rundll32.exe

Ghostwriter · Příspěvekod **Ghostwriter** » 06 kvě 2015 17:33

_____

Reklama

Příspěvekod **jerabina** » 06 kvě 2015 17:39

Zavři ostatní programy/prohlížeče, odpoj se od internetu a v HJT fixni:
NÁVOD

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
O1 - Hosts: ::1 localhost

Co problémy?

Ghostwriter · Příspěvekod **Ghostwriter** » 06 kvě 2015 17:42

_____

Příspěvekod **jerabina** » 06 kvě 2015 17:50

No, dej vědět, tich 13% není zase tolik, ale radši to budeme hlídat ještě :-)

Ghostwriter · Příspěvekod **Ghostwriter** » 08 kvě 2015 10:18

Hm, tak ten rundll32.exe se stále občas spouští jako proces, 13% vytížení, paměť žere kolem 20 000 kb, vím že to není moc ale je divný že dříve se toto nedělo. Jiný problémy nepozoruju. Btw není to stejně pojmenovaný soubor situovaný v jiném adresáři jak to občas u virů bývá aby zmátly uživatele, je to normálně ten rundll32.exe z C:\Windows\System32. Ve Správci úloh je jen jedna instance nebo jak to nazvat, prostě jen jeden rundll32, třeba svchostů tam mam kolem dvaceti. Datum vytvoření souboru je 2009, tedy rok kdy jsem naposledy instaloval Windowsi, tohle všechno souhlasí.

Měl bych několik návrhů, možných řešení:
a) uploadnout tento soubor někam kde se dá online otestovat zda je zavirovaný nebo je ok (prý takové služby existují?)
b) zkusit nějak vypátrat který jiný proces rundll32 spouští a proč ho spouští resp. proč ho zbytečně tolik vytěžuje
c) na férovku přepsat ten můj soubor nějakým cizím čistým, ale to mi přijde trochu jako prasárna

Vlastně ani nevím co tento program přesně dělá, k čemu ho Wokna potřebují? Nepřetržitě spuštěný jako povinný proces být nemusí, jde kdykoliv vypnout.. tak nevim, jako skáče to třeba jednou za 12 hodin tak to neni problém típnout přes Správce úloh, je to otázka dvou vteřin, a jiný problémy v současný době nepozoruju, spíš by mě zajímalo proč a co se děje.. rozhodně mi to nestojí za risk, co navrhuješ?

Příspěvekod **jerabina** » 08 kvě 2015 10:49

Právě, téměř s jistotou mohu říct, že se jedná o legitimní systémový soubor, adresář souhlasí, jméno souhlasí ..

rundll32.exe má za úkol spouštět v systému Windows dynamické knihovny DLL, které jsou důležité pro běh většiny(ne li všech) aplikací.

svchost.exe - u nich je normální, že jich je několik, dám ti sem oficiální text z Microsoft.com:
Svchost.exe je proces ve vašem počítači hostící nebo obsahující další samostatné služby, které systém Windows používá při vykonávání různých funkcí. Například program Windows Defender používá službu, která využívá proces svchost.exe.V počítači může být spuštěno několik instancí procesu svchost.exe a každý z těchto instancí obsahuje jiné služby.

Pro jistotu můžeš zkusit rundll.exe otestovat na Virustotal
Následně sem vlož odkaz na výsledek analýzy.

Příspěvekod **MiliNess** » 08 kvě 2015 15:02

Omluvám se za vstup.
Spíše než samotný run32dll.exe by tě měla zajímat dynamická knihovna, kterou daná instance procesu hostí. Samotný run32dll.exe může být v naprostém pořádku, škodlivý kód může být implementován právě v této dynamické knihovně. Spusť Správce úloh, v nabídce Zobrazit->Vybrat sloupce zaškrtni Příkazový řádek. Na záložce Procesy najdi proces run32dll.exe který se ti nelíbí, ve sloupci Příkazový řádek bys měl na konci řetězce vidět název dynamické knihovny, kterou proces hostí. Tu proklepni.

Je také možné, že se za celým problémem skrývá něco jiného než malware (viz. zmíněná BSOD). Chtěl jsem ti pomoci, ale na SZ jsi nijak nereagoval. Ten výpis paměti z BSOD můžeš stále upnout, určitě se na něj podívám, budeš-li mít zájem.

Ghostwriter · Příspěvekod **Ghostwriter** » 08 kvě 2015 18:30

1) Analýza přes Virustotal dopadla OK, výsledky zde:
https://www.virustotal.com/cs/file/5ad3c37e6f2b9db3ee8b5aeedc474645de90c66e3d95f8620c48102f1eba4124/analysis/

2) Modrá smrt se týkala souboru ntoskrnl.exe, který jsme již s kolegou jerabina zlikvidovali. Zde pro jistotu přepis .dmp souboru:

Kód: Vybrat vše

A problem has been detected and Windows has been shut down to prevent damage
to your computer.

The problem seems to be caused by the following file: ntoskrnl.exe

CRITICAL_OBJECT_TERMINATION

If this is the first time you've seen this stop error screen,
restart your computer. If this screen appears again, follow
these steps:

Check to make sure any new hardware or software is properly installed.
If this is a new installation, ask your hardware or software manufacturer
for any Windows updates you might need.

If problems continue, disable or remove any newly installed hardware
or software. Disable BIOS memory options such as caching or shadowing.
If you need to use safe mode to remove or disable components, restart
your computer, press F8 to select Advanced Startup Options, and then
select Safe Mode.

Technical Information:

*** STOP: 0x000000f4 (0x0000000000000006, 0xfffffa800c09f640, 0xfffffa800c002e10, 
0xfffff80002fda910)

*** ntoskrnl.exe - Address 0xfffff80002cd6a40 base at 0xfffff80002c64000 DateStamp 
0x5507a73c

3) Dík za tip, tu dynamickou knihovnu, kterou proces hostí budu příště až se spustí rundll32.exe monitorovat a dám info. Jinak před chvílí jsem vypínal jiný proces a sice GWXConfigManager.exe - za poslední tři dny jsem ho vypínal asi 2x, stejná záležitost jako s rundll32.exe - vytěžuje přesně na 13%, vypnout jde bez problémů. Zde přepis cesty + dynamické knihovny:

Kód: Vybrat vše

C:\Windows\system32\GWX\GWXConfigManager.exe /RunAppraiser

mople71 · Příspěvekod **mople71** » 08 kvě 2015 19:58

Stáhni si prosím FRST:

Pro 32-bit OS: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Pro 64-bit OS: http://www.bleepingcomputer.com/downloa ... ool/dl/82/

Ulož na Plochu, spusť jako Správce, potvrď licenci a klikni na tlačítko Scan. Vše ponech v základním nastavení, nic navíc nezatrhávej.

Po dokončení skenu na tebe vyjedou dva logy, oba sem prosím zkopíruj.

Ghostwriter · Příspěvekod **Ghostwriter** » 08 kvě 2015 20:01

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by IA (administrator) on IA-PC on 08-05-2015 19:59:48
Running from C:\Users\IA\Desktop
Loaded Profiles: IA (Available profiles: IA & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
() C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
(Reprise Software Inc.) C:\solidangle\RLM_Licensing\rlm.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Reprise Software Inc.) C:\solidangle\RLM_Licensing\rlm.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
() C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_20\launch4j-tmp\frd.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-17] (PC-Doctor, Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [BATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [2068992 2009-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [LaunchHPOSIAPP] => C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe [385024 2009-04-03] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [477064 2013-12-22] (Autodesk Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2015-05-06] (AVAST Software)
HKU\S-1-5-21-4087050500-3545783654-1483765477-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe [203928 2009-04-24] (Alcohol Soft Development Team)
HKU\S-1-5-21-4087050500-3545783654-1483765477-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0xFF000000
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-06] (AVAST Software)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4087050500-3545783654-1483765477-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-4087050500-3545783654-1483765477-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-4087050500-3545783654-1483765477-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> {BFB82907-DA23-46E0-909C-82EA5BD66249} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {BFB82907-DA23-46E0-909C-82EA5BD66249} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4087050500-3545783654-1483765477-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4087050500-3545783654-1483765477-1001 -> {BFB82907-DA23-46E0-909C-82EA5BD66249} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4087050500-3545783654-1483765477-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2014-07-10] (Internet Download Manager, Tonec Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-06] (AVAST Software)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2014-07-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-06] (AVAST Software)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\IA\AppData\Roaming\Mozilla\Firefox\Profiles\njrs7urw.default-1399049295354
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll [2014-09-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-09-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-09-10] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-03-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll [2014-09-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-09-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-02-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2009-09-25] (Wacom, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4087050500-3545783654-1483765477-1001: @hola.org/vlc,version=1.7.5 -> C:\Users\IA\AppData\Local\Hola\firefox\app\vlc No File
FF Plugin HKU\S-1-5-21-4087050500-3545783654-1483765477-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\IA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-25] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Extension: Flash and Video Download - C:\Users\IA\AppData\Roaming\Mozilla\Firefox\Profiles\njrs7urw.default-1399049295354\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-05-03]
FF Extension: Multirow Bookmarks Toolbar Plus - C:\Users\IA\AppData\Roaming\Mozilla\Firefox\Profiles\njrs7urw.default-1399049295354\Extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi [2014-11-15]
FF Extension: Download YouTube Videos as MP4 - C:\Users\IA\AppData\Roaming\Mozilla\Firefox\Profiles\njrs7urw.default-1399049295354\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-07-10]
FF Extension: Adblock Plus - C:\Users\IA\AppData\Roaming\Mozilla\Firefox\Profiles\njrs7urw.default-1399049295354\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-06]
FF HKU\S-1-5-21-4087050500-3545783654-1483765477-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\IA\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\IA\AppData\Roaming\IDM\idmmzcc5 [2015-04-02]
FF HKU\S-1-5-21-4087050500-3545783654-1483765477-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\IA\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-07-10]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-07-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-06]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-07-10]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-07-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-05-06] (AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-10-16] (Hewlett-Packard Company) [File not signed]
R2 mi-raysat_3dsmax2011_32; C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [86016 2010-03-10] () [File not signed]
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
S2 pr2ajbeb; C:\Windows\system32\pr2ajbeb.exe [781176 2007-08-22] (Micro Application)
R2 rlm-solidangle; c:\solidangle\RLM_Licensing\rlm.exe [1993728 2012-01-01] (Reprise Software Inc.) [File not signed]
S2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
R2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [5520680 2009-10-06] (Wacom Technology, Corp.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2015-05-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-05-06] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2015-05-06] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2015-05-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2015-05-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2015-05-06] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-04-06] ()
R3 AVER_H193; C:\Windows\System32\drivers\AVer888RC_64.sys [543872 2009-08-21] (AVerMedia TECHNOLOGIES, Inc.)
R3 CXCIR; C:\Windows\system32\DRIVERS\AVer888RCIR_64.sys [39936 2009-08-21] (AVerMedia TECHNOLOGIES, Inc.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-04-06] ()
R0 pe3ajbeb; C:\Windows\System32\drivers\pe3ajbeb.sys [72312 2007-08-22] (Micro Application)
R0 ps7ajbeb; C:\Windows\System32\drivers\ps7ajbeb.sys [102528 2007-08-22] (Micro Application)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2012-06-25] () [File not signed]
U3 ak053bbt; C:\Windows\System32\Drivers\ak053bbt.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
U2 ccEvtMgr; No ImagePath
U2 ccSetMgr; No ImagePath
U3 navapsvc; No ImagePath
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]
U3 SAVRT; No ImagePath
U1 SAVRTPEL; No ImagePath
U3 TlntSvr; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-08 19:59 - 2015-05-08 20:00 - 00021041 _____ () C:\Users\IA\Desktop\FRST.txt
2015-05-08 19:59 - 2015-05-08 19:59 - 02102272 _____ (Farbar) C:\Users\IA\Desktop\FRST64.exe
2015-05-08 19:59 - 2015-05-08 19:59 - 00000000 ____D () C:\FRST
2015-05-06 22:28 - 2015-05-06 22:28 - 00001281 _____ () C:\Users\IA\Desktop\FreeRapid Downloader.lnk
2015-05-06 21:06 - 2015-05-06 21:06 - 00000000 ____D () C:\Users\IA\AppData\Roaming\AVAST Software
2015-05-06 21:05 - 2015-05-06 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2015-05-06 21:04 - 2015-05-08 09:56 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-06 21:04 - 2015-05-06 21:05 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-05-06 21:04 - 2015-05-06 21:05 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-05-06 21:04 - 2015-05-06 21:04 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1430939126979
2015-05-06 21:04 - 2015-05-06 21:04 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1430939112767
2015-05-06 21:04 - 2015-05-06 21:04 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-05-06 21:04 - 2015-05-06 21:04 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-06 21:04 - 2015-05-06 21:04 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-06 21:04 - 2015-05-06 21:04 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-05-06 21:04 - 2015-05-06 21:04 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-06 21:04 - 2015-05-06 21:04 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-06 21:04 - 2015-05-06 21:04 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-05-06 21:04 - 2015-05-06 21:04 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-06 21:04 - 2015-05-06 21:04 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-06 18:14 - 2015-05-06 18:14 - 00000000 ____D () C:\ProgramData\IDM
2015-05-06 17:54 - 2015-05-06 17:55 - 20942656 _____ (Daum Kakao) C:\Users\IA\Downloads\PotPlayerSetup-1.6.53104.exe
2015-05-06 17:25 - 2015-05-06 17:04 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-06 17:05 - 2015-05-06 17:27 - 00016003 _____ () C:\zoek-results.log
2015-05-06 04:16 - 2015-05-06 04:17 - 05231155 _____ () C:\20150506_041650.mkv
2015-05-05 21:00 - 2015-05-05 21:00 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-IA-PC-Windows-7-Home-Premium-(64-bit).dat
2015-05-05 21:00 - 2015-05-05 21:00 - 00000000 ____D () C:\RegBackup
2015-05-05 19:30 - 2015-05-05 19:53 - 00000000 _____ () C:\Users\IA\Desktop\pchelp.txt
2015-05-05 19:25 - 2015-05-05 20:04 - 00000000 ____D () C:\AdwCleaner
2015-05-05 19:03 - 2015-05-05 19:03 - 00291824 _____ () C:\Windows\Minidump\050515-167186-01.dmp
2015-05-05 19:03 - 2015-05-05 19:03 - 00000000 ____D () C:\Windows\Minidump
2015-05-05 19:01 - 2015-05-05 19:01 - 815529078 _____ () C:\Windows\MEMORY.DMP
2015-05-05 10:41 - 2015-05-05 10:41 - 00388608 _____ (Trend Micro Inc.) C:\Users\IA\Desktop\HijackThis.exe
2015-05-05 10:14 - 2015-05-05 10:16 - 00029190 _____ () C:\Users\IA\Desktop\Kopie - 2015_05_Ostraha_Rozpis služeb HD1_změna.xlsx
2015-05-04 17:56 - 2015-05-04 18:01 - 00029099 _____ () C:\Users\IA\Desktop\Kopie - 2015_05_Ostraha_Rozpis služeb HD1.xlsx
2015-05-04 04:37 - 2015-05-04 04:37 - 00037992 _____ () C:\ComboFix.txt
2015-05-04 04:09 - 2015-05-04 04:37 - 00000000 ____D () C:\Qoobox
2015-05-04 04:09 - 2015-05-04 04:36 - 00000000 ____D () C:\Windows\erdnt
2015-05-04 04:09 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-04 04:09 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-04 04:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-04 04:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-04 04:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-04 04:09 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-04 04:09 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-04 04:09 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-04 04:07 - 2015-05-04 04:07 - 00007606 _____ () C:\Users\IA\AppData\Local\Resmon.ResmonCfg
2015-05-04 03:55 - 2015-05-05 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-05-04 03:35 - 2015-05-05 21:21 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-05-04 03:35 - 2015-05-04 03:35 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2015-04-29 21:21 - 2015-05-07 17:12 - 00000000 ____D () C:\_______Low Hanging Clouds
2015-04-27 23:15 - 2015-04-27 23:15 - 00001020 _____ () C:\Users\IA\Desktop\Nocturne for Emily.lnk
2015-04-25 22:40 - 2015-04-25 22:41 - 04691123 _____ () C:\20150425_224047.mkv
2015-04-25 20:02 - 2015-04-25 20:02 - 00000734 _____ () C:\Users\IA\Desktop\My.Life.To.Live-(1962)-fr.-DVDRip.x264.AC3-KARiNA- – zástupce.lnk
2015-04-23 22:04 - 2015-04-23 22:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-23 18:43 - 2015-04-23 19:01 - 00000000 ____D () C:\Users\IA\Desktop\Let's Play The Dark Eye
2015-04-21 21:28 - 2015-04-21 21:28 - 24195712 _____ () C:\Users\IA\Desktop\Jason Schleifer Interivew.mp4
2015-04-18 16:33 - 2015-04-18 16:33 - 13444111 _____ () C:\Users\IA\Desktop\Ray Bradbury.mkv
2015-04-17 17:53 - 2015-04-17 17:53 - 00000836 _____ () C:\Users\IA\Desktop\sex.and.lucia.2001.720p.bluray.x264-cinefile – zástupce.lnk
2015-04-15 09:59 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 09:59 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 09:59 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 09:59 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 09:59 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 09:59 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 09:59 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 09:59 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:59 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 09:59 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 09:59 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 09:59 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 09:59 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:59 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 09:59 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 09:59 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 09:59 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 09:59 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 09:59 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 09:59 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 09:59 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 09:59 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 09:59 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 09:59 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 09:59 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 09:59 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 09:59 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 09:59 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 09:59 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 09:59 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 09:59 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 09:59 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 09:59 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 09:59 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 09:59 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 09:59 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 09:59 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 09:59 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 09:59 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 09:59 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 09:59 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 09:59 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 09:59 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 09:59 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 09:59 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 09:59 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 09:59 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 09:59 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 09:59 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 09:59 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 09:59 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 09:59 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 09:59 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 09:59 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 09:59 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 09:59 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 09:59 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 09:59 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 09:59 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 09:59 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 09:59 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 09:59 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 09:59 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:59 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:59 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 09:59 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 09:59 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 09:59 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 09:59 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 09:59 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 09:59 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 09:59 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 09:59 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 09:59 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 09:59 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 09:59 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 09:59 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 09:59 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 09:59 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 09:59 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 09:59 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:59 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 09:59 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 09:59 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 09:59 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:59 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 09:59 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 09:59 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 09:59 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 09:59 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 09:59 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 09:59 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 09:59 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 09:59 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 09:59 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 09:59 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 09:59 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 09:59 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 09:59 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 09:59 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 09:59 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 09:59 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 09:59 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 09:59 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 09:59 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 09:59 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 09:59 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 09:59 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 09:59 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 09:59 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 09:59 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 09:59 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 09:59 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 09:59 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 09:59 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 09:59 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 09:59 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 09:59 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 09:59 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 09:59 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 09:59 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 09:59 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 09:59 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 09:59 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 09:59 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 09:59 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 09:59 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 09:57 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 09:57 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 09:57 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-13 19:51 - 2015-04-13 20:09 - 00000860 _____ () C:\Users\IA\Desktop\goals.txt
2015-04-12 11:47 - 2015-04-12 11:47 - 00000814 _____ () C:\Users\IA\Desktop\The.Quiet.Earth.1985.720p.BluRay.x264-SiNNERS – zástupce.lnk
2015-04-12 11:38 - 2015-04-12 11:38 - 00001513 _____ () C:\Users\IA\Desktop\Taste-of-Tea,-The-(2004)-JAP – zástupce.lnk
2015-04-12 11:34 - 2015-04-12 11:34 - 00000699 _____ () C:\Users\IA\Desktop\Citizen.Kane.1941.1080p.BluRay.X264-AMIABLE – zástupce.lnk
2015-04-12 11:28 - 2015-04-12 11:28 - 00001188 _____ () C:\Users\IA\Desktop\Muerte de un ciclista (1955) – zástupce.lnk
2015-04-12 11:27 - 2015-04-12 11:27 - 00001022 _____ () C:\Users\IA\Desktop\Woman.in.the.Dunes 1964.720p.WEB-DL.AAC2.0.H.264-GABE – zástupce.lnk
2015-04-12 11:19 - 2015-04-12 11:19 - 00001607 _____ () C:\Users\IA\Desktop\Červená-pustina-_-Il-deserto-rosso-1964,-CZ-tit – zástupce.lnk
2015-04-12 11:17 - 2015-04-12 11:17 - 00001173 _____ () C:\Users\IA\Desktop\Blowup.1966.720p.WEB-DL.AAC2.0.H.264-CtrlHD – zástupce.lnk
2015-04-12 11:10 - 2015-04-12 11:10 - 00001254 _____ () C:\Users\IA\Desktop\The.Innocents.1961.REMASTERED.720p.BluRay.X264-AMIABLE – zástupce.lnk
2015-04-12 11:09 - 2015-04-12 11:09 - 00001763 _____ () C:\Users\IA\Desktop\The.Haunting.1963.1080p.BluRay.x264.YIFY – zástupce.lnk
2015-04-12 11:07 - 2015-04-12 11:07 - 00001972 _____ () C:\Users\IA\Desktop\Wings.of.Desire.1987.720p.Bluray.x264.anoXmous_ – zástupce.lnk
2015-04-08 18:28 - 2015-04-08 19:08 - 00013027 _____ () C:\Users\IA\Desktop\VISION.srt
2015-04-08 18:28 - 2015-04-08 18:29 - 41251230 _____ () C:\Users\IA\Desktop\VISION.mp4

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-08 19:38 - 2012-06-25 18:11 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-08 19:35 - 2012-08-17 16:49 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-08 19:06 - 2013-03-09 03:31 - 00000000 ____D () C:\pribehy
2015-05-08 18:29 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-08 18:29 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-08 18:24 - 2012-06-25 18:52 - 01360491 _____ () C:\Windows\WindowsUpdate.log
2015-05-08 10:01 - 2012-08-17 16:49 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-08 09:51 - 2012-10-07 22:08 - 00000000 ____D () C:\ProgramData\Reprise
2015-05-07 17:12 - 2010-01-05 01:40 - 00668882 _____ () C:\Windows\system32\perfh005.dat
2015-05-07 17:12 - 2010-01-05 01:40 - 00141542 _____ () C:\Windows\system32\perfc005.dat
2015-05-07 17:12 - 2009-07-14 07:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-07 16:54 - 2012-06-25 19:23 - 00000000 ____D () C:\Users\IA\AppData\Roaming\uTorrent
2015-05-06 23:23 - 2012-07-01 00:00 - 00000000 ____D () C:\movies
2015-05-06 21:05 - 2015-04-03 11:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-05-06 21:04 - 2012-08-23 19:07 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-06 20:58 - 2014-11-13 21:57 - 00003584 _____ () C:\Windows\setupact.log
2015-05-06 20:58 - 2012-06-25 20:06 - 00000000 ____D () C:\Users\IA\AppData\Roaming\WTablet
2015-05-06 20:58 - 2010-01-04 16:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-06 20:58 - 2010-01-04 16:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2015-05-06 20:58 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-06 20:40 - 2014-12-11 01:21 - 00884580 _____ () C:\Windows\PFRO.log
2015-05-06 20:38 - 2015-01-01 22:36 - 00000000 ____D () C:\Users\IA\AppData\Roaming\DMCache
2015-05-06 18:19 - 2012-07-13 17:06 - 00000000 ____D () C:\Users\IA\AppData\Roaming\vlc
2015-05-06 18:02 - 2012-06-25 19:34 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2015-05-06 17:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-06 16:41 - 2014-08-25 14:23 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-05-05 22:10 - 2015-03-09 21:03 - 00000524 _____ () C:\Users\IA\Desktop\wishlist.txt
2015-05-05 21:11 - 2014-08-25 14:23 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-05-04 04:37 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-05-04 04:34 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-04 03:18 - 2012-06-25 19:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-01 18:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-28 13:22 - 2015-02-10 02:23 - 00000000 ____D () C:\___Nocturne for Emily
2015-04-27 20:52 - 2015-03-14 13:09 - 00002420 _____ () C:\Users\IA\Desktop\____newmfx.txt
2015-04-27 19:20 - 2015-01-02 17:45 - 00000000 ____D () C:\_reference_různé
2015-04-23 20:36 - 2015-02-23 17:47 - 00000000 ____D () C:\odborna literatura
2015-04-23 18:47 - 2015-03-14 17:32 - 00000000 ____D () C:\pp
2015-04-19 17:00 - 2015-02-04 23:12 - 00000000 ____D () C:\CV
2015-04-18 19:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-17 22:14 - 2015-02-04 20:04 - 00000000 ____D () C:\xx_videa
2015-04-16 13:34 - 2014-12-11 01:19 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 13:34 - 2014-06-04 14:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 13:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 09:30 - 2012-09-05 14:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 09:28 - 2014-03-12 00:33 - 01559340 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 09:25 - 2013-08-30 04:08 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 09:17 - 2012-08-28 15:40 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 12:24 - 2012-06-25 18:01 - 00000000 ____D () C:\Users\IA\AppData\Local\CrashDumps
2015-04-15 12:08 - 2015-03-03 14:03 - 00003655 _____ () C:\Users\IA\Desktop\morning running.txt
2015-04-15 11:38 - 2012-06-25 18:11 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 11:38 - 2012-06-25 18:11 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 11:38 - 2012-06-25 18:11 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-13 21:59 - 2014-07-28 20:54 - 00000000 ____D () C:\xx_novy
2015-04-13 21:59 - 2012-11-01 18:27 - 00000000 ____D () C:\cinematography_studies
2015-04-12 18:15 - 2014-12-05 13:59 - 00000000 ____D () C:\__učebnice scénáristiky

==================== Files in the root of some directories =======

2012-07-13 19:10 - 2014-08-12 11:44 - 0000132 _____ () C:\Users\IA\AppData\Roaming\Adobe BMP Format CS6 Prefs
2012-11-04 01:27 - 2012-11-04 01:27 - 0000132 _____ () C:\Users\IA\AppData\Roaming\Adobe GIF Format CS6 Prefs
2012-06-30 04:30 - 2015-03-11 22:47 - 0000132 _____ () C:\Users\IA\AppData\Roaming\Adobe PNG Format CS6 Prefs
2012-07-06 20:41 - 2014-12-18 09:43 - 0000132 _____ () C:\Users\IA\AppData\Roaming\Adobe Targa Format CS6 Prefs
2012-11-18 16:39 - 2013-04-23 04:31 - 0005120 _____ () C:\Users\IA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-04 04:07 - 2015-05-04 04:07 - 0007606 _____ () C:\Users\IA\AppData\Local\Resmon.ResmonCfg

Files to move or delete:
====================
C:\Users\IA\{58C482E3-0C46-43EC-8EE5-C7230FFBC3D6}.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-04 03:11

==================== End Of Log ============================

Ghostwriter · Příspěvekod **Ghostwriter** » 08 kvě 2015 20:04

Additional 1/2

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by IA at 2015-05-08 20:00:38
Running from C:\Users\IA\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4087050500-3545783654-1483765477-500 - Administrator - Disabled)
Guest (S-1-5-21-4087050500-3545783654-1483765477-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4087050500-3545783654-1483765477-1002 - Limited - Enabled)
IA (S-1-5-21-4087050500-3545783654-1483765477-1001 - Administrator - Enabled) => C:\Users\IA
UpdatusUser (S-1-5-21-4087050500-3545783654-1483765477-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4087050500-3545783654-1483765477-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
1602 A.D. (HKLM-x32\...\1602 A.D.) (Version: - )
3D Ripper DX v1.8.2 (HKLM-x32\...\3D Ripper DX_is1) (Version: - Roman Lut)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Bird Story 1.0 (HKLM-x32\...\A Bird Story 1.0) (Version: 1.0 - Games on Cat-A-Cat.Net)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS5 13 (HKLM-x32\...\{5D0428D2-B5EA-46C8-B678-5F0485BC1DA1}_is1) (Version: 13.0.0.0 - Adobe)
Adobe Reader X (10.1.9) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Age of Empires II HD The Forgotten (HKLM-x32\...\QWdlb2ZFbXBpcmVzSUlIRFRoZUZvcmdvdHRlbg==_is1) (Version: 1 - )
Aiseesoft Total Video Converter Platinum 7.1.20 (HKLM-x32\...\{3661F243-518C-4d05-8BDF-7B10CC22689F}_is1) (Version: 7.1.20 - Aiseesoft Studio)
Aktualizace NVIDIA 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Alien Skin Snap Art 3 (HKLM\...\Alien Skin Snap Art 3) (Version: - Alien Skin)
AMD Catalyst Install Manager (HKLM\...\{7FA24ACE-BF20-5570-F94A-3AE540223771}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
America (HKLM-x32\...\America_is1) (Version: - coktel)
Apple Quicktime Pro v7.71 (HKLM-x32\...\Apple Quicktime Pro ) (Version: v7.71 - )
Arnold Renderer Ver 0.19.0 For MAYA (HKLM\...\{15C96732-84E9-42AA-B8F5-D433498B3300}) (Version: 1.0.0 - SolidAngle)
ArtRage 4 (HKLM-x32\...\ArtRage 4 4.0.2.1) (Version: 4.0.2.1 - Ambient Design)
ArtRage 4 (x32 Version: 4.0.2.1 - Ambient Design) Hidden
ArtRage Studio Pro (HKLM-x32\...\{FFEFA415-4970-4575-A87B-41123B08B680}) (Version: 3.5.0 - Ambient Design)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Autodesk 3ds Max 2011 32-bit (HKLM-x32\...\{67574624-BF0F-0409-AF6D-19FBD86FF7F7}) (Version: 13.0 - Autodesk)
Autodesk 3ds Max 2012 64-bit - English - Product Update 12 (HKLM-x32\...\Autodesk 3ds Max 2012 64-bit - English SP9) (Version: 14.12.508.0 - Autodesk)
Autodesk 3ds Max 2012 64-bit - English (HKLM\...\Autodesk 3ds Max 2012 64-bit - English) (Version: 14.12.508.0 - Autodesk)
Autodesk 3ds Max 2012 64-bit - English (Version: 14.12.508.0 - Autodesk) Hidden
Autodesk 3ds Max 2012 64-bit - English SP1 (x32 Version: 14.12.508.0 - Autodesk) Hidden
Autodesk 3ds Max 2012 64-bit - English SP2 (x32 Version: 14.12.508.0 - Autodesk) Hidden
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk)
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk FBX Plugin 2009.4 - 3ds Max 2010 (HKLM-x32\...\Autodesk FBX Plugin 2009.4 - 3ds Max 2010) (Version: - Autodesk)
Autodesk FBX Plug-in 2011.1 - 3ds Max 2011 (HKLM-x32\...\Autodesk FBX Plug-in 2011.1 - 3ds Max 2011) (Version: - Autodesk)
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit) (Version: - Autodesk)
Autodesk FBX Plug-in 2013.1 - Maya 2013 64-bit (HKLM\...\Autodesk FBX Plug-in 2013.1 - Maya 2013 64-bit) (Version: - Autodesk)
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.100 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Maya 2013 64-bit (HKLM\...\Autodesk Maya 2013 64-bit) (Version: 15.0.0.0 - Autodesk)
Autodesk Maya 2013 64-bit (Version: 15.0.0.0 - Autodesk) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Battle Realms WOTW Expansion (HKLM-x32\...\{88D489A4-D954-414F-9F49-117EFB372951}) (Version: 0.20.000 - Liquid Entertainment)
Belladonna (HKLM-x32\...\Belladonna_is1) (Version: - Neckbolt)
Bermuda Syndrome CZ (Bermuda Syndrome SDL 0.1.4 engin) (HKLM-x32\...\Bermuda Syndrome CZ (Bermuda Syndrome SDL 0.1.4 engin)) (Version: - )
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.63.1070 - AB Team, d.o.o.)
Camtasia Studio 8 (HKLM-x32\...\{DB93E2C2-851F-44B2-B09C-351D2C624AE1}) (Version: 8.0.4.1060 - TechSmith Corporation)
Comical 0.8 (HKLM-x32\...\Comical_is1) (Version: - James Athey)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Crazybump (remove only) (HKLM-x32\...\Crazybump) (Version: - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desert Law (HKLM-x32\...\Desert Law_is1) (Version: - Cenega)
DesetiPrsty5 5.3 (HKLM-x32\...\DesetiPrsty5) (Version: - )
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Downfall (HKLM-x32\...\GOGPACKDOWNFALL_is1) (Version: 2.0.0.5 - GOG.com)
Drákula - Zrození (HKLM-x32\...\{35A0C956-ACF1-41AB-89DE-1772C8A27ACB}) (Version: 1.00.0777 - Frogwares)
Dropbox (HKU\S-1-5-21-4087050500-3545783654-1483765477-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
Edison (HKLM-x32\...\Edison) (Version: - Image-Line bvba)
Emergency 2 (HKLM-x32\...\{874F0C23-7CA8-4639-9D77-E032E272A3FD}) (Version: 2.00.000 - )
Emperor - RotMK Bonus Campaign (HKLM-x32\...\{8F1A3107-FE6E-4FFA-B973-73BE1932FCEF}) (Version: - )
Emperor: Rise of the Middle Kingdom 1.0.1.0 (HKLM-x32\...\{821DABD6-26F2-49E5-AE55-40A589ADBE6D}) (Version: - )
Fallout (HKLM-x32\...\Fallout) (Version: - )
Fallout (HKLM-x32\...\Fallout_is1) (Version: - GOG.com)
Fallout 2 (HKLM-x32\...\Fallout 2_is1) (Version: - GOG.com)
Fate of the Dragon (HKLM-x32\...\{8F611C23-7DD9-4384-9599-29DAF630D1DB}) (Version: - )
ffdshow v1.3.4530 [2014-02-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4530.0 - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Gilbert Goodmate (HKLM-x32\...\{2BE97610-5E4E-434F-9E84-01B0AB49EC92}) (Version: - )
GoldWave v5.55 (HKLM-x32\...\GoldWave v5.55) (Version: - )
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Harbinger (HKLM-x32\...\{330A89E5-3865-11D7-BB7F-0050BAD3F5C9}) (Version: 1.00.0000 - DreamCatcher)
headus UVLayout v2 Professional (HKLM-x32\...\{A1086DA0-903E-4DEA-A83F-6317923CC63D}) (Version: 2.08.00 - headus)
Hexplore version 1.5 (HKLM-x32\...\{BF2DFEDE-1C62-4D39-9EFC-E7CABA455C05}_is1) (Version: 1.5 - )
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Hooligans - Storm over Europe (HKLM-x32\...\{B89933C8-E38D-44BE-B3DB-96657D11338F}) (Version: - )
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MAINSTREAM KEYBOARD (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.4.3.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.216.0 - Advanced Micro Devices, Inc.) Hidden
Imperium Galactica (DOSBox 0.74 emulation) (HKLM-x32\...\Imperium Galactica (DOSBox 0.74 emulation)) (Version: - )
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version: - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{10CCF16B-F1C9-4B24-9570-B4CCEE42392D}) (Version: 1.18.9.1 - LightScribe)
Livestation (HKLM-x32\...\{A436BE6E-A20F-41B8-ABD7-851AAD42FF8D}) (Version: 3.2.0 - Livestation)
Marmoset Toolbag (HKLM-x32\...\8MLMarmosetToolbag) (Version: - Marmoset LLC)
Marmoset Toolbag 2 (HKLM-x32\...\MSET_Toolbag) (Version: - Marmoset LLC)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version: - )
Microsoft DirectX Transform optional components (HKLM-x32\...\DXTXTRA) (Version: - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM-x32\...\{90170405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}) (Version: 08.05.0822 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft Zoo Tycoon (HKLM-x32\...\Zoo Tycoon 1.0) (Version: - )
Mixamo Fuse version 1.3.0 (HKLM-x32\...\{CF744422-9FA0-44E9-86E4-B4FCF1A0D56A}_is1) (Version: 1.3.0 - Mixamo)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 cs)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.5.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 cs)) (Version: 31.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
MtoA for Maya 2013 (HKU\S-1-5-21-4087050500-3545783654-1483765477-1001\...\MtoA2013) (Version: 1.0.0.1 - Solid Angle)
Nástroje k diagnostice hardwaru (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 314.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.07 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 314.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.07 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 314.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.07 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins (HKLM-x32\...\{23F79416-CAD1-41BF-99A3-040F6C814AAA}) (Version: 8.50 - )
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Windows 95/98 Display Drivers (HKLM-x32\...\NVIDIA) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenRL Redistributable 1.0 R2 x64 (HKLM\...\{A2506D00-0BED-11E1-8CD3-782BCBACDE13}) (Version: 1.0.29020.0 - Caustic Graphics, Inc.)
OpenRL Redistributable 1.0 R2 x86 (HKLM-x32\...\{9F781FAE-0BED-11E1-A311-782BCBACDE13}) (Version: 1.0.29020.0 - Caustic Graphics, Inc.)
OpenRL Runtime 1.3.1000.14 x64 (HKLM\...\{250C8D22-1757-11E3-818E-1803734DBB4F}) (Version: 1.3.1000.14 - Caustic Graphics, Inc.)
Ovládací panel NVIDIA 314.07 (Version: 314.07 - NVIDIA Corporation) Hidden
Pathologic (HKLM-x32\...\{700CC58D-410E-4EC0-B70D-9D1B2902DD82}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Posel smrti 1.2 (HKLM-x32\...\Posel smrti_is1) (Version: - Future Games s.r.o.)
Potplayer (HKLM-x32\...\PotPlayer) (Version: - Daum Kakao Corp.)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
Primitive Wars (HKLM-x32\...\Primitive Wars) (Version: - )
Python 3.3.2 (HKLM-x32\...\{92389de9-939e-341b-a076-1d52d7dbca71}) (Version: 3.3.2150 - Python Software Foundation)
Quake Live (HKLM-x32\...\Quake Live) (Version: - id Software)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5938 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
RollerCoaster Tycoon Deluxe (HKLM-x32\...\RollerCoaster Tycoon Deluxe_is1) (Version: - GOG.com)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
Sanitarium (HKLM-x32\...\Sanitarium_is1) (Version: - GOG.com)
Settlers 2 GOLD (HKLM-x32\...\Settlers 2 GOLD_is1) (Version: - GOG.com)
SimCity 2000 Special Edition (HKLM-x32\...\SimCity 2000 Special Edition_is1) (Version: - GOG.com)
Sinking Island (HKLM-x32\...\JackNorm01_SinkingIsland_is1) (Version: - )
SmoothVideo Project version 3.1.6 (HKLM-x32\...\SmoothVideo Project_is1) (Version: 3.1.6 - SVP)
SpeedTree Cinema version 6.2.2 (HKLM-x32\...\{B1926946-CD02-48F3-9B27-96C9A60655D9}_is1) (Version: 6.2.2 - )
Star Wars Galactic Battlegrounds: Saga (HKLM-x32\...\{10133CDD-50B9-4783-B336-8B48F3653715}) (Version: - )
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
Teenagent (HKLM-x32\...\GOGPACKTEENAGENT_is1) (Version: 2.0.0.12 - GOG.com)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.6.0.87 - KMP Media co., Ltd)
The Lost Crown version 1.2 (HKLM-x32\...\The Lost Crown_is1) (Version: 1.0 - Darlking Room)
The Lost Chronicles of Zerzura (HKLM-x32\...\The Lost Chronicles of Zerzura_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
The SIMS 4 version The SIMS 4 (HKLM-x32\...\The SIMS 4_is1) (Version: The SIMS 4 - )
The Sting! (HKLM-x32\...\The Sting!) (Version: - )
The Tone Rebellion (HKLM-x32\...\ToneDeinstKey) (Version: - )
To the Moon (HKLM-x32\...\To the Moon1.0) (Version: 1.0 - Foxy Games)
TopoGun 2 W32 (HKLM-x32\...\TopoGun2 W32) (Version: 2 W32 - SC PIXELMACHINE SRL)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Transport Giant 1.0 (HKLM-x32\...\Transport Giant 1.0) (Version: 1.0 - Pilotus)
Trine 2 (HKLM-x32\...\Trine 2_is1) (Version: - )
UltraISO Premium V9.52 (HKLM-x32\...\UltraISO_is1) (Version: - )
Unity (HKLM-x32\...\Unity) (Version: 5.0.0f4 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4087050500-3545783654-1483765477-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visionaire Studio version v4.0.1 (HKLM-x32\...\Visionaire_is1) (Version: v4.0.1 - Visionaire Team)
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Wacom Tablet (HKLM-x32\...\Wacom Tablet Driver) (Version: - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.4 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.3 - Wacom Technology Corp.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wintermute Engine Development Kit 1.9.1 (HKLM-x32\...\WmeDevKit_is1) (Version: - Dead:Code Software)
World Machine 2.2 Professional Edition (HKLM-x32\...\World Machine2Pro) (Version: - )
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) (HKLM-x32\...\x264vfw64) (Version: - )
xNormal 3.17.13 (HKLM-x32\...\xNormal 3.17.13) (Version: - Santiago Orgaz)
xNormal 3.18.7 (HKLM\...\xNormal 3.18.7) (Version: - Santiago Orgaz)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
yEd Graph Editor 3.14 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.14 - yWorks GmbH)
ZBrush 4R6 (HKLM-x32\...\ZBrush 4R6 4R6) (Version: 4R6 - Pixologic)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version: - DOSBox Team)

Ghostwriter · Příspěvekod **Ghostwriter** » 08 kvě 2015 20:04

Additional 2/2

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4087050500-3545783654-1483765477-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\IA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4087050500-3545783654-1483765477-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4087050500-3545783654-1483765477-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4087050500-3545783654-1483765477-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4087050500-3545783654-1483765477-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4087050500-3545783654-1483765477-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4087050500-3545783654-1483765477-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4087050500-3545783654-1483765477-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4087050500-3545783654-1483765477-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4087050500-3545783654-1483765477-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\IA\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

28-04-2015 12:56:25 Windows Update
01-05-2015 18:14:41 Windows Update
04-05-2015 04:09:52 ComboFix created restore point
04-05-2015 04:38:15 avast! antivirus system restore point
05-05-2015 10:24:08 Windows Update
06-05-2015 17:05:55 zoek.exe restore point
06-05-2015 18:08:09 avast! antivirus system restore point
06-05-2015 18:29:38 avast! antivirus system restore point
06-05-2015 20:34:31 avast! antivirus system restore point
06-05-2015 21:03:05 avast! antivirus system restore point
08-05-2015 16:26:34 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-05-06 17:41 - 00000813 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0609A369-59E8-473F-B4E0-4313FAEA6E28} - System32\Tasks\{1C0D0B1F-C5F2-4558-94F6-30D9E42B7A8D} => pcalua.exe -a C:\Users\IA\Desktop\ytd-1.45.exe -d C:\Users\IA\AppData\Roaming\IDM
Task: {1C6E1A50-0F4A-4470-8F6E-E846AF9B6D08} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {1DC8EC8F-54FB-4274-84DF-481C276B21A1} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18] (PC-Doctor, Inc.)
Task: {1E95C9E9-8BCC-4368-B634-DCA451F49E00} - System32\Tasks\{6FA328F5-EC7B-4EC5-8F9B-B2890498185A} => pcalua.exe -a C:\Windows\IsUninst.exe -c -fC:\Windows\system32\NVSYS\Uninst.isu -cC:\Windows\system32\NVSYS\NVINST32.DLL
Task: {213B4B12-EE46-4E0D-9EC7-B1027240BA61} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {2493E2D9-7E0E-4376-8929-6B46E28F116E} - System32\Tasks\{53C342B5-51F4-48E0-BE1F-B9706C66CD17} => pcalua.exe -a C:\Users\IA\AppData\Local\Temp\RarSFX0\install.exe -d C:\Users\IA\AppData\Local\Temp\RarSFX0
Task: {2B092424-24D1-44D1-9B7C-C2164D5B0352} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {3AB5E5F1-6BBF-4D3E-A826-2D9BDDE55615} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {3F4BB66C-6393-446B-A456-AB272B80005F} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {49A0B414-2F8D-4558-8B8C-7AF00C1A9BE0} - System32\Tasks\{05B98E25-8B60-4A4F-A690-32485F40A08E} => pcalua.exe -a C:\Downloads\mw9791enu.exe -d C:\Downloads
Task: {4E74C041-59C8-459D-A6EA-559ECF643C4E} - \avastBCLRestartS-1-5-21-4087050500-3545783654-1483765477-1001 No Task File <==== ATTENTION
Task: {61E52853-08D9-420F-824E-B06EF7083C47} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.43\SymErr.exe
Task: {6EF90B5D-BD08-4682-B436-6CAA180F21D1} - System32\Tasks\{DB6AE67D-E1AD-46B9-A6C6-BEB2AE883834} => C:\Program Files\Triada\America\America.exe
Task: {73874B7B-BE2E-43BE-AA51-B717DE42CA42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-17] (Google Inc.)
Task: {8ECADE62-D259-4FF8-92DE-B24D89150F95} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {96696BCE-43E9-436F-A14B-F7A5E4C7D48A} - System32\Tasks\HPOSIAPP64 => C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe [2009-02-27] ()
Task: {99C1A480-0D9C-48B2-ACFA-790E1D8A505D} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {9A234233-589A-4FE5-8A3B-307E0AA38D33} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {AF3C8D5E-EC5B-4167-BBB7-21DB094D0BAD} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.43\SymErr.exe
Task: {B721D7CA-12A3-4016-8DBE-2E690353E6C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-17] (Google Inc.)
Task: {C3328217-4209-4D46-9DC8-78A56B2C7BAA} - System32\Tasks\{5FC5FE30-A9C8-4D23-BEF4-27A6A08CBFCA} => pcalua.exe -a C:\Downloads\Msvbvm50.exe -d C:\Downloads
Task: {D1649BB5-2525-4CED-87A9-1636CCF6BA5C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {DA9E75BA-0431-4BFA-B0B7-DD1580AE63BA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {E12565A9-90EB-4AB0-8534-7D6774A2C5AC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-06] (AVAST Software)
Task: {EAB899D9-F12F-4128-AC7D-7A1BB6A2E00D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {EFD91A1A-10E9-4184-BE76-41DE15EE5495} - System32\Tasks\{C440F112-7429-4D26-B86F-A6BD314C197D} => pcalua.exe -a "C:\games\Age Of Mythology Complete\AOM Update\aom10to110.exe" -d "C:\games\Age Of Mythology Complete\AOM Update"
Task: {F3A34375-4B18-42A6-A697-64098FF8960F} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml

==================== Loaded Modules (whitelisted) ==============

2012-11-18 04:02 - 2013-02-10 03:04 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-03-10 02:10 - 2010-03-10 02:10 - 00086016 _____ () C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
2011-02-22 22:52 - 2011-02-22 22:52 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
2010-01-04 16:55 - 2009-02-27 20:13 - 00053248 _____ () C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
2009-09-14 17:17 - 2009-09-14 17:17 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2014-06-21 05:38 - 2013-12-22 08:22 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-06-21 05:38 - 2013-12-22 08:22 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2010-01-04 16:56 - 2009-10-02 13:18 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2010-01-04 16:55 - 2009-02-19 18:22 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\WMINPUT.DLL
2009-10-22 19:50 - 2009-10-22 19:50 - 00931112 _____ () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2015-05-06 21:04 - 2015-05-06 21:04 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-05-06 21:04 - 2015-05-06 21:04 - 02787840 _____ () C:\Program Files\AVAST Software\Avast\defs\14062601\algo.dll
2015-05-06 21:13 - 2015-05-06 21:13 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050603\algo.dll
2015-05-08 16:14 - 2015-05-08 16:14 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050800\algo.dll
2015-05-06 21:04 - 2015-05-06 21:04 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-15 11:38 - 2015-04-15 11:38 - 16863920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
AlternateDataStreams: C:\ProgramData\Temp:D3A96964

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4087050500-3545783654-1483765477-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\IA\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{8B7F7692-A780-407D-9DE7-9DDC1B3BB6BB}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{07AB7878-19DE-4414-9CCF-8FE58FD74A3D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{1B2695D7-8B22-4631-AE26-30D65F626767}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{F6FF5CCC-198A-4EF3-9CA0-27567A6E3B93}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{FA1EB768-316E-4E93-AC58-678A83E29DA0}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{9285E947-08F8-4211-A544-C1671B1AB3B2}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{A4C2984A-DB6B-4E77-91B7-A8910C865DBC}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{DB808C62-20F9-4477-AEA8-CE5B16183209}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{D5D5C2B2-CC0C-462D-BFB4-11A7B9E8DC63}] => (Allow) C:\Program Files (x86)\Autodesk\3ds Max 2011\3dsmax.exe
FirewallRules: [{880BE5E7-138F-4067-BA90-C92570701539}] => (Allow) C:\Program Files (x86)\Autodesk\3ds Max 2011\3dsmax.exe
FirewallRules: [{D4121AB0-D709-4969-8AC1-C29A8772AC93}] => (Allow) C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
FirewallRules: [{D25DFFBD-34CA-4581-A942-3F7FBFDABDC3}] => (Allow) C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
FirewallRules: [{7F51E578-0A1A-4172-92E2-1E1C39A31896}] => (Allow) C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32.exe
FirewallRules: [{397C34B8-0647-4106-B11A-85C798A2DDC7}] => (Allow) C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32.exe
FirewallRules: [{9C389DB8-2A12-4853-A02C-FC17C1D22BDC}] => (Allow) C:\Users\IA\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6CA10913-383E-4E6B-B168-B0A244B3BF18}] => (Allow) C:\Users\IA\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{431D725B-C9E1-414B-BCB8-3A7965F5CE43}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{757CB087-988A-497F-952D-0A00AF983D87}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{5AF8A482-037B-4FFE-99B8-8E610BCB02E5}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{B3D31B9A-51C2-40E6-B3A2-A935055F8DF7}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{8F684DE8-2C9D-48F1-A9C9-FE8E8BF300B5}C:\users\ia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{C1D00E7F-6F49-400C-BCE2-9E7C901B64CD}C:\users\ia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{9022668D-2A26-4196-850D-898F7FA86A03}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{2F5E5CB8-A601-4C52-ACB8-859635E4BE2A}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{06B9A4C7-74E3-4E9B-8A92-CC21012D19F4}C:\program files\autodesk\maya2013\bin\maya.exe] => (Allow) C:\program files\autodesk\maya2013\bin\maya.exe
FirewallRules: [UDP Query User{94E9E7F2-A592-4287-B739-5D01CF9DD395}C:\program files\autodesk\maya2013\bin\maya.exe] => (Allow) C:\program files\autodesk\maya2013\bin\maya.exe
FirewallRules: [TCP Query User{677AEC9E-6359-4B02-A5CD-D390F18AC16F}C:\program files\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{C8336863-20CF-482E-8788-600984A1C31F}C:\program files\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [{3EF0A079-6B4E-460A-885A-DF7F89B3F643}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{F0E65724-2B75-4187-BF90-20A4DCAE54FB}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{91C6C3E3-5F9B-4A1C-8AD8-8E8649E70A7A}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [UDP Query User{56DE5DBE-FDF9-48EB-B6CF-BDD4EC51AFBF}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [{C852CB32-CDEE-417D-926E-9293F9B2F8DD}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{43B95AFF-147B-42A8-8DB3-EA7CB05ECA2A}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{08F3271A-6F51-4D5D-900D-33EF5D817C1F}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{DBB60B79-6300-456E-AAB0-55B3663B65DA}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{96599892-353F-4D5A-AA58-3F32C8135261}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{F7FBFD16-DF3F-482C-8AD6-D5EE8BE8123B}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{AABD25E4-5CB2-4CEA-A272-448E6DBE3E7D}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\3dsmax.exe
FirewallRules: [{E6F06D7A-C0E4-4616-8E68-17588149E173}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\3dsmax.exe
FirewallRules: [{9D78EB70-8A35-4BB7-9536-78CD33A6EF39}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
FirewallRules: [{5537CD14-F677-48FB-BFD2-485AE300B3FC}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
FirewallRules: [{15C1ED76-13A7-4AAF-B45F-566B4A741DA6}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe
FirewallRules: [{AA61A829-D80E-4F68-9608-BC5FCFCC1CA4}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe
FirewallRules: [{E98E8675-9CA6-4C84-92DB-20F727FE693B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{ED6140A0-1E8C-4E16-AD41-D2EA9F787C0F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{7BB64062-989D-4926-85C6-04A09767C076}C:\program files (x86)\thq\saints row the third\saintsrowthethird.exe] => (Block) C:\program files (x86)\thq\saints row the third\saintsrowthethird.exe
FirewallRules: [UDP Query User{87651E2F-567A-4780-ABB5-D4D29AD770CB}C:\program files (x86)\thq\saints row the third\saintsrowthethird.exe] => (Block) C:\program files (x86)\thq\saints row the third\saintsrowthethird.exe
FirewallRules: [TCP Query User{251B6EF1-0BDD-4609-AC4B-F0714195D6BD}C:\Program Files (x86)\THQ\saints row the third\saintsrowthethird_dx11.exe] => (Block) C:\Program Files (x86)\THQ\saints row the third\saintsrowthethird_dx11.exe
FirewallRules: [UDP Query User{88C2D2AD-8732-402F-9B5F-169B57F74258}C:\Program Files (x86)\THQ\saints row the third\saintsrowthethird_dx11.exe] => (Block) C:\Program Files (x86)\THQ\saints row the third\saintsrowthethird_dx11.exe
FirewallRules: [PotPlayer(PotPlayerMini.exe)] => (Allow) C:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [{96DD9182-9022-4796-82D1-C151BFE96B5B}] => (Allow) C:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [TCP Query User{AA3C8DBA-2C82-4217-AAC5-D33795D06186}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{28993290-C1DB-4BE4-B47A-293814AB911A}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [{FE6FA326-DCB8-42F2-A380-1C801559212A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F00E3079-55EF-49C5-AFD5-BC2E6C024AB1}] => (Allow) LPort=2869
FirewallRules: [{A0B5EFA2-CC87-4AB3-8CE0-D65F8D8288D5}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{6BFCFFFE-103C-415F-89C0-BFE1ABB9D85D}C:\program files (x86)\r.g. mechanics\max payne 3\maxpayne3.exe] => (Allow) C:\program files (x86)\r.g. mechanics\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{DC91BA17-F74E-4069-9A0C-0BA8DEC25EDC}C:\program files (x86)\r.g. mechanics\max payne 3\maxpayne3.exe] => (Allow) C:\program files (x86)\r.g. mechanics\max payne 3\maxpayne3.exe
FirewallRules: [TCP Query User{F2E2536C-E4A3-4AB2-9B92-CB6BB5457EC5}C:\games\!cds\sw galactic battlegrounds (portable)\battlegrounds.exe] => (Allow) C:\games\!cds\sw galactic battlegrounds (portable)\battlegrounds.exe
FirewallRules: [UDP Query User{D3C973FD-0250-4FC7-9357-AEC7D864D898}C:\games\!cds\sw galactic battlegrounds (portable)\battlegrounds.exe] => (Allow) C:\games\!cds\sw galactic battlegrounds (portable)\battlegrounds.exe
FirewallRules: [TCP Query User{8AA15E27-BE59-470E-AE70-A3D855B7CF78}C:\program files (x86)\lucasarts\star wars galactic battlegrounds saga\game\battlegrounds.exe] => (Allow) C:\program files (x86)\lucasarts\star wars galactic battlegrounds saga\game\battlegrounds.exe
FirewallRules: [UDP Query User{C3CB0E7B-718E-4945-BE6C-02809F35220A}C:\program files (x86)\lucasarts\star wars galactic battlegrounds saga\game\battlegrounds.exe] => (Allow) C:\program files (x86)\lucasarts\star wars galactic battlegrounds saga\game\battlegrounds.exe
FirewallRules: [{71898442-D792-4DA5-88DB-E389E87E0D3D}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{D045557B-C586-45A5-91C5-FFA8D0EF68FD}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{4BD8CE1F-01AE-4213-B138-ACF9A67B30C6}] => (Allow) C:\Users\IA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E42B1600-5447-4262-802E-7CAA244AE29C}] => (Allow) C:\Users\IA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{9DDD5CBF-A515-4CBD-85DF-8FFC2705AAF5}C:\games\quake iii arena\quake3\quake3.exe] => (Allow) C:\games\quake iii arena\quake3\quake3.exe
FirewallRules: [UDP Query User{C95E8A77-FD27-4DC3-8981-6CA7DA1BC258}C:\games\quake iii arena\quake3\quake3.exe] => (Allow) C:\games\quake iii arena\quake3\quake3.exe
FirewallRules: [TCP Query User{82FC2293-EAA1-4724-BCB2-1E8FF3B825C9}C:\program files (x86)\microsoft games\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\microsoft games\age of mythology\aomx.exe
FirewallRules: [UDP Query User{63723796-41B7-41C1-81D2-9B379316B454}C:\program files (x86)\microsoft games\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\microsoft games\age of mythology\aomx.exe
FirewallRules: [TCP Query User{38B3EC80-EBE8-4644-AB22-7551396DE95D}C:\games\aoe ror\empires.exe] => (Allow) C:\games\aoe ror\empires.exe
FirewallRules: [UDP Query User{18ED1076-72A3-4643-AFB4-E6D829BE3857}C:\games\aoe ror\empires.exe] => (Allow) C:\games\aoe ror\empires.exe
FirewallRules: [TCP Query User{8806DED7-893C-47EB-AFA0-5E9D00F21FF7}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{EB0335F3-E435-4B0C-B04B-56C1208F598D}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{4D7B7B8C-BF43-4AB1-9ECA-A16B4002ACAA}C:\program files (x86)\id software\quake 4\quake4ded.exe] => (Allow) C:\program files (x86)\id software\quake 4\quake4ded.exe
FirewallRules: [UDP Query User{57293C97-A3E3-4F0A-B947-AFE646A17B58}C:\program files (x86)\id software\quake 4\quake4ded.exe] => (Allow) C:\program files (x86)\id software\quake 4\quake4ded.exe
FirewallRules: [TCP Query User{CA747856-A8C0-4D00-BD34-FE55A7868815}N:\empires2.exe] => (Allow) N:\empires2.exe
FirewallRules: [UDP Query User{04BE513C-0805-40DC-B89A-D6628E638EFB}N:\empires2.exe] => (Allow) N:\empires2.exe
FirewallRules: [TCP Query User{61DECEDB-8440-4AD2-B3E2-B6225215D63A}N:\age2_x1.exe] => (Allow) N:\age2_x1.exe
FirewallRules: [UDP Query User{4B156C19-EDDF-4CBD-B76B-B8FC8195957B}N:\age2_x1.exe] => (Allow) N:\age2_x1.exe
FirewallRules: [TCP Query User{EE6B78A2-5E77-49A4-B495-AA13E00A47DE}C:\games\!!aoe\age2_x1.exe] => (Allow) C:\games\!!aoe\age2_x1.exe
FirewallRules: [UDP Query User{7ABD60D4-6CDB-4CD5-9DDE-DE4DB1AB6C96}C:\games\!!aoe\age2_x1.exe] => (Allow) C:\games\!!aoe\age2_x1.exe
FirewallRules: [{860E0CC6-CF67-464A-884E-37A8E1DF1FD1}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{B19A5974-DA5D-48C4-98E3-D165D39F3C77}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{863695E2-7D6D-4D6D-80A9-738532BAE7F6}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{E8FAE410-CA47-49F3-93C5-089B9BB67D5B}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [TCP Query User{05F8A81F-2A0E-43A4-B482-4D87DB5100D5}C:\users\ia\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\ia\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [UDP Query User{924F5F45-687A-49DD-B0B8-03AB16A587FC}C:\users\ia\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\ia\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [TCP Query User{0846DBC0-60B8-4F4D-97C5-607F57F2D274}L:\zxxx software\mari 2.6 v2 win mac linux\mari2.6v2-win-x86-release-64\xf\crack\flt7.0v2-win-x86-release-32\rlm.foundry.exe] => (Allow) L:\zxxx software\mari 2.6 v2 win mac linux\mari2.6v2-win-x86-release-64\xf\crack\flt7.0v2-win-x86-release-32\rlm.foundry.exe
FirewallRules: [UDP Query User{443ACF46-5F0E-4FED-9D11-8AEF77FFDE9B}L:\zxxx software\mari 2.6 v2 win mac linux\mari2.6v2-win-x86-release-64\xf\crack\flt7.0v2-win-x86-release-32\rlm.foundry.exe] => (Allow) L:\zxxx software\mari 2.6 v2 win mac linux\mari2.6v2-win-x86-release-64\xf\crack\flt7.0v2-win-x86-release-32\rlm.foundry.exe
FirewallRules: [TCP Query User{49963001-D980-404A-97C9-13AF7DC26BA7}C:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) C:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [UDP Query User{C573F41B-1840-4714-B572-FF1ED6132CEC}C:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) C:\program files (x86)\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [TCP Query User{C755C54D-9A33-4235-AD19-EBD4A0C9929C}C:\program files\java\jre1.8.0_20\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_20\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{1C306ED4-7D9D-40A2-8808-4DFD0C58C17A}C:\program files\java\jre1.8.0_20\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_20\launch4j-tmp\frd.exe
FirewallRules: [{2852B8E9-BCE2-4DFC-98C7-DFEA762C614C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5AA8A2F1-1F58-40CF-8845-1AF70F95E004}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{AC9BD3CC-DEE9-4BEF-AE39-4767F96CE31F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E35683C4-2821-4703-995D-E913C712FDB5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C582A3C5-0E15-437D-B550-9C693CC0043D}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{AF1D6D65-A846-4562-8976-DE3AF3071632}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [{DAF6FED8-8482-47BB-A984-D0B586E19E26}] => (Allow) C:\Users\IA\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{09888487-43D5-478A-8020-33D461789417}] => (Allow) C:\Users\IA\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [TCP Query User{54DF0492-C21F-4D65-8105-B35D6B987956}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B6CBA1DB-78C0-4C21-9AA6-1C6B736D4622}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe

==================== Faulty Device Manager Devices =============

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/08/2015 04:26:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary izdmhose.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (05/06/2015 09:03:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary izdmhose.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (05/05/2015 07:16:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Služba Šifrování neinicializovala záložní objekt System Writer systému VSS.

Details:
Could not query the status of the EventSystem service.

System Error:
Probíhá vypnutí systému.
.

Error: (04/15/2015 00:24:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 37.0.1.5570, časové razítko: 0x551e23ee
Název chybujícího modulu: mozalloc.dll, verze: 37.0.1.5570, časové razítko: 0x551e1536
Kód výjimky: 0x80000003
Posun chyby: 0x00001aa1
ID chybujícího procesu: 0x760
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3

Error: (04/13/2015 05:32:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PotPlayerMini.exe, verze: 0.0.0.0, časové razítko: 0x522d5c05
Název chybujícího modulu: PotPlayer.dll, verze: 1.5.40688.0, časové razítko: 0x525f499b
Kód výjimky: 0xc0000005
Posun chyby: 0x005c95cb
ID chybujícího procesu: 0x1c34
Čas spuštění chybující aplikace: 0xPotPlayerMini.exe0
Cesta k chybující aplikaci: PotPlayerMini.exe1
Cesta k chybujícímu modulu: PotPlayerMini.exe2
ID zprávy: PotPlayerMini.exe3

Error: (04/13/2015 05:29:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PotPlayerMini.exe, verze: 0.0.0.0, časové razítko: 0x522d5c05
Název chybujícího modulu: PotPlayer.dll, verze: 1.5.40688.0, časové razítko: 0x525f499b
Kód výjimky: 0xc0000005
Posun chyby: 0x005c95cb
ID chybujícího procesu: 0x187c
Čas spuštění chybující aplikace: 0xPotPlayerMini.exe0
Cesta k chybující aplikaci: PotPlayerMini.exe1
Cesta k chybujícímu modulu: PotPlayerMini.exe2
ID zprávy: PotPlayerMini.exe3

Error: (04/06/2015 03:08:45 PM) (Source: MsiInstaller) (EventID: 1013) (User: IA-PC)
Description: Product: AGEIA PhysX v7.09.13 -- Installation terminated

Error: (04/03/2015 05:26:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (03/27/2015 05:45:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program TOTALCMD64.EXE verze 8.0.0.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: edc

Čas spuštění: 01d0679c74fbe48b

Čas ukončení: 124

Cesta k aplikaci: C:\totalcmd\TOTALCMD64.EXE

ID hlášení: 39732013-d498-11e4-a210-406186bdeeda

Error: (03/06/2015 02:16:47 PM) (Source: System Restore) (EventID: 8211) (User: )
Description: Naplánovaný bod obnovení nebylo možné vytvořit. Další informace: (0x81000101).

System errors:
=============
Error: (05/06/2015 09:15:11 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (05/06/2015 09:00:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (05/06/2015 09:00:29 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (05/06/2015 08:57:51 PM) (Source: ps7ajbeb) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.

Error: (05/06/2015 08:58:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:44:20, ‎6.‎5.‎2015) bylo neočekávané.

Error: (05/06/2015 08:45:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby eventlog bylo dosaženo časového limitu (30000 ms).

Error: (05/06/2015 08:45:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ochrana softwaru neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (05/06/2015 08:45:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Ochrana softwaru bylo dosaženo časového limitu (30000 ms).

Error: (05/06/2015 08:44:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (05/06/2015 08:44:45 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 30%
Total physical RAM: 8151.08 MB
Available physical RAM: 5667.16 MB
Total Pagefile: 16300.35 MB
Available Pagefile: 12644.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:1386.61 GB) (Free:17.35 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.56 GB) (Free:1.56 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive l: (3D) (Fixed) (Total:931.51 GB) (Free:9.41 GB) NTFS
Drive m: (music) (Fixed) (Total:298.08 GB) (Free:6.13 GB) NTFS
Drive o: (Elements) (Fixed) (Total:1862.98 GB) (Free:9.37 GB) NTFS
Drive p: (filmy) (Fixed) (Total:931.51 GB) (Free:8.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1386.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=10.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

rundll32.exe Vyřešeno

Re: cítím v kostech jistý vir - rundll32.exe

Re: cítím v kostech jistý vir - rundll32.exe

Re: cítím v kostech jistý vir - rundll32.exe

Re: cítím v kostech jistý vir - rundll32.exe

Re: cítím v kostech jistý vir - rundll32.exe Vyřešeno

Re: cítím v kostech jistý vir - rundll32.exe

Re: cítím v kostech jistý vir - rundll32.exe

Re: cítím v kostech jistý vir - rundll32.exe

Re: cítím v kostech jistý vir - rundll32.exe

Re: cítím v kostech jistý vir - rundll32.exe

Re: cítím v kostech jistý vir - rundll32.exe

Re: cítím v kostech jistý vir - rundll32.exe

Kdo je online