 14:20:29 ----A---- C:\Windows\system32\ntdll.dll
2013-12-05 14:20:28 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-12-05 14:20:28 ----A---- C:\Windows\system32\wow64.dll
2013-12-05 14:20:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-12-05 14:20:25 ----A---- C:\Windows\SYSWOW64\user.exe
2013-12-05 14:20:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-12-05 14:20:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-12-05 14:20:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-12-05 14:20:22 ----A---- C:\Windows\system32\authui.dll
2013-12-05 14:20:21 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-12-05 14:20:21 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-12-05 14:20:21 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-12-05 14:20:21 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-05 14:20:21 ----A---- C:\Windows\system32\credui.dll
2013-12-05 14:20:09 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-12-05 14:20:04 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-12-05 14:20:04 ----A---- C:\Windows\system32\mswsock.dll
2013-12-05 14:20:04 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-12-05 14:19:49 ----A---- C:\Windows\system32\crypt32.dll
2013-12-05 14:19:48 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-12-05 14:19:21 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-12-05 14:19:21 ----A---- C:\Windows\system32\schannel.dll
2013-12-05 14:19:21 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-12-05 14:19:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-12-05 14:19:21 ----A---- C:\Windows\system32\drivers\cng.sys
2013-12-05 14:19:20 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-12-05 14:19:20 ----A---- C:\Windows\system32\sspicli.dll
2013-12-05 14:19:20 ----A---- C:\Windows\system32\ncrypt.dll
2013-12-05 14:19:20 ----A---- C:\Windows\system32\lsass.exe
2013-12-05 14:19:20 ----A---- C:\Windows\system32\lsasrv.dll
2013-12-05 14:19:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-12-05 14:19:19 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-12-05 14:19:19 ----A---- C:\Windows\system32\sspisrv.dll
2013-12-05 14:19:19 ----A---- C:\Windows\system32\secur32.dll
2013-12-05 14:19:11 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-12-05 14:19:11 ----A---- C:\Windows\system32\gdi32.dll
2013-12-05 14:19:10 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-12-05 14:19:10 ----A---- C:\Windows\system32\WebClnt.dll
2013-12-05 14:19:09 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-12-05 14:19:09 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-12-05 14:19:09 ----A---- C:\Windows\system32\davclnt.dll
2013-12-05 14:19:08 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-12-05 14:19:08 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-12-05 14:19:08 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2013-12-05 14:19:07 ----A---- C:\Windows\system32\drivers\afd.sys
2013-12-05 14:19:05 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-12-05 14:19:05 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-12-05 14:19:05 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-12-05 14:19:05 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-12-05 14:19:05 ----A---- C:\Windows\system32\lpk.dll
2013-12-05 14:19:05 ----A---- C:\Windows\system32\fontsub.dll
2013-12-05 14:19:05 ----A---- C:\Windows\system32\dciman32.dll
2013-12-05 14:19:05 ----A---- C:\Windows\system32\atmfd.dll
2013-12-05 14:19:04 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-12-05 14:19:04 ----A---- C:\Windows\system32\atmlib.dll
2013-12-05 14:19:03 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-12-05 14:19:03 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-12-05 14:19:01 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-12-05 14:19:01 ----A---- C:\Windows\system32\comctl32.dll
2013-12-05 14:18:58 ----A---- C:\Windows\system32\drivers\usbser.sys
2013-12-05 14:18:32 ----A---- C:\Windows\system32\shell32.dll
2013-12-05 14:18:31 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-12-05 14:18:30 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-12-05 14:18:30 ----A---- C:\Windows\system32\shdocvw.dll
2013-12-05 14:18:17 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-05 14:18:17 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-05 14:16:01 ----A---- C:\Windows\system32\scavengeui.dll
2013-12-05 14:14:15 ----A---- C:\Windows\system32\KernelBase.dll
2013-12-05 14:14:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-12-05 14:14:14 ----A---- C:\Windows\system32\kernel32.dll
2013-12-05 14:14:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-12-05 14:14:13 ----A---- C:\Windows\system32\winsrv.dll
2013-12-05 14:14:13 ----A---- C:\Windows\system32\smss.exe
2013-12-05 14:14:13 ----A---- C:\Windows\system32\csrsrv.dll
2013-12-05 14:14:13 ----A---- C:\Windows\system32\conhost.exe
2013-12-05 14:14:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-12-05 14:14:12 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-12-05 14:14:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-12-05 14:14:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-12-05 14:14:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-12-05 14:14:06 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-12-05 14:14:06 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-12-05 14:14:06 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-12-05 14:14:06 ----A---- C:\Windows\system32\apisetschema.dll
2013-12-05 14:14:01 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-12-05 14:14:01 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-12-05 14:14:01 ----A---- C:\Windows\system32\nshwfp.dll
2013-12-05 14:14:01 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-12-05 14:14:01 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-12-05 14:13:57 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-12-05 14:13:55 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-12-04 02:22:50 ----A---- C:\Windows\system32\nvhdap64.dll
2013-12-04 02:22:50 ----A---- C:\Windows\system32\nvhdagenco64.dll
2013-12-04 02:22:50 ----A---- C:\Windows\system32\drivers\nvhda64v.sys

======List of files/folders modified in the last 1 month======

2013-12-30 09:57:25 ----D---- C:\Windows\Temp
2013-12-30 07:14:44 ----D---- C:\Users\mandel\AppData\Roaming\FileZilla
2013-12-30 06:46:29 ----D---- C:\Windows\tracing
2013-12-30 01:56:32 ----HD---- C:\ProgramData
2013-12-30 01:56:22 ----RD---- C:\Program Files (x86)
2013-12-30 01:42:56 ----RSD---- C:\Windows\Fonts
2013-12-30 00:16:52 ----D---- C:\Windows\system32\config
2013-12-29 23:17:55 ----D---- C:\Users\mandel\AppData\Roaming\Dropbox
2013-12-29 23:11:18 ----D---- C:\Windows\system32\Tasks
2013-12-29 22:02:34 ----RD---- C:\Program Files
2013-12-28 00:46:04 ----D---- C:\Users\mandel\AppData\Roaming\vlc
2013-12-28 00:41:13 ----AD---- C:\ProgramData\TEMP
2013-12-27 22:33:32 ----D---- C:\Windows\SysWOW64
2013-12-27 17:14:26 ----D---- C:\Users\mandel\AppData\Roaming\Skype
2013-12-26 23:08:23 ----D---- C:\Users\mandel\AppData\Roaming\uTorrent
2013-12-26 19:59:23 ----SHD---- C:\Windows\Installer
2013-12-26 19:59:22 ----SHD---- C:\Config.Msi
2013-12-26 19:59:22 ----D---- C:\ProgramData\Skype
2013-12-26 19:59:17 ----RD---- C:\Program Files (x86)\Skype
2013-12-26 07:55:13 ----D---- C:\Users\mandel\AppData\Roaming\MotionDSP
2013-12-26 04:20:11 ----D---- C:\Windows\Prefetch
2013-12-25 17:12:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-25 16:57:27 ----D---- C:\Windows
2013-12-25 16:55:46 ----D---- C:\Windows\System32
2013-12-25 16:55:46 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-24 07:57:58 ----D---- C:\Windows\inf
2013-12-24 07:57:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-22 22:26:15 ----D---- C:\Windows\system32\drivers
2013-12-22 22:16:42 ----D---- C:\Windows\system32\catroot
2013-12-22 22:16:40 ----D---- C:\Windows\system32\DriverStore
2013-12-22 22:16:24 ----SHD---- C:\System Volume Information
2013-12-22 22:13:27 ----D---- C:\Program Files (x86)\Sony Ericsson
2013-12-22 22:09:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-20 21:40:18 ----A---- C:\Users\mandel\AppData\Roaming\GPU Meter_Settings.ini
2013-12-20 20:56:57 ----D---- C:\ProgramData\NVIDIA Corporation
2013-12-20 20:54:40 ----D---- C:\Windows\Microsoft.NET
2013-12-20 20:54:15 ----D---- C:\Program Files\NVIDIA Corporation
2013-12-20 20:54:15 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-12-20 20:54:00 ----RD---- C:\Users
2013-12-20 20:47:57 ----D---- C:\Windows\Help
2013-12-20 14:56:44 ----D---- C:\Windows\Minidump
2013-12-19 19:23:34 ----D---- C:\Windows\system32\catroot2
2013-12-19 05:18:23 ----D---- C:\Windows\rescache
2013-12-17 10:44:05 ----D---- C:\Program Files (x86)\Opera
2013-12-15 17:56:56 ----D---- C:\Program Files (x86)\Wondershare
2013-12-15 17:56:45 ----D---- C:\Users\mandel\AppData\Roaming\Wondershare
2013-12-15 17:56:07 ----D---- C:\Program Files (x86)\Alawarhry.cz
2013-12-15 16:34:09 ----RSD---- C:\Windows\assembly
2013-12-15 15:15:14 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-12-14 16:23:27 ----A---- C:\Users\mandel\AppData\Roaming\Network Meter_Settings.ini
2013-12-14 15:09:04 ----D---- C:\Program Files\Common Files\Adobe
2013-12-14 14:47:18 ----D---- C:\Windows\system32\wdi
2013-12-13 23:54:41 ----D---- C:\Windows\winsxs
2013-12-13 23:49:57 ----D---- C:\Program Files\Windows Media Player
2013-12-13 23:49:57 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-13 23:49:56 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-13 23:49:56 ----D---- C:\Windows\system32\cs-CZ
2013-12-13 23:49:56 ----D---- C:\Program Files\Internet Explorer
2013-12-13 23:49:56 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-13 23:30:44 ----D---- C:\ProgramData\Microsoft Help
2013-12-13 23:11:19 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-13 23:11:18 ----D---- C:\Windows\system32\en-US
2013-12-13 23:10:25 ----SD---- C:\ProgramData\Microsoft
2013-12-13 23:04:27 ----D---- C:\Windows\system32\MRT
2013-12-13 22:58:47 ----A---- C:\Windows\system32\MRT.exe
2013-12-11 16:13:43 ----D---- C:\Users\mandel\AppData\Roaming\Adobe
2013-12-09 12:37:49 ----D---- C:\Program Files\Microsoft Silverlight
2013-12-09 12:37:48 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-12-09 12:33:31 ----D---- C:\Windows\SYSWOW64\migration
2013-12-09 12:33:30 ----D---- C:\Windows\system32\migration
2013-12-09 12:33:30 ----D---- C:\Windows\PolicyDefinitions
2013-12-09 12:33:26 ----D---- C:\Windows\AppPatch
2013-12-08 21:16:52 ----D---- C:\Users\mandel\AppData\Roaming\XBMC
2013-12-07 02:15:58 ----D---- C:\Program Files\K-Lite Codec Pack x64
2013-12-05 15:21:57 ----D---- C:\Windows\Logs
2013-12-04 10:39:08 ----D---- C:\Windows\system32\NDF
2013-12-02 18:51:34 ----D---- C:\ProgramData\CanonIJPLM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dk2drv;DK2 WindowsNT Driver; \??\C:\Windows\SYSTEM32\Drivers\dk2drv64.sys [2012-12-30 59192]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-26 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-12-09 126944]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-12-19 237992]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-12-19 120232]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-14 187632]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-12-04 196384]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-12-19 146856]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-12-22 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-12-22 27760]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2012-11-09 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2012-11-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-12-19 132008]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2012-12-19 106408]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-03-29 2157680]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\Windows\System32\DRIVERS\vserial.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WsAudioDevice_383S(1);WsAudioDevice_383S(1); C:\Windows\system32\drivers\WsAudioDevice_383S(1).sys [2011-11-17 29288]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\drivers\WSDScan.sys [2009-07-14 25088]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 922912]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-12-14 2019648]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-03-29 27760]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-25 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-25 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-25 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-910604437-1546421213-2902785752-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-910604437-1546421213-2902785752-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-910604437-1546421213-2902785752-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-910604437-1546421213-2902785752-1001UA.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[mandel99]

Kód: Vybrat vše

Logfile of random's system information tool 1.09 (written by random/random)
Run by mandel at 2013-12-30 10:20:41
Microsoft Windows 7 Ultimate  Service Pack 1
System drive C: has 183 GB (60%) free of 305 GB
Total RAM: 4094 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:20:44, on 30.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Users\mandel\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\trend micro\mandel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"                                                                                                                                                                                      
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8722 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2d0
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
taskeng.exe {294428C7-49C8-4CCE-820B-2299290081A5}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
taskeng.exe {6616D0AB-9A30-433F-8411-A2D38F2F4AFB}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:2476
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-60365043621001380588966719467784551198680184542070702681345877521167367329
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
WLIDSvcM.exe 2608
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\12302013_100815.log
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe" 
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\RocketDock\RocketDock.exe" 
"C:\Users\mandel\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\mandel\Desktop\RSITx64.exe" 
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\taskmgr.exe" /4

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\mandel\AppData\Roaming\Mozilla\Firefox\Profiles\j2k9bjg7.default

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.13.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-03-07 4081008]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-14 1028384]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\mandel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-11 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-05-06 3037296]

C:\Users\mandel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\mandel\AppData\Roaming\Dropbox\bin\Dropbox.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pictureviewer.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\quicktimeplayer.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\singles2.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave9"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"VIDC.LAGS"=lagarith.dll
"aux2"=wdmaud.drv
"wave8"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-12-30 10:08:15 ----D---- C:\_OTM
2013-12-30 01:56:32 ----D---- C:\ProgramData\Team MediaPortal
2013-12-29 23:09:21 ----D---- C:\AdwCleaner
2013-12-29 22:02:34 ----D---- C:\Program Files\trend micro
2013-12-29 22:02:33 ----D---- C:\rsit
2013-12-28 02:46:25 ----D---- C:\ProgramData\fltk.org
2013-12-27 22:10:32 ----D---- C:\Program Files (x86)\AviSynth 2.5
2013-12-26 07:55:05 ----D---- C:\Program Files (x86)\vReveal 3
2013-12-22 22:16:29 ----A---- C:\Windows\system32\drivers\ggsemc.sys
2013-12-22 22:16:27 ----A---- C:\Windows\system32\drivers\ggflt.sys
2013-12-22 22:14:03 ----D---- C:\ProgramData\Sony Mobile
2013-12-22 22:13:29 ----D---- C:\Program Files (x86)\Sony Mobile
2013-12-20 20:53:49 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2013-12-20 20:53:49 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2013-12-20 20:51:22 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2013-12-20 20:51:22 ----A---- C:\Windows\system32\nvspcap64.dll
2013-12-20 20:49:24 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-12-20 20:48:21 ----D---- C:\ProgramData\NVIDIA
2013-12-20 20:48:00 ----A---- C:\Windows\system32\nvvsvc.exe
2013-12-20 20:48:00 ----A---- C:\Windows\system32\nvsvc64.dll
2013-12-20 20:48:00 ----A---- C:\Windows\system32\nvshext.dll
2013-12-20 20:48:00 ----A---- C:\Windows\system32\nvmctray.dll
2013-12-20 20:48:00 ----A---- C:\Windows\system32\nvcpl.dll
2013-12-20 20:40:39 ----A---- C:\Windows\system32\nvaudcap64v.dll
2013-12-20 20:40:31 ----A---- C:\Windows\system32\nvdispgenco6433182.dll
2013-12-20 20:40:31 ----A---- C:\Windows\system32\nvdispco6433182.dll
2013-12-20 20:40:28 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-12-20 20:40:27 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-12-20 20:40:27 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-12-20 20:40:27 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-12-20 20:40:27 ----A---- C:\Windows\system32\nvumdshimx.dll
2013-12-20 20:40:26 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-12-20 20:40:25 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-12-20 20:40:25 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2013-12-20 20:40:25 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-12-20 20:40:25 ----A---- C:\Windows\system32\nvopencl.dll
2013-12-20 20:40:25 ----A---- C:\Windows\system32\nvoglv64.dll
2013-12-20 20:40:25 ----A---- C:\Windows\system32\nvoglshim64.dll
2013-12-20 20:40:25 ----A---- C:\Windows\system32\nvinitx.dll
2013-12-20 20:40:24 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-12-20 20:40:24 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-12-20 20:40:24 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-12-20 20:40:24 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-12-20 20:40:24 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-12-20 20:40:24 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-12-20 20:40:24 ----A---- C:\Windows\system32\NvIFR64.dll
2013-12-20 20:40:24 ----A---- C:\Windows\system32\NvFBC64.dll
2013-12-20 20:40:24 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-12-20 20:40:24 ----A---- C:\Windows\system32\nvcuvid.dll
2013-12-20 20:40:24 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-12-20 20:40:23 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-12-20 20:40:23 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-12-20 20:40:23 ----A---- C:\Windows\system32\nvcuda.dll
2013-12-20 20:40:23 ----A---- C:\Windows\system32\nvcompiler.dll
2013-12-20 20:40:23 ----A---- C:\Windows\system32\nvapi64.dll
2013-12-20 13:07:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-12-19 09:15:40 ----D---- C:\Program Files (x86)\Applian Technologies
2013-12-19 09:15:20 ----D---- C:\ProgramData\Applian
2013-12-13 23:18:45 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-13 23:18:44 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-13 23:18:43 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-13 23:18:40 ----A---- C:\Windows\system32\wmp.dll
2013-12-13 23:10:25 ----D---- C:\Windows\Migration
2013-12-13 23:06:06 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-13 23:06:05 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-13 23:06:05 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-13 23:06:05 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-13 23:06:05 ----A---- C:\Windows\system32\ieui.dll
2013-12-13 23:06:04 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-13 23:06:04 ----A---- C:\Windows\system32\iesetup.dll
2013-12-13 23:06:04 ----A---- C:\Windows\system32\iernonce.dll
2013-12-13 23:06:04 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-13 23:06:04 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-13 23:06:04 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-13 23:06:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-13 23:06:02 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-13 23:06:02 ----A---- C:\Windows\system32\mshtml.dll
2013-12-13 23:06:02 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-13 23:06:02 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-13 23:06:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-13 23:06:01 ----A---- C:\Windows\system32\iertutil.dll
2013-12-13 23:06:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-13 23:06:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-13 23:06:00 ----A---- C:\Windows\system32\wininet.dll
2013-12-13 23:05:59 ----A---- C:\Windows\system32\urlmon.dll
2013-12-13 23:05:58 ----A---- C:\Windows\system32\ieframe.dll
2013-12-13 23:05:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-13 23:05:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-13 23:05:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-13 23:05:54 ----A---- C:\Windows\system32\jscript9.dll
2013-12-13 22:39:42 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-13 22:39:42 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-13 22:39:38 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-13 22:39:38 ----A---- C:\Windows\system32\tzres.dll
2013-12-13 22:39:31 ----A---- C:\Windows\system32\msieftp.dll
2013-12-13 22:39:30 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-13 22:39:28 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-13 22:39:28 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-13 22:39:28 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-13 22:39:27 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-13 22:39:26 ----A---- C:\Windows\system32\win32k.sys
2013-12-13 22:39:15 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-13 22:39:15 ----A---- C:\Windows\system32\wscript.exe
2013-12-13 22:39:15 ----A---- C:\Windows\system32\scrrun.dll
2013-12-13 22:39:15 ----A---- C:\Windows\system32\cscript.exe
2013-12-13 22:39:14 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-13 22:39:14 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-13 22:37:47 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-12-13 22:37:47 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-12-13 22:37:47 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-12-13 22:37:47 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-12-13 22:37:47 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-12-13 22:37:46 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-12-13 22:37:46 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-12-13 22:31:58 ----A---- C:\Windows\AsTaskSched.dll
2013-12-13 22:30:25 ----N---- C:\Windows\difxapi.dll
2013-12-13 22:30:21 ----D---- C:\Program Files (x86)\VIA
2013-12-13 22:28:56 ----A---- C:\Windows\Language_trs.ini
2013-12-13 22:28:09 ----A---- C:\Windows\system32\VIASysFx.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\VIAPropPageExt.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\ViaMicArrayPropPageExt.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\ViaMicArrayAPO.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\ViakaraokeSrv.exe
2013-12-13 22:28:09 ----A---- C:\Windows\system32\ViaKaraokePropPageExt.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\ViaKaraokeApo.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\nQPropPageExt.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\nQAPO.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\Dts2PropPageExt.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\Dts2APO.dll
2013-12-13 22:28:09 ----A---- C:\Windows\system32\drivers\viahduaa.sys
2013-12-11 22:11:10 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-12-11 18:28:58 ----D---- C:\SymCache
2013-12-07 02:15:57 ----A---- C:\Windows\system32\unrar.dll
2013-12-07 02:15:57 ----A---- C:\Windows\system32\lagarith.dll
2013-12-07 02:15:54 ----A---- C:\Windows\system32\ff_vfw.dll
2013-12-05 15:21:57 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-12-05 15:16:49 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-05 15:16:49 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-05 15:16:40 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-05 15:16:40 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-05 15:16:40 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-05 15:16:40 ----A---- C:\Windows\system32\elshyph.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-05 15:16:39 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-05 15:16:38 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-05 15:16:35 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-05 15:16:34 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-05 15:16:34 ----A---- C:\Windows\system32\msrating.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\msls31.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-05 15:16:34 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-05 15:16:34 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\wextract.exe
2013-12-05 15:16:33 ----A---- C:\Windows\system32\webcheck.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\vbscript.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\url.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\occache.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\mshta.exe
2013-12-05 15:16:33 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\jscript.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\inseng.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\imgutil.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\iexpress.exe
2013-12-05 15:16:33 ----A---- C:\Windows\system32\iepeers.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-05 15:16:33 ----A---- C:\Windows\system32\ieapfltr.dat
2013-12-05 15:16:33 ----A---- C:\Windows\system32\icardie.dll
2013-12-05 14:20:33 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-12-05 14:20:33 ----A---- C:\Windows\system32\advapi32.dll
2013-12-05 14:20:31 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-12-05 14:20:30 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-12-05 14:20:30 ----A---- C:\Windows\system32\tdh.dll
2013-12-05 14:20:29 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-12-05 14:20:29 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-12-05 14:20:29 ----A---- C:\Windows\system32\ntdll.dll
2013-12-05 14:20:28 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-12-05 14:20:28 ----A---- C:\Windows\system32\wow64.dll
2013-12-05 14:20:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-12-05 14:20:25 ----A---- C:\Windows\SYSWOW64\user.exe
2013-12-05 14:20:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-12-05 14:20:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-12-05 14:20:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-12-05 14:20:22 ----A---- C:\Windows\system32\authui.dll
2013-12-05 14:20:21 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-12-05 14:20:21 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-12-05 14:20:21 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-12-05 14:20:21 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-05 14:20:21 ----A---- C:\Windows\system32\credui.dll
2013-12-05 14:20:09 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-12-05 14:20:04 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-12-05 14:20:04 ----A---- C:\Windows\system32\mswsock.dll
2013-12-05 14:20:04 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-12-05 14:19:49 ----A---- C:\Windows\system32\crypt32.dll
2013-12-05 14:19:48 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-12-05 14:19:21 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-12-05 14:19:21 ----A---- C:\Windows\system32\schannel.dll
2013-12-05 14:19:21 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-12-05 14:19:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-12-05 14:19:21 ----A---- C:\Windows\system32\drivers\cng.sys
2013-12-05 14:19:20 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-12-05 14:19:20 ----A---- C:\Windows\system32\sspicli.dll
2013-12-05 14:19:20 ----A---- C:\Windows\system32\ncrypt.dll
2013-12-05 14:19:20 ----A---- C:\Windows\system32\lsass.exe
2013-12-05 14:19:20 ----A---- C:\Windows\system32\lsasrv.dll
2013-12-05 14:19:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-12-05 14:19:19 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-12-05 14:19:19 ----A---- C:\Windows\system32\sspisrv.dll
2013-12-05 14:19:19 ----A---- C:\Windows\system32\secur32.dll
2013-12-05 14:19:11 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-12-05 14:19:11 ----A---- C:\Windows\system32\gdi32.dll
2013-12-05 14:19:10 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-12-05 14:19:10 ----A---- C:\Windows\system32\WebClnt.dll
2013-12-05 14:19:09 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-12-05 14:19:09 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-12-05 14:19:09 ----A---- C:\Windows\system32\davclnt.dll
2013-12-05 14:19:08 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-12-05 14:19:08 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-12-05 14:19:08 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2013-12-05 14:19:07 ----A---- C:\Windows\system32\drivers\afd.sys
2013-12-05 14:19:05 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-12-05 14:19:05 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-12-05 14:19:05 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-12-05 14:19:05 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-12-05 14:19:05 ----A---- C:\Windows\system32\lpk.dll
2013-12-05 14:19:05 ----A---- C:\Windows\system32\fontsub.dll
2013-12-05 14:19:05 ----A---- C:\Windows\system32\dciman32.dll
2013-12-05 14:19:05 ----A---- C:\Windows\system32\atmfd.dll
2013-12-05 14:19:04 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-12-05 14:19:04 ----A---- C:\Windows\system32\atmlib.dll
2013-12-05 14:19:03 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-12-05 14:19:03 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-12-05 14:19:01 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-12-05 14:19:01 ----A---- C:\Windows\system32\comctl32.dll
2013-12-05 14:18:58 ----A---- C:\Windows\system32\drivers\usbser.sys
2013-12-05 14:18:32 ----A---- C:\Windows\system32\shell32.dll
2013-12-05 14:18:31 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-12-05 14:18:30 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-12-05 14:18:30 ----A---- C:\Windows\system32\shdocvw.dll
2013-12-05 14:18:17 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-05 14:18:17 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-05 14:16:01 ----A---- C:\Windows\system32\scavengeui.dll
2013-12-05 14:14:15 ----A---- C:\Windows\system32\KernelBase.dll
2013-12-05 14:14:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-12-05 14:14:14 ----A---- C:\Windows\system32\kernel32.dll
2013-12-05 14:14:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-12-05 14:14:13 ----A---- C:\Windows\system32\winsrv.dll
2013-12-05 14:14:13 ----A---- C:\Windows\system32\smss.exe
2013-12-05 14:14:13 ----A---- C:\Windows\system32\csrsrv.dll
2013-12-05 14:14:13 ----A---- C:\Windows\system32\conhost.exe
2013-12-05 14:14:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-12-05 14:14:12 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-12-05 14:14:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-12-05 14:14:11 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-12-05 14:14:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-12-05 14:14:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-12-05 14:14:08 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-12-05 14:14:07 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-12-05 14:14:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-12-05 14:14:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-12-05 14:14:06 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-12-05 14:14:06 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-12-05 14:14:06 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-12-05 14:14:06 ----A---- C:\Windows\system32\apisetschema.dll
2013-12-05 14:14:01 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-12-05 14:14:01 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-12-05 14:14:01 ----A---- C:\Windows\system32\nshwfp.dll
2013-12-05 14:14:01 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-12-05 14:14:01 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-12-05 14:13:57 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-12-05 14:13:55 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-12-04 02:22:50 ----A---- C:\Windows\system32\nvhdap64.dll
2013-12-04 02:22:50 ----A---- C:\Windows\system32\nvhdagenco64.dll
2013-12-04 02:22:50 ----A---- C:\Windows\system32\drivers\nvhda64v.sys

======List of files/folders modified in the last 1 month======

2013-12-30 10:20:42 ----D---- C:\Windows\Temp
2013-12-30 10:20:08 ----D---- C:\Users\mandel\AppData\Roaming\Dropbox
2013-12-30 10:18:22 ----D---- C:\Windows\system32\catroot2
2013-12-30 10:08:16 ----D---- C:\Windows\Tasks
2013-12-30 07:14:44 ----D---- C:\Users\mandel\AppData\Roaming\FileZilla
2013-12-30 06:46:29 ----D---- C:\Windows\tracing
2013-12-30 01:56:32 ----HD---- C:\ProgramData
2013-12-30 01:56:22 ----RD---- C:\Program Files (x86)
2013-12-30 01:42:56 ----RSD---- C:\Windows\Fonts
2013-12-30 00:16:52 ----D---- C:\Windows\system32\config
2013-12-29 23:11:18 ----D---- C:\Windows\system32\Tasks
2013-12-29 22:02:34 ----RD---- C:\Program Files
2013-12-28 00:46:04 ----D---- C:\Users\mandel\AppData\Roaming\vlc
2013-12-28 00:41:13 ----AD---- C:\ProgramData\TEMP
2013-12-27 22:33:32 ----D---- C:\Windows\SysWOW64
2013-12-27 17:14:26 ----D---- C:\Users\mandel\AppData\Roaming\Skype
2013-12-26 23:08:23 ----D---- C:\Users\mandel\AppData\Roaming\uTorrent
2013-12-26 19:59:23 ----SHD---- C:\Windows\Installer
2013-12-26 19:59:22 ----SHD---- C:\Config.Msi
2013-12-26 19:59:22 ----D---- C:\ProgramData\Skype
2013-12-26 19:59:17 ----RD---- C:\Program Files (x86)\Skype
2013-12-26 07:55:13 ----D---- C:\Users\mandel\AppData\Roaming\MotionDSP
2013-12-26 04:20:11 ----D---- C:\Windows\Prefetch
2013-12-25 17:12:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-25 16:57:27 ----D---- C:\Windows
2013-12-25 16:55:46 ----D---- C:\Windows\System32
2013-12-25 16:55:46 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-24 07:57:58 ----D---- C:\Windows\inf
2013-12-24 07:57:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-22 22:26:15 ----D---- C:\Windows\system32\drivers
2013-12-22 22:16:42 ----D---- C:\Windows\system32\catroot
2013-12-22 22:16:40 ----D---- C:\Windows\system32\DriverStore
2013-12-22 22:16:24 ----SHD---- C:\System Volume Information
2013-12-22 22:13:27 ----D---- C:\Program Files (x86)\Sony Ericsson
2013-12-22 22:09:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-20 21:40:18 ----A---- C:\Users\mandel\AppData\Roaming\GPU Meter_Settings.ini
2013-12-20 20:56:57 ----D---- C:\ProgramData\NVIDIA Corporation
2013-12-20 20:54:40 ----D---- C:\Windows\Microsoft.NET
2013-12-20 20:54:15 ----D---- C:\Program Files\NVIDIA Corporation
2013-12-20 20:54:15 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-12-20 20:54:00 ----RD---- C:\Users
2013-12-20 20:47:57 ----D---- C:\Windows\Help
2013-12-20 14:56:44 ----D---- C:\Windows\Minidump
2013-12-19 05:18:23 ----D---- C:\Windows\rescache
2013-12-17 10:44:05 ----D---- C:\Program Files (x86)\Opera
2013-12-15 17:56:56 ----D---- C:\Program Files (x86)\Wondershare
2013-12-15 17:56:45 ----D---- C:\Users\mandel\AppData\Roaming\Wondershare
2013-12-15 17:56:07 ----D---- C:\Program Files (x86)\Alawarhry.cz
2013-12-15 16:34:09 ----RSD---- C:\Windows\assembly
2013-12-15 15:15:14 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-12-14 16:23:27 ----A---- C:\Users\mandel\AppData\Roaming\Network Meter_Settings.ini
2013-12-14 15:09:04 ----D---- C:\Program Files\Common Files\Adobe
2013-12-14 14:47:18 ----D---- C:\Windows\system32\wdi
2013-12-13 23:54:41 ----D---- C:\Windows\winsxs
2013-12-13 23:49:57 ----D---- C:\Program Files\Windows Media Player
2013-12-13 23:49:57 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-13 23:49:56 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-13 23:49:56 ----D---- C:\Windows\system32\cs-CZ
2013-12-13 23:49:56 ----D---- C:\Program Files\Internet Explorer
2013-12-13 23:49:56 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-13 23:30:44 ----D---- C:\ProgramData\Microsoft Help
2013-12-13 23:11:19 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-13 23:11:18 ----D---- C:\Windows\system32\en-US
2013-12-13 23:10:25 ----SD---- C:\ProgramData\Microsoft
2013-12-13 23:04:27 ----D---- C:\Windows\system32\MRT
2013-12-13 22:58:47 ----A---- C:\Windows\system32\MRT.exe
2013-12-11 16:13:43 ----D---- C:\Users\mandel\AppData\Roaming\Adobe
2013-12-09 12:37:49 ----D---- C:\Program Files\Microsoft Silverlight
2013-12-09 12:37:48 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-12-09 12:33:31 ----D---- C:\Windows\SYSWOW64\migration
2013-12-09 12:33:30 ----D---- C:\Windows\system32\migration
2013-12-09 12:33:30 ----D---- C:\Windows\PolicyDefinitions
2013-12-09 12:33:26 ----D---- C:\Windows\AppPatch
2013-12-08 21:16:52 ----D---- C:\Users\mandel\AppData\Roaming\XBMC
2013-12-07 02:15:58 ----D---- C:\Program Files\K-Lite Codec Pack x64
2013-12-05 15:21:57 ----D---- C:\Windows\Logs
2013-12-04 10:39:08 ----D---- C:\Windows\system32\NDF
2013-12-02 18:51:34 ----D---- C:\ProgramData\CanonIJPLM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dk2drv;DK2 WindowsNT Driver; \??\C:\Windows\SYSTEM32\Drivers\dk2drv64.sys [2012-12-30 59192]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-26 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-12-09 126944]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-12-19 237992]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-12-19 120232]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-14 187632]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-12-04 196384]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-12-19 146856]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-12-22 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-12-22 27760]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2012-11-09 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2012-11-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-12-19 132008]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2012-12-19 106408]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-03-29 2157680]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\Windows\System32\DRIVERS\vserial.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WsAudioDevice_383S(1);WsAudioDevice_383S(1); C:\Windows\system32\drivers\WsAudioDevice_383S(1).sys [2011-11-17 29288]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\drivers\WSDScan.sys [2009-07-14 25088]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 922912]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-12-14 2019648]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-03-29 27760]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-25 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-25 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-25 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]

-----------------EOF-----------------

[Rudy]

Smazáno. Nastala nějaká změna?

[mandel99]

Eset stále hlásí "Detekováno zneužití skrytého kanálu v ICMP paketu"

[Rudy]

To může. Máte-li zapnutý a řádně nastavený firewall, nemůže se vám nic stát. FW je od toho, aby to likvidovat a protokolem vás informuje.