Prosím o kontrolu logu HJT Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu HJT

Příspěvekod jaro3 » 16 dub 2014 09:24

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Reklama
Top
agassi
Level 1
Level 1
Příspěvky: 85
Registrován: leden 09
Bydliště: Čelákovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu HJT

Příspěvekod agassi » 16 dub 2014 23:01

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Aleš [Práva správce]
Mód : Kontrola -- Datum : 04/16/2014 22:27:30
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E0274C)
[Address] EAT @explorer.exe (DllGetClassObject) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E04984)
[Address] EAT @explorer.exe (DwmAttachMilContent) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E08180)
[Address] EAT @explorer.exe (DwmDefWindowProc) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E02C30)
[Address] EAT @explorer.exe (DwmDetachMilContent) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E08180)
[Address] EAT @explorer.exe (DwmEnableBlurBehindWindow) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E02A70)
[Address] EAT @explorer.exe (DwmEnableComposition) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E0C60C)
[Address] EAT @explorer.exe (DwmEnableMMCSS) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E03788)
[Address] EAT @explorer.exe (DwmExtendFrameIntoClientArea) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E02DC0)
[Address] EAT @explorer.exe (DwmFlush) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E026C0)
[Address] EAT @explorer.exe (DwmGetColorizationColor) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E0C118)
[Address] EAT @explorer.exe (DwmGetCompositionTimingInfo) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E01D40)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamClient) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E08180)
[Address] EAT @explorer.exe (DwmGetGraphicsStreamTransformHint) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E08180)
[Address] EAT @explorer.exe (DwmGetTransportAttributes) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E0C8B0)
[Address] EAT @explorer.exe (DwmGetWindowAttribute) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E01010)
[Address] EAT @explorer.exe (DwmInvalidateIconicBitmaps) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E06308)
[Address] EAT @explorer.exe (DwmIsCompositionEnabled) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E011B0)
[Address] EAT @explorer.exe (DwmModifyPreviousDxFrameDuration) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E0D050)
[Address] EAT @explorer.exe (DwmQueryThumbnailSourceSize) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E06F34)
[Address] EAT @explorer.exe (DwmRegisterThumbnail) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E069A8)
[Address] EAT @explorer.exe (DwmRenderGesture) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E07CEC)
[Address] EAT @explorer.exe (DwmSetDxFrameDuration) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E0D050)
[Address] EAT @explorer.exe (DwmSetIconicLivePreviewBitmap) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E0D1CC)
[Address] EAT @explorer.exe (DwmSetIconicThumbnail) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E0D558)
[Address] EAT @explorer.exe (DwmSetPresentParameters) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E0D050)
[Address] EAT @explorer.exe (DwmSetWindowAttribute) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E010E8)
[Address] EAT @explorer.exe (DwmShowContact) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E03A90)
[Address] EAT @explorer.exe (DwmTetherContact) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E0CB1C)
[Address] EAT @explorer.exe (DwmTransitionOwnedWindow) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E0DBD8)
[Address] EAT @explorer.exe (DwmUnregisterThumbnail) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E0677C)
[Address] EAT @explorer.exe (DwmUpdateThumbnailProperties) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E03A10)
[Address] EAT @explorer.exe (DwmpAllocateSecurityDescriptor) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E02320)
[Address] EAT @explorer.exe (DwmpDxGetWindowSharedSurface) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E05FE0)
[Address] EAT @explorer.exe (DwmpDxUpdateWindowSharedSurface) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E07710)
[Address] EAT @explorer.exe (DwmpDxgiIsThreadDesktopComposited) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E03760)
[Address] EAT @explorer.exe (DwmpFreeSecurityDescriptor) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E022E4)
[Address] EAT @explorer.exe (DwmpRenderFlick) : VERSION.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0xE3E0CE70)
[Address] EAT @explorer.exe (DllCanUnloadNow) : wlanapi.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0xDFE31010)
[Address] EAT @explorer.exe (DllGetClassObject) : wlanapi.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0xDFE31130)
[Address] EAT @explorer.exe (DllCanUnloadNow) : UIAutomationCore.DLL -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0xDF971010)
[Address] EAT @explorer.exe (DllGetClassObject) : UIAutomationCore.DLL -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0xDF971E60)
[Address] EAT @explorer.exe (DllRegisterServer) : UIAutomationCore.DLL -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0xDF9B30B0)
[Address] EAT @explorer.exe (DllUnregisterServer) : UIAutomationCore.DLL -> HOOKED (C:\WINDOWS\SYSTEM32\PhotoMetadataHandler.dll @ 0xDF9B3114)
[Address] EAT @explorer.exe (DllCanUnloadNow) : TimeBrokerClient.dll -> HOOKED (C:\Program Files (x86)\Google\Drive\googledrivesync64.dll @ 0xD5762350)
[Address] EAT @explorer.exe (DllGetClassObject) : TimeBrokerClient.dll -> HOOKED (C:\Program Files (x86)\Google\Drive\googledrivesync64.dll @ 0xD5762130)
[Address] EAT @explorer.exe (DllRegisterServer) : TimeBrokerClient.dll -> HOOKED (C:\Program Files (x86)\Google\Drive\googledrivesync64.dll @ 0xD5761F70)
[Address] EAT @explorer.exe (DllUnregisterServer) : TimeBrokerClient.dll -> HOOKED (C:\Program Files (x86)\Google\Drive\googledrivesync64.dll @ 0xD5762060)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK6476GSX +++++
--- User ---
[MBR] 8371e18188308cc55ababe6003251c5f
[BSP] 6d23c373ee82a1d03e2f0112968adc54 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 588688 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1206042624 | Size: 17528 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1241939968 | Size: 4063 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_04162014_222730.txt >>


ComboFix mi nejde spustit.
Zkoušel jsem PC spustit v nouzovém režimu (mám W8.1) a nedaří se.(po restartu mačkám rychle tlačítko F8,nebo jsem zkoušel po restartu držet Shift+mačkat F8.Když jsem po restartu držel F8 tak PC začalo pískat a pípat...)
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu HJT

Příspěvekod jaro3 » 17 dub 2014 09:31

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
agassi
Level 1
Level 1
Příspěvky: 85
Registrován: leden 09
Bydliště: Čelákovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu HJT

Příspěvekod agassi » 17 dub 2014 19:20

ComboFix jsem si nemusel odinstalovávat,protože se mi ho ani nepodařilo nainstalovat.

OTL logfile created on: 17.4.2014 18:52:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aleš\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,95 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 72,20% Memory free
4,64 Gb Paging File | 3,49 Gb Available in Paging File | 75,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 574,89 Gb Total Space | 454,62 Gb Free Space | 79,08% Space Free | Partition Type: NTFS
Drive D: | 17,12 Gb Total Space | 11,70 Gb Free Space | 68,36% Space Free | Partition Type: NTFS
Drive E: | 3,96 Gb Total Space | 2,64 Gb Free Space | 66,67% Space Free | Partition Type: FAT32

Computer Name: ALES_A_SONKA | User Name: Aleš | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Aleš\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe (Nuance Communications, Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (MsKeyboardFilter) -- C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (BcmBtRSupport) -- C:\Windows\SysNative\BtwRSupportService.exe (Broadcom Corporation.)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV:64bit: - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV:64bit: - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (kbldfltr) -- C:\Windows\SysNative\drivers\kbldfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (bcbtums) -- C:\Windows\SysNative\drivers\bcbtums.sys (Broadcom Corporation.)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL63a.SYS (Broadcom Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IT9135BDA) -- C:\Windows\SysNative\drivers\IT9135BDA.sys (ITE )
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "default-search.net"
FF - prefs.js..browser.search.order.1: "default-search.net"
FF - prefs.js..browser.search.selectedEngine: "default-search.net"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: "http://www.default-search.net/search?sid=476&aid=114&itype=n&ver=11471&tm=299&src=ds&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.04.06 20:17:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.12.30 19:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aleš\AppData\Roaming\mozilla\Extensions
[2012.12.30 19:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aleš\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2014.04.14 22:11:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aleš\AppData\Roaming\mozilla\Firefox\Profiles\osqcvas6.default\extensions
[2014.03.28 00:28:28 | 000,000,000 | ---D | M] (Settings Manager) -- C:\Users\Aleš\AppData\Roaming\mozilla\Firefox\Profiles\osqcvas6.default\extensions\{1ED03F15-1006-1C66-CCA5-15A00B80A7B7}
[2012.12.15 17:32:17 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\Aleš\AppData\Roaming\mozilla\Firefox\Profiles\osqcvas6.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2014.04.04 20:59:21 | 000,151,329 | ---- | M] () (No name found) -- C:\Users\Aleš\AppData\Roaming\mozilla\firefox\profiles\osqcvas6.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2014.03.20 23:03:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.03.20 23:03:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.seznam.cz/
CHR - Extension: No name found = C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: No name found = C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: No name found = C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcjiigginhdhihbdlejjoekeemjaiml\3.944_0\

O1 HOSTS File: ([2013.08.22 15:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE (ZONER software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/In ... ct119b.cab (GMNRev Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3ED18A96-6216-44E6-B5AD-84944103DA90}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\WINDOWS\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\WINDOWS\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files (x86)\settings manager\systemk\x64\sysapcrt.dll) - File not found
O36 - AppCertDlls: x86 - (c:\program files (x86)\settings manager\systemk\sysapcrt.dll) - File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========
Nahoru
agassi
Level 1
Level 1
Příspěvky: 85
Registrován: leden 09
Bydliště: Čelákovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu HJT

Příspěvekod agassi » 17 dub 2014 19:20

[2014.04.17 18:44:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Aleš\Desktop\OTL.exe
[2014.04.14 21:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014.04.13 22:55:29 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.04.13 22:10:25 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014.04.13 22:08:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014.04.13 22:08:23 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014.04.13 22:08:23 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014.04.13 22:08:23 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014.04.13 22:08:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014.04.13 21:41:12 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Aleš\Desktop\JRT.exe
[2014.04.13 21:26:32 | 000,000,000 | ---D | C] -- C:\Users\Aleš\AppData\Roaming\AVG
[2014.04.13 21:25:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2014.04.13 21:25:29 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2014.04.13 21:17:49 | 000,000,000 | ---D | C] -- C:\Users\Aleš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2014.04.13 21:17:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2014.04.09 20:58:52 | 016,875,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014.04.09 20:58:47 | 012,732,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014.04.09 20:58:43 | 008,653,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014.04.09 20:58:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2014.04.09 20:58:41 | 007,425,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014.04.09 20:58:40 | 013,286,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014.04.09 20:58:33 | 006,641,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014.04.09 20:58:32 | 005,833,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014.04.09 20:58:32 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014.04.09 20:58:31 | 011,791,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014.04.09 20:58:28 | 005,770,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014.04.09 20:58:27 | 002,900,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014.04.09 20:58:26 | 004,268,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014.04.09 20:58:25 | 002,270,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014.04.09 20:58:24 | 002,373,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2014.04.09 20:58:23 | 002,641,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014.04.09 20:58:22 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014.04.09 20:58:22 | 002,088,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2014.04.09 20:58:22 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014.04.09 20:58:21 | 002,317,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014.04.09 20:58:21 | 002,141,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014.04.09 20:58:20 | 001,542,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2014.04.09 20:58:20 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2014.04.09 20:58:19 | 001,411,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014.04.09 20:58:18 | 001,779,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014.04.09 20:58:18 | 001,764,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014.04.09 20:58:18 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2014.04.09 20:58:17 | 001,129,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014.04.09 20:58:17 | 001,112,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014.04.09 20:58:16 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2014.04.09 20:58:16 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014.04.09 20:58:16 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014.04.09 20:58:15 | 001,291,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014.04.09 20:58:15 | 001,023,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014.04.09 20:58:15 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014.04.09 20:58:15 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2014.04.09 20:58:14 | 001,466,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014.04.09 20:58:14 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2014.04.09 20:58:14 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2014.04.09 20:58:14 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidprov.dll
[2014.04.09 20:58:13 | 001,339,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2014.04.09 20:58:13 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2014.04.09 20:58:13 | 000,492,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2014.04.09 20:58:12 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014.04.09 20:58:11 | 000,518,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014.04.09 20:58:11 | 000,467,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014.04.09 20:58:11 | 000,388,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2014.04.09 20:58:11 | 000,356,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014.04.09 20:58:09 | 001,705,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014.04.09 20:58:09 | 000,364,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014.04.09 20:58:09 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidprov.dll
[2014.04.09 20:58:08 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2014.04.09 20:58:08 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2014.04.09 20:58:08 | 000,379,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014.04.09 20:58:07 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2014.04.09 20:58:07 | 000,157,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wof.sys
[2014.04.09 20:58:06 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2014.04.09 20:58:06 | 000,305,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014.04.09 20:58:06 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2014.04.09 20:58:06 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014.04.09 20:58:05 | 000,924,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014.04.09 20:58:05 | 000,376,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2014.04.09 20:58:04 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2014.04.09 20:58:03 | 000,872,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014.04.09 20:58:03 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014.04.09 20:58:03 | 000,488,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2014.04.09 20:58:03 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2014.04.09 20:58:03 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014.04.09 20:58:03 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsApi.dll
[2014.04.09 20:58:03 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2014.04.09 20:58:02 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014.04.09 20:58:02 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014.04.09 20:58:02 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014.04.09 20:58:01 | 000,463,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014.04.09 20:58:01 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2014.04.09 20:58:00 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll
[2014.04.09 20:58:00 | 000,390,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2014.04.09 20:58:00 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014.04.09 20:58:00 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsApi.dll
[2014.04.09 20:57:59 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2014.04.09 20:57:58 | 000,467,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014.04.09 20:57:58 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014.04.09 20:57:58 | 000,244,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014.04.09 20:57:58 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWfdProvider.dll
[2014.04.09 20:57:58 | 000,113,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\userenv.dll
[2014.04.09 20:57:57 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014.04.09 20:57:57 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AdmTmpl.dll
[2014.04.09 20:57:57 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pdh.dll
[2014.04.09 20:57:57 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2014.04.09 20:57:56 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014.04.09 20:57:56 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReInfo.dll
[2014.04.09 20:57:56 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2014.04.09 20:57:56 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2014.04.09 20:57:55 | 000,360,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2014.04.09 20:57:55 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2014.04.09 20:57:54 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlangpui.dll
[2014.04.09 20:57:53 | 000,412,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2014.04.09 20:57:53 | 000,355,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2014.04.09 20:57:53 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2014.04.09 20:57:52 | 001,015,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aclui.dll
[2014.04.09 20:57:52 | 000,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll
[2014.04.09 20:57:52 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.dll
[2014.04.09 20:57:52 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014.04.09 20:57:52 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spp.dll
[2014.04.09 20:57:52 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2014.04.09 20:57:51 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll
[2014.04.09 20:57:51 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pdh.dll
[2014.04.09 20:57:51 | 000,136,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2014.04.09 20:57:51 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2014.04.09 20:57:51 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\w32tm.exe
[2014.04.09 20:57:50 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2014.04.09 20:57:50 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2014.04.09 20:57:50 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2014.04.09 20:57:50 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlangpui.dll
[2014.04.09 20:57:50 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2014.04.09 20:57:50 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe
[2014.04.09 20:57:50 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvcfg.exe
[2014.04.09 20:57:50 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014.04.09 20:57:49 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014.04.09 20:57:49 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aclui.dll
[2014.04.09 20:57:49 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.dll
[2014.04.09 20:57:49 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationApi.dll
[2014.04.09 20:57:49 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2014.04.09 20:57:49 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2014.04.09 20:57:49 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2014.04.09 20:57:49 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMapi.dll
[2014.04.09 20:57:49 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\w32tm.exe
[2014.04.09 20:57:49 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014.04.09 20:57:48 | 000,794,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvewiz.dll
[2014.04.09 20:57:48 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2014.04.09 20:57:48 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AdmTmpl.dll
[2014.04.09 20:57:48 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2014.04.09 20:57:48 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReInfo.dll
[2014.04.09 20:57:48 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2014.04.09 20:57:48 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevPropMgr.dll
[2014.04.09 20:57:48 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerDeviceEncryption.exe
[2014.04.09 20:57:48 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2014.04.09 20:57:47 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2014.04.09 20:57:47 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationApi.dll
[2014.04.09 20:57:47 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxproxy.dll
[2014.04.09 20:57:47 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SetNetworkLocation.dll
[2014.04.09 20:57:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxproxy.dll
[2014.04.09 20:57:46 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014.04.09 20:57:46 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2014.04.09 20:57:46 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2014.04.09 20:57:46 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfg.exe
[2014.04.09 20:57:46 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfgLib.dll
[2014.04.09 20:57:46 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\l2gpstore.dll
[2014.04.09 20:57:46 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\l2gpstore.dll
[2014.04.09 20:57:46 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanhlp.dll
[2014.04.09 20:57:46 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll
[2014.04.09 20:57:45 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014.04.09 20:56:50 | 002,678,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014.04.09 20:52:58 | 011,742,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glcndFilter.dll
[2014.04.09 20:52:56 | 003,394,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014.04.09 20:52:55 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OobeFldr.dll
[2014.04.09 20:52:55 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OobeFldr.dll
[2014.04.09 20:52:43 | 008,946,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glcndFilter.dll
[2014.04.09 20:52:37 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014.04.09 20:52:25 | 008,874,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2014.04.09 20:52:14 | 013,933,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2014.04.09 20:52:11 | 001,435,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2014.04.09 20:52:04 | 003,494,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2014.04.09 20:52:03 | 012,027,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2014.04.09 20:52:02 | 011,776,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2014.04.09 20:51:59 | 002,142,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014.04.09 20:51:57 | 001,927,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014.04.09 20:51:55 | 002,368,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2014.04.09 20:51:54 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2014.04.09 20:51:52 | 002,144,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014.04.09 20:51:51 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014.04.09 20:51:50 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2014.04.09 20:51:47 | 002,943,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll
[2014.04.09 20:51:46 | 001,728,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dui70.dll
[2014.04.09 20:51:44 | 001,716,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2014.04.09 20:51:43 | 002,574,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2014.04.09 20:51:39 | 001,445,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webservices.dll
[2014.04.09 20:51:38 | 002,843,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014.04.09 20:51:38 | 001,132,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2014.04.09 20:51:37 | 002,100,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlowUI.dll
[2014.04.09 20:51:36 | 002,588,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2014.04.09 20:51:36 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014.04.09 20:51:35 | 001,290,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2014.04.09 20:51:35 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014.04.09 20:51:34 | 001,640,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2014.04.09 20:51:34 | 001,341,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dui70.dll
[2014.04.09 20:51:34 | 001,287,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014.04.09 20:51:33 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2014.04.09 20:51:33 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msTextPrediction.dll
[2014.04.09 20:51:31 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014.04.09 20:51:30 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2014.04.09 20:51:29 | 001,727,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014.04.09 20:51:28 | 001,206,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014.04.09 20:51:28 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2014.04.09 20:51:27 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014.04.09 20:51:26 | 001,215,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2014.04.09 20:51:26 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014.04.09 20:51:25 | 002,648,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebSync.dll
[2014.04.09 20:51:25 | 001,000,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2014.04.09 20:51:25 | 000,800,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2014.04.09 20:51:24 | 001,496,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2014.04.09 20:51:24 | 001,077,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webservices.dll
[2014.04.09 20:51:24 | 000,825,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2014.04.09 20:51:23 | 002,825,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2014.04.09 20:51:22 | 002,410,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2014.04.09 20:51:22 | 001,356,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014.04.09 20:51:21 | 001,659,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014.04.09 20:51:21 | 001,519,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014.04.09 20:51:21 | 001,487,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014.04.09 20:51:20 | 000,791,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014.04.09 20:51:20 | 000,526,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2014.04.09 20:51:19 | 001,929,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll
[2014.04.09 20:51:19 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2014.04.09 20:51:19 | 000,584,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2014.04.09 20:51:19 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DfpCommon.dll
[2014.04.09 20:51:19 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WofTasks.dll
[2014.04.09 20:51:17 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2014.04.09 20:51:14 | 001,621,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RacEngn.dll
[2014.04.09 20:51:13 | 000,609,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2014.04.09 20:51:13 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014.04.09 20:51:12 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2014.04.09 20:51:12 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2014.04.09 20:51:11 | 001,011,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2014.04.09 20:51:10 | 000,422,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2014.04.09 20:51:08 | 001,653,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2014.04.09 20:51:08 | 000,645,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2014.04.09 20:51:08 | 000,569,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2014.04.09 20:51:07 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014.04.09 20:51:07 | 000,650,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2014.04.09 20:51:07 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2014.04.09 20:51:06 | 002,760,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpccpl.dll
[2014.04.09 20:51:06 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014.04.09 20:51:05 | 000,556,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2014.04.09 20:51:04 | 002,220,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll
[2014.04.09 20:51:04 | 001,392,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2014.04.09 20:51:03 | 002,428,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2014.04.09 20:51:03 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2014.04.09 20:51:02 | 001,519,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2014.04.09 20:51:02 | 000,518,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2014.04.09 20:51:01 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2014.04.09 20:51:00 | 000,424,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2014.04.09 20:50:59 | 001,757,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2014.04.09 20:50:59 | 000,881,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2014.04.09 20:50:59 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2014.04.09 20:50:58 | 002,395,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2014.04.09 20:50:58 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014.04.09 20:50:57 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2014.04.09 20:50:57 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WofUtil.dll
[2014.04.09 20:50:55 | 000,391,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MMDevAPI.dll
[2014.04.09 20:50:55 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2014.04.09 20:50:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014.04.09 20:50:54 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014.04.09 20:50:54 | 000,530,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2014.04.09 20:50:54 | 000,477,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2014.04.09 20:50:53 | 001,206,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2014.04.09 20:50:53 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2014.04.09 20:50:53 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2014.04.09 20:50:53 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2014.04.09 20:50:52 | 000,698,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014.04.09 20:50:52 | 000,555,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2014.04.09 20:50:52 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2014.04.09 20:50:51 | 001,258,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RacEngn.dll
[2014.04.09 20:50:51 | 001,063,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2014.04.09 20:50:51 | 000,551,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2014.04.09 20:50:50 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014.04.09 20:50:50 | 000,707,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2014.04.09 20:50:50 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\recimg.exe
[2014.04.09 20:50:50 | 000,307,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2014.04.09 20:50:50 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfp.exe
[2014.04.09 20:50:49 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2014.04.09 20:50:49 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perftrack.dll
[2014.04.09 20:50:48 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2014.04.09 20:50:48 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2014.04.09 20:50:48 | 000,669,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll
[2014.04.09 20:50:48 | 000,461,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2014.04.09 20:50:48 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014.04.09 20:50:47 | 001,428,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe
[2014.04.09 20:50:47 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energy.dll
[2014.04.09 20:50:46 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2014.04.09 20:50:46 | 000,419,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2014.04.09 20:50:45 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2014.04.09 20:50:45 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014.04.09 20:50:45 | 000,410,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2014.04.09 20:50:44 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2014.04.09 20:50:43 | 001,403,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2014.04.09 20:50:43 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DismApi.dll
[2014.04.09 20:50:43 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014.04.09 20:50:43 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2014.04.09 20:50:43 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2014.04.09 20:50:42 | 000,745,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014.04.09 20:50:42 | 000,384,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014.04.09 20:50:41 | 000,441,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2014.04.09 20:50:41 | 000,388,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2014.04.09 20:50:41 | 000,372,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2014.04.09 20:50:40 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014.04.09 20:50:40 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2014.04.09 20:50:40 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionCenter.dll
[2014.04.09 20:50:39 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014.04.09 20:50:39 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2014.04.09 20:50:39 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\thumbcache.dll
[2014.04.09 20:50:37 | 001,791,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMALFXGFXDSP.dll
[2014.04.09 20:50:37 | 000,824,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014.04.09 20:50:37 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfuimanager.dll
[2014.04.09 20:50:37 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2014.04.09 20:50:36 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014.04.09 20:50:36 | 000,531,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2014.04.09 20:50:36 | 000,407,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2014.04.09 20:50:34 | 000,716,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2014.04.09 20:50:34 | 000,709,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msctfuimanager.dll
[2014.04.09 20:50:34 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014.04.09 20:50:34 | 000,244,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2014.04.09 20:50:34 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2014.04.09 20:50:33 | 001,185,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printui.dll
[2014.04.09 20:50:33 | 000,761,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2014.04.09 20:50:33 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2014.04.09 20:50:33 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2014.04.09 20:50:33 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014.04.09 20:50:32 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActionCenter.dll
[2014.04.09 20:50:32 | 000,317,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2014.04.09 20:50:31 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmIndexer.dll
[2014.04.09 20:50:31 | 000,369,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2014.04.09 20:50:31 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmrdvcore.dll
[2014.04.09 20:50:31 | 000,336,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2014.04.09 20:50:30 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014.04.09 20:50:30 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Dism.exe
[2014.04.09 20:50:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\slc.dll
[2014.04.09 20:50:29 | 000,912,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nettrace.dll
[2014.04.09 20:50:29 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2014.04.09 20:50:29 | 000,546,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll
[2014.04.09 20:50:29 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Vpn.dll
[2014.04.09 20:50:28 | 000,609,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2014.04.09 20:50:27 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmredir.dll
[2014.04.09 20:50:25 | 000,324,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2014.04.09 20:50:24 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WlanMM.dll
[2014.04.09 20:50:24 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\osk.exe
[2014.04.09 20:50:24 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VAN.dll
[2014.04.09 20:50:24 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ninput.dll
[2014.04.09 20:50:24 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2014.04.09 20:50:23 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2014.04.09 20:50:23 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authz.dll
[2014.04.09 20:50:22 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2014.04.09 20:50:21 | 002,288,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncCenter.dll
[2014.04.09 20:50:21 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskeng.exe
[2014.04.09 20:50:21 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2014.04.09 20:50:21 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2014.04.09 20:50:20 | 002,862,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll
[2014.04.09 20:50:20 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdbui.dll
[2014.04.09 20:50:20 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcredprov.dll
[2014.04.09 20:50:20 | 000,123,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmapi.dll
[2014.04.09 20:50:20 | 000,105,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2014.04.09 20:50:19 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DismApi.dll
[2014.04.09 20:50:19 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2014.04.09 20:50:19 | 000,289,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sqmapi.dll
[2014.04.09 20:50:19 | 000,258,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2014.04.09 20:50:18 | 003,596,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcore.dll
[2014.04.09 20:50:17 | 002,811,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themeui.dll
[2014.04.09 20:50:17 | 000,285,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2014.04.09 20:50:17 | 000,210,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVol.exe
[2014.04.09 20:50:17 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014.04.09 20:50:17 | 000,089,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2014.04.09 20:50:16 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll
[2014.04.09 20:50:16 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmIndexer.dll
[2014.04.09 20:50:16 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014.04.09 20:50:15 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cscui.dll
[2014.04.09 20:50:15 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Dism.exe
[2014.04.09 20:50:15 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014.04.09 20:50:15 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppc.dll
[2014.04.09 20:50:14 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2014.04.09 20:50:14 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2014.04.09 20:50:14 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2014.04.09 20:50:13 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014.04.09 20:50:13 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.HumanInterfaceDevice.dll
[2014.04.09 20:50:13 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PkgMgr.exe
[2014.04.09 20:50:13 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clrhost.dll
[2014.04.09 20:50:12 | 001,144,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2014.04.09 20:50:12 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2014.04.09 20:50:12 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WLanConn.dll
[2014.04.09 20:50:12 | 000,448,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VAN.dll
[2014.04.09 20:50:12 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014.04.09 20:50:12 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscinterop.dll
[2014.04.09 20:50:12 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppc.dll
[2014.04.09 20:50:11 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\osk.exe
[2014.04.09 20:50:11 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2014.04.09 20:50:11 | 000,236,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2014.04.09 20:50:11 | 000,032,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014.04.09 20:50:10 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gameux.dll
[2014.04.09 20:50:10 | 002,165,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncCenter.dll
[2014.04.09 20:50:10 | 000,797,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PurchaseWindowsLicense.dll
[2014.04.09 20:50:10 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014.04.09 20:50:09 | 000,943,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WlanMM.dll
[2014.04.09 20:50:09 | 000,722,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsAnytimeUpgradeui.exe
[2014.04.09 20:50:09 | 000,693,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcfg.dll
[2014.04.09 20:50:09 | 000,180,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVol.exe
[2014.04.09 20:50:09 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwm.exe
[2014.04.09 20:50:08 | 000,935,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasgcw.dll
[2014.04.09 20:50:08 | 000,506,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2014.04.09 20:50:08 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2014.04.09 20:50:08 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2014.04.09 20:50:08 | 000,083,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhost.exe
[2014.04.09 20:50:07 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmdskmgr.dll
[2014.04.09 20:50:07 | 000,170,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2014.04.09 20:50:06 | 003,085,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpcore.dll
[2014.04.09 20:50:06 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srchadmin.dll
[2014.04.09 20:50:06 | 000,139,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2014.04.09 20:50:05 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ninput.dll
[2014.04.09 20:50:05 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2014.04.09 20:50:05 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.HumanInterfaceDevice.dll
[2014.04.09 20:50:05 | 000,151,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2014.04.09 20:50:05 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clrhost.dll
[2014.04.09 20:50:03 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2014.04.09 20:50:03 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsqmcons.exe
[2014.04.09 20:50:03 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BioCredProv.dll
[2014.04.09 20:50:03 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVolSSO.dll
[2014.04.09 20:50:03 | 000,209,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imm32.dll
[2014.04.09 20:50:03 | 000,142,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smss.exe
[2014.04.09 20:50:03 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AltTab.dll
[2014.04.09 20:50:02 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\timedate.cpl
[2014.04.09 20:50:02 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RASMM.dll
[2014.04.09 20:50:02 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcpl.dll
[2014.04.09 20:50:02 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsbas.dll
[2014.04.09 20:50:02 | 000,232,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sqmapi.dll
[2014.04.09 20:50:02 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToManager.dll
[2014.04.09 20:50:02 | 000,188,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2014.04.09 20:50:02 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fsutil.exe
[2014.04.09 20:50:01 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\das.dll
[2014.04.09 20:50:01 | 000,397,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sharemediacpl.dll
[2014.04.09 20:50:01 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014.04.09 20:50:01 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys
[2014.04.09 20:50:01 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netid.dll
[2014.04.09 20:50:01 | 000,080,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostex.exe
[2014.04.09 20:50:01 | 000,043,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudNotifications.exe
[2014.04.09 20:50:00 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdclt.exe
[2014.04.09 20:50:00 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserLanguagesCpl.dll
[2014.04.09 20:50:00 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2014.04.09 20:49:59 | 000,924,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys
[2014.04.09 20:49:59 | 000,660,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Bluetooth.dll
[2014.04.09 20:49:59 | 000,140,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2014.04.09 20:49:59 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fsutil.exe
[2014.04.09 20:49:59 | 000,041,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudNotifications.exe
[2014.04.09 20:49:58 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\zipfldr.dll
[2014.04.09 20:49:58 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
[2014.04.09 20:49:58 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2014.04.09 20:49:58 | 000,275,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powrprof.dll
[2014.04.09 20:49:58 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2014.04.09 20:49:58 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2014.04.09 20:49:57 | 002,537,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gameux.dll
Nahoru
agassi
Level 1
Level 1
Příspěvky: 85
Registrován: leden 09
Bydliště: Čelákovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu HJT

Příspěvekod agassi » 17 dub 2014 19:21

[2014.04.09 20:49:57 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wusa.exe
[2014.04.09 20:49:57 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthLEEnum.sys
[2014.04.09 20:49:57 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVolSSO.dll
[2014.04.09 20:49:57 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2014.04.09 20:49:57 | 000,079,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdstor.sys
[2014.04.09 20:49:56 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\timedate.cpl
[2014.04.09 20:49:56 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spwizeng.dll
[2014.04.09 20:49:56 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmvdsitf.dll
[2014.04.09 20:49:56 | 000,137,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2014.04.09 20:49:56 | 000,101,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RestoreOptIn.exe
[2014.04.09 20:49:55 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2014.04.09 20:49:55 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2014.04.09 20:49:55 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-kernel-power-events.dll
[2014.04.09 20:49:55 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContent.dll
[2014.04.09 20:49:55 | 000,032,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserAccountBroker.exe
[2014.04.09 20:49:54 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WLanConn.dll
[2014.04.09 20:49:54 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeApiPublic.dll
[2014.04.09 20:49:54 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MicrosoftAccountTokenProvider.dll
[2014.04.09 20:49:54 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2014.04.09 20:49:53 | 000,835,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasgcw.dll
[2014.04.09 20:49:53 | 000,089,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RestoreOptIn.exe
[2014.04.09 20:49:52 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srchadmin.dll
[2014.04.09 20:49:52 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2014.04.09 20:49:52 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dot3mm.dll
[2014.04.09 20:49:52 | 000,094,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcd.dll
[2014.04.09 20:49:52 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2014.04.09 20:49:52 | 000,029,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserAccountBroker.exe
[2014.04.09 20:49:51 | 003,312,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bootux.dll
[2014.04.09 20:49:51 | 000,131,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easinvoker.exe
[2014.04.09 20:49:51 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAMM.dll
[2014.04.09 20:49:51 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscinterop.dll
[2014.04.09 20:49:51 | 000,079,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcd.dll
[2014.04.09 20:49:51 | 000,071,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys
[2014.04.09 20:49:51 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srclient.dll
[2014.04.09 20:49:50 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cleanmgr.exe
[2014.04.09 20:49:49 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2014.04.09 20:49:49 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cleanmgr.exe
[2014.04.09 20:49:49 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpchttp.dll
[2014.04.09 20:49:49 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2014.04.09 20:49:49 | 000,054,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys
[2014.04.09 20:49:49 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014.04.09 20:49:48 | 000,162,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2014.04.09 20:49:47 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netiohlp.dll
[2014.04.09 20:49:47 | 000,189,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS
[2014.04.09 20:49:47 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2014.04.09 20:49:47 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easwrt.dll
[2014.04.09 20:49:46 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BioCredProv.dll
[2014.04.09 20:49:46 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\korwbrkr.dll
[2014.04.09 20:49:46 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netid.dll
[2014.04.09 20:49:46 | 000,036,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2014.04.09 20:49:46 | 000,033,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2014.04.09 20:49:45 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmvdsitf.dll
[2014.04.09 20:49:44 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netiohlp.dll
[2014.04.09 20:49:43 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srcore.dll
[2014.04.09 20:49:43 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmdskmgr.dll
[2014.04.09 20:49:43 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2014.04.09 20:49:43 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudStorageWizard.exe
[2014.04.09 20:49:43 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acppage.dll
[2014.04.09 20:49:43 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014.04.09 20:49:42 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrobj.dll
[2014.04.09 20:49:42 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rpchttp.dll
[2014.04.09 20:49:42 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthBroker.dll
[2014.04.09 20:49:42 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2014.04.09 20:49:41 | 001,152,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscui.cpl
[2014.04.09 20:49:41 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014.04.09 20:49:41 | 000,038,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContentServer.exe
[2014.04.09 20:49:41 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbrand.dll
[2014.04.09 20:49:41 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\slpts.dll
[2014.04.09 20:49:40 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintDialogs.dll
[2014.04.09 20:49:40 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MbaeApiPublic.dll
[2014.04.09 20:49:40 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2014.04.09 20:49:40 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2014.04.09 20:49:40 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MicrosoftAccountTokenProvider.dll
[2014.04.09 20:49:39 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autoconv.exe
[2014.04.09 20:49:39 | 000,874,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autofmt.exe
[2014.04.09 20:49:39 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sud.dll
[2014.04.09 20:49:39 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe
[2014.04.09 20:49:39 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wbadmin.exe
[2014.04.09 20:49:39 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll
[2014.04.09 20:49:39 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netplwiz.dll
[2014.04.09 20:49:39 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Sockets.PushEnabledApplication.dll
[2014.04.09 20:49:39 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\acppage.dll
[2014.04.09 20:49:38 | 001,057,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\printui.dll
[2014.04.09 20:49:38 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BootMenuUX.dll
[2014.04.09 20:49:38 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Renewal.dll
[2014.04.09 20:49:38 | 000,028,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfpmp.exe
[2014.04.09 20:49:38 | 000,027,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysResetErr.exe
[2014.04.09 20:49:37 | 000,890,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2014.04.09 20:49:37 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2014.04.09 20:49:37 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcredprov.dll
[2014.04.09 20:49:37 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrobj.dll
[2014.04.09 20:49:37 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdboot.exe
[2014.04.09 20:49:37 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppnp.dll
[2014.04.09 20:49:37 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014.04.09 20:49:36 | 000,780,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autofmt.exe
[2014.04.09 20:49:36 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PkgMgr.exe
[2014.04.09 20:49:36 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\migisol.dll
[2014.04.09 20:49:36 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spbcd.dll
[2014.04.09 20:49:36 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setbcdlocale.dll
[2014.04.09 20:49:36 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014.04.09 20:49:36 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winbrand.dll
[2014.04.09 20:49:36 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\slpts.dll
[2014.04.09 20:49:35 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autoconv.exe
[2014.04.09 20:49:35 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2014.04.09 20:49:35 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2014.04.09 20:49:35 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Bluetooth.dll
[2014.04.09 20:49:35 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IdCtrls.dll
[2014.04.09 20:49:35 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafBth.dll
[2014.04.09 20:49:35 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsAnytimeUpgradeResults.exe
[2014.04.09 20:49:35 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014.04.09 20:49:35 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhevents.dll
[2014.04.09 20:49:35 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2014.04.09 20:49:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAConn.dll
[2014.04.09 20:49:34 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2014.04.09 20:49:34 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsutil.dll
[2014.04.09 20:49:34 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014.04.09 20:49:34 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthBroker.dll
[2014.04.09 20:49:34 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spcompat.dll
[2014.04.09 20:49:34 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Sockets.PushEnabledApplication.dll
[2014.04.09 20:49:34 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StorageContextHandler.dll
[2014.04.09 20:49:34 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\watchdog.sys
[2014.04.09 20:49:33 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spwizeng.dll
[2014.04.09 20:49:33 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsAnytimeUpgrade.exe
[2014.04.09 20:49:33 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cscript.exe
[2014.04.09 20:49:33 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energytask.dll
[2014.04.09 20:49:32 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2014.04.09 20:49:32 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2014.04.09 20:49:32 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diskpart.exe
[2014.04.09 20:49:32 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spbcd.dll
[2014.04.09 20:49:31 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.exe
[2014.04.09 20:49:30 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sud.dll
[2014.04.09 20:49:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RelPost.exe
[2014.04.09 20:49:29 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rstrui.exe
[2014.04.09 20:49:29 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnpclean.dll
[2014.04.09 20:49:28 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2014.04.09 20:49:28 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingMonitor.dll
[2014.04.09 20:49:28 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceassociation.dll
[2014.04.09 20:49:27 | 001,136,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscui.cpl
[2014.04.09 20:49:27 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2014.04.09 20:49:27 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToDevice.dll
[2014.04.09 20:49:27 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingMonitor.dll
[2014.04.09 20:49:27 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dasHost.exe
[2014.04.09 20:49:26 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2014.04.09 20:49:26 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srrstr.dll
[2014.04.09 20:49:26 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offreg.dll
[2014.04.09 20:49:26 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offreg.dll
[2014.04.09 20:49:26 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014.04.09 20:49:26 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014.04.09 20:49:26 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe
[2014.04.09 20:49:26 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014.04.09 20:49:25 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintDialogs.dll
[2014.04.09 20:49:25 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2014.04.09 20:49:25 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winsku.dll
[2014.04.09 20:49:25 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionQueue.dll
[2014.04.09 20:49:25 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudStorageWizard.exe
[2014.04.09 20:49:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SSShim.dll
[2014.04.09 20:49:25 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IdCtrls.dll
[2014.04.09 20:49:24 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfrgui.exe
[2014.04.09 20:49:24 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserLanguagesCpl.dll
[2014.04.09 20:49:24 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToDevice.dll
[2014.04.09 20:49:24 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf3216.dll
[2014.04.09 20:49:24 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014.04.09 20:49:24 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceassociation.dll
[2014.04.09 20:49:24 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msshooks.dll
[2014.04.09 20:49:23 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2014.04.09 20:49:23 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2014.04.09 20:49:23 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.exe
[2014.04.09 20:49:23 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\f3ahvoas.dll
[2014.04.09 20:49:22 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\migisol.dll
[2014.04.09 20:49:21 | 000,589,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsdyn.dll
[2014.04.09 20:49:21 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dfrgui.exe
[2014.04.09 20:49:21 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsku.dll
[2014.04.09 20:49:21 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshom.ocx
[2014.04.09 20:49:21 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\easwrt.dll
[2014.04.09 20:49:21 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SrTasks.exe
[2014.04.09 20:49:21 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe
[2014.04.09 20:49:20 | 002,566,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themecpl.dll
[2014.04.09 20:49:20 | 000,183,808 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\SysNative\Defrag.exe
[2014.04.09 20:49:20 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AepRoam.dll
[2014.04.09 20:49:20 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContentHost.dll
[2014.04.09 20:49:19 | 000,504,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2014.04.09 20:49:19 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\diskpart.exe
[2014.04.09 20:49:19 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cscript.exe
[2014.04.09 20:49:19 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxshared.dll
[2014.04.09 20:49:18 | 000,304,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wusa.exe
[2014.04.09 20:49:18 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2014.04.09 20:49:18 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scavengeui.dll
[2014.04.09 20:49:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConfigureExpandedStorage.dll
[2014.04.09 20:49:18 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ConfigureExpandedStorage.dll
[2014.04.09 20:49:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msshooks.dll
[2014.04.09 20:49:17 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014.04.09 20:49:17 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014.04.09 20:49:17 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014.04.09 20:49:15 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2014.04.09 20:49:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014.04.09 20:49:14 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupugc.exe
[2014.04.09 20:49:14 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-session-winsta-l1-1-0.dll
[2014.04.09 20:49:13 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2014.04.09 20:49:11 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe
[2014.04.09 20:49:11 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2014.04.09 20:49:10 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\syncui.dll
[2014.04.09 20:49:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncPolicy.dll
[2014.04.09 20:49:09 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014.04.09 20:49:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\finger.exe
[2014.04.09 20:49:08 | 002,544,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themecpl.dll
[2014.04.09 20:49:08 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2014.04.09 20:49:08 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpdxm.dll
[2014.04.09 20:49:08 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncPolicy.dll
[2014.04.09 20:49:07 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GlobCollationHost.dll
[2014.04.09 20:49:07 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GlobCollationHost.dll
[2014.04.09 20:49:07 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ocsetapi.dll
[2014.04.09 20:49:07 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StorageContextHandler.dll
[2014.04.09 20:49:06 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ocsetapi.dll
[2014.04.09 20:49:06 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitagent.exe
[2014.04.09 20:49:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dataclen.dll
[2014.04.09 20:49:06 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-session-winsta-l1-1-0.dll
[2014.04.09 20:49:05 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\korwbrkr.dll
[2014.04.09 20:49:05 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shsetup.dll
[2014.04.09 20:49:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-kernel32-package-l1-1-1.dll
[2014.04.09 20:49:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-kernel32-package-l1-1-1.dll
[2014.04.09 20:49:04 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bthprops.cpl
[2014.04.09 20:49:04 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dataclen.dll
[2014.04.09 20:49:04 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsvcctl.dll
[2014.04.09 20:49:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shimeng.dll
[2014.04.09 20:49:03 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014.04.09 20:49:03 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014.04.09 20:49:03 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpksetupproxyserv.dll
[2014.04.09 20:49:03 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-ntuser-private-l1-1-1.dll
[2014.04.09 20:49:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdxm.ocx
[2014.04.09 20:49:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxmasf.dll
[2014.04.09 20:49:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-ntuser-private-l1-1-0.dll
[2014.04.09 20:49:02 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll
[2014.04.09 20:49:02 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2014.04.09 20:49:02 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveskybackup.dll
[2014.04.09 20:49:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\finger.exe
[2014.04.09 20:49:02 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-ntuser-private-l1-1-1.dll
[2014.04.09 20:49:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-ntuser-private-l1-1-0.dll
[2014.04.09 20:49:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-networking-wcmapi-l1-1-0.dll
[2014.04.09 20:49:01 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\f3ahvoas.dll
[2014.04.09 20:38:37 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014.04.09 20:38:33 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014.04.06 20:17:35 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014.04.02 08:12:09 | 000,000,000 | ---D | C] -- C:\Users\Aleš\AppData\Roaming\eM Client
[2014.03.31 19:55:37 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014.03.31 19:55:37 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014.03.31 19:55:36 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014.03.31 19:54:23 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014.03.31 19:54:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014.03.31 19:54:21 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014.03.31 19:54:19 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014.03.31 19:54:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014.03.31 19:54:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014.03.28 21:25:45 | 000,911,360 | ---- | C] (Megarapid.cz) -- C:\Users\Aleš\Desktop\MRDownloader.exe
[2014.03.28 00:28:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Settings Manager
[2014.03.28 00:26:34 | 001,162,840 | ---- | C] (Uniblue Systems Limited ) -- C:\Users\Aleš\Documents\registrycleanerkit.exe
[2014.03.28 00:26:20 | 000,000,000 | ---D | C] -- C:\Users\Aleš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2014.03.28 00:25:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The KMPlayer
[2014.03.27 23:35:10 | 000,067,312 | ---- | C] (Just Great Software) -- C:\WINDOWS\UnDeployV.exe
[2014.03.27 23:35:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DDR - Pen Drive Recovery(Demo)
[2014.03.24 22:28:23 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2014.03.24 22:28:22 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2014.03.21 21:41:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eM Client
[2014.03.20 23:03:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.03.20 00:06:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jednoduché reklamace
[2014.03.20 00:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\reklamace
[2014.03.18 22:11:16 | 000,000,000 | ---D | C] -- C:\Users\Aleš\AppData\Local\ElevatedDiagnostics

========== Files - Modified Within 30 Days ==========
Nahoru
agassi
Level 1
Level 1
Příspěvky: 85
Registrován: leden 09
Bydliště: Čelákovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu HJT

Příspěvekod agassi » 17 dub 2014 19:21

[2014.04.17 18:51:43 | 000,000,434 | ---- | M] () -- C:\WINDOWS\tasks\SlimDrivers Startup.job
[2014.04.17 18:47:50 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.04.17 18:47:21 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.04.17 18:46:02 | 000,000,224 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMS.job
[2014.04.17 18:45:47 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014.04.17 18:45:39 | 3392,233,472 | -HS- | M] () -- C:\hiberfil.sys
[2014.04.17 18:44:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Aleš\Desktop\OTL.exe
[2014.04.17 18:16:02 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.04.17 18:13:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.04.16 22:52:42 | 001,749,406 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014.04.16 22:52:42 | 000,740,962 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2014.04.16 22:52:42 | 000,723,514 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014.04.16 22:52:42 | 000,152,146 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2014.04.16 22:52:42 | 000,136,128 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014.04.15 21:53:59 | 000,001,240 | ---- | M] () -- C:\Users\Aleš\AppData\Local\MRDownloader.nast
[2014.04.14 22:16:35 | 004,527,616 | ---- | M] () -- C:\Users\Aleš\Desktop\RogueKillerX64.exe
[2014.04.14 21:29:04 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014.04.13 21:41:17 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Aleš\Desktop\JRT.exe
[2014.04.13 21:12:50 | 000,183,719 | ---- | M] () -- C:\Users\Aleš\Desktop\P1190432.JPG
[2014.04.13 21:12:50 | 000,000,110 | -H-- | M] () -- C:\Users\Aleš\Desktop\P1190432.JPG.uid-zps
[2014.04.13 21:00:00 | 000,000,224 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMSDaily.job
[2014.04.12 21:37:27 | 000,000,809 | ---- | M] () -- C:\Users\Aleš\AppData\Local\MRDownloader.err
[2014.04.09 23:00:01 | 005,134,792 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014.04.09 20:38:37 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014.04.09 20:38:33 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014.04.06 20:18:27 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.04.06 20:17:38 | 000,084,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2014.04.06 20:17:36 | 001,039,096 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2014.04.06 20:17:36 | 000,423,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2014.04.06 20:17:36 | 000,334,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2014.04.06 20:17:36 | 000,208,928 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2014.04.06 20:17:36 | 000,093,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2014.04.06 20:17:36 | 000,079,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2014.04.06 20:17:36 | 000,065,776 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2014.04.06 20:17:35 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014.04.03 09:51:22 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014.04.03 09:51:04 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014.04.03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014.04.02 08:11:53 | 000,001,471 | ---- | M] () -- C:\Users\Aleš\Desktop\MailClient.lnk
[2014.03.31 23:23:52 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014.03.31 23:23:52 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014.03.31 19:55:37 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014.03.31 19:55:37 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014.03.31 19:55:36 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014.03.31 19:54:23 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014.03.31 19:54:23 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014.03.31 19:54:21 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014.03.31 19:54:19 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014.03.31 19:54:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014.03.31 19:54:19 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014.03.30 09:52:50 | 003,094,495 | ---- | M] () -- C:\Users\Aleš\Desktop\P1190368.JPG
[2014.03.30 09:48:38 | 003,384,094 | ---- | M] () -- C:\Users\Aleš\Desktop\P1190365.JPG
[2014.03.30 09:40:26 | 003,153,114 | ---- | M] () -- C:\Users\Aleš\Desktop\P1190364.JPG
[2014.03.30 09:21:08 | 003,128,940 | ---- | M] () -- C:\Users\Aleš\Desktop\P1190363.JPG
[2014.03.28 21:25:52 | 000,001,144 | ---- | M] () -- C:\Users\Aleš\AppData\Local\SRDownloader.nast
[2014.03.28 21:25:48 | 000,911,360 | ---- | M] (Megarapid.cz) -- C:\Users\Aleš\Desktop\MRDownloader.exe
[2014.03.28 21:25:13 | 000,115,435 | ---- | M] () -- C:\Users\Aleš\AppData\Local\SRDownloader.err
[2014.03.28 00:26:21 | 000,001,047 | ---- | M] () -- C:\Users\Aleš\Desktop\KMPlayer.lnk
[2014.03.27 23:16:18 | 000,001,338 | ---- | M] () -- C:\Users\Aleš\Desktop\PC Inspector File Recovery.lnk
[2014.03.24 12:59:04 | 001,162,840 | ---- | M] (Uniblue Systems Limited ) -- C:\Users\Aleš\Documents\registrycleanerkit.exe
[2014.03.23 15:58:35 | 000,000,110 | -H-- | M] () -- C:\Users\Aleš\Desktop\P1190263.JPG.uid-zps
[2014.03.20 06:19:59 | 001,291,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014.03.20 05:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2014.03.20 05:40:33 | 001,112,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014.03.20 03:29:27 | 004,268,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014.03.20 02:53:21 | 000,950,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2014.03.20 02:48:30 | 000,201,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReInfo.dll
[2014.03.20 01:39:38 | 000,800,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2014.03.20 01:36:36 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReInfo.dll
[2014.03.20 00:06:27 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\Jednoduché reklamace.lnk
[2014.03.19 07:57:41 | 000,621,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014.03.19 07:50:30 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\w32tm.exe
[2014.03.19 07:31:29 | 001,656,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2014.03.19 07:20:42 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\w32tm.exe
[2014.03.19 07:08:11 | 001,351,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2014.03.19 06:41:59 | 000,721,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014.03.19 06:17:44 | 000,872,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe

========== Files Created - No Company Name ==========

[2014.04.14 22:16:31 | 004,527,616 | ---- | C] () -- C:\Users\Aleš\Desktop\RogueKillerX64.exe
[2014.04.13 21:12:50 | 000,000,110 | -H-- | C] () -- C:\Users\Aleš\Desktop\P1190432.JPG.uid-zps
[2014.04.13 21:05:43 | 000,183,719 | ---- | C] () -- C:\Users\Aleš\Desktop\P1190432.JPG
[2014.04.09 21:44:46 | 003,094,495 | ---- | C] () -- C:\Users\Aleš\Desktop\P1190368.JPG
[2014.04.09 21:43:54 | 003,384,094 | ---- | C] () -- C:\Users\Aleš\Desktop\P1190365.JPG
[2014.04.09 21:43:54 | 003,153,114 | ---- | C] () -- C:\Users\Aleš\Desktop\P1190364.JPG
[2014.04.09 21:43:54 | 003,128,940 | ---- | C] () -- C:\Users\Aleš\Desktop\P1190363.JPG
[2014.04.09 20:57:45 | 000,387,210 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014.04.09 20:53:45 | 000,139,600 | ---- | C] () -- C:\WINDOWS\SysNative\systemsf.ebd
[2014.04.09 20:50:48 | 000,262,335 | ---- | C] () -- C:\WINDOWS\SysNative\dfpinc.dat
[2014.04.09 20:49:32 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014.04.09 20:49:32 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysNative\WimBootCompress.ini
[2014.04.09 20:49:07 | 000,100,197 | ---- | C] () -- C:\WINDOWS\SysWow64\RacRules.xml
[2014.04.09 20:49:07 | 000,100,197 | ---- | C] () -- C:\WINDOWS\SysNative\RacRules.xml
[2014.04.09 20:49:07 | 000,007,762 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-suggestions.searchconnector-ms
[2014.04.09 20:49:07 | 000,007,762 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-suggestions.searchconnector-ms
[2014.04.09 20:49:07 | 000,007,130 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-zeroinput.searchconnector-ms
[2014.04.09 20:49:07 | 000,007,130 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-zeroinput.searchconnector-ms
[2014.04.09 20:49:01 | 000,011,109 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms
[2014.04.09 20:49:01 | 000,011,109 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms
[2014.04.09 20:49:00 | 000,050,053 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2014.04.09 20:49:00 | 000,002,440 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
[2014.04.02 08:11:53 | 000,001,471 | ---- | C] () -- C:\Users\Aleš\Desktop\MailClient.lnk
[2014.03.28 21:41:41 | 000,000,809 | ---- | C] () -- C:\Users\Aleš\AppData\Local\MRDownloader.err
[2014.03.28 21:26:49 | 000,001,240 | ---- | C] () -- C:\Users\Aleš\AppData\Local\MRDownloader.nast
[2014.03.28 00:26:21 | 000,001,047 | ---- | C] () -- C:\Users\Aleš\Desktop\KMPlayer.lnk
[2014.03.23 15:58:35 | 000,000,110 | -H-- | C] () -- C:\Users\Aleš\Desktop\P1190263.JPG.uid-zps
[2014.03.21 21:42:07 | 000,000,978 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
[2014.03.20 00:06:27 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\Jednoduché reklamace.lnk
[2014.02.13 22:56:35 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014.01.30 00:02:22 | 000,077,312 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014.01.13 21:52:40 | 001,772,950 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013.12.23 23:12:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013.12.13 11:23:24 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013.12.13 11:23:24 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013.12.13 11:23:14 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013.08.22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013.08.22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013.08.22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.08.22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013.08.22 05:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013.08.22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013.08.22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013.08.11 21:31:12 | 000,000,000 | ---- | C] () -- C:\Users\Aleš\regbcm
[2013.05.06 21:00:44 | 000,000,184 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2013.04.18 22:27:48 | 000,000,017 | ---- | C] () -- C:\Users\Aleš\AppData\Local\resmon.resmoncfg
[2013.02.21 03:52:22 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013.02.21 03:52:20 | 000,026,936 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsnl.dat
[2013.02.21 03:52:14 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013.02.21 03:52:12 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsny.dat
[2013.02.21 03:52:10 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013.02.05 18:52:54 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2013.02.05 18:52:50 | 000,974,848 | ---- | C] () -- C:\WINDOWS\SysWow64\cis-2.4.dll
[2013.02.05 18:52:50 | 000,081,920 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_bs-2.3.dll
[2013.02.05 18:52:50 | 000,065,536 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_pe-2.3.dll
[2013.02.05 18:52:50 | 000,057,344 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_se-2.3.dll
[2012.12.16 19:51:10 | 000,001,194 | ---- | C] () -- C:\Users\Aleš\Stažené soubory – zástupce.lnk
[2012.12.14 03:42:30 | 000,963,452 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012.12.14 03:42:28 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012.11.26 19:06:46 | 000,000,014 | ---- | C] () -- C:\WINDOWS\SysWow64\SysInfo_6_5_p.dll
[2012.11.26 18:47:12 | 000,000,014 | ---- | C] () -- C:\WINDOWS\SysWow64\systeminfo.dll
[2012.11.24 22:06:50 | 000,000,424 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2012.11.24 14:41:49 | 000,000,098 | ---- | C] () -- C:\Users\Aleš\AppData\Roaming\trueburner.ini
[2012.11.17 23:51:36 | 000,001,144 | ---- | C] () -- C:\Users\Aleš\AppData\Local\SRDownloader.nast
[2012.11.17 23:50:53 | 000,115,435 | ---- | C] () -- C:\Users\Aleš\AppData\Local\SRDownloader.err
[2012.06.09 23:21:56 | 000,178,688 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.20 05:48:41 | 021,232,792 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.20 03:20:53 | 018,679,216 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.06.25 18:43:35 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\Ashampoo
[2014.03.13 23:52:58 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\AVAST Software
[2014.04.13 21:26:32 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\AVG
[2013.09.12 20:58:00 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\BSplayer PRO
[2013.02.03 13:09:37 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\calibre
[2012.11.24 14:45:35 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\Canneverbe Limited
[2012.12.30 17:08:36 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\Canon
[2014.04.09 20:58:04 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\Dropbox
[2014.04.17 18:41:19 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\eM Client
[2013.08.06 17:47:44 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\Exec
[2012.12.04 22:37:57 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\GHISLER
[2013.01.19 12:01:41 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\IrfanView
[2013.03.24 22:50:37 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\Mobile Action
[2014.02.21 00:03:54 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\muvee Technologies
[2013.08.25 20:32:51 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\Nico Mak Computing
[2012.12.02 09:52:55 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\Nokia
[2012.12.02 09:52:56 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\Nokia Suite
[2013.03.20 21:30:42 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\PC Suite
[2013.04.06 16:36:29 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\Samsung
[2012.11.24 22:06:35 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\ScanSoft
[2012.11.15 15:23:36 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\Synaptics
[2012.12.30 19:54:22 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\TomTom
[2012.11.15 20:59:10 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\TuneUp Software
[2012.11.17 10:28:07 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\Win8codecs
[2013.10.11 20:22:33 | 000,000,000 | ---D | M] -- C:\Users\Aleš\AppData\Roaming\Zoner

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\Aleš\SkyDrive:ms-properties
@Alternate Data Stream - 201 bytes -> C:\ProgramData\TEMP:15B79D44

< End of report >
Nahoru
agassi
Level 1
Level 1
Příspěvky: 85
Registrován: leden 09
Bydliště: Čelákovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu HJT

Příspěvekod agassi » 17 dub 2014 19:22

OTL Extras logfile created on: 17.4.2014 18:52:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aleš\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,95 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 72,20% Memory free
4,64 Gb Paging File | 3,49 Gb Available in Paging File | 75,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 574,89 Gb Total Space | 454,62 Gb Free Space | 79,08% Space Free | Partition Type: NTFS
Drive D: | 17,12 Gb Total Space | 11,70 Gb Free Space | 68,36% Space Free | Partition Type: NTFS
Drive E: | 3,96 Gb Total Space | 2,64 Gb Free Space | 66,67% Space Free | Partition Type: FAT32

Computer Name: ALES_A_SONKA | User Name: Aleš | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{310C0D98-4936-4F22-834E-A74F04DC875E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6610BD90-03E2-43BF-B946-5245A8CDB64C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8385633C-2D2E-49FB-8585-1D94653C42CA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A393B5E8-F2AF-4B54-B77A-51DCC9DEE422}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A6BD0193-C717-4042-B5AB-2EA5E9425D33}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B9A108D0-A830-4817-8A02-26D933DC5F8A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BBABECEB-0C70-4CD7-9480-4401331DBDBA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BC1B21AF-BEBC-458F-8E82-FE9131109F7A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F1793656-3A24-4C47-8755-9DEB4A9157DF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{F2A4F120-F58C-4595-B4B1-5412E732FE6A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{019C114B-D453-4A7F-A4D8-086F1FD9B264}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{02241405-7E06-4DFA-9690-9F8950A0D7A5}" = dir=out | name=era smartbanking |
"{03A5B5BC-C5DA-4AFD-8A6D-5A25C206F95E}" = dir=out | name=@{microsoft.bingsports_3.0.2.243_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{0A6230AE-F106-48D3-AE34-CC942849C432}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.243_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{0D3A2E73-EC7E-429F-BCA6-3F94BBD9DF16}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0E2BBA6B-1591-40CE-89B8-F97FC71F2F96}" = dir=in | name=check point vpn |
"{0EEC95C0-CE9E-45ED-87F1-5665DD4472CA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{100E8003-5B1F-496B-8966-81DD39F9F53C}" = dir=out | name=@{microsoft.bingweather_3.0.2.243_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{10C72828-DCB7-41A2-9C2D-DEA32C33BE64}" = dir=out | name=@{heureka.heureka.cz_0.0.1.22_neutral__p4jdxtw3d5gbj?ms-resource://heureka.heureka.cz/resources/app.displayname} |
"{120BD18A-AC5B-4EF2-9584-68A062DA79CF}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{17A01533-D922-40E1-881C-F979816AA787}" = dir=out | name=microsoft solitaire collection |
"{18DD21D8-36F2-4915-9BD5-3388EE8F928A}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{1D5E84EA-E678-4001-B7C6-22977A2EAD64}" = dir=out | name=@{microsoft.zunemusic_2.2.800.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{1E7D347E-AD53-4A4D-A70C-ADAD94CE4A24}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{1E94DFE0-2C7C-4336-878C-1ADB64677F14}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{215CC0BC-4A8E-44FF-AD01-E2C404FDDCAC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{2723A4F0-00CE-4CE4-9D0E-15AA9D71BC80}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{28A4569B-43BE-453D-9243-FDBE56CA1949}" = dir=out | name=@{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{29D571DB-8D80-4CF8-BE3A-5A02B49EE7C7}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{2D1EF694-F784-4C3C-8FE9-80E749782A5C}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{314D5EDE-EC9F-469E-9B1B-ADAA25BA65E3}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3532D56B-9B0E-493A-B71A-4A7E17394D18}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{3986E27F-DEC4-45BA-B1F7-CEB5B35C55CF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3CB8666E-29DF-453A-A18D-5BAE43EF85F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{403EA1B8-BF37-41CC-AEAF-28E4EC7B6D9B}" = dir=out | name=@{microsoft.bingnews_3.0.2.243_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{44D1E8D6-AE75-4EEC-A6DC-DD7E8C32F241}" = dir=out | name=juniper networks junos pulse |
"{460EFAF7-9106-4578-B3E3-9456241B0287}" = dir=out | name=česká rádia |
"{4F9B797F-FAB3-4187-97F6-C6475522DAB0}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4FE4A585-D3B1-41FB-9817-449CF51BA035}" = dir=in | name=sonicwall mobile connect |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{55C33524-7A43-48B5-8BCA-31F8737DE770}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{571807E8-28E6-481F-9C30-1F9EFE28DF61}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5F630DA1-BAC9-427A-9A5C-0393F57EF121}" = dir=out | name=f5 vpn |
"{5FEBF4E3-6EF5-4537-AFF7-0457781ECF86}" = dir=out | name=@{microsoft.bingfinance_2.0.0.300_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{63AFF132-D949-443F-B1A3-C35E0E48F333}" = dir=out | name=ivysílání |
"{646E908E-CCC8-48FB-95C9-F951FDBB4168}" = dir=in | name=microsoft minesweeper |
"{6F65E6CC-EECC-4F50-AFCA-3FF20FD178D8}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{7A72CB6A-9C3C-44E0-9D79-501A3D432B5F}" = dir=out | name=windows_ie_ac_001 |
"{7B84E01C-02C6-4B93-AE28-961DA6764E9A}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{7BED646D-D7F8-4A00-ABED-5E539D6CBB7A}" = protocol=17 | dir=in | app=c:\users\aleš\appdata\roaming\dropbox\bin\dropbox.exe |
"{7D27E9E3-0195-471C-8DF5-156D0C25DF7E}" = protocol=6 | dir=out | app=system |
"{7DA0A8AE-EB72-4555-88B2-45654282E161}" = dir=out | name=@{microsoft.zunevideo_2.2.802.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{7DD4553F-BE29-44B4-9318-94798DDE1483}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{84709DF7-24B5-4F2C-B125-067092D6EE13}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8563A211-B090-4C11-B5C1-9925EC80E979}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{88771364-131E-4B6F-9022-D62F1614545B}" = dir=out | name=@{microsoft.bingfinance_3.0.2.243_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{92D3F43A-54C1-41CC-A0DE-ACBD66A39421}" = dir=in | name=juniper networks junos pulse |
"{97BFE7E0-4DD4-48E5-B152-78AB57DFCDBA}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{9ACEC662-9FF4-4BD4-9C7F-8EAA162D0EAF}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.243_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{9BCFF972-65C2-4BAF-AA55-655DA743325E}" = dir=out | name=windows_ie_ac_001 |
"{9D8440E9-1875-4465-B14C-2A3F8CD9B520}" = dir=out | name=check point vpn |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A0076356-56FB-407E-B0FA-6E30665C75DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A3C49419-ABA9-468C-A408-B689B34EE71F}" = dir=out | name=vtelevizi.cz |
"{A79AA4EA-0E14-4406-B594-361A9780E10B}" = dir=out | name=@{microsoft.bingweather_2.0.0.288_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{AAA9DB58-CD0F-4979-AA5E-1E3AC0D6B76B}" = dir=out | name=microsoft minesweeper |
"{AE4C4C05-4790-41A8-9064-D612FCE106C9}" = protocol=6 | dir=in | app=c:\users\aleš\appdata\roaming\dropbox\bin\dropbox.exe |
"{AFC7AED3-C3ED-4AB8-AB06-817CB391D0C1}" = dir=in | name=skype |
"{B18513D4-E201-4230-BB1A-7A4D9A1E3778}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{B2B94005-9A0E-4250-A2B7-D1103777CDE7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B76335CD-2DDC-4995-B025-BABF53915CE3}" = dir=out | name=sonicwall mobile connect |
"{BAD1C9FE-FC33-4123-A8EA-D0AC5F734FDB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{BC7044E0-B237-4F20-AF13-F7E780F6151A}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{C531604C-A9F3-4F4C-8E6A-CE4A9E5E104B}" = dir=out | name=novinky.cz |
"{C7694F99-5822-4B1B-9FB6-4391782C0599}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{C97793C6-0D7F-4818-8B1E-7D5288F7EEAC}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{CB98098E-C1F7-4658-9BE6-991C4F5D904F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CDDC4733-6756-4D9D-941A-52A74A537B35}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CED447BB-DED1-426B-BF7E-6A2DF9CE0814}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{D389417C-51F5-4019-A975-7348752C52B0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D3F4F5B8-5EB6-41D5-83EF-D2689FD1D9E4}" = dir=out | name=@{microsoft.zunemusic_1.4.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{D4BB2B55-E27F-4F87-9AF0-68ACE73A7A66}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D7E6E53A-D26D-44E4-871B-A6FC5281DA7D}" = dir=in | name=microsoft solitaire collection |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DE2D3D10-D428-4375-A7FA-008C7918987C}" = dir=out | name=skype |
"{DF605FA5-D322-4F03-9B2E-19D218CAECEF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E16F56CA-8F70-4562-A24D-A5A10A20A95B}" = dir=in | name=f5 vpn |
"{E1E648DE-33EA-435C-BA15-62EC5AFB5B31}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{E32A0F14-4ECE-4F30-B18A-738E7644CC4C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E6DB0119-3D22-4F00-A5CB-59FDD5B94B5A}" = dir=out | name=@{microsoft.zunevideo_1.5.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E8090780-8148-4A52-BA23-D08031E32C22}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EDCA8781-2900-4993-81E0-132708195184}" = dir=out | name=@{microsoft.bingtravel_3.0.2.243_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{F43A881F-0269-4547-A588-F74C36569043}" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe |
"{F5128BD2-D353-4839-9498-84F7E3302934}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FEF2353F-6CEB-40A2-BD0C-4347F4D2C3C3}" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe |
"TCP Query User{6CD12A97-682D-4E64-87B5-329033888783}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{7A7E0BDE-1F1F-455E-827E-247F0EDD6840}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{A4A44B4B-20E8-4D43-85CF-053FE14ACBB5}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{72F65926-5BFB-47D7-B846-0AEBAF1CE81A}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{7E622C51-6669-4C91-90EF-2884A393D864}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{AE8D3686-ECED-4E5A-B493-FCDE66676F32}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series" = Canon MP520 series
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{345841F8-F9F9-9910-134E-49162B7FDDAD}" = ccc-utility64
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{3869FCF9-E872-406E-BB90-DC54EE238B8C}" = calibre 64bit
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{427174C0-096E-40D9-9684-9C109BEE2CBF}" = iTunes
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6879B3DC-9DEF-4D60-BFF0-C96F2588685D}" = Intel(R) Rapid Storage Technology
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"SynTPDeinstKey" = Synaptics TouchPad Driver
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"ZonerPhotoStudio16_CZ_is1" = Zoner Photo Studio 16
"ZonerPhotoStudio16_Templates_CZ_is1" = Zoner Photo Studio 16 - Obálky a šablony
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0071820F-09B0-4998-8320-F89629DCBC99}" = Nero BackItUp
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{05C6B128-1B40-4495-9CB9-090B368BFA0A}" = Nero Video Samples
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{150D88F1-40AF-4678-A39D-BCE2332F34E5}" = Nero Abstract Themes
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{16B66AA4-FA66-0200-0000-000000000000}" = Alcatel onetouch Manager
"{1812E293-E2D1-3072-0ED4-C15163533D7E}" = CCC Help Swedish
"{1943C3BD-4462-4612-92C3-D36DD917C447}" = Nero Recode
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{22856BC3-F893-4CBF-95F2-E1F63CD2B1AB}" = Nero Video Transitions 1
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{25087F13-EBE7-C817-CA31-08C196F73B23}" = CCC Help Hungarian
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{29043AAA-3A1A-D36B-C1CB-E201FA72C16A}" = CCC Help Dutch
"{29E2C1C6-D76A-41D3-980F-6E346AA9A6A8}" = Nero Cliparts
"{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}" = ArcSoft TotalMedia 3.5
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2BC34558-96D5-4CC2-AC67-F30DE28E7826}" = muvee Reveal Runtime
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3C7F465C-765F-A038-60BE-03B7301B0161}" = CCC Help Norwegian
"{42321261-5D40-644C-1235-927141D4FA20}" = CCC Help Portuguese
"{42D10994-A566-495D-A5E7-D0C6B5C6B35C}" = HP Product Detection
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{446CF7B3-EE4D-1C10-E2B7-87C1C8517FE8}" = CCC Help Korean
"{450BED09-F405-87EE-CD52-5055B1EF8F72}" = CCC Help Chinese Standard
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D25D881-7183-462F-95C8-990CA1944E0B}" = Nero PiP Effects 1
"{4D628C2E-D9F7-2D3A-E610-00F4D52F219F}" = CCC Help Polish
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{4E7AC009-5212-499F-942F-A5AA42AE359E}" = Nero 12 Content Pack
"{504D84ED-AE75-4F85-A68B-BB3D4CB3E169}" = Nero Holiday and Sports Themes
"{553B5DE6-496A-4328-DE0B-D1C83F7FE4D8}" = CCC Help Turkish
"{560FC78C-A4B2-461D-9B47-820C1EEF87B8}" = Nero 12
"{5963F4B4-D138-47CD-ADEF-470E87E185BD}" = Nero Burning ROM
"{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM)
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5EA2099A-0249-1D98-5387-0BEF207D72AA}" = AMD Catalyst Control Center
"{632396AA-8A78-A9A4-0945-7E24DF3F5B6C}" = CCC Help French
"{64592305-22DF-6756-FD51-1B7234D4C6AB}" = CCC Help Russian
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DC13EFF-D4FF-65B6-7538-8B3E6075853F}" = Catalyst Control Center InstallProxy
"{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BC48761-EE54-AA23-5607-0D11B7550CFB}" = CCC Help Italian
"{7BD7A4BF-EA64-4BFE-A9D3-3FDC9B6EFC23}" = Nero Football (Soccer) Themes
"{7C58E0C8-89FB-7E36-158C-5DC0B57027D9}" = CCC Help Czech
"{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience)
"{83A4E573-E2C2-46FB-9DA6-6A2BBBF5A588}" = Nero Retro Film Themes
"{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}" = Nero Video
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{8541C92C-5311-8937-29E1-A2C50017A09B}" = muvee Reveal
"{86847081-B387-4F49-AED1-C9B0A090D66C}" = Nero Recode Help (CHM)
"{87270A4A-EDE9-BFDF-AE0C-0FBDEEA5D4BD}" = CCC Help Thai
"{898E81AD-6DB9-4750-866B-B8958C5DC7AA}" = win8codecs
"{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}" = Catalyst Control Center
"{8B5AD338-7ABC-4ECB-9C2C-687F84AEDDB1}" = Nero Platinum Effects 12
"{8F1ABC89-3D34-1D8B-DF69-EC9198604283}" = CCC Help Spanish
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1" = Ashampoo Burning Studio 6 FREE v.6.84
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{955BF340-C379-4375-AA2F-F3BCB2A498AB}" = Nero Family and Events Themes
"{96DAF3C6-C2D4-5804-E219-86C034A02355}" = CCC Help Japanese
"{99072AB4-D795-44D5-9D65-E3C9F8322C97}" = TomTom HOME
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BB69BDB-FE40-24D2-3822-828FB6DF6DE2}" = CCC Help German
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A5457401-D56A-43F2-9524-78E54A7FC07A}" = SlimDrivers
"{A71019D0-8C9D-DB8D-2801-CBFC736FF307}" = CCC Help Danish
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B128179D-A5E1-43AC-9422-12A109ECD2A0}" = Nero Video Help (CHM)
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent
"{B99E1A30-E349-FA3B-80F7-FB55EBC40996}" = CCC Help Chinese Traditional
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C28E9DF6-C68D-18DF-076C-7E92B9F30A96}" = CCC Help English
"{C4C6DF25-0E59-46EE-B24B-DF8749D8FF3A}" = Nero Image Samples
"{C68D4599-2D2A-2060-39D0-0B3DEA861657}" = Catalyst Control Center Localization All
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CB79256B-C0E0-40C6-8EB7-BDD796203581}" = Catalyst Control Center - Branding
"{CE675FBD-75C3-45F1-B6AF-8D250861D536}" = Nero Disc Menus 3
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}" = Nokia Suite
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}" = Google Drive
"{E887D540-E434-47F4-ACD3-336D884F0618}" = eM Client
"{EBBE64F6-7E23-5857-891F-045560AECC7F}" = Application Profiles
"{EEBF1676-AF87-4266-93D8-0C14A34C4217}" = Nero Disc Menus 1
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F16AE6A9-20CA-4409-9DCA-1C661BDC6B16}" = Bontia Studio 4.6
"{F940E929-2FFF-1F4E-7ECB-DE1B0377D627}" = CCC Help Finnish
"{FB8AF07B-42FB-4746-058A-B6A063472452}" = CCC Help Greek
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FE81E6B5-652B-40E7-B3B2-7171C6F297DA}" = Nero Disc Menus 2
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"aTube Catcher" = aTube Catcher
"Avast" = avast! Free Antivirus
"BSPlayerp" = BS.Player PRO
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy CD-DA Extractor 15" = Easy CD-DA Extractor 15
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"FormatFactory" = FormatFactory 3.1.1
"Google Chrome" = Google Chrome
"HappyFoto-Designer_is1" = HF Designer 4.4
"InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"IrfanView" = IrfanView (remove only)
"Jednoduché reklamace_is1" = Jednoduché reklamace 1.2.3
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.1.1004
"Mozilla Firefox 28.0 (x86 cs)" = Mozilla Firefox 28.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MyTomTom" = MyTomTom 3.2.0.1116
"Nokia Suite" = Nokia Suite
"Office14.SingleImage" = Microsoft Office 2010 pro studenty a domácnosti
"rajče.net_is1" = rajče průvodce verze 1.59.42.257
"Registrace uživatele zařízení Canon MP520 series" = Registrace uživatele zařízení Canon MP520 series
"The KMPlayer" = The KMPlayer (remove only)
"Winamp" = Winamp
"Your Software Deals_is1" = Your Software Deals 1.0.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Linkey" = Linkey

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 17.4.2014 12:55:53 | Computer Name = Ales_a_Sonka | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 17.4.2014 12:56:50 | Computer Name = Ales_a_Sonka | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 17.4.2014 12:58:47 | Computer Name = Ales_a_Sonka | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 17.4.2014 12:58:58 | Computer Name = Ales_a_Sonka | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 17.4.2014 13:00:54 | Computer Name = Ales_a_Sonka | Source = Application Error | ID = 1000
Description = Název chybující aplikace: wwahost.exe, verze: 6.3.9600.17031, časové
razítko: 0x53085904 Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.17055,
časové razítko: 0x532943a3 Kód výjimky: 0x00000004 Posun chyby: 0x00011d4d ID chybujícího
procesu: 0xd4 Čas spuštění chybující aplikace: 0x01cf5a5e96b94a8a Cesta k chybující
aplikaci: C:\WINDOWS\syswow64\wwahost.exe Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\KERNELBASE.dll
ID
zprávy: d6071e00-c651-11e3-bf47-9439e5c93347 Úplný název chybujícího balíčku: Microsoft.SkypeApp_2.7.0.1002_x86__kzf8qxf38zg5c
ID
aplikace související s chybujícím balíčkem: App

Error - 17.4.2014 13:00:57 | Computer Name = Ales_a_Sonka | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 17.4.2014 13:01:02 | Computer Name = Ales_a_Sonka | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci Microsoft.SkypeApp_kzf8qxf38zg5c!App se nepovedlo aktivovat,
protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 17.4.2014 13:04:57 | Computer Name = Ales_a_Sonka | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 17.4.2014 13:05:57 | Computer Name = Ales_a_Sonka | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 17.4.2014 13:12:47 | Computer Name = Ales_a_Sonka | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

[ System Events ]
Error - 17.4.2014 12:46:43 | Computer Name = Ales_a_Sonka | Source = DCOM | ID = 10010
Description =

Error - 17.4.2014 12:55:48 | Computer Name = Ales_a_Sonka | Source = DCOM | ID = 10010
Description =

Error - 17.4.2014 12:56:45 | Computer Name = Ales_a_Sonka | Source = DCOM | ID = 10010
Description =

Error - 17.4.2014 12:58:42 | Computer Name = Ales_a_Sonka | Source = DCOM | ID = 10010
Description =

Error - 17.4.2014 12:58:53 | Computer Name = Ales_a_Sonka | Source = DCOM | ID = 10010
Description =

Error - 17.4.2014 13:00:52 | Computer Name = Ales_a_Sonka | Source = DCOM | ID = 10010
Description =

Error - 17.4.2014 13:00:57 | Computer Name = Ales_a_Sonka | Source = DCOM | ID = 10010
Description =

Error - 17.4.2014 13:04:52 | Computer Name = Ales_a_Sonka | Source = DCOM | ID = 10010
Description =

Error - 17.4.2014 13:05:52 | Computer Name = Ales_a_Sonka | Source = DCOM | ID = 10010
Description =

Error - 17.4.2014 13:12:42 | Computer Name = Ales_a_Sonka | Source = DCOM | ID = 10010
Description =


< End of report >
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu HJT

Příspěvekod jaro3 » 18 dub 2014 09:52

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.search.defaultenginename: "default-search.net"
FF - prefs.js..browser.search.order.1: "default-search.net"
FF - prefs.js..browser.search.selectedEngine: "default-search.net"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: "http://www.default-search.net/search?sid=476&aid=114&itype=n&ver=11471&tm=299&src=ds&p="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
[2012.12.30 19:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aleš\AppData\Roaming\mozilla\Extensions
[2012.12.30 19:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aleš\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2014.04.14 22:11:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aleš\AppData\Roaming\mozilla\Firefox\Profiles\osqcvas6.default\extensions
[2014.04.04 20:59:21 | 000,151,329 | ---- | M] () (No name found) -- C:\Users\Aleš\AppData\Roaming\mozilla\firefox\profiles\osqcvas6.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2014.03.20 23:03:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
CHR - Extension: No name found = C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: No name found = C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: No name found = C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcjiigginhdhihbdlejjoekeemjaiml\3.944_0\
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O36 - AppCertDlls: x64 - (c:\program files (x86)\settings manager\systemk\x64\sysapcrt.dll) - File not found
O36 - AppCertDlls: x86 - (c:\program files (x86)\settings manager\systemk\sysapcrt.dll) - File not found
@Alternate Data Stream - 201 bytes -> C:\ProgramData\TEMP:15B79D44

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\*.tmp
C:\Users\Aleš\AppData\Roaming\AVG
C:\ProgramData\AVG
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
C:\WINDOWS\tasks\AutoKMS.job
C:\WINDOWS\AutoKMS.ini
C:\WINDOWS\SysWow64\cis-2.4.dll
C:\WINDOWS\SysWow64\issacapi_bs-2.3.dll
C:\WINDOWS\SysWow64\issacapi_pe-2.3.dll
C:\WINDOWS\SysWow64\issacapi_se-2.3.dll

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\WINDOWS\SysNative\dfpinc.dat

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

C:\Windows\SysNative\drivers\etc\hosts m otevři v pozn. bloku a vlož sem celý obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
agassi
Level 1
Level 1
Příspěvky: 85
Registrován: leden 09
Bydliště: Čelákovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu HJT

Příspěvekod agassi » 18 dub 2014 21:25

Stala se mi ještě nemilá věc.
Když vyskočilo okno s log OTL,tak jsem ho nechtěně zavřel. :-(

test na virustotal:
https://www.virustotal.com/cs/file/28a2 ... 397848179/
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu HJT

Příspěvekod jaro3 » 19 dub 2014 09:57

Tak to udělej ještě jednou.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
agassi
Level 1
Level 1
Příspěvky: 85
Registrován: leden 09
Bydliště: Čelákovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu HJT

Příspěvekod agassi » 20 dub 2014 22:02

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "default-search.net" removed from browser.search.defaultenginename
Prefs.js: "default-search.net" removed from browser.search.order.1
Prefs.js: "default-search.net" removed from browser.search.selectedEngine
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0 removed from extensions.enabledAddons
Prefs.js: "http://www.default-search.net/search?sid=476&aid=114&itype=n&ver=11471&tm=299&src=ds&p=" removed from keyword.URL
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found.
C:\Users\Aleš\AppData\Roaming\mozilla\Extensions folder moved successfully.
Folder C:\Users\Aleš\AppData\Roaming\mozilla\Extensions\home2@tomtom.com\ not found.
C:\Users\Aleš\AppData\Roaming\mozilla\Firefox\Profiles\osqcvas6.default\extensions folder moved successfully.
File C:\Users\Aleš\AppData\Roaming\mozilla\firefox\profiles\osqcvas6.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi not found.
Folder C:\Program Files (x86)\Mozilla Firefox\browser\extensions\ not found.
File C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 not found.
File C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 not found.
File C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 not found.
File C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 not found.
File C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 not found.
File C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 not found.
File C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcjiigginhdhihbdlejjoekeemjaiml\3.944_0 not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages:livessp deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 not found.
Unable to delete ADS C:\ProgramData\TEMP:15B79D44 .
File sethosts] not found.
File rity] not found.
File ptytemp] not found.
File art explorer] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 04202014_215844

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 36 hostů