ComboFix 14-07-16.01 - petr . 07. 2014 10:13:39.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.6030.4542 [GMT 2:00]
Spuštěný z: c:\users\petr\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SetStretch.exe
c:\programdata\SetStretch.VBS
C:\test.txt
c:\users\petr\AppData\Roaming\Microsoft\Windows\CSHzM5.cfg
c:\users\petr\AppData\Roaming\Microsoft\Windows\CSHzM5.dat
c:\users\petr\AppData\Roaming\Origin
c:\users\petr\AppData\Roaming\Origin\local.xml
c:\users\petr\AppData\Roaming\Origin\local_01c27aca84bfb87c9a5daeb85c2719e8.xml
c:\windows\AsDebug.log
c:\windows\msvcr71.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-16 do 2014-07-16 )))))))))))))))))))))))))))))))
.
.
2014-07-16 08:28 . 2014-07-16 08:28 -------- d-----w- c:\users\petr\AppData\Local\temp
2014-07-16 08:28 . 2014-07-16 08:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-16 06:51 . 2014-07-16 07:01 30312 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-07-16 06:51 . 2014-07-16 06:51 -------- d-----w- c:\programdata\RogueKiller
2014-07-16 06:43 . 2014-07-16 06:43 -------- d-----w- c:\windows\ERUNT
2014-07-15 16:06 . 2014-07-15 16:06 -------- d-----w- c:\users\petr\AppData\Roaming\Ubisoft
2014-07-15 06:55 . 2014-07-15 06:55 -------- d-----w- c:\programdata\Ubisoft
2014-07-14 17:15 . 2014-06-24 06:41 10115584 ----a-w- c:\windows\system32\twinui.dll
2014-07-14 17:15 . 2014-06-24 04:08 8858624 ----a-w- c:\windows\SysWow64\twinui.dll
2014-07-14 17:15 . 2014-06-24 07:36 703440 ----a-w- c:\windows\system32\NotificationUI.exe
2014-07-14 17:15 . 2014-06-24 06:39 2307072 ----a-w- c:\windows\system32\authui.dll
2014-07-14 17:15 . 2014-06-24 04:06 2037760 ----a-w- c:\windows\SysWow64\authui.dll
2014-07-14 17:15 . 2014-06-24 06:41 694784 ----a-w- c:\windows\system32\WSShared.dll
2014-07-14 17:15 . 2014-06-24 06:40 125952 ----a-w- c:\windows\system32\WinSetupUI.dll
2014-07-14 17:15 . 2014-06-24 06:39 2146304 ----a-w- c:\windows\system32\actxprxy.dll
2014-07-14 17:15 . 2014-06-24 06:41 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-14 17:15 . 2014-06-24 04:08 567808 ----a-w- c:\windows\SysWow64\WSShared.dll
2014-07-14 17:15 . 2014-06-24 04:08 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-14 17:15 . 2014-06-24 04:06 754176 ----a-w- c:\windows\SysWow64\actxprxy.dll
2014-07-14 10:00 . 2014-07-14 10:00 -------- d-----w- c:\program files (x86)\Bandicam
2014-07-14 09:38 . 2014-07-14 09:38 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-14 05:32 . 2014-07-14 05:32 -------- d-----w- c:\users\petr\VirtualBox VMs
2014-07-14 05:31 . 2014-07-14 05:50 -------- d-----w- c:\users\petr\.VirtualBox
2014-07-14 05:30 . 2014-05-16 12:04 254240 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2014-07-14 05:30 . 2014-07-14 10:05 -------- dc----w- c:\windows\system32\DRVSTORE
2014-07-14 05:30 . 2014-05-16 12:03 128288 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2014-07-13 19:06 . 2014-07-13 19:09 -------- d-----w- c:\programdata\BlueStacks
2014-07-13 19:06 . 2014-07-13 19:06 -------- d-----w- c:\program files (x86)\BlueStacks
2014-07-13 19:05 . 2014-07-13 19:05 -------- d-----w- c:\users\petr\AppData\Local\Bluestacks
2014-07-13 16:04 . 2014-07-13 16:04 -------- d-----w- c:\users\petr\AppData\Roaming\BANDISOFT
2014-07-13 16:04 . 2014-07-13 16:04 -------- d-----w- c:\program files (x86)\BandiMPEG1
2014-07-13 15:42 . 2014-07-16 06:41 -------- d-----w- C:\AdwCleaner
2014-07-13 15:39 . 2014-07-13 15:39 -------- d-----w- c:\program files\Microsoft Silverlight
2014-07-13 15:05 . 2006-01-05 14:52 90112 ----a-w- c:\windows\RSetupCE.exe
2014-07-13 15:05 . 2014-07-13 15:05 -------- d-----w- c:\program files (x86)\Resco
2014-07-13 15:05 . 2014-07-13 15:05 -------- d-----w- c:\program files (x86)\Microsoft ActiveSync
2014-07-13 09:09 . 2014-05-29 04:04 94552 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2014-07-13 09:09 . 2014-05-08 01:34 328024 ----a-w- c:\windows\system32\drivers\Classpnp.sys
2014-07-12 08:41 . 2014-07-16 08:08 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-12 08:40 . 2014-07-12 08:40 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-07-12 08:40 . 2014-07-12 08:40 -------- d-----w- c:\programdata\Malwarebytes
2014-07-12 08:40 . 2014-05-12 05:26 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-12 08:40 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-12 08:40 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-11 16:34 . 2014-07-11 16:34 -------- d-----w- c:\program files (x86)\Foxy Games
2014-07-11 16:34 . 2014-07-11 16:34 -------- d-----w- C:\Downloads
2014-07-11 16:07 . 2014-07-11 16:37 -------- d-----w- c:\users\petr\AppData\Roaming\Rovio
2014-07-11 16:04 . 2014-07-11 16:04 -------- d-----w- c:\program files (x86)\Rovio Entertainment Ltd
2014-07-11 16:03 . 2014-07-11 16:07 -------- d-----w- c:\users\petr\AppData\Roaming\Rovio Entertainment Ltd
2014-07-11 15:38 . 2014-07-11 15:38 -------- d-----w- c:\users\petr\AppData\Roaming\com.rovio.AngryBirdsBreakfast2
2014-07-11 15:38 . 2014-07-11 15:38 -------- d-----w- c:\users\petr\AppData\Roaming\Angry Birds Breakfast 2
2014-07-10 14:12 . 2014-07-10 14:12 -------- d-----w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)
2014-07-10 07:20 . 2014-06-26 20:53 703968 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-10 07:20 . 2014-06-26 20:53 105440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 07:17 . 2014-07-10 07:17 -------- d-s---w- c:\windows\system32\CompatTel
2014-07-09 10:07 . 2014-06-19 02:10 15369728 ----a-w- c:\windows\system32\ieframe.dll
2014-07-09 10:06 . 2014-06-06 14:06 596480 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 10:06 . 2014-06-06 10:17 497152 ----a-w- c:\windows\SysWow64\qedit.dll
2014-07-09 10:06 . 2014-05-29 22:24 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-09 08:58 . 2014-07-13 18:43 -------- d-----w- c:\programdata\PopCap Games
2014-07-09 08:58 . 2014-07-09 08:58 -------- d-----w- c:\program files (x86)\PopCap Games
2014-07-09 08:42 . 2014-07-09 08:42 -------- d-----w- c:\programdata\ASUS
2014-07-06 19:18 . 2014-07-06 19:18 -------- d-----w- c:\users\petr\AppData\Roaming\iFunbox_UserCache
2014-07-06 19:18 . 2014-07-06 19:18 -------- d-----w- c:\program files (x86)\i-Funbox DevTeam
2014-07-06 07:56 . 2004-04-12 15:27 609584 ----a-w- c:\windows\SysWow64\comctl32.ocx
2014-07-06 07:56 . 2014-07-06 07:56 -------- d-----w- c:\program files (x86)\Mp3 Knife
2014-07-06 07:56 . 2004-04-12 15:27 152848 ----a-w- c:\windows\SysWow64\comdlg32.ocx
2014-07-06 07:56 . 2004-04-12 15:27 1081616 ----a-w- c:\windows\SysWow64\mscomctl.ocx
2014-07-06 07:38 . 2014-07-06 14:26 -------- d-----w- c:\users\petr\AppData\Local\Windows Live
2014-07-06 05:59 . 2014-07-06 05:59 -------- d-----w- c:\windows\WindowsMobile
2014-07-06 05:39 . 2014-05-20 02:33 59416 ----a-w- c:\windows\system32\wuauclt.exe
2014-07-06 05:39 . 2014-05-19 23:45 86528 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-07-06 05:39 . 2014-05-19 23:24 253440 ----a-w- c:\windows\system32\WUSettingsProvider.dll
2014-07-06 05:39 . 2014-05-19 23:24 100352 ----a-w- c:\windows\system32\wudriver.dll
2014-07-06 05:39 . 2014-05-19 23:24 176640 ----a-w- c:\windows\system32\storewuauth.dll
2014-07-06 05:39 . 2014-05-19 23:45 629248 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-07-06 05:39 . 2014-05-19 23:24 3286528 ----a-w- c:\windows\system32\wuaueng.dll
2014-07-06 05:39 . 2014-05-19 23:24 1623040 ----a-w- c:\windows\system32\wucltux.dll
2014-07-06 05:39 . 2014-05-19 23:24 773632 ----a-w- c:\windows\system32\wuapi.dll
2014-07-06 05:38 . 2014-05-14 22:43 40448 ----a-w- c:\windows\system32\wuapp.exe
2014-07-06 05:38 . 2014-05-14 22:43 144384 ----a-w- c:\windows\system32\wuwebv.dll
2014-07-06 05:38 . 2014-05-14 22:42 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-07-06 05:38 . 2014-05-14 22:42 128000 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-07-04 10:53 . 2014-07-04 10:53 257704 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin
2014-06-27 17:43 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2014-06-27 17:27 . 2014-06-27 17:28 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2014-06-27 17:27 . 2014-06-27 17:27 -------- d-----w- c:\windows\SysWow64\xlive
2014-06-27 08:09 . 2014-06-27 08:09 -------- d-----w- c:\program files (x86)\FreeTime
2014-06-26 15:05 . 2014-06-26 15:05 -------- d-----w- c:\users\petr\AppData\Local\ESET
2014-06-26 08:58 . 2014-06-26 09:03 -------- d-----w- c:\program files (x86)\PCSX2 1.0.0
2014-06-26 08:53 . 2014-06-26 08:53 -------- d-----w- c:\users\petr\AppData\Local\Adobe
2014-06-26 04:40 . 2014-06-26 04:40 -------- d-----w- c:\program files\ESET
2014-06-25 11:07 . 2014-06-25 11:07 1 ----a-w- c:\windows\SysWow64\SI.bin
2014-06-25 11:07 . 2001-09-05 04:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2014-06-25 11:07 . 2001-09-05 04:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2014-06-25 11:07 . 2001-09-05 04:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2014-06-25 11:07 . 2001-09-05 04:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2014-06-25 11:07 . 2002-07-25 08:07 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2014-06-25 07:58 . 2014-06-25 07:58 -------- d-----w- c:\program files (x86)\GOG.com
2014-06-25 07:57 . 2014-06-25 07:57 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-06-25 07:43 . 2008-07-31 08:41 72200 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2014-06-25 07:43 . 2008-07-31 08:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll
2014-06-25 07:43 . 2008-07-31 08:40 513544 ----a-w- c:\windows\system32\XAudio2_2.dll
2014-06-25 07:43 . 2008-07-31 08:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll
2014-06-25 07:43 . 2008-07-31 08:41 238088 ----a-w- c:\windows\SysWow64\xactengine3_2.dll
2014-06-25 07:43 . 2008-07-31 08:41 177672 ----a-w- c:\windows\system32\xactengine3_2.dll
2014-06-25 07:43 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
2014-06-25 07:35 . 2014-06-25 07:35 -------- d-----w- c:\users\petr\AppData\Roaming\InstallShield
2014-06-25 06:13 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-06-25 06:13 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-06-25 06:11 . 2014-06-05 01:54 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5B3E3C5-F4EE-4E8D-8F8D-F7097113FF67}\mpengine.dll
2014-06-24 12:04 . 2014-06-25 05:03 -------- d-----w- c:\users\petr\AppData\Roaming\vlc
2014-06-24 12:04 . 2014-06-24 12:04 -------- d-----w- c:\program files (x86)\VideoLAN
2014-06-23 18:13 . 2014-07-16 06:22 -------- d-----w- c:\program files (x86)\Steam
2014-06-23 17:54 . 2014-06-23 17:54 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-16 08:08 . 2014-06-16 04:59 62 ----a-w- c:\users\petr\AppData\Roaming\sp_data.sys
2014-06-16 05:02 . 2012-07-26 08:13 23264 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-05-20 02:44 . 2014-03-26 13:47 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-05-20 02:44 . 2014-03-26 13:47 837056 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-05-20 02:44 . 2014-03-26 13:47 166568 ----a-w- c:\windows\system32\nvinitx.dll
2014-05-20 02:44 . 2014-03-26 13:47 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-05-20 02:44 . 2014-03-26 13:47 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 01:25 . 2014-03-26 13:48 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2014-03-26 13:48 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2014-03-26 13:48 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2014-03-26 13:48 76064 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-05-20 01:25 . 2014-03-26 13:48 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2014-03-26 13:48 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-05-20 01:25 . 2014-03-26 13:48 2560968 ----a-w- c:\windows\system32\nvsvcr.dll
2014-05-20 01:25 . 2014-03-26 13:48 1078616 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-05-16 12:03 . 2014-05-16 12:03 141600 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2014-05-14 23:49 . 2014-03-26 13:48 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21446272]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2013-05-01 3187360]
"ASUSWebStorage"="c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe" [2012-12-19 3576784]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-28 91432]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-07-03 831192]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R1 gkgobrtd;gkgobrtd;c:\windows\system32\drivers\gkgobrtd.sys;c:\windows\SYSNATIVE\drivers\gkgobrtd.sys [x]
R1 inbjlvdp;inbjlvdp;c:\windows\system32\drivers\inbjlvdp.sys;c:\windows\SYSNATIVE\drivers\inbjlvdp.sys [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 edevmon;edevmon;c:\windows\system32\DRIVERS\edevmon.sys;c:\windows\SYSNATIVE\DRIVERS\edevmon.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe;c:\program files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [x]
S2 Asus WebStorage Windows Service;Asus WebStorage Windows Service;c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe;c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 ATP;ASUS Input Device;c:\windows\System32\drivers\AsusTP.sys;c:\windows\SYSNATIVE\drivers\AsusTP.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 HIDSwitch;ASUS Wireless Radio Control;c:\windows\System32\drivers\AsHIDSwitch64.sys;c:\windows\SYSNATIVE\drivers\AsHIDSwitch64.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsBaStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-17 07:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-13 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-13 399984]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-05-30 13550152]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-05-20 1308232]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-02-24 5581888]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus13.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\petr\AppData\Roaming\Mozilla\Firefox\Profiles\j5tov78t.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2014-07-16 10:56:26
ComboFix-quarantined-files.txt 2014-07-16 08:56
.
Před spuštěním: 219 635 355 648 bytes free
Po spuštění: 219 735 359 488 bytes free
.
- - End Of File - - C89FEC9896B4E6AC5CFA039BC1CA6C6B
Podezření na vir... Po zapnutí ntb nejdou někdy zvuky Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Podezření na vir... Po zapnutí ntb nejdou někdy zvuky
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
Collect::
c:\windows\system32\drivers\gkgobrtd.sys
c:\windows\system32\drivers\inbjlvdp.sys
Folder::
c:\program files (x86)\Skype\Updater
DirLook::
c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)
Driver::
gkgobrtd
inbjlvdp
SkypeUpdate
Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Podezření na vir... Po zapnutí ntb nejdou někdy zvuky
ComboFix 14-07-16.01 - petr . 07. 2014 13:59:31.2.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.6030.4571 [GMT 2:00]
Spuštěný z: c:\users\petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\petr\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gkgobrtd
-------\Service_inbjlvdp
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-17 do 2014-07-17 )))))))))))))))))))))))))))))))
.
.
2014-07-17 12:13 . 2014-07-17 12:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-16 08:57 . 2014-07-17 12:25 -------- d-----w- c:\users\petr\AppData\Local\temp
2014-07-16 06:51 . 2014-07-16 07:01 30312 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-07-16 06:51 . 2014-07-16 06:51 -------- d-----w- c:\programdata\RogueKiller
2014-07-16 06:43 . 2014-07-16 06:43 -------- d-----w- c:\windows\ERUNT
2014-07-15 16:06 . 2014-07-15 16:06 -------- d-----w- c:\users\petr\AppData\Roaming\Ubisoft
2014-07-15 06:55 . 2014-07-15 06:55 -------- d-----w- c:\programdata\Ubisoft
2014-07-14 17:15 . 2014-06-24 06:41 10115584 ----a-w- c:\windows\system32\twinui.dll
2014-07-14 17:15 . 2014-06-24 04:08 8858624 ----a-w- c:\windows\SysWow64\twinui.dll
2014-07-14 17:15 . 2014-06-24 07:36 703440 ----a-w- c:\windows\system32\NotificationUI.exe
2014-07-14 17:15 . 2014-06-24 06:39 2307072 ----a-w- c:\windows\system32\authui.dll
2014-07-14 17:15 . 2014-06-24 04:06 2037760 ----a-w- c:\windows\SysWow64\authui.dll
2014-07-14 17:15 . 2014-06-24 06:41 694784 ----a-w- c:\windows\system32\WSShared.dll
2014-07-14 17:15 . 2014-06-24 06:40 125952 ----a-w- c:\windows\system32\WinSetupUI.dll
2014-07-14 17:15 . 2014-06-24 06:39 2146304 ----a-w- c:\windows\system32\actxprxy.dll
2014-07-14 17:15 . 2014-06-24 06:41 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-14 17:15 . 2014-06-24 04:08 567808 ----a-w- c:\windows\SysWow64\WSShared.dll
2014-07-14 17:15 . 2014-06-24 04:08 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-14 17:15 . 2014-06-24 04:06 754176 ----a-w- c:\windows\SysWow64\actxprxy.dll
2014-07-14 10:00 . 2014-07-14 10:00 -------- d-----w- c:\program files (x86)\Bandicam
2014-07-14 09:38 . 2014-07-14 09:38 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-14 05:32 . 2014-07-14 05:32 -------- d-----w- c:\users\petr\VirtualBox VMs
2014-07-14 05:31 . 2014-07-14 05:50 -------- d-----w- c:\users\petr\.VirtualBox
2014-07-14 05:30 . 2014-05-16 12:04 254240 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2014-07-14 05:30 . 2014-07-14 10:05 -------- dc----w- c:\windows\system32\DRVSTORE
2014-07-14 05:30 . 2014-05-16 12:03 128288 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2014-07-13 19:06 . 2014-07-13 19:09 -------- d-----w- c:\programdata\BlueStacks
2014-07-13 19:06 . 2014-07-13 19:06 -------- d-----w- c:\program files (x86)\BlueStacks
2014-07-13 19:05 . 2014-07-13 19:05 -------- d-----w- c:\users\petr\AppData\Local\Bluestacks
2014-07-13 16:04 . 2014-07-13 16:04 -------- d-----w- c:\users\petr\AppData\Roaming\BANDISOFT
2014-07-13 16:04 . 2014-07-13 16:04 -------- d-----w- c:\program files (x86)\BandiMPEG1
2014-07-13 15:42 . 2014-07-16 06:41 -------- d-----w- C:\AdwCleaner
2014-07-13 15:39 . 2014-07-13 15:39 -------- d-----w- c:\program files\Microsoft Silverlight
2014-07-13 15:05 . 2006-01-05 14:52 90112 ----a-w- c:\windows\RSetupCE.exe
2014-07-13 15:05 . 2014-07-13 15:05 -------- d-----w- c:\program files (x86)\Resco
2014-07-13 15:05 . 2014-07-13 15:05 -------- d-----w- c:\program files (x86)\Microsoft ActiveSync
2014-07-13 09:09 . 2014-05-29 04:04 94552 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2014-07-13 09:09 . 2014-05-08 01:34 328024 ----a-w- c:\windows\system32\drivers\Classpnp.sys
2014-07-12 08:41 . 2014-07-17 12:24 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-12 08:40 . 2014-07-12 08:40 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-07-12 08:40 . 2014-07-12 08:40 -------- d-----w- c:\programdata\Malwarebytes
2014-07-12 08:40 . 2014-05-12 05:26 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-12 08:40 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-12 08:40 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-11 16:34 . 2014-07-11 16:34 -------- d-----w- c:\program files (x86)\Foxy Games
2014-07-11 16:34 . 2014-07-11 16:34 -------- d-----w- C:\Downloads
2014-07-11 16:07 . 2014-07-11 16:37 -------- d-----w- c:\users\petr\AppData\Roaming\Rovio
2014-07-11 16:04 . 2014-07-11 16:04 -------- d-----w- c:\program files (x86)\Rovio Entertainment Ltd
2014-07-11 16:03 . 2014-07-11 16:07 -------- d-----w- c:\users\petr\AppData\Roaming\Rovio Entertainment Ltd
2014-07-11 15:38 . 2014-07-11 15:38 -------- d-----w- c:\users\petr\AppData\Roaming\com.rovio.AngryBirdsBreakfast2
2014-07-11 15:38 . 2014-07-11 15:38 -------- d-----w- c:\users\petr\AppData\Roaming\Angry Birds Breakfast 2
2014-07-10 14:12 . 2014-07-10 14:12 -------- d-----w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)
2014-07-10 07:20 . 2014-06-26 20:53 703968 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-10 07:20 . 2014-06-26 20:53 105440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 07:17 . 2014-07-10 07:17 -------- d-s---w- c:\windows\system32\CompatTel
2014-07-09 10:07 . 2014-06-19 02:10 15369728 ----a-w- c:\windows\system32\ieframe.dll
2014-07-09 10:06 . 2014-06-06 14:06 596480 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 10:06 . 2014-06-06 10:17 497152 ----a-w- c:\windows\SysWow64\qedit.dll
2014-07-09 10:06 . 2014-05-29 22:24 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-09 08:58 . 2014-07-13 18:43 -------- d-----w- c:\programdata\PopCap Games
2014-07-09 08:58 . 2014-07-09 08:58 -------- d-----w- c:\program files (x86)\PopCap Games
2014-07-09 08:42 . 2014-07-09 08:42 -------- d-----w- c:\programdata\ASUS
2014-07-06 19:18 . 2014-07-06 19:18 -------- d-----w- c:\users\petr\AppData\Roaming\iFunbox_UserCache
2014-07-06 19:18 . 2014-07-06 19:18 -------- d-----w- c:\program files (x86)\i-Funbox DevTeam
2014-07-06 07:56 . 2004-04-12 15:27 609584 ----a-w- c:\windows\SysWow64\comctl32.ocx
2014-07-06 07:56 . 2014-07-06 07:56 -------- d-----w- c:\program files (x86)\Mp3 Knife
2014-07-06 07:56 . 2004-04-12 15:27 152848 ----a-w- c:\windows\SysWow64\comdlg32.ocx
2014-07-06 07:56 . 2004-04-12 15:27 1081616 ----a-w- c:\windows\SysWow64\mscomctl.ocx
2014-07-06 07:38 . 2014-07-06 14:26 -------- d-----w- c:\users\petr\AppData\Local\Windows Live
2014-07-06 05:59 . 2014-07-06 05:59 -------- d-----w- c:\windows\WindowsMobile
2014-07-06 05:39 . 2014-05-20 02:33 59416 ----a-w- c:\windows\system32\wuauclt.exe
2014-07-06 05:39 . 2014-05-19 23:45 86528 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-07-06 05:39 . 2014-05-19 23:24 253440 ----a-w- c:\windows\system32\WUSettingsProvider.dll
2014-07-06 05:39 . 2014-05-19 23:24 100352 ----a-w- c:\windows\system32\wudriver.dll
2014-07-06 05:39 . 2014-05-19 23:24 176640 ----a-w- c:\windows\system32\storewuauth.dll
2014-07-06 05:39 . 2014-05-19 23:45 629248 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-07-06 05:39 . 2014-05-19 23:24 3286528 ----a-w- c:\windows\system32\wuaueng.dll
2014-07-06 05:39 . 2014-05-19 23:24 1623040 ----a-w- c:\windows\system32\wucltux.dll
2014-07-06 05:39 . 2014-05-19 23:24 773632 ----a-w- c:\windows\system32\wuapi.dll
2014-07-06 05:38 . 2014-05-14 22:43 40448 ----a-w- c:\windows\system32\wuapp.exe
2014-07-06 05:38 . 2014-05-14 22:43 144384 ----a-w- c:\windows\system32\wuwebv.dll
2014-07-06 05:38 . 2014-05-14 22:42 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-07-06 05:38 . 2014-05-14 22:42 128000 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-07-04 10:53 . 2014-07-04 10:53 257704 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin
2014-06-27 17:43 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2014-06-27 17:27 . 2014-06-27 17:28 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2014-06-27 17:27 . 2014-06-27 17:27 -------- d-----w- c:\windows\SysWow64\xlive
2014-06-27 08:09 . 2014-06-27 08:09 -------- d-----w- c:\program files (x86)\FreeTime
2014-06-26 15:05 . 2014-06-26 15:05 -------- d-----w- c:\users\petr\AppData\Local\ESET
2014-06-26 08:58 . 2014-06-26 09:03 -------- d-----w- c:\program files (x86)\PCSX2 1.0.0
2014-06-26 08:53 . 2014-06-26 08:53 -------- d-----w- c:\users\petr\AppData\Local\Adobe
2014-06-26 04:40 . 2014-06-26 04:40 -------- d-----w- c:\program files\ESET
2014-06-25 11:07 . 2014-06-25 11:07 1 ----a-w- c:\windows\SysWow64\SI.bin
2014-06-25 11:07 . 2001-09-05 04:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2014-06-25 11:07 . 2001-09-05 04:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2014-06-25 11:07 . 2001-09-05 04:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2014-06-25 11:07 . 2001-09-05 04:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2014-06-25 11:07 . 2002-07-25 08:07 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2014-06-25 07:58 . 2014-06-25 07:58 -------- d-----w- c:\program files (x86)\GOG.com
2014-06-25 07:57 . 2014-06-25 07:57 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-06-25 07:43 . 2008-07-31 08:41 72200 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2014-06-25 07:43 . 2008-07-31 08:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll
2014-06-25 07:43 . 2008-07-31 08:40 513544 ----a-w- c:\windows\system32\XAudio2_2.dll
2014-06-25 07:43 . 2008-07-31 08:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll
2014-06-25 07:43 . 2008-07-31 08:41 238088 ----a-w- c:\windows\SysWow64\xactengine3_2.dll
2014-06-25 07:43 . 2008-07-31 08:41 177672 ----a-w- c:\windows\system32\xactengine3_2.dll
2014-06-25 07:43 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
2014-06-25 07:35 . 2014-06-25 07:35 -------- d-----w- c:\users\petr\AppData\Roaming\InstallShield
2014-06-25 06:13 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-06-25 06:13 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-06-25 06:11 . 2014-06-05 01:54 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5B3E3C5-F4EE-4E8D-8F8D-F7097113FF67}\mpengine.dll
2014-06-24 12:04 . 2014-06-25 05:03 -------- d-----w- c:\users\petr\AppData\Roaming\vlc
2014-06-24 12:04 . 2014-06-24 12:04 -------- d-----w- c:\program files (x86)\VideoLAN
2014-06-23 18:13 . 2014-07-17 11:56 -------- d-----w- c:\program files (x86)\Steam
2014-06-23 17:54 . 2014-06-23 17:54 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-17 12:24 . 2014-06-16 04:59 62 ----a-w- c:\users\petr\AppData\Roaming\sp_data.sys
2014-06-16 12:59 . 2014-06-16 12:59 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-06-16 12:59 . 2014-06-16 12:59 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-06-16 05:02 . 2012-07-26 08:13 23264 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-05-20 02:44 . 2014-03-26 13:47 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-05-20 02:44 . 2014-03-26 13:47 837056 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-05-20 02:44 . 2014-03-26 13:47 166568 ----a-w- c:\windows\system32\nvinitx.dll
2014-05-20 02:44 . 2014-03-26 13:47 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-05-20 02:44 . 2014-03-26 13:47 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 01:25 . 2014-03-26 13:48 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2014-03-26 13:48 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2014-03-26 13:48 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2014-03-26 13:48 76064 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-05-20 01:25 . 2014-03-26 13:48 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2014-03-26 13:48 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-05-20 01:25 . 2014-03-26 13:48 2560968 ----a-w- c:\windows\system32\nvsvcr.dll
2014-05-20 01:25 . 2014-03-26 13:48 1078616 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-05-16 12:03 . 2014-05-16 12:03 141600 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2014-05-14 23:49 . 2014-03-26 13:48 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75) ----
.
2014-07-10 14:12 . 2014-07-10 14:12 0 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\SIM1\telecom\mch.vcf
2014-07-10 14:12 . 2014-07-10 14:12 0 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\SIM1\telecom\och.vcf
2014-07-10 14:12 . 2014-07-10 14:12 0 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\SIM1\telecom\ich.vcf
2014-07-10 14:12 . 2014-07-10 14:12 1686 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\SIM1\telecom\pb.vcf
2014-07-10 14:12 . 2014-07-15 17:50 3353 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\telecom\mch.vcf
2014-07-10 14:12 . 2014-07-15 17:50 10679 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\telecom\och.vcf
2014-07-10 14:12 . 2014-07-15 17:50 1831 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\telecom\ich.vcf
2014-07-10 14:12 . 2014-07-14 18:14 11234 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\telecom\pb.vcf
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21446272]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2013-05-01 3187360]
"ASUSWebStorage"="c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe" [2012-12-19 3576784]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-28 91432]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-07-03 831192]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 edevmon;edevmon;c:\windows\system32\DRIVERS\edevmon.sys;c:\windows\SYSNATIVE\DRIVERS\edevmon.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe;c:\program files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [x]
S2 Asus WebStorage Windows Service;Asus WebStorage Windows Service;c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe;c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 ATP;ASUS Input Device;c:\windows\System32\drivers\AsusTP.sys;c:\windows\SYSNATIVE\drivers\AsusTP.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 HIDSwitch;ASUS Wireless Radio Control;c:\windows\System32\drivers\AsHIDSwitch64.sys;c:\windows\SYSNATIVE\drivers\AsHIDSwitch64.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsBaStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-17 07:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-13 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-13 399984]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-05-30 13550152]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-05-20 1308232]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-02-24 5581888]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus13.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\petr\AppData\Roaming\Mozilla\Firefox\Profiles\j5tov78t.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
c:\program files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
c:\program files (x86)\ASUS\Splendid\ACMON.exe
c:\program files (x86)\ASUS\Splendid\ColorUService.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
c:\program files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
.
**************************************************************************
.
Celkový čas: 2014-07-17 14:52:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-17 12:51
ComboFix2.txt 2014-07-16 08:56
.
Před spuštěním: 214 558 064 640 bytes free
Po spuštění: 214 349 180 928 bytes free
.
- - End Of File - - 820A3937CF36DB875B72195A86F4F9AC
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.6030.4571 [GMT 2:00]
Spuštěný z: c:\users\petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\petr\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gkgobrtd
-------\Service_inbjlvdp
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-17 do 2014-07-17 )))))))))))))))))))))))))))))))
.
.
2014-07-17 12:13 . 2014-07-17 12:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-16 08:57 . 2014-07-17 12:25 -------- d-----w- c:\users\petr\AppData\Local\temp
2014-07-16 06:51 . 2014-07-16 07:01 30312 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-07-16 06:51 . 2014-07-16 06:51 -------- d-----w- c:\programdata\RogueKiller
2014-07-16 06:43 . 2014-07-16 06:43 -------- d-----w- c:\windows\ERUNT
2014-07-15 16:06 . 2014-07-15 16:06 -------- d-----w- c:\users\petr\AppData\Roaming\Ubisoft
2014-07-15 06:55 . 2014-07-15 06:55 -------- d-----w- c:\programdata\Ubisoft
2014-07-14 17:15 . 2014-06-24 06:41 10115584 ----a-w- c:\windows\system32\twinui.dll
2014-07-14 17:15 . 2014-06-24 04:08 8858624 ----a-w- c:\windows\SysWow64\twinui.dll
2014-07-14 17:15 . 2014-06-24 07:36 703440 ----a-w- c:\windows\system32\NotificationUI.exe
2014-07-14 17:15 . 2014-06-24 06:39 2307072 ----a-w- c:\windows\system32\authui.dll
2014-07-14 17:15 . 2014-06-24 04:06 2037760 ----a-w- c:\windows\SysWow64\authui.dll
2014-07-14 17:15 . 2014-06-24 06:41 694784 ----a-w- c:\windows\system32\WSShared.dll
2014-07-14 17:15 . 2014-06-24 06:40 125952 ----a-w- c:\windows\system32\WinSetupUI.dll
2014-07-14 17:15 . 2014-06-24 06:39 2146304 ----a-w- c:\windows\system32\actxprxy.dll
2014-07-14 17:15 . 2014-06-24 06:41 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-14 17:15 . 2014-06-24 04:08 567808 ----a-w- c:\windows\SysWow64\WSShared.dll
2014-07-14 17:15 . 2014-06-24 04:08 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-14 17:15 . 2014-06-24 04:06 754176 ----a-w- c:\windows\SysWow64\actxprxy.dll
2014-07-14 10:00 . 2014-07-14 10:00 -------- d-----w- c:\program files (x86)\Bandicam
2014-07-14 09:38 . 2014-07-14 09:38 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-14 05:32 . 2014-07-14 05:32 -------- d-----w- c:\users\petr\VirtualBox VMs
2014-07-14 05:31 . 2014-07-14 05:50 -------- d-----w- c:\users\petr\.VirtualBox
2014-07-14 05:30 . 2014-05-16 12:04 254240 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2014-07-14 05:30 . 2014-07-14 10:05 -------- dc----w- c:\windows\system32\DRVSTORE
2014-07-14 05:30 . 2014-05-16 12:03 128288 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2014-07-13 19:06 . 2014-07-13 19:09 -------- d-----w- c:\programdata\BlueStacks
2014-07-13 19:06 . 2014-07-13 19:06 -------- d-----w- c:\program files (x86)\BlueStacks
2014-07-13 19:05 . 2014-07-13 19:05 -------- d-----w- c:\users\petr\AppData\Local\Bluestacks
2014-07-13 16:04 . 2014-07-13 16:04 -------- d-----w- c:\users\petr\AppData\Roaming\BANDISOFT
2014-07-13 16:04 . 2014-07-13 16:04 -------- d-----w- c:\program files (x86)\BandiMPEG1
2014-07-13 15:42 . 2014-07-16 06:41 -------- d-----w- C:\AdwCleaner
2014-07-13 15:39 . 2014-07-13 15:39 -------- d-----w- c:\program files\Microsoft Silverlight
2014-07-13 15:05 . 2006-01-05 14:52 90112 ----a-w- c:\windows\RSetupCE.exe
2014-07-13 15:05 . 2014-07-13 15:05 -------- d-----w- c:\program files (x86)\Resco
2014-07-13 15:05 . 2014-07-13 15:05 -------- d-----w- c:\program files (x86)\Microsoft ActiveSync
2014-07-13 09:09 . 2014-05-29 04:04 94552 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2014-07-13 09:09 . 2014-05-08 01:34 328024 ----a-w- c:\windows\system32\drivers\Classpnp.sys
2014-07-12 08:41 . 2014-07-17 12:24 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-12 08:40 . 2014-07-12 08:40 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-07-12 08:40 . 2014-07-12 08:40 -------- d-----w- c:\programdata\Malwarebytes
2014-07-12 08:40 . 2014-05-12 05:26 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-12 08:40 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-12 08:40 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-11 16:34 . 2014-07-11 16:34 -------- d-----w- c:\program files (x86)\Foxy Games
2014-07-11 16:34 . 2014-07-11 16:34 -------- d-----w- C:\Downloads
2014-07-11 16:07 . 2014-07-11 16:37 -------- d-----w- c:\users\petr\AppData\Roaming\Rovio
2014-07-11 16:04 . 2014-07-11 16:04 -------- d-----w- c:\program files (x86)\Rovio Entertainment Ltd
2014-07-11 16:03 . 2014-07-11 16:07 -------- d-----w- c:\users\petr\AppData\Roaming\Rovio Entertainment Ltd
2014-07-11 15:38 . 2014-07-11 15:38 -------- d-----w- c:\users\petr\AppData\Roaming\com.rovio.AngryBirdsBreakfast2
2014-07-11 15:38 . 2014-07-11 15:38 -------- d-----w- c:\users\petr\AppData\Roaming\Angry Birds Breakfast 2
2014-07-10 14:12 . 2014-07-10 14:12 -------- d-----w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)
2014-07-10 07:20 . 2014-06-26 20:53 703968 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-10 07:20 . 2014-06-26 20:53 105440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 07:17 . 2014-07-10 07:17 -------- d-s---w- c:\windows\system32\CompatTel
2014-07-09 10:07 . 2014-06-19 02:10 15369728 ----a-w- c:\windows\system32\ieframe.dll
2014-07-09 10:06 . 2014-06-06 14:06 596480 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 10:06 . 2014-06-06 10:17 497152 ----a-w- c:\windows\SysWow64\qedit.dll
2014-07-09 10:06 . 2014-05-29 22:24 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-09 08:58 . 2014-07-13 18:43 -------- d-----w- c:\programdata\PopCap Games
2014-07-09 08:58 . 2014-07-09 08:58 -------- d-----w- c:\program files (x86)\PopCap Games
2014-07-09 08:42 . 2014-07-09 08:42 -------- d-----w- c:\programdata\ASUS
2014-07-06 19:18 . 2014-07-06 19:18 -------- d-----w- c:\users\petr\AppData\Roaming\iFunbox_UserCache
2014-07-06 19:18 . 2014-07-06 19:18 -------- d-----w- c:\program files (x86)\i-Funbox DevTeam
2014-07-06 07:56 . 2004-04-12 15:27 609584 ----a-w- c:\windows\SysWow64\comctl32.ocx
2014-07-06 07:56 . 2014-07-06 07:56 -------- d-----w- c:\program files (x86)\Mp3 Knife
2014-07-06 07:56 . 2004-04-12 15:27 152848 ----a-w- c:\windows\SysWow64\comdlg32.ocx
2014-07-06 07:56 . 2004-04-12 15:27 1081616 ----a-w- c:\windows\SysWow64\mscomctl.ocx
2014-07-06 07:38 . 2014-07-06 14:26 -------- d-----w- c:\users\petr\AppData\Local\Windows Live
2014-07-06 05:59 . 2014-07-06 05:59 -------- d-----w- c:\windows\WindowsMobile
2014-07-06 05:39 . 2014-05-20 02:33 59416 ----a-w- c:\windows\system32\wuauclt.exe
2014-07-06 05:39 . 2014-05-19 23:45 86528 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-07-06 05:39 . 2014-05-19 23:24 253440 ----a-w- c:\windows\system32\WUSettingsProvider.dll
2014-07-06 05:39 . 2014-05-19 23:24 100352 ----a-w- c:\windows\system32\wudriver.dll
2014-07-06 05:39 . 2014-05-19 23:24 176640 ----a-w- c:\windows\system32\storewuauth.dll
2014-07-06 05:39 . 2014-05-19 23:45 629248 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-07-06 05:39 . 2014-05-19 23:24 3286528 ----a-w- c:\windows\system32\wuaueng.dll
2014-07-06 05:39 . 2014-05-19 23:24 1623040 ----a-w- c:\windows\system32\wucltux.dll
2014-07-06 05:39 . 2014-05-19 23:24 773632 ----a-w- c:\windows\system32\wuapi.dll
2014-07-06 05:38 . 2014-05-14 22:43 40448 ----a-w- c:\windows\system32\wuapp.exe
2014-07-06 05:38 . 2014-05-14 22:43 144384 ----a-w- c:\windows\system32\wuwebv.dll
2014-07-06 05:38 . 2014-05-14 22:42 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-07-06 05:38 . 2014-05-14 22:42 128000 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-07-04 10:53 . 2014-07-04 10:53 257704 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin
2014-06-27 17:43 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2014-06-27 17:43 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2014-06-27 17:27 . 2014-06-27 17:28 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2014-06-27 17:27 . 2014-06-27 17:27 -------- d-----w- c:\windows\SysWow64\xlive
2014-06-27 08:09 . 2014-06-27 08:09 -------- d-----w- c:\program files (x86)\FreeTime
2014-06-26 15:05 . 2014-06-26 15:05 -------- d-----w- c:\users\petr\AppData\Local\ESET
2014-06-26 08:58 . 2014-06-26 09:03 -------- d-----w- c:\program files (x86)\PCSX2 1.0.0
2014-06-26 08:53 . 2014-06-26 08:53 -------- d-----w- c:\users\petr\AppData\Local\Adobe
2014-06-26 04:40 . 2014-06-26 04:40 -------- d-----w- c:\program files\ESET
2014-06-25 11:07 . 2014-06-25 11:07 1 ----a-w- c:\windows\SysWow64\SI.bin
2014-06-25 11:07 . 2001-09-05 04:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2014-06-25 11:07 . 2001-09-05 04:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2014-06-25 11:07 . 2001-09-05 04:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2014-06-25 11:07 . 2001-09-05 04:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2014-06-25 11:07 . 2002-07-25 08:07 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2014-06-25 07:58 . 2014-06-25 07:58 -------- d-----w- c:\program files (x86)\GOG.com
2014-06-25 07:57 . 2014-06-25 07:57 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-06-25 07:43 . 2008-07-31 08:41 72200 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2014-06-25 07:43 . 2008-07-31 08:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll
2014-06-25 07:43 . 2008-07-31 08:40 513544 ----a-w- c:\windows\system32\XAudio2_2.dll
2014-06-25 07:43 . 2008-07-31 08:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll
2014-06-25 07:43 . 2008-07-31 08:41 238088 ----a-w- c:\windows\SysWow64\xactengine3_2.dll
2014-06-25 07:43 . 2008-07-31 08:41 177672 ----a-w- c:\windows\system32\xactengine3_2.dll
2014-06-25 07:43 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2014-06-25 07:43 . 2008-07-12 06:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
2014-06-25 07:35 . 2014-06-25 07:35 -------- d-----w- c:\users\petr\AppData\Roaming\InstallShield
2014-06-25 06:13 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-06-25 06:13 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-06-25 06:11 . 2014-06-05 01:54 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5B3E3C5-F4EE-4E8D-8F8D-F7097113FF67}\mpengine.dll
2014-06-24 12:04 . 2014-06-25 05:03 -------- d-----w- c:\users\petr\AppData\Roaming\vlc
2014-06-24 12:04 . 2014-06-24 12:04 -------- d-----w- c:\program files (x86)\VideoLAN
2014-06-23 18:13 . 2014-07-17 11:56 -------- d-----w- c:\program files (x86)\Steam
2014-06-23 17:54 . 2014-06-23 17:54 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-17 12:24 . 2014-06-16 04:59 62 ----a-w- c:\users\petr\AppData\Roaming\sp_data.sys
2014-06-16 12:59 . 2014-06-16 12:59 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-06-16 12:59 . 2014-06-16 12:59 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-06-16 05:02 . 2012-07-26 08:13 23264 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-05-20 02:44 . 2014-03-26 13:47 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-05-20 02:44 . 2014-03-26 13:47 837056 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-05-20 02:44 . 2014-03-26 13:47 166568 ----a-w- c:\windows\system32\nvinitx.dll
2014-05-20 02:44 . 2014-03-26 13:47 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-05-20 02:44 . 2014-03-26 13:47 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 01:25 . 2014-03-26 13:48 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2014-03-26 13:48 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2014-03-26 13:48 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2014-03-26 13:48 76064 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-05-20 01:25 . 2014-03-26 13:48 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2014-03-26 13:48 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-05-20 01:25 . 2014-03-26 13:48 2560968 ----a-w- c:\windows\system32\nvsvcr.dll
2014-05-20 01:25 . 2014-03-26 13:48 1078616 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-05-16 12:03 . 2014-05-16 12:03 141600 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2014-05-14 23:49 . 2014-03-26 13:48 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75) ----
.
2014-07-10 14:12 . 2014-07-10 14:12 0 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\SIM1\telecom\mch.vcf
2014-07-10 14:12 . 2014-07-10 14:12 0 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\SIM1\telecom\och.vcf
2014-07-10 14:12 . 2014-07-10 14:12 0 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\SIM1\telecom\ich.vcf
2014-07-10 14:12 . 2014-07-10 14:12 1686 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\SIM1\telecom\pb.vcf
2014-07-10 14:12 . 2014-07-15 17:50 3353 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\telecom\mch.vcf
2014-07-10 14:12 . 2014-07-15 17:50 10679 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\telecom\och.vcf
2014-07-10 14:12 . 2014-07-15 17:50 1831 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\telecom\ich.vcf
2014-07-10 14:12 . 2014-07-14 18:14 11234 ----a-w- c:\users\petr\AppData\Roaming\(20-CF-30-22-91-75)\telecom\pb.vcf
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21446272]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2013-05-01 3187360]
"ASUSWebStorage"="c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe" [2012-12-19 3576784]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-28 91432]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-07-03 831192]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 edevmon;edevmon;c:\windows\system32\DRIVERS\edevmon.sys;c:\windows\SYSNATIVE\DRIVERS\edevmon.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe;c:\program files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [x]
S2 Asus WebStorage Windows Service;Asus WebStorage Windows Service;c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe;c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 ATP;ASUS Input Device;c:\windows\System32\drivers\AsusTP.sys;c:\windows\SYSNATIVE\drivers\AsusTP.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 HIDSwitch;ASUS Wireless Radio Control;c:\windows\System32\drivers\AsHIDSwitch64.sys;c:\windows\SYSNATIVE\drivers\AsHIDSwitch64.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsBaStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-17 07:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-09-27 07:15 1472512 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-13 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-13 399984]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-05-30 13550152]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-05-20 1308232]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-02-24 5581888]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus13.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\petr\AppData\Roaming\Mozilla\Firefox\Profiles\j5tov78t.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
c:\program files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
c:\program files (x86)\ASUS\Splendid\ACMON.exe
c:\program files (x86)\ASUS\Splendid\ColorUService.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
c:\program files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
.
**************************************************************************
.
Celkový čas: 2014-07-17 14:52:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-17 12:51
ComboFix2.txt 2014-07-16 08:56
.
Před spuštěním: 214 558 064 640 bytes free
Po spuštění: 214 349 180 928 bytes free
.
- - End Of File - - 820A3937CF36DB875B72195A86F4F9AC
Re: Podezření na vir... Po zapnutí ntb nejdou někdy zvuky
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-07-17 15:10:14
-----------------------------
15:10:14.861 OS Version: Windows x64 6.2.9200
15:10:14.861 Number of processors: 4 586 0x3A09
15:10:14.862 ComputerName: PETAS UserName: petr
15:10:16.075 Initialize success
15:10:16.075 VM: initialized successfully
15:10:16.077 VM: Intel CPU supported
15:10:17.591 VM: disk I/O iaStorA.sys
15:10:21.205 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003e
15:10:21.207 Disk 0 Vendor: TOSHIBA_MQ01ABD075 AX0R2J Size: 715404MB BusType: 11
15:10:21.325 Disk 0 MBR read successfully
15:10:21.327 Disk 0 MBR scan
15:10:21.329 Disk 0 unknown MBR code
15:10:21.331 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
15:10:21.358 Disk 0 scanning C:\Windows\system32\drivers
15:10:29.257 Service scanning
15:10:56.992 Modules scanning
15:10:56.997 Disk 0 trace - called modules:
15:10:57.035 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
15:10:57.366 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80078db480]
15:10:57.370 3 CLASSPNP.SYS[fffff8800202ae0a] -> nt!IofCallDriver -> [0xfffffa80053d5320]
15:10:57.373 5 ACPI.sys[fffff88001161a91] -> nt!IofCallDriver -> \Device\0000003e[0xfffffa8005f5d2b0]
15:10:57.376 Scan finished successfully
15:11:21.226 Disk 0 MBR has been saved successfully to "C:\Users\petr\Desktop\MBR.dat"
15:11:21.232 The log file has been saved successfully to "C:\Users\petr\Desktop\aswMBR.txt"
Run date: 2014-07-17 15:10:14
-----------------------------
15:10:14.861 OS Version: Windows x64 6.2.9200
15:10:14.861 Number of processors: 4 586 0x3A09
15:10:14.862 ComputerName: PETAS UserName: petr
15:10:16.075 Initialize success
15:10:16.075 VM: initialized successfully
15:10:16.077 VM: Intel CPU supported
15:10:17.591 VM: disk I/O iaStorA.sys
15:10:21.205 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003e
15:10:21.207 Disk 0 Vendor: TOSHIBA_MQ01ABD075 AX0R2J Size: 715404MB BusType: 11
15:10:21.325 Disk 0 MBR read successfully
15:10:21.327 Disk 0 MBR scan
15:10:21.329 Disk 0 unknown MBR code
15:10:21.331 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
15:10:21.358 Disk 0 scanning C:\Windows\system32\drivers
15:10:29.257 Service scanning
15:10:56.992 Modules scanning
15:10:56.997 Disk 0 trace - called modules:
15:10:57.035 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
15:10:57.366 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80078db480]
15:10:57.370 3 CLASSPNP.SYS[fffff8800202ae0a] -> nt!IofCallDriver -> [0xfffffa80053d5320]
15:10:57.373 5 ACPI.sys[fffff88001161a91] -> nt!IofCallDriver -> \Device\0000003e[0xfffffa8005f5d2b0]
15:10:57.376 Scan finished successfully
15:11:21.226 Disk 0 MBR has been saved successfully to "C:\Users\petr\Desktop\MBR.dat"
15:11:21.232 The log file has been saved successfully to "C:\Users\petr\Desktop\aswMBR.txt"
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Podezření na vir... Po zapnutí ntb nejdou někdy zvuky
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Vlož nový log z HJT + info o problémech.
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Vlož nový log z HJT + info o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Podezření na vir... Po zapnutí ntb nejdou někdy zvuky
problémy lepší ale pořád se to někdy nezapne... + mozilla padá
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:38:54, on 17. 7. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17028)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Users\petr\Downloads\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 10252 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:38:54, on 17. 7. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17028)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Users\petr\Downloads\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 10252 bytes
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Podezření na vir... Po zapnutí ntb nejdou někdy zvuky
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Návod
Kód: Vybrat vše
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Podezření na vir... Po zapnutí ntb nejdou někdy zvuky
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:13:01, on 18. 7. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17028)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Users\petr\Downloads\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9776 bytes
Scan saved at 7:13:01, on 18. 7. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17028)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Users\petr\Downloads\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9776 bytes
Re: Podezření na vir... Po zapnutí ntb nejdou někdy zvuky
OLT part 1
OTL logfile created on: 18. 7. 2014 7:14:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\petr\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17028)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy
5,89 Gb Total Physical Memory | 3,75 Gb Available Physical Memory | 63,73% Memory free
6,83 Gb Paging File | 4,56 Gb Available in Paging File | 66,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,45 Gb Total Space | 206,46 Gb Free Space | 73,88% Space Free | Partition Type: NTFS
Drive D: | 397,88 Gb Total Space | 311,52 Gb Free Space | 78,30% Space Free | Partition Type: NTFS
Computer Name: PETAS | User Name: petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\petr\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\659ebd9440c376370eb28c9fda18ba81\HD-Agent.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\4046e4df13bb2db580a7dec11f791eb3\JSON.ni.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d7aaae3b1c95a1a658446d302b9a7f88\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\0e9817b12da250f8d4c680e1cb26e1c0\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\11b4af16e791a6b0ada4a97d3e64e27a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\61be23d6a688188e3419a1eb46fc9d9d\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ffb7bbc6548ff34bc125a8fec79315dc\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\d3abe72a65b16c5ca129dd4509450190\PresentationFramework.Aero2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\952cc4d9a277dc4b0abc0de4a64b11a6\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\d860b38580f4403397d67fa84d624447\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\e2fb4aca9e25e4eaac703466d36b17ed\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f0602360211041a6be208f0b4138dddd\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\779dadb04e24fe80ff179e61d7e4d0f2\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ea1456f24ec82177f7668e05dc3be08b\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9fd292dfdb6f603ef866ad1844e1c59c\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a25f0fba1eabe72621a562b30081bcaa\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\877505b0899d28885b04e71cf0358fc7\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\dc8da0badb9b3a5c24ad7756900f3325\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\87a46d23bf6d209a5590e0fd66fdb68d\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\30caed6dd3390553adf0d78426beb375\UIAutomationTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\391541c89ed7585fc7e8936c43cee387\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (BstHdUpdaterSvc) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Qualcomm Atheros Commnucations)
SRV - (ZAtheros Bt and Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (Asus WebStorage Windows Service) -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe ()
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (ASUS InstantOn) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\Drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\Drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\Drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\Drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (ssudserd) -- C:\Windows\SysNative\Drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\Drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\Drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (HIDSwitch) -- C:\Windows\SysNative\Drivers\AsHIDSwitch64.sys (ASUS)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\Drivers\eamonm.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\Drivers\ehdrv.sys (ESET)
DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\Drivers\epfwwfpr.sys (ESET)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (ATP) -- C:\Windows\SysNative\Drivers\AsusTP.sys (ASUS Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\Drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\Drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\Drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\Drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\Drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\Drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\Drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\Drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RSBASTOR) -- C:\Windows\SysNative\Drivers\RtsBaStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\Drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\Drivers\kbfiltr.sys ( )
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\Drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\Drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\Drivers\e1i63x64.sys (Intel Corporation)
DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2014/06/26 06:40:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014/06/26 06:40:14 | 000,000,000 | ---D | M]
[2014/06/16 16:55:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\petr\AppData\Roaming\Mozilla\Extensions
[2014/07/16 21:49:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\petr\AppData\Roaming\Mozilla\Firefox\Profiles\j5tov78t.default\extensions
[2014/06/16 16:55:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/16 16:55:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2014/07/17 14:24:43 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D2B9A37-2229-4143-9F51-EE47803A468D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2E0CF7B-2EF1-424A-84CA-E26CACE0493C}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/07/17 21:18:27 | 000,000,000 | ---D | C] -- C:\NVIDIA Corporation
OTL logfile created on: 18. 7. 2014 7:14:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\petr\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17028)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy
5,89 Gb Total Physical Memory | 3,75 Gb Available Physical Memory | 63,73% Memory free
6,83 Gb Paging File | 4,56 Gb Available in Paging File | 66,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,45 Gb Total Space | 206,46 Gb Free Space | 73,88% Space Free | Partition Type: NTFS
Drive D: | 397,88 Gb Total Space | 311,52 Gb Free Space | 78,30% Space Free | Partition Type: NTFS
Computer Name: PETAS | User Name: petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\petr\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\659ebd9440c376370eb28c9fda18ba81\HD-Agent.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\4046e4df13bb2db580a7dec11f791eb3\JSON.ni.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d7aaae3b1c95a1a658446d302b9a7f88\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\0e9817b12da250f8d4c680e1cb26e1c0\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\11b4af16e791a6b0ada4a97d3e64e27a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\61be23d6a688188e3419a1eb46fc9d9d\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ffb7bbc6548ff34bc125a8fec79315dc\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\d3abe72a65b16c5ca129dd4509450190\PresentationFramework.Aero2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\952cc4d9a277dc4b0abc0de4a64b11a6\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\d860b38580f4403397d67fa84d624447\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\e2fb4aca9e25e4eaac703466d36b17ed\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f0602360211041a6be208f0b4138dddd\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\779dadb04e24fe80ff179e61d7e4d0f2\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ea1456f24ec82177f7668e05dc3be08b\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9fd292dfdb6f603ef866ad1844e1c59c\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a25f0fba1eabe72621a562b30081bcaa\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\877505b0899d28885b04e71cf0358fc7\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\dc8da0badb9b3a5c24ad7756900f3325\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\87a46d23bf6d209a5590e0fd66fdb68d\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\30caed6dd3390553adf0d78426beb375\UIAutomationTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\391541c89ed7585fc7e8936c43cee387\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (BstHdUpdaterSvc) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Qualcomm Atheros Commnucations)
SRV - (ZAtheros Bt and Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (Asus WebStorage Windows Service) -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe ()
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (ASUS InstantOn) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\Drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\Drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\Drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\Drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (ssudserd) -- C:\Windows\SysNative\Drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\Drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\Drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (HIDSwitch) -- C:\Windows\SysNative\Drivers\AsHIDSwitch64.sys (ASUS)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\Drivers\eamonm.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\Drivers\ehdrv.sys (ESET)
DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\Drivers\epfwwfpr.sys (ESET)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (ATP) -- C:\Windows\SysNative\Drivers\AsusTP.sys (ASUS Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\Drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\Drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\Drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\Drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\Drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\Drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\Drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\Drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RSBASTOR) -- C:\Windows\SysNative\Drivers\RtsBaStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\Drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\Drivers\kbfiltr.sys ( )
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\Drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\Drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\Drivers\e1i63x64.sys (Intel Corporation)
DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2014/06/26 06:40:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014/06/26 06:40:14 | 000,000,000 | ---D | M]
[2014/06/16 16:55:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\petr\AppData\Roaming\Mozilla\Extensions
[2014/07/16 21:49:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\petr\AppData\Roaming\Mozilla\Firefox\Profiles\j5tov78t.default\extensions
[2014/06/16 16:55:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/16 16:55:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2014/07/17 14:24:43 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D2B9A37-2229-4143-9F51-EE47803A468D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2E0CF7B-2EF1-424A-84CA-E26CACE0493C}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/07/17 21:18:27 | 000,000,000 | ---D | C] -- C:\NVIDIA Corporation
Re: Podezření na vir... Po zapnutí ntb nejdou někdy zvuky
part 2
[2014/07/17 21:18:27 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014/07/17 19:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/07/17 19:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/07/17 19:32:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/07/17 14:53:12 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/07/16 10:57:30 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\temp
[2014/07/16 10:11:00 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/07/16 08:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2014/07/16 08:43:33 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/07/15 18:06:08 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Ubisoft
[2014/07/15 08:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2014/07/14 19:15:35 | 010,115,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014/07/14 19:15:35 | 008,858,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014/07/14 19:15:28 | 002,307,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/07/14 19:15:28 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/07/14 19:15:28 | 000,703,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NotificationUI.exe
[2014/07/14 19:15:27 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2014/07/14 19:15:27 | 000,694,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/07/14 19:15:27 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2014/07/14 19:15:26 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/07/14 19:15:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/14 19:15:26 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/14 12:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
[2014/07/14 12:00:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bandicam
[2014/07/14 11:38:49 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/07/14 11:38:47 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/07/14 11:38:47 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/07/14 11:38:47 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/07/14 11:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/07/14 11:30:25 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
[2014/07/14 07:32:16 | 000,000,000 | ---D | C] -- C:\Users\petr\VirtualBox VMs
[2014/07/14 07:31:41 | 000,000,000 | ---D | C] -- C:\Users\petr\.VirtualBox
[2014/07/14 07:30:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/07/13 21:06:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2014/07/13 21:06:36 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2014/07/13 21:06:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2014/07/13 21:05:53 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\Bluestacks
[2014/07/13 20:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2014/07/13 18:04:53 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\BANDISOFT
[2014/07/13 18:04:50 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\Bandicam
[2014/07/13 18:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BandiMPEG1
[2014/07/13 17:42:07 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/07/13 17:40:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/07/13 17:39:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/07/13 17:07:17 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\Resco
[2014/07/13 17:05:41 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Resco
[2014/07/13 17:05:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resco
[2014/07/13 17:05:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Resco
[2014/07/13 17:05:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ActiveSync
[2014/07/13 11:09:06 | 000,328,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2014/07/12 10:41:01 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/12 10:40:49 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/12 10:40:49 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/12 10:40:49 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/07/12 10:40:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/07/12 10:40:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/07/12 07:20:34 | 000,000,000 | ---D | C] -- C:\Users\petr\Desktop\Videa písniček
[2014/07/11 18:34:55 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Angry Birds Seasons
[2014/07/11 18:34:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxy Games
[2014/07/11 18:34:06 | 000,000,000 | ---D | C] -- C:\Downloads
[2014/07/11 18:07:07 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Rovio
[2014/07/11 18:04:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rovio Entertainment Ltd
[2014/07/11 18:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio Entertainment Ltd
[2014/07/11 18:03:39 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Rovio Entertainment Ltd
[2014/07/11 17:38:29 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\com.rovio.AngryBirdsBreakfast2
[2014/07/11 17:38:07 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Angry Birds Breakfast 2
[2014/07/11 17:38:03 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Angry Birds Breakfast 2
[2014/07/10 16:12:32 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\(20-CF-30-22-91-75)
[2014/07/10 09:20:45 | 000,703,968 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/07/10 09:20:45 | 000,105,440 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/07/10 09:17:19 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/07/09 12:08:37 | 006,974,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/07/09 12:08:37 | 001,824,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/07/09 12:08:37 | 001,023,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014/07/09 12:08:36 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Robocopy.exe
[2014/07/09 12:08:36 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Robocopy.exe
[2014/07/09 12:08:33 | 001,557,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/07/09 12:08:33 | 001,440,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/07/09 12:08:27 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2014/07/09 12:08:20 | 001,281,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/07/09 12:08:20 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SHCore.dll
[2014/07/09 12:08:20 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SHCore.dll
[2014/07/09 12:08:20 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll
[2014/07/09 12:08:11 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/07/09 12:08:11 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/07/09 12:08:11 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2014/07/09 12:08:11 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2014/07/09 12:07:54 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/07/09 12:07:50 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/07/09 12:07:49 | 001,508,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/07/09 12:07:49 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/07/09 12:07:49 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2014/07/09 12:07:49 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/07/09 12:07:49 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/07/09 12:07:49 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/07/09 12:07:49 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/07/09 12:07:48 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/07/09 12:07:48 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/07/09 12:07:48 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/07/09 12:07:48 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/07/09 12:07:48 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/07/09 12:07:48 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/07/09 12:07:48 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/07/09 12:07:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/07/09 12:07:47 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/07/09 12:07:47 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2014/07/09 12:07:47 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2014/07/09 12:07:47 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/07/09 12:07:47 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/07/09 12:06:28 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/07/09 12:06:28 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/07/09 10:58:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
[2014/07/09 10:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2014/07/09 10:58:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PopCap Games
[2014/07/09 10:43:01 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\ASUS
[2014/07/09 10:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2014/07/06 21:18:57 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\iFunbox_UserCache
[2014/07/06 21:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
[2014/07/06 21:18:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\i-Funbox DevTeam
[2014/07/06 09:56:25 | 000,609,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comctl32.ocx
[2014/07/06 09:56:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3 Knife
[2014/07/06 09:56:24 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl.ocx
[2014/07/06 09:56:24 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comdlg32.ocx
[2014/07/06 09:56:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3 Knife
[2014/07/06 09:38:11 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\Windows Live
[2014/07/06 07:59:14 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile
[2014/07/06 07:39:15 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/07/06 07:39:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2014/07/06 07:39:15 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/07/06 07:39:15 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/07/06 07:39:15 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/07/06 07:39:14 | 001,623,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/07/06 07:39:14 | 000,773,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/07/06 07:39:14 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/07/06 07:38:58 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/07/06 07:38:58 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/07/06 07:38:58 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/07/06 07:38:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/06/27 19:43:40 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2014/06/27 19:43:40 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2014/06/27 19:43:40 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2014/06/27 19:43:40 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2014/06/27 19:43:38 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2014/06/27 19:43:38 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2014/06/27 19:28:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2014/06/27 19:27:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2014/06/27 19:27:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2014/06/27 10:10:06 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2014/06/27 10:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2014/06/26 17:05:31 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\ESET
[2014/06/26 11:03:12 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\PCSX2
[2014/06/26 11:02:57 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2014/06/26 11:02:57 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2014/06/26 11:02:57 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2014/06/26 11:02:57 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2014/06/26 11:02:55 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2014/06/26 11:02:55 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2014/06/26 11:02:55 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2014/06/26 11:02:55 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2014/06/26 11:02:54 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2014/06/26 11:02:54 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2014/06/26 11:02:53 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2014/06/26 11:02:53 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2014/06/26 11:02:43 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2014/06/26 11:02:43 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2014/06/26 11:02:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2014/06/26 11:02:39 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2014/06/26 11:02:38 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2014/06/26 11:02:38 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2014/06/26 11:02:36 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2014/06/26 11:02:36 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2014/06/26 11:02:35 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2014/06/26 11:02:35 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2014/06/26 11:02:35 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2014/06/26 11:02:35 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2014/06/26 11:02:34 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2014/06/26 11:02:34 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2014/06/26 11:02:33 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2014/06/26 11:02:33 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2014/06/26 11:02:32 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2014/06/26 11:02:32 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2014/06/26 11:02:32 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2014/06/26 11:02:32 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2014/06/26 11:02:32 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2014/06/26 11:02:32 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2014/06/26 11:02:31 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2014/06/26 11:02:31 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2014/06/26 11:02:18 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2014/06/26 11:02:18 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2014/06/26 11:02:18 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2014/06/26 11:02:18 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2014/06/26 11:02:16 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2014/06/26 11:02:16 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2014/06/26 11:02:16 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2014/06/26 11:02:16 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2014/06/26 10:58:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2014/06/26 10:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
[2014/06/26 10:58:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCSX2 1.0.0
[2014/06/26 10:56:58 | 000,000,000 | ---D | C] -- C:\Users\petr\Desktop\pcsx
[2014/06/26 10:53:57 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\Adobe
[2014/06/26 06:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2014/06/26 06:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2014/06/26 06:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/06/25 13:08:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nival Interactive
[2014/06/25 13:05:39 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\My Games
[2014/06/25 10:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2014/06/25 09:58:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GOG.com
[2014/06/25 09:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014/06/25 09:57:14 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014/06/25 09:49:06 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
[2014/06/25 09:48:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2014/06/25 09:43:05 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2014/06/25 09:43:05 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2014/06/25 09:43:05 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2014/06/25 09:43:05 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2014/06/25 09:43:03 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2014/06/25 09:43:03 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2014/06/25 09:43:02 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2014/06/25 09:43:02 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2014/06/25 09:43:01 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2014/06/25 09:43:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2014/06/25 09:43:00 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2014/06/25 09:43:00 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2014/06/25 09:42:57 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2014/06/25 09:42:57 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2014/06/25 09:42:56 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2014/06/25 09:42:56 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2014/06/25 09:42:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2014/06/25 09:42:56 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2014/06/25 09:42:55 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2014/06/25 09:42:55 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2014/06/25 09:42:55 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2014/06/25 09:42:55 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2014/06/25 09:42:54 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2014/06/25 09:42:54 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2014/06/25 09:42:54 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2014/06/25 09:42:54 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2014/06/25 09:42:53 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2014/06/25 09:42:53 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2014/06/25 09:42:52 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2014/06/25 09:42:52 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2014/06/25 09:42:52 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2014/06/25 09:42:52 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2014/06/25 09:42:52 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2014/06/25 09:42:52 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2014/06/25 09:42:51 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2014/06/25 09:42:51 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2014/06/25 09:42:51 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2014/06/25 09:42:51 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2014/06/25 09:42:50 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2014/06/25 09:42:50 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2014/06/25 09:42:49 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2014/06/25 09:42:49 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2014/06/25 09:42:49 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2014/06/25 09:42:49 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2014/06/25 09:42:48 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2014/06/25 09:42:48 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2014/06/25 09:42:47 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2014/06/25 09:42:47 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2014/06/25 09:42:47 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2014/06/25 09:42:47 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2014/06/25 09:42:47 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2014/06/25 09:42:47 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2014/06/25 09:42:46 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2014/06/25 09:42:46 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2014/06/25 09:42:44 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014/06/25 09:42:44 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2014/06/25 09:42:44 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014/06/25 09:42:44 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2014/06/25 09:42:44 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2014/06/25 09:42:44 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2014/06/25 09:42:44 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2014/06/25 09:42:44 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2014/06/25 09:42:43 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2014/06/25 09:42:43 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2014/06/25 09:42:42 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2014/06/25 09:42:42 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2014/06/25 09:42:41 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2014/06/25 09:42:41 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2014/06/25 09:42:41 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2014/06/25 09:42:41 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2014/06/25 09:42:41 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2014/06/25 09:42:41 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2014/06/25 09:42:40 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2014/06/25 09:42:40 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2014/06/25 09:42:39 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2014/06/25 09:42:39 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2014/06/25 09:42:39 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2014/06/25 09:42:39 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2014/06/25 09:42:38 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2014/06/25 09:42:38 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2014/06/25 09:42:37 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2014/06/25 09:42:37 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2014/06/25 09:42:37 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2014/06/25 09:42:37 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2014/06/25 09:42:36 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2014/06/25 09:42:36 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014/06/25 09:42:36 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2014/06/25 09:42:36 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2014/06/25 09:42:35 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2014/06/25 09:42:35 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2014/06/25 09:42:35 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2014/06/25 09:42:35 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2014/06/25 09:42:34 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2014/06/25 09:42:34 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2014/06/25 09:42:33 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2014/06/25 09:42:33 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2014/06/25 09:42:20 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2014/06/25 09:42:20 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2014/06/25 09:42:19 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2014/06/25 09:42:19 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2014/06/25 09:42:19 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2014/06/25 09:42:19 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2014/06/25 09:42:19 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2014/06/25 09:42:19 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2014/06/25 09:42:18 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2014/06/25 09:42:18 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2014/06/25 09:42:17 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2014/06/25 09:42:17 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2014/06/25 09:42:17 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2014/06/25 09:42:17 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2014/06/25 09:42:16 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2014/06/25 09:42:16 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2014/06/25 09:42:15 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2014/06/25 09:42:15 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2014/06/25 09:41:17 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2014/06/25 09:35:56 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\InstallShield
[2014/06/24 14:04:31 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\vlc
[2014/06/24 14:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/06/24 14:04:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/06/23 20:13:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2014/06/23 19:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/06/23 19:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/06/23 19:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014/06/23 13:53:44 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014/06/23 13:53:44 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014/06/23 13:53:43 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014/06/23 13:53:43 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2014/06/23 13:53:01 | 001,225,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014/06/23 13:53:01 | 001,081,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014/06/23 13:51:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014/06/23 13:51:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/06/23 13:51:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2014/06/23 13:51:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2014/06/23 13:46:41 | 018,531,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014/06/23 13:46:41 | 016,003,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014/06/23 13:46:40 | 031,387,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014/06/23 13:46:40 | 011,599,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014/06/23 13:46:40 | 009,697,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014/06/23 13:46:40 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2014/06/23 13:46:39 | 024,025,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014/06/23 13:46:38 | 000,354,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014/06/23 13:46:38 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014/06/23 13:46:37 | 017,480,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014/07/17 21:18:27 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014/07/17 19:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/07/17 19:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/07/17 19:32:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/07/17 14:53:12 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/07/16 10:57:30 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\temp
[2014/07/16 10:11:00 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/07/16 08:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2014/07/16 08:43:33 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/07/15 18:06:08 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Ubisoft
[2014/07/15 08:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2014/07/14 19:15:35 | 010,115,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014/07/14 19:15:35 | 008,858,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014/07/14 19:15:28 | 002,307,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/07/14 19:15:28 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/07/14 19:15:28 | 000,703,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NotificationUI.exe
[2014/07/14 19:15:27 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2014/07/14 19:15:27 | 000,694,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/07/14 19:15:27 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2014/07/14 19:15:26 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/07/14 19:15:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/14 19:15:26 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/14 12:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
[2014/07/14 12:00:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bandicam
[2014/07/14 11:38:49 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/07/14 11:38:47 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/07/14 11:38:47 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/07/14 11:38:47 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/07/14 11:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/07/14 11:30:25 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
[2014/07/14 07:32:16 | 000,000,000 | ---D | C] -- C:\Users\petr\VirtualBox VMs
[2014/07/14 07:31:41 | 000,000,000 | ---D | C] -- C:\Users\petr\.VirtualBox
[2014/07/14 07:30:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/07/13 21:06:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2014/07/13 21:06:36 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2014/07/13 21:06:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2014/07/13 21:05:53 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\Bluestacks
[2014/07/13 20:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2014/07/13 18:04:53 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\BANDISOFT
[2014/07/13 18:04:50 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\Bandicam
[2014/07/13 18:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BandiMPEG1
[2014/07/13 17:42:07 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/07/13 17:40:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/07/13 17:39:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/07/13 17:07:17 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\Resco
[2014/07/13 17:05:41 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Resco
[2014/07/13 17:05:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resco
[2014/07/13 17:05:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Resco
[2014/07/13 17:05:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ActiveSync
[2014/07/13 11:09:06 | 000,328,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2014/07/12 10:41:01 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/12 10:40:49 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/12 10:40:49 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/12 10:40:49 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/07/12 10:40:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/07/12 10:40:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/07/12 07:20:34 | 000,000,000 | ---D | C] -- C:\Users\petr\Desktop\Videa písniček
[2014/07/11 18:34:55 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Angry Birds Seasons
[2014/07/11 18:34:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxy Games
[2014/07/11 18:34:06 | 000,000,000 | ---D | C] -- C:\Downloads
[2014/07/11 18:07:07 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Rovio
[2014/07/11 18:04:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rovio Entertainment Ltd
[2014/07/11 18:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio Entertainment Ltd
[2014/07/11 18:03:39 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Rovio Entertainment Ltd
[2014/07/11 17:38:29 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\com.rovio.AngryBirdsBreakfast2
[2014/07/11 17:38:07 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Angry Birds Breakfast 2
[2014/07/11 17:38:03 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Angry Birds Breakfast 2
[2014/07/10 16:12:32 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\(20-CF-30-22-91-75)
[2014/07/10 09:20:45 | 000,703,968 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/07/10 09:20:45 | 000,105,440 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/07/10 09:17:19 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/07/09 12:08:37 | 006,974,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/07/09 12:08:37 | 001,824,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/07/09 12:08:37 | 001,023,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014/07/09 12:08:36 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Robocopy.exe
[2014/07/09 12:08:36 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Robocopy.exe
[2014/07/09 12:08:33 | 001,557,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/07/09 12:08:33 | 001,440,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/07/09 12:08:27 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2014/07/09 12:08:20 | 001,281,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/07/09 12:08:20 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SHCore.dll
[2014/07/09 12:08:20 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SHCore.dll
[2014/07/09 12:08:20 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll
[2014/07/09 12:08:11 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/07/09 12:08:11 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/07/09 12:08:11 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2014/07/09 12:08:11 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2014/07/09 12:07:54 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/07/09 12:07:50 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/07/09 12:07:49 | 001,508,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/07/09 12:07:49 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/07/09 12:07:49 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2014/07/09 12:07:49 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/07/09 12:07:49 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/07/09 12:07:49 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/07/09 12:07:49 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/07/09 12:07:48 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/07/09 12:07:48 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/07/09 12:07:48 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/07/09 12:07:48 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/07/09 12:07:48 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/07/09 12:07:48 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/07/09 12:07:48 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/07/09 12:07:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/07/09 12:07:47 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/07/09 12:07:47 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2014/07/09 12:07:47 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2014/07/09 12:07:47 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/07/09 12:07:47 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/07/09 12:06:28 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/07/09 12:06:28 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/07/09 10:58:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
[2014/07/09 10:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2014/07/09 10:58:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PopCap Games
[2014/07/09 10:43:01 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\ASUS
[2014/07/09 10:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2014/07/06 21:18:57 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\iFunbox_UserCache
[2014/07/06 21:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
[2014/07/06 21:18:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\i-Funbox DevTeam
[2014/07/06 09:56:25 | 000,609,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comctl32.ocx
[2014/07/06 09:56:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3 Knife
[2014/07/06 09:56:24 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl.ocx
[2014/07/06 09:56:24 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comdlg32.ocx
[2014/07/06 09:56:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3 Knife
[2014/07/06 09:38:11 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\Windows Live
[2014/07/06 07:59:14 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile
[2014/07/06 07:39:15 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/07/06 07:39:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2014/07/06 07:39:15 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/07/06 07:39:15 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/07/06 07:39:15 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/07/06 07:39:14 | 001,623,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/07/06 07:39:14 | 000,773,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/07/06 07:39:14 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/07/06 07:38:58 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/07/06 07:38:58 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/07/06 07:38:58 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/07/06 07:38:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/06/27 19:43:40 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2014/06/27 19:43:40 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2014/06/27 19:43:40 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2014/06/27 19:43:40 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2014/06/27 19:43:38 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2014/06/27 19:43:38 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2014/06/27 19:28:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2014/06/27 19:27:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2014/06/27 19:27:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2014/06/27 10:10:06 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2014/06/27 10:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2014/06/26 17:05:31 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\ESET
[2014/06/26 11:03:12 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\PCSX2
[2014/06/26 11:02:57 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2014/06/26 11:02:57 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2014/06/26 11:02:57 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2014/06/26 11:02:57 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2014/06/26 11:02:55 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2014/06/26 11:02:55 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2014/06/26 11:02:55 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2014/06/26 11:02:55 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2014/06/26 11:02:54 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2014/06/26 11:02:54 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2014/06/26 11:02:53 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2014/06/26 11:02:53 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2014/06/26 11:02:43 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2014/06/26 11:02:43 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2014/06/26 11:02:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2014/06/26 11:02:39 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2014/06/26 11:02:38 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2014/06/26 11:02:38 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2014/06/26 11:02:36 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2014/06/26 11:02:36 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2014/06/26 11:02:35 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2014/06/26 11:02:35 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2014/06/26 11:02:35 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2014/06/26 11:02:35 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2014/06/26 11:02:34 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2014/06/26 11:02:34 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2014/06/26 11:02:33 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2014/06/26 11:02:33 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2014/06/26 11:02:32 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2014/06/26 11:02:32 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2014/06/26 11:02:32 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2014/06/26 11:02:32 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2014/06/26 11:02:32 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2014/06/26 11:02:32 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2014/06/26 11:02:31 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2014/06/26 11:02:31 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2014/06/26 11:02:18 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2014/06/26 11:02:18 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2014/06/26 11:02:18 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2014/06/26 11:02:18 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2014/06/26 11:02:16 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2014/06/26 11:02:16 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2014/06/26 11:02:16 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2014/06/26 11:02:16 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2014/06/26 10:58:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2014/06/26 10:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
[2014/06/26 10:58:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCSX2 1.0.0
[2014/06/26 10:56:58 | 000,000,000 | ---D | C] -- C:\Users\petr\Desktop\pcsx
[2014/06/26 10:53:57 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\Adobe
[2014/06/26 06:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2014/06/26 06:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2014/06/26 06:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/06/25 13:08:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nival Interactive
[2014/06/25 13:05:39 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\My Games
[2014/06/25 10:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2014/06/25 09:58:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GOG.com
[2014/06/25 09:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014/06/25 09:57:14 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014/06/25 09:49:06 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
[2014/06/25 09:48:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2014/06/25 09:43:05 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2014/06/25 09:43:05 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2014/06/25 09:43:05 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2014/06/25 09:43:05 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2014/06/25 09:43:03 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2014/06/25 09:43:03 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2014/06/25 09:43:02 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2014/06/25 09:43:02 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2014/06/25 09:43:01 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2014/06/25 09:43:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2014/06/25 09:43:00 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2014/06/25 09:43:00 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2014/06/25 09:42:57 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2014/06/25 09:42:57 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2014/06/25 09:42:56 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2014/06/25 09:42:56 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2014/06/25 09:42:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2014/06/25 09:42:56 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2014/06/25 09:42:55 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2014/06/25 09:42:55 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2014/06/25 09:42:55 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2014/06/25 09:42:55 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2014/06/25 09:42:54 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2014/06/25 09:42:54 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2014/06/25 09:42:54 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2014/06/25 09:42:54 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2014/06/25 09:42:53 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2014/06/25 09:42:53 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2014/06/25 09:42:52 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2014/06/25 09:42:52 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2014/06/25 09:42:52 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2014/06/25 09:42:52 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2014/06/25 09:42:52 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2014/06/25 09:42:52 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2014/06/25 09:42:51 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2014/06/25 09:42:51 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2014/06/25 09:42:51 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2014/06/25 09:42:51 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2014/06/25 09:42:50 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2014/06/25 09:42:50 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2014/06/25 09:42:49 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2014/06/25 09:42:49 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2014/06/25 09:42:49 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2014/06/25 09:42:49 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2014/06/25 09:42:48 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2014/06/25 09:42:48 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2014/06/25 09:42:47 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2014/06/25 09:42:47 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2014/06/25 09:42:47 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2014/06/25 09:42:47 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2014/06/25 09:42:47 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2014/06/25 09:42:47 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2014/06/25 09:42:46 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2014/06/25 09:42:46 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2014/06/25 09:42:44 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014/06/25 09:42:44 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2014/06/25 09:42:44 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014/06/25 09:42:44 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2014/06/25 09:42:44 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2014/06/25 09:42:44 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2014/06/25 09:42:44 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2014/06/25 09:42:44 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2014/06/25 09:42:43 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2014/06/25 09:42:43 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2014/06/25 09:42:42 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2014/06/25 09:42:42 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2014/06/25 09:42:41 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2014/06/25 09:42:41 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2014/06/25 09:42:41 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2014/06/25 09:42:41 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2014/06/25 09:42:41 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2014/06/25 09:42:41 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2014/06/25 09:42:40 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2014/06/25 09:42:40 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2014/06/25 09:42:39 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2014/06/25 09:42:39 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2014/06/25 09:42:39 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2014/06/25 09:42:39 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2014/06/25 09:42:38 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2014/06/25 09:42:38 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2014/06/25 09:42:37 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2014/06/25 09:42:37 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2014/06/25 09:42:37 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2014/06/25 09:42:37 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2014/06/25 09:42:36 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2014/06/25 09:42:36 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014/06/25 09:42:36 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2014/06/25 09:42:36 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2014/06/25 09:42:35 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2014/06/25 09:42:35 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2014/06/25 09:42:35 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2014/06/25 09:42:35 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2014/06/25 09:42:34 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2014/06/25 09:42:34 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2014/06/25 09:42:33 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2014/06/25 09:42:33 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2014/06/25 09:42:20 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2014/06/25 09:42:20 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2014/06/25 09:42:19 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2014/06/25 09:42:19 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2014/06/25 09:42:19 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2014/06/25 09:42:19 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2014/06/25 09:42:19 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2014/06/25 09:42:19 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2014/06/25 09:42:18 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2014/06/25 09:42:18 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2014/06/25 09:42:17 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2014/06/25 09:42:17 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2014/06/25 09:42:17 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2014/06/25 09:42:17 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2014/06/25 09:42:16 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2014/06/25 09:42:16 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2014/06/25 09:42:15 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2014/06/25 09:42:15 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2014/06/25 09:41:17 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2014/06/25 09:35:56 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\InstallShield
[2014/06/24 14:04:31 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\vlc
[2014/06/24 14:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/06/24 14:04:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/06/23 20:13:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2014/06/23 19:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/06/23 19:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/06/23 19:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014/06/23 13:53:44 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014/06/23 13:53:44 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014/06/23 13:53:43 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014/06/23 13:53:43 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2014/06/23 13:53:01 | 001,225,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014/06/23 13:53:01 | 001,081,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014/06/23 13:51:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014/06/23 13:51:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/06/23 13:51:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2014/06/23 13:51:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2014/06/23 13:46:41 | 018,531,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014/06/23 13:46:41 | 016,003,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014/06/23 13:46:40 | 031,387,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014/06/23 13:46:40 | 011,599,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014/06/23 13:46:40 | 009,697,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014/06/23 13:46:40 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2014/06/23 13:46:39 | 024,025,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014/06/23 13:46:38 | 000,354,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014/06/23 13:46:38 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014/06/23 13:46:37 | 017,480,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
Re: Podezření na vir... Po zapnutí ntb nejdou někdy zvuky
part 3
[2014/06/23 13:46:37 | 014,434,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014/06/23 13:46:37 | 001,889,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433788.dll
[2014/06/23 13:46:37 | 001,541,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433788.dll
[2014/06/23 13:46:37 | 000,895,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014/06/23 13:46:37 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014/06/23 13:46:37 | 000,867,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014/06/23 13:46:37 | 000,861,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014/06/23 13:46:36 | 011,644,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014/06/23 13:46:36 | 009,735,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014/06/23 13:46:36 | 003,141,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014/06/23 13:46:36 | 002,953,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014/06/23 13:46:36 | 002,785,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014/06/23 13:46:36 | 002,412,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014/06/23 13:46:29 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014/06/23 13:46:29 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014/06/23 13:46:28 | 002,730,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014/06/23 10:18:12 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014/06/23 10:18:04 | 000,037,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014/06/23 10:18:04 | 000,034,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014/06/23 10:16:22 | 005,979,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/06/23 10:16:21 | 005,092,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/06/23 10:16:21 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/06/23 10:16:20 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/06/23 10:16:20 | 000,332,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/06/23 10:16:14 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
[2014/06/23 10:15:50 | 002,219,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2014/06/23 10:15:49 | 002,391,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/06/23 10:15:49 | 002,106,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014/06/23 10:15:49 | 001,842,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2014/06/23 10:15:47 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2014/06/23 10:15:45 | 001,527,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcore.dll
[2014/06/23 10:15:44 | 001,453,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcore.dll
[2014/06/23 10:15:40 | 001,403,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014/06/23 10:15:40 | 001,271,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014/06/23 10:15:37 | 001,217,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014/06/23 10:15:37 | 001,093,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014/06/23 10:15:37 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll
[2014/06/23 10:15:37 | 000,583,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2014/06/23 10:15:36 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll
[2014/06/23 10:15:36 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceSetupManager.dll
[2014/06/23 10:15:36 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2014/06/23 10:15:36 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MbaeParserTask.exe
[2014/06/23 10:15:35 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2014/06/23 10:15:35 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys
[2014/06/23 10:14:55 | 000,652,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2014/06/23 10:14:42 | 003,246,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/06/23 10:14:42 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2014/06/23 10:14:39 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014/06/23 10:14:33 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2014/06/23 10:14:33 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2014/06/23 10:14:06 | 002,371,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSService.dll
[2014/06/23 10:14:06 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2014/06/23 10:14:05 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll
[2014/06/23 10:14:04 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
[2014/06/23 10:14:04 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll
[2014/06/23 10:14:03 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSSync.dll
[2014/06/23 10:14:02 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSClient.dll
[2014/06/23 10:14:02 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSClient.dll
[2014/06/23 10:14:02 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSSync.dll
[2014/06/23 10:14:02 | 000,058,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dam.sys
[2014/06/23 10:13:59 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcln.dll
[2014/06/23 10:13:57 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll
[2014/06/23 10:13:43 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.dll
[2014/06/23 10:13:41 | 001,301,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/06/23 10:13:05 | 000,096,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2014/06/23 09:59:14 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/06/23 09:59:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/06/23 08:49:38 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\.minecraft
[2014/06/23 06:13:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/06/22 17:13:52 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\Might & Magic Heroes VI
[2014/06/22 17:13:52 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Might & Magic Heroes VI
[2014/06/22 16:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdaNet for Android
[2014/06/22 16:26:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DoughGo
[2014/06/22 15:44:21 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\DAEMON Tools Lite
[2014/06/22 15:44:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2014/06/22 15:43:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014/06/22 13:40:45 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\.android
[2014/06/22 13:39:32 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\91 Wireless
[2014/06/22 13:39:01 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\zhuodashi
[2014/06/22 13:34:48 | 000,000,000 | ---D | C] -- C:\temp
[2014/06/22 13:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZhuoDaShi
[2014/06/22 12:56:42 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\CrashDumps
[2014/06/22 12:56:30 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro
[2014/06/22 12:56:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unlockroot Pro
[2014/06/22 12:56:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seznam.cz
[2014/06/22 12:55:43 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Seznam.cz
[2014/06/22 12:43:48 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\mgyun
[2014/06/22 12:28:57 | 000,000,000 | ---D | C] -- C:\Mobile Upgrade S 4.1.3
[2014/06/22 12:03:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PdaNet for Android
[2014/06/22 11:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SP_FT_Logs
[2014/06/22 11:14:26 | 000,000,000 | ---D | C] -- C:\Mobile Upgrade S 4.0.2
[2014/06/22 11:14:22 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\Programs
[2014/06/22 11:08:08 | 000,000,000 | ---D | C] -- C:\ONE TOUCH Upgrade S 2.8.0
[2014/06/22 11:05:09 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/06/22 10:28:39 | 000,000,000 | ---D | C] -- C:\Users\petr\.android
[2014/06/22 09:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/06/22 09:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/06/22 09:40:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/06/22 09:39:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/06/22 09:35:37 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\uTorrent
[2014/06/19 14:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/06/19 14:02:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2014/06/19 14:02:31 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\Microsoft Help
[2014/06/19 14:02:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/06/19 14:02:17 | 000,000,000 | R--D | C] -- C:\MSOCache
[2014/06/19 13:54:15 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\WinRAR
[2014/06/19 13:53:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2014/06/19 13:45:44 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\Skype
[2014/06/19 13:45:28 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Skype
[2014/06/19 13:45:18 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014/06/18 21:16:42 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\NVIDIA Corporation
[2014/06/18 21:16:42 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\NVIDIA
[2014/06/18 20:27:34 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2014/06/18 20:12:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014/06/18 20:12:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2014/06/18 15:47:05 | 000,000,000 | R--D | C] -- C:\Windows\BrowserChoice
[2014/06/18 14:14:50 | 013,661,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2014/06/18 14:14:48 | 010,799,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2014/06/18 14:14:46 | 001,173,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2014/06/18 14:14:46 | 000,914,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2014/06/18 14:14:45 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2014/06/18 14:14:45 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll
[2014/06/18 14:14:45 | 000,151,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tpm.sys
[2014/06/18 14:14:45 | 000,061,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2014/06/18 14:14:45 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/06/18 14:14:45 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/06/18 14:14:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/06/18 14:14:29 | 002,273,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2014/06/18 14:14:28 | 002,839,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2014/06/18 14:14:25 | 000,439,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
[2014/06/18 14:14:25 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2014/06/18 14:14:25 | 000,385,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
[2014/06/18 14:14:25 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/06/18 14:14:25 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcmsvc.dll
[2014/06/18 14:14:25 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2014/06/18 14:14:25 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmmbase.dll
[2014/06/18 14:14:25 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmmbase.dll
[2014/06/18 14:14:25 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2014/06/18 14:14:24 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2014/06/18 14:14:24 | 000,195,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2014/06/18 14:14:24 | 000,125,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2014/06/18 14:14:24 | 000,120,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpioclx.sys
[2014/06/18 14:14:24 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcmcsp.dll
[2014/06/18 14:14:23 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/06/18 14:14:23 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/06/18 14:14:23 | 000,543,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanmm.dll
[2014/06/18 14:14:23 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.BackgroundTransfer.dll
[2014/06/18 14:14:23 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wwanadvui.dll
[2014/06/18 14:14:23 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/06/18 14:14:23 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\openfiles.exe
[2014/06/18 14:14:23 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\openfiles.exe
[2014/06/18 14:14:22 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LocationApi.dll
[2014/06/18 14:14:22 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LocationApi.dll
[2014/06/18 14:14:10 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/06/18 14:14:09 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\resutils.dll
[2014/06/18 14:14:09 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2014/06/18 14:14:09 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2014/06/18 14:14:08 | 000,447,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS
[2014/06/18 14:14:08 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2014/06/18 14:14:08 | 000,285,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys
[2014/06/18 14:13:35 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallAPI.dll
[2014/06/18 14:13:31 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/06/18 14:07:18 | 001,125,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2014/06/18 14:07:17 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll
[2014/06/18 14:07:17 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mbsmsapi.dll
[2014/06/18 14:07:17 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2014/06/18 14:07:16 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll
[2014/06/18 14:07:16 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mbsmsapi.dll
[2014/06/18 14:07:16 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncInfo.dll
[2014/06/18 14:07:05 | 001,374,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2014/06/18 14:07:05 | 001,245,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2014/06/18 14:07:05 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wvc.dll
[2014/06/18 14:07:05 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2014/06/18 14:07:05 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc.dll
[2014/06/18 14:07:05 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2014/06/18 14:07:03 | 001,258,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/06/18 14:07:03 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpedit.dll
[2014/06/18 14:07:03 | 001,075,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpedit.dll
[2014/06/18 14:07:03 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/06/18 14:07:03 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2014/06/18 13:47:20 | 000,269,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2014/06/18 13:47:20 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2014/06/18 11:45:40 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\Opera Software
[2014/06/18 11:45:39 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Opera Software
[2014/06/18 11:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
========== Files - Modified Within 30 Days ==========
[2014/07/18 06:54:34 | 000,000,062 | ---- | M] () -- C:\Users\petr\AppData\Roaming\sp_data.sys
[2014/07/18 06:52:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/17 20:46:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/17 19:33:38 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/07/17 17:22:50 | 069,732,742 | ---- | M] () -- C:\Users\petr\Desktop\Syberian Beast meets Mr. Moore - My Maid (Original Mix).mp4
[2014/07/17 16:52:29 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/17 16:48:34 | 762,970,111 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/17 16:48:34 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/07/17 15:11:21 | 000,000,512 | ---- | M] () -- C:\Users\petr\Desktop\MBR.dat
[2014/07/17 14:24:43 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/07/16 13:57:15 | 000,785,746 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014/07/16 13:57:15 | 000,730,544 | ---- | M] () -- C:\Windows\SysNative\perfh00E.dat
[2014/07/16 13:57:15 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/16 13:57:15 | 000,174,018 | ---- | M] () -- C:\Windows\SysNative\perfc00E.dat
[2014/07/16 13:57:15 | 000,159,396 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014/07/16 13:57:14 | 003,564,186 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/16 13:57:14 | 000,727,488 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014/07/16 13:57:14 | 000,148,006 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014/07/16 13:57:14 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/16 09:01:42 | 000,030,312 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2014/07/15 17:42:38 | 005,336,664 | ---- | M] () -- C:\Users\petr\Desktop\RogueKillerX64.exe
[2014/07/15 14:02:44 | 000,028,024 | ---- | M] () -- C:\Users\petr\Desktop\Výstřižek.PNG
[2014/07/15 09:42:08 | 062,804,191 | ---- | M] () -- C:\Users\petr\Desktop\Bruno Mars - The Lazy Song [OFFICIAL VIDEO].mp4
[2014/07/15 09:41:13 | 011,174,123 | ---- | M] () -- C:\Users\petr\Desktop\Michael Jackson - Smooth Criminal (Short Version).mp4
[2014/07/14 14:06:37 | 000,042,072 | ---- | M] () -- C:\Users\petr\Desktop\10530905_516540171806344_3757685075051839946_n.jpg
[2014/07/14 12:00:33 | 000,000,990 | ---- | M] () -- C:\Users\petr\Desktop\Bandicam.lnk
[2014/07/14 12:00:03 | 000,046,080 | ---- | M] () -- C:\Users\petr\Desktop\keymaker.exe
[2014/07/14 11:38:39 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/07/14 11:38:35 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/07/14 11:38:35 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/07/14 11:38:35 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/07/14 11:30:25 | 000,002,120 | ---- | M] () -- C:\Users\petr\Desktop\Minecraft.lnk
[2014/07/13 21:50:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/07/13 21:07:15 | 000,001,859 | ---- | M] () -- C:\Users\Public\Desktop\Apps.lnk
[2014/07/13 21:07:07 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2014/07/13 20:52:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/07/13 17:44:08 | 000,281,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/12 10:40:53 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/11 18:37:38 | 000,002,181 | ---- | M] () -- C:\Users\petr\Desktop\Angry Birds Seasons.lnk
[2014/07/11 18:04:29 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\Angry Birds Rio.lnk
[2014/07/11 17:38:08 | 000,001,144 | ---- | M] () -- C:\Users\petr\Desktop\Angry Birds Breakfast 2.lnk
[2014/07/11 08:52:43 | 907,605,756 | ---- | M] () -- C:\Users\petr\Desktop\MachinimaSound - Dance of the Pixies _ 1 Hour Version [READ DESC].mp4
[2014/07/11 08:52:43 | 106,605,652 | ---- | M] () -- C:\Users\petr\Desktop\MachinimaSound - Dance of the Pixies _ 1 Hour Version [READ DESC].mp3
[2014/07/09 20:25:27 | 000,083,615 | ---- | M] () -- C:\Users\petr\Desktop\Windows-81.jpg
[2014/07/09 10:58:36 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\Zuma Deluxe.lnk
[2014/07/06 08:02:44 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2014/07/01 00:42:56 | 000,394,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2014/07/01 00:42:48 | 000,702,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/07/01 00:42:48 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2014/06/28 05:35:04 | 000,556,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/06/27 10:10:06 | 000,001,200 | ---- | M] () -- C:\Users\petr\Desktop\Format Factory.lnk
[2014/06/26 22:53:24 | 000,703,968 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/06/26 22:53:24 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/06/26 10:58:40 | 000,001,987 | ---- | M] () -- C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
[2014/06/25 13:07:58 | 000,000,001 | ---- | M] () -- C:\Windows\SysWow64\SI.bin
[2014/06/25 10:00:50 | 000,002,272 | ---- | M] () -- C:\Users\Public\Desktop\Heroes of Might and Magic 4 Complete.lnk
[2014/06/25 09:57:23 | 000,001,952 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014/06/25 09:57:15 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014/06/25 09:50:35 | 000,000,907 | ---- | M] () -- C:\Users\Public\Desktop\Heroes of Might and Magic V - Hammers of Fate.lnk
[2014/06/25 09:49:06 | 000,000,929 | ---- | M] () -- C:\Users\petr\Desktop\µTorrent.lnk
[2014/06/25 09:43:27 | 000,000,891 | ---- | M] () -- C:\Users\petr\Desktop\Heroes of Might and Magic V.lnk
[2014/06/24 14:04:25 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/06/24 09:36:07 | 000,703,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NotificationUI.exe
[2014/06/24 09:35:44 | 000,010,450 | ---- | M] () -- C:\Windows\SysNative\autoconfig.cab
[2014/06/24 08:41:34 | 000,694,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/06/24 08:41:34 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/06/24 08:41:20 | 010,115,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014/06/24 08:40:27 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2014/06/24 08:39:40 | 002,307,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/06/24 08:39:31 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2014/06/24 06:08:30 | 000,567,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/06/24 06:08:30 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/06/24 06:08:21 | 008,858,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014/06/24 06:06:56 | 002,037,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/06/23 20:24:27 | 000,000,219 | ---- | M] () -- C:\Users\petr\Desktop\Team Fortress 2.url
[2014/06/23 20:13:47 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/06/23 19:54:36 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/06/23 14:12:59 | 000,001,349 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014/06/23 10:19:50 | 000,001,142 | ---- | M] () -- C:\Users\petr\Desktop\Vítejte u registrace produktu ASUS.lnk
[2014/06/19 04:12:31 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/06/19 04:12:02 | 000,915,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2014/06/19 04:12:02 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2014/06/19 04:11:04 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/06/19 04:11:01 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/06/19 04:10:56 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/06/19 04:10:33 | 003,959,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/06/19 04:10:32 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/06/19 04:10:28 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/06/19 04:10:28 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/06/19 04:10:28 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/06/19 04:10:18 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/06/19 04:10:17 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/06/19 04:09:55 | 001,508,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/06/19 02:53:42 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2014/06/19 02:53:03 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/06/19 02:53:01 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/06/19 02:52:46 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/06/19 02:52:42 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/06/19 02:52:42 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/06/19 02:52:42 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/06/19 02:52:19 | 001,440,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/06/18 11:45:30 | 000,001,131 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
========== Files Created - No Company Name ==========
[2014/07/17 19:33:38 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/07/17 17:22:50 | 069,732,742 | ---- | C] () -- C:\Users\petr\Desktop\Syberian Beast meets Mr. Moore - My Maid (Original Mix).mp4
[2014/07/17 15:11:21 | 000,000,512 | ---- | C] () -- C:\Users\petr\Desktop\MBR.dat
[2014/07/16 19:10:20 | 002,770,975 | ---- | C] () -- C:\Users\petr\Desktop\knifet.png
[2014/07/16 19:10:02 | 000,083,615 | ---- | C] () -- C:\Users\petr\Desktop\Windows-81.jpg
[2014/07/16 19:09:52 | 000,153,798 | ---- | C] () -- C:\Users\petr\Desktop\1485990_838180542876453_8117493145225186723_o.jpg
[2014/07/16 08:51:24 | 000,030,312 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2014/07/15 17:42:34 | 005,336,664 | ---- | C] () -- C:\Users\petr\Desktop\RogueKillerX64.exe
[2014/07/15 14:02:44 | 000,028,024 | ---- | C] () -- C:\Users\petr\Desktop\Výstřižek.PNG
[2014/07/15 09:41:21 | 062,804,191 | ---- | C] () -- C:\Users\petr\Desktop\Bruno Mars - The Lazy Song [OFFICIAL VIDEO].mp4
[2014/07/15 09:41:13 | 011,174,123 | ---- | C] () -- C:\Users\petr\Desktop\Michael Jackson - Smooth Criminal (Short Version).mp4
[2014/07/14 19:15:28 | 000,010,450 | ---- | C] () -- C:\Windows\SysNative\autoconfig.cab
[2014/07/14 14:06:36 | 000,042,072 | ---- | C] () -- C:\Users\petr\Desktop\10530905_516540171806344_3757685075051839946_n.jpg
[2014/07/14 12:00:33 | 000,000,990 | ---- | C] () -- C:\Users\petr\Desktop\Bandicam.lnk
[2014/07/14 12:00:03 | 000,046,080 | ---- | C] () -- C:\Users\petr\Desktop\keymaker.exe
[2014/07/14 11:45:46 | 000,000,283 | ---- | C] () -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koš.lnk
[2014/07/14 11:30:25 | 000,002,120 | ---- | C] () -- C:\Users\petr\Desktop\Minecraft.lnk
[2014/07/13 21:50:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/07/13 21:07:15 | 000,001,859 | ---- | C] () -- C:\Users\Public\Desktop\Apps.lnk
[2014/07/13 21:07:07 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2014/07/13 20:52:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/07/13 17:43:59 | 000,281,632 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/13 17:05:52 | 000,090,112 | ---- | C] () -- C:\Windows\RSetupCE.exe
[2014/07/12 10:40:53 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/11 18:34:56 | 000,002,181 | ---- | C] () -- C:\Users\petr\Desktop\Angry Birds Seasons.lnk
[2014/07/11 18:04:29 | 000,002,193 | ---- | C] () -- C:\Users\Public\Desktop\Angry Birds Rio.lnk
[2014/07/11 17:38:08 | 000,001,144 | ---- | C] () -- C:\Users\petr\Desktop\Angry Birds Breakfast 2.lnk
[2014/07/11 08:52:28 | 907,605,756 | ---- | C] () -- C:\Users\petr\Desktop\MachinimaSound - Dance of the Pixies _ 1 Hour Version [READ DESC].mp4
[2014/07/11 08:52:28 | 106,605,652 | ---- | C] () -- C:\Users\petr\Desktop\MachinimaSound - Dance of the Pixies _ 1 Hour Version [READ DESC].mp3
[2014/07/09 10:58:36 | 000,001,189 | ---- | C] () -- C:\Users\Public\Desktop\Zuma Deluxe.lnk
[2014/07/06 09:37:45 | 010,887,922 | ---- | C] () -- C:\Users\petr\Desktop\03-knife_party-bonfire.mp3
[2014/07/06 08:02:44 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2014/07/06 07:59:22 | 000,002,419 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
[2014/06/27 10:10:06 | 000,001,200 | ---- | C] () -- C:\Users\petr\Desktop\Format Factory.lnk
[2014/06/26 10:58:40 | 000,001,987 | ---- | C] () -- C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
[2014/06/25 13:07:58 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2014/06/25 10:00:50 | 000,002,272 | ---- | C] () -- C:\Users\Public\Desktop\Heroes of Might and Magic 4 Complete.lnk
[2014/06/25 09:57:23 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014/06/25 09:50:35 | 000,000,907 | ---- | C] () -- C:\Users\Public\Desktop\Heroes of Might and Magic V - Hammers of Fate.lnk
[2014/06/25 09:49:06 | 000,000,929 | ---- | C] () -- C:\Users\petr\Desktop\µTorrent.lnk
[2014/06/25 09:43:27 | 000,000,891 | ---- | C] () -- C:\Users\petr\Desktop\Heroes of Might and Magic V.lnk
[2014/06/24 14:04:25 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/06/23 20:13:47 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/06/23 19:54:36 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/06/23 14:12:59 | 000,001,349 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014/06/23 10:19:50 | 000,001,142 | ---- | C] () -- C:\Users\petr\Desktop\Vítejte u registrace produktu ASUS.lnk
[2014/06/23 10:14:31 | 000,387,268 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/06/23 10:13:57 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014/06/18 20:27:34 | 000,000,219 | ---- | C] () -- C:\Users\petr\Desktop\Team Fortress 2.url
[2014/06/18 11:45:30 | 000,001,131 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2014/06/18 11:45:30 | 000,001,131 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2014/06/16 06:59:19 | 000,000,062 | ---- | C] () -- C:\Users\petr\AppData\Roaming\sp_data.sys
[2013/08/05 08:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2013/08/05 08:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2013/07/22 04:52:54 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2013/07/22 04:52:52 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2013/07/22 04:52:52 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/05/01 13:15:31 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2012/07/26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/07/25 22:22:56 | 000,267,284 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/07/25 22:22:54 | 000,963,376 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
========== ZeroAccess Check ==========
[2014/06/25 09:41:36 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/28 10:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/28 08:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/07/10 16:12:33 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\(20-CF-30-22-91-75)
[2014/07/14 11:52:55 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\.minecraft
[2014/07/11 17:38:07 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\Angry Birds Breakfast 2
[2014/06/16 07:01:54 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\ASUS WebStorage
[2014/07/13 18:04:53 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\BANDISOFT
[2014/07/11 17:38:29 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\com.rovio.AngryBirdsBreakfast2
[2014/07/17 19:34:29 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\DAEMON Tools Lite
[2014/07/06 21:18:58 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\iFunbox_UserCache
[2014/06/22 12:43:55 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\mgyun
[2014/06/22 17:16:16 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\Might & Magic Heroes VI
[2014/06/18 11:45:39 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\Opera Software
[2014/07/11 18:37:55 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\Rovio
[2014/07/11 18:07:20 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\Rovio Entertainment Ltd
[2014/06/23 11:12:21 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\Seznam.cz
[2014/07/15 18:06:08 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\Ubisoft
[2014/07/14 11:36:51 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\uTorrent
[2014/06/23 11:12:17 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\zhuodashi
========== Purity Check ==========
< End of report >
[2014/06/23 13:46:37 | 014,434,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014/06/23 13:46:37 | 001,889,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433788.dll
[2014/06/23 13:46:37 | 001,541,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433788.dll
[2014/06/23 13:46:37 | 000,895,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014/06/23 13:46:37 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014/06/23 13:46:37 | 000,867,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014/06/23 13:46:37 | 000,861,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014/06/23 13:46:36 | 011,644,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014/06/23 13:46:36 | 009,735,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014/06/23 13:46:36 | 003,141,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014/06/23 13:46:36 | 002,953,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014/06/23 13:46:36 | 002,785,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014/06/23 13:46:36 | 002,412,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014/06/23 13:46:29 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014/06/23 13:46:29 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014/06/23 13:46:28 | 002,730,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014/06/23 10:18:12 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014/06/23 10:18:04 | 000,037,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014/06/23 10:18:04 | 000,034,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014/06/23 10:16:22 | 005,979,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/06/23 10:16:21 | 005,092,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/06/23 10:16:21 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/06/23 10:16:20 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/06/23 10:16:20 | 000,332,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/06/23 10:16:14 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
[2014/06/23 10:15:50 | 002,219,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2014/06/23 10:15:49 | 002,391,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/06/23 10:15:49 | 002,106,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014/06/23 10:15:49 | 001,842,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2014/06/23 10:15:47 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2014/06/23 10:15:45 | 001,527,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcore.dll
[2014/06/23 10:15:44 | 001,453,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcore.dll
[2014/06/23 10:15:40 | 001,403,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014/06/23 10:15:40 | 001,271,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014/06/23 10:15:37 | 001,217,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014/06/23 10:15:37 | 001,093,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014/06/23 10:15:37 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll
[2014/06/23 10:15:37 | 000,583,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2014/06/23 10:15:36 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll
[2014/06/23 10:15:36 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceSetupManager.dll
[2014/06/23 10:15:36 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2014/06/23 10:15:36 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MbaeParserTask.exe
[2014/06/23 10:15:35 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2014/06/23 10:15:35 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys
[2014/06/23 10:14:55 | 000,652,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2014/06/23 10:14:42 | 003,246,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/06/23 10:14:42 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2014/06/23 10:14:39 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014/06/23 10:14:33 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2014/06/23 10:14:33 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2014/06/23 10:14:06 | 002,371,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSService.dll
[2014/06/23 10:14:06 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2014/06/23 10:14:05 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll
[2014/06/23 10:14:04 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
[2014/06/23 10:14:04 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll
[2014/06/23 10:14:03 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSSync.dll
[2014/06/23 10:14:02 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSClient.dll
[2014/06/23 10:14:02 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSClient.dll
[2014/06/23 10:14:02 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSSync.dll
[2014/06/23 10:14:02 | 000,058,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dam.sys
[2014/06/23 10:13:59 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcln.dll
[2014/06/23 10:13:57 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll
[2014/06/23 10:13:43 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.dll
[2014/06/23 10:13:41 | 001,301,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/06/23 10:13:05 | 000,096,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2014/06/23 09:59:14 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/06/23 09:59:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/06/23 08:49:38 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\.minecraft
[2014/06/23 06:13:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/06/22 17:13:52 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\Might & Magic Heroes VI
[2014/06/22 17:13:52 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Might & Magic Heroes VI
[2014/06/22 16:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdaNet for Android
[2014/06/22 16:26:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DoughGo
[2014/06/22 15:44:21 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\DAEMON Tools Lite
[2014/06/22 15:44:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2014/06/22 15:43:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014/06/22 13:40:45 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\.android
[2014/06/22 13:39:32 | 000,000,000 | ---D | C] -- C:\Users\petr\Documents\91 Wireless
[2014/06/22 13:39:01 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\zhuodashi
[2014/06/22 13:34:48 | 000,000,000 | ---D | C] -- C:\temp
[2014/06/22 13:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZhuoDaShi
[2014/06/22 12:56:42 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\CrashDumps
[2014/06/22 12:56:30 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro
[2014/06/22 12:56:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unlockroot Pro
[2014/06/22 12:56:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seznam.cz
[2014/06/22 12:55:43 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Seznam.cz
[2014/06/22 12:43:48 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\mgyun
[2014/06/22 12:28:57 | 000,000,000 | ---D | C] -- C:\Mobile Upgrade S 4.1.3
[2014/06/22 12:03:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PdaNet for Android
[2014/06/22 11:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SP_FT_Logs
[2014/06/22 11:14:26 | 000,000,000 | ---D | C] -- C:\Mobile Upgrade S 4.0.2
[2014/06/22 11:14:22 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\Programs
[2014/06/22 11:08:08 | 000,000,000 | ---D | C] -- C:\ONE TOUCH Upgrade S 2.8.0
[2014/06/22 11:05:09 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/06/22 10:28:39 | 000,000,000 | ---D | C] -- C:\Users\petr\.android
[2014/06/22 09:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/06/22 09:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/06/22 09:40:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/06/22 09:39:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/06/22 09:35:37 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\uTorrent
[2014/06/19 14:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/06/19 14:02:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2014/06/19 14:02:31 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\Microsoft Help
[2014/06/19 14:02:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/06/19 14:02:17 | 000,000,000 | R--D | C] -- C:\MSOCache
[2014/06/19 13:54:15 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\WinRAR
[2014/06/19 13:53:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2014/06/19 13:45:44 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\Skype
[2014/06/19 13:45:28 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Skype
[2014/06/19 13:45:18 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014/06/18 21:16:42 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\NVIDIA Corporation
[2014/06/18 21:16:42 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\NVIDIA
[2014/06/18 20:27:34 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2014/06/18 20:12:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014/06/18 20:12:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2014/06/18 15:47:05 | 000,000,000 | R--D | C] -- C:\Windows\BrowserChoice
[2014/06/18 14:14:50 | 013,661,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2014/06/18 14:14:48 | 010,799,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2014/06/18 14:14:46 | 001,173,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2014/06/18 14:14:46 | 000,914,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2014/06/18 14:14:45 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2014/06/18 14:14:45 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll
[2014/06/18 14:14:45 | 000,151,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tpm.sys
[2014/06/18 14:14:45 | 000,061,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2014/06/18 14:14:45 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/06/18 14:14:45 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/06/18 14:14:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/06/18 14:14:29 | 002,273,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2014/06/18 14:14:28 | 002,839,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2014/06/18 14:14:25 | 000,439,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
[2014/06/18 14:14:25 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2014/06/18 14:14:25 | 000,385,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
[2014/06/18 14:14:25 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/06/18 14:14:25 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcmsvc.dll
[2014/06/18 14:14:25 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2014/06/18 14:14:25 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmmbase.dll
[2014/06/18 14:14:25 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmmbase.dll
[2014/06/18 14:14:25 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2014/06/18 14:14:24 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2014/06/18 14:14:24 | 000,195,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2014/06/18 14:14:24 | 000,125,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2014/06/18 14:14:24 | 000,120,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpioclx.sys
[2014/06/18 14:14:24 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcmcsp.dll
[2014/06/18 14:14:23 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/06/18 14:14:23 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/06/18 14:14:23 | 000,543,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanmm.dll
[2014/06/18 14:14:23 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.BackgroundTransfer.dll
[2014/06/18 14:14:23 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wwanadvui.dll
[2014/06/18 14:14:23 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/06/18 14:14:23 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\openfiles.exe
[2014/06/18 14:14:23 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\openfiles.exe
[2014/06/18 14:14:22 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LocationApi.dll
[2014/06/18 14:14:22 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LocationApi.dll
[2014/06/18 14:14:10 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/06/18 14:14:09 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\resutils.dll
[2014/06/18 14:14:09 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2014/06/18 14:14:09 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2014/06/18 14:14:08 | 000,447,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS
[2014/06/18 14:14:08 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2014/06/18 14:14:08 | 000,285,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys
[2014/06/18 14:13:35 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallAPI.dll
[2014/06/18 14:13:31 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/06/18 14:07:18 | 001,125,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2014/06/18 14:07:17 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll
[2014/06/18 14:07:17 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mbsmsapi.dll
[2014/06/18 14:07:17 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2014/06/18 14:07:16 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll
[2014/06/18 14:07:16 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mbsmsapi.dll
[2014/06/18 14:07:16 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncInfo.dll
[2014/06/18 14:07:05 | 001,374,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2014/06/18 14:07:05 | 001,245,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2014/06/18 14:07:05 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wvc.dll
[2014/06/18 14:07:05 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2014/06/18 14:07:05 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc.dll
[2014/06/18 14:07:05 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2014/06/18 14:07:03 | 001,258,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/06/18 14:07:03 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpedit.dll
[2014/06/18 14:07:03 | 001,075,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpedit.dll
[2014/06/18 14:07:03 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/06/18 14:07:03 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2014/06/18 13:47:20 | 000,269,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2014/06/18 13:47:20 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2014/06/18 11:45:40 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Local\Opera Software
[2014/06/18 11:45:39 | 000,000,000 | ---D | C] -- C:\Users\petr\AppData\Roaming\Opera Software
[2014/06/18 11:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
========== Files - Modified Within 30 Days ==========
[2014/07/18 06:54:34 | 000,000,062 | ---- | M] () -- C:\Users\petr\AppData\Roaming\sp_data.sys
[2014/07/18 06:52:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/17 20:46:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/17 19:33:38 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/07/17 17:22:50 | 069,732,742 | ---- | M] () -- C:\Users\petr\Desktop\Syberian Beast meets Mr. Moore - My Maid (Original Mix).mp4
[2014/07/17 16:52:29 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/17 16:48:34 | 762,970,111 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/17 16:48:34 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/07/17 15:11:21 | 000,000,512 | ---- | M] () -- C:\Users\petr\Desktop\MBR.dat
[2014/07/17 14:24:43 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/07/16 13:57:15 | 000,785,746 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014/07/16 13:57:15 | 000,730,544 | ---- | M] () -- C:\Windows\SysNative\perfh00E.dat
[2014/07/16 13:57:15 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/16 13:57:15 | 000,174,018 | ---- | M] () -- C:\Windows\SysNative\perfc00E.dat
[2014/07/16 13:57:15 | 000,159,396 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014/07/16 13:57:14 | 003,564,186 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/16 13:57:14 | 000,727,488 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014/07/16 13:57:14 | 000,148,006 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014/07/16 13:57:14 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/16 09:01:42 | 000,030,312 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2014/07/15 17:42:38 | 005,336,664 | ---- | M] () -- C:\Users\petr\Desktop\RogueKillerX64.exe
[2014/07/15 14:02:44 | 000,028,024 | ---- | M] () -- C:\Users\petr\Desktop\Výstřižek.PNG
[2014/07/15 09:42:08 | 062,804,191 | ---- | M] () -- C:\Users\petr\Desktop\Bruno Mars - The Lazy Song [OFFICIAL VIDEO].mp4
[2014/07/15 09:41:13 | 011,174,123 | ---- | M] () -- C:\Users\petr\Desktop\Michael Jackson - Smooth Criminal (Short Version).mp4
[2014/07/14 14:06:37 | 000,042,072 | ---- | M] () -- C:\Users\petr\Desktop\10530905_516540171806344_3757685075051839946_n.jpg
[2014/07/14 12:00:33 | 000,000,990 | ---- | M] () -- C:\Users\petr\Desktop\Bandicam.lnk
[2014/07/14 12:00:03 | 000,046,080 | ---- | M] () -- C:\Users\petr\Desktop\keymaker.exe
[2014/07/14 11:38:39 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/07/14 11:38:35 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/07/14 11:38:35 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/07/14 11:38:35 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/07/14 11:30:25 | 000,002,120 | ---- | M] () -- C:\Users\petr\Desktop\Minecraft.lnk
[2014/07/13 21:50:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/07/13 21:07:15 | 000,001,859 | ---- | M] () -- C:\Users\Public\Desktop\Apps.lnk
[2014/07/13 21:07:07 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2014/07/13 20:52:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/07/13 17:44:08 | 000,281,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/12 10:40:53 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/11 18:37:38 | 000,002,181 | ---- | M] () -- C:\Users\petr\Desktop\Angry Birds Seasons.lnk
[2014/07/11 18:04:29 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\Angry Birds Rio.lnk
[2014/07/11 17:38:08 | 000,001,144 | ---- | M] () -- C:\Users\petr\Desktop\Angry Birds Breakfast 2.lnk
[2014/07/11 08:52:43 | 907,605,756 | ---- | M] () -- C:\Users\petr\Desktop\MachinimaSound - Dance of the Pixies _ 1 Hour Version [READ DESC].mp4
[2014/07/11 08:52:43 | 106,605,652 | ---- | M] () -- C:\Users\petr\Desktop\MachinimaSound - Dance of the Pixies _ 1 Hour Version [READ DESC].mp3
[2014/07/09 20:25:27 | 000,083,615 | ---- | M] () -- C:\Users\petr\Desktop\Windows-81.jpg
[2014/07/09 10:58:36 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\Zuma Deluxe.lnk
[2014/07/06 08:02:44 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2014/07/01 00:42:56 | 000,394,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2014/07/01 00:42:48 | 000,702,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/07/01 00:42:48 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2014/06/28 05:35:04 | 000,556,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/06/27 10:10:06 | 000,001,200 | ---- | M] () -- C:\Users\petr\Desktop\Format Factory.lnk
[2014/06/26 22:53:24 | 000,703,968 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/06/26 22:53:24 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/06/26 10:58:40 | 000,001,987 | ---- | M] () -- C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
[2014/06/25 13:07:58 | 000,000,001 | ---- | M] () -- C:\Windows\SysWow64\SI.bin
[2014/06/25 10:00:50 | 000,002,272 | ---- | M] () -- C:\Users\Public\Desktop\Heroes of Might and Magic 4 Complete.lnk
[2014/06/25 09:57:23 | 000,001,952 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014/06/25 09:57:15 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014/06/25 09:50:35 | 000,000,907 | ---- | M] () -- C:\Users\Public\Desktop\Heroes of Might and Magic V - Hammers of Fate.lnk
[2014/06/25 09:49:06 | 000,000,929 | ---- | M] () -- C:\Users\petr\Desktop\µTorrent.lnk
[2014/06/25 09:43:27 | 000,000,891 | ---- | M] () -- C:\Users\petr\Desktop\Heroes of Might and Magic V.lnk
[2014/06/24 14:04:25 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/06/24 09:36:07 | 000,703,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NotificationUI.exe
[2014/06/24 09:35:44 | 000,010,450 | ---- | M] () -- C:\Windows\SysNative\autoconfig.cab
[2014/06/24 08:41:34 | 000,694,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/06/24 08:41:34 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/06/24 08:41:20 | 010,115,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014/06/24 08:40:27 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2014/06/24 08:39:40 | 002,307,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/06/24 08:39:31 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2014/06/24 06:08:30 | 000,567,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/06/24 06:08:30 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/06/24 06:08:21 | 008,858,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014/06/24 06:06:56 | 002,037,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/06/23 20:24:27 | 000,000,219 | ---- | M] () -- C:\Users\petr\Desktop\Team Fortress 2.url
[2014/06/23 20:13:47 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/06/23 19:54:36 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/06/23 14:12:59 | 000,001,349 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014/06/23 10:19:50 | 000,001,142 | ---- | M] () -- C:\Users\petr\Desktop\Vítejte u registrace produktu ASUS.lnk
[2014/06/19 04:12:31 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/06/19 04:12:02 | 000,915,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2014/06/19 04:12:02 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2014/06/19 04:11:04 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/06/19 04:11:01 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/06/19 04:10:56 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/06/19 04:10:33 | 003,959,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/06/19 04:10:32 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/06/19 04:10:28 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/06/19 04:10:28 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/06/19 04:10:28 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/06/19 04:10:18 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/06/19 04:10:17 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/06/19 04:09:55 | 001,508,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/06/19 02:53:42 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2014/06/19 02:53:03 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/06/19 02:53:01 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/06/19 02:52:46 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/06/19 02:52:42 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/06/19 02:52:42 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/06/19 02:52:42 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/06/19 02:52:19 | 001,440,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/06/18 11:45:30 | 000,001,131 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
========== Files Created - No Company Name ==========
[2014/07/17 19:33:38 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/07/17 17:22:50 | 069,732,742 | ---- | C] () -- C:\Users\petr\Desktop\Syberian Beast meets Mr. Moore - My Maid (Original Mix).mp4
[2014/07/17 15:11:21 | 000,000,512 | ---- | C] () -- C:\Users\petr\Desktop\MBR.dat
[2014/07/16 19:10:20 | 002,770,975 | ---- | C] () -- C:\Users\petr\Desktop\knifet.png
[2014/07/16 19:10:02 | 000,083,615 | ---- | C] () -- C:\Users\petr\Desktop\Windows-81.jpg
[2014/07/16 19:09:52 | 000,153,798 | ---- | C] () -- C:\Users\petr\Desktop\1485990_838180542876453_8117493145225186723_o.jpg
[2014/07/16 08:51:24 | 000,030,312 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2014/07/15 17:42:34 | 005,336,664 | ---- | C] () -- C:\Users\petr\Desktop\RogueKillerX64.exe
[2014/07/15 14:02:44 | 000,028,024 | ---- | C] () -- C:\Users\petr\Desktop\Výstřižek.PNG
[2014/07/15 09:41:21 | 062,804,191 | ---- | C] () -- C:\Users\petr\Desktop\Bruno Mars - The Lazy Song [OFFICIAL VIDEO].mp4
[2014/07/15 09:41:13 | 011,174,123 | ---- | C] () -- C:\Users\petr\Desktop\Michael Jackson - Smooth Criminal (Short Version).mp4
[2014/07/14 19:15:28 | 000,010,450 | ---- | C] () -- C:\Windows\SysNative\autoconfig.cab
[2014/07/14 14:06:36 | 000,042,072 | ---- | C] () -- C:\Users\petr\Desktop\10530905_516540171806344_3757685075051839946_n.jpg
[2014/07/14 12:00:33 | 000,000,990 | ---- | C] () -- C:\Users\petr\Desktop\Bandicam.lnk
[2014/07/14 12:00:03 | 000,046,080 | ---- | C] () -- C:\Users\petr\Desktop\keymaker.exe
[2014/07/14 11:45:46 | 000,000,283 | ---- | C] () -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koš.lnk
[2014/07/14 11:30:25 | 000,002,120 | ---- | C] () -- C:\Users\petr\Desktop\Minecraft.lnk
[2014/07/13 21:50:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/07/13 21:07:15 | 000,001,859 | ---- | C] () -- C:\Users\Public\Desktop\Apps.lnk
[2014/07/13 21:07:07 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2014/07/13 20:52:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/07/13 17:43:59 | 000,281,632 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/13 17:05:52 | 000,090,112 | ---- | C] () -- C:\Windows\RSetupCE.exe
[2014/07/12 10:40:53 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/11 18:34:56 | 000,002,181 | ---- | C] () -- C:\Users\petr\Desktop\Angry Birds Seasons.lnk
[2014/07/11 18:04:29 | 000,002,193 | ---- | C] () -- C:\Users\Public\Desktop\Angry Birds Rio.lnk
[2014/07/11 17:38:08 | 000,001,144 | ---- | C] () -- C:\Users\petr\Desktop\Angry Birds Breakfast 2.lnk
[2014/07/11 08:52:28 | 907,605,756 | ---- | C] () -- C:\Users\petr\Desktop\MachinimaSound - Dance of the Pixies _ 1 Hour Version [READ DESC].mp4
[2014/07/11 08:52:28 | 106,605,652 | ---- | C] () -- C:\Users\petr\Desktop\MachinimaSound - Dance of the Pixies _ 1 Hour Version [READ DESC].mp3
[2014/07/09 10:58:36 | 000,001,189 | ---- | C] () -- C:\Users\Public\Desktop\Zuma Deluxe.lnk
[2014/07/06 09:37:45 | 010,887,922 | ---- | C] () -- C:\Users\petr\Desktop\03-knife_party-bonfire.mp3
[2014/07/06 08:02:44 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2014/07/06 07:59:22 | 000,002,419 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
[2014/06/27 10:10:06 | 000,001,200 | ---- | C] () -- C:\Users\petr\Desktop\Format Factory.lnk
[2014/06/26 10:58:40 | 000,001,987 | ---- | C] () -- C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
[2014/06/25 13:07:58 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2014/06/25 10:00:50 | 000,002,272 | ---- | C] () -- C:\Users\Public\Desktop\Heroes of Might and Magic 4 Complete.lnk
[2014/06/25 09:57:23 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014/06/25 09:50:35 | 000,000,907 | ---- | C] () -- C:\Users\Public\Desktop\Heroes of Might and Magic V - Hammers of Fate.lnk
[2014/06/25 09:49:06 | 000,000,929 | ---- | C] () -- C:\Users\petr\Desktop\µTorrent.lnk
[2014/06/25 09:43:27 | 000,000,891 | ---- | C] () -- C:\Users\petr\Desktop\Heroes of Might and Magic V.lnk
[2014/06/24 14:04:25 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/06/23 20:13:47 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/06/23 19:54:36 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/06/23 14:12:59 | 000,001,349 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014/06/23 10:19:50 | 000,001,142 | ---- | C] () -- C:\Users\petr\Desktop\Vítejte u registrace produktu ASUS.lnk
[2014/06/23 10:14:31 | 000,387,268 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/06/23 10:13:57 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014/06/18 20:27:34 | 000,000,219 | ---- | C] () -- C:\Users\petr\Desktop\Team Fortress 2.url
[2014/06/18 11:45:30 | 000,001,131 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2014/06/18 11:45:30 | 000,001,131 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2014/06/16 06:59:19 | 000,000,062 | ---- | C] () -- C:\Users\petr\AppData\Roaming\sp_data.sys
[2013/08/05 08:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2013/08/05 08:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2013/07/22 04:52:54 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2013/07/22 04:52:52 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2013/07/22 04:52:52 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/05/01 13:15:31 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2012/07/26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/07/25 22:22:56 | 000,267,284 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/07/25 22:22:54 | 000,963,376 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
========== ZeroAccess Check ==========
[2014/06/25 09:41:36 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/28 10:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/28 08:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/07/10 16:12:33 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\(20-CF-30-22-91-75)
[2014/07/14 11:52:55 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\.minecraft
[2014/07/11 17:38:07 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\Angry Birds Breakfast 2
[2014/06/16 07:01:54 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\ASUS WebStorage
[2014/07/13 18:04:53 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\BANDISOFT
[2014/07/11 17:38:29 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\com.rovio.AngryBirdsBreakfast2
[2014/07/17 19:34:29 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\DAEMON Tools Lite
[2014/07/06 21:18:58 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\iFunbox_UserCache
[2014/06/22 12:43:55 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\mgyun
[2014/06/22 17:16:16 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\Might & Magic Heroes VI
[2014/06/18 11:45:39 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\Opera Software
[2014/07/11 18:37:55 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\Rovio
[2014/07/11 18:07:20 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\Rovio Entertainment Ltd
[2014/06/23 11:12:21 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\Seznam.cz
[2014/07/15 18:06:08 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\Ubisoft
[2014/07/14 11:36:51 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\uTorrent
[2014/06/23 11:12:17 | 000,000,000 | ---D | M] -- C:\Users\petr\AppData\Roaming\zhuodashi
========== Purity Check ==========
< End of report >
Re: Podezření na vir... Po zapnutí ntb nejdou někdy zvuky
extras
OTL Extras logfile created on: 18. 7. 2014 7:14:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\petr\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17028)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy
5,89 Gb Total Physical Memory | 3,75 Gb Available Physical Memory | 63,73% Memory free
6,83 Gb Paging File | 4,56 Gb Available in Paging File | 66,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,45 Gb Total Space | 206,46 Gb Free Space | 73,88% Space Free | Partition Type: NTFS
Drive D: | 397,88 Gb Total Space | 311,52 Gb Free Space | 78,30% Space Free | Partition Type: NTFS
Computer Name: PETAS | User Name: petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01106940-D7E6-4E7F-AF9C-22E069562817}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{02FE2873-1464-4471-95BB-69020F9CFB16}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{039D59B8-1F6B-42BA-9B5C-17A490B5FE6C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{06B92D16-B0CB-4E0F-8B79-642DDF998369}" = rport=138 | protocol=17 | dir=out | app=system |
"{0B09449E-06A7-43B0-985C-93A1A28D6BF6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{13F6DEC6-B147-458F-83B1-CB93B1A9BBEC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1AC89526-8C04-456C-95E0-7C2E68362113}" = rport=10243 | protocol=6 | dir=out | app=system |
"{248E404B-3756-4160-9945-89D96293EEB0}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{34516E99-2381-477F-BA9D-ACBC40B4DA1C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{34E51356-2139-4232-B1DB-283EF0B1615D}" = lport=445 | protocol=6 | dir=in | app=system |
"{37BAA9A1-64A3-4630-BF9F-127E1E288F28}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3AD5DBB5-526A-43D7-9519-FA87B30A8265}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41E4036D-E315-4426-8BEF-E39D18F74C0D}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{45D004A8-ED04-4395-A80B-AF0F20505891}" = rport=445 | protocol=6 | dir=out | app=system |
"{5AF4938D-3E23-4DA8-B711-18692D329992}" = lport=138 | protocol=17 | dir=in | app=system |
"{65637602-FB53-4210-9EA6-360B9B515AAE}" = rport=137 | protocol=17 | dir=out | app=system |
"{6882D9AD-7422-4D93-A5B6-65A44C7D5107}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6C385270-57C0-43B2-AAE5-4D13D19D5139}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6FF5C3D8-4A75-40F3-97C4-C02ED07D52AB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{77662A16-F1BB-4256-8614-9FFCA886D937}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{82A15666-C1D2-4B3B-B39C-E294ACE73911}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8C2AAD5B-F1E0-4F87-ABD7-357098DD12EB}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{8D905E87-EF6F-4BE8-82AC-E8E01FBA207A}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{8EAAF0E8-5F39-49D1-AD96-24C79FAF152B}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{9472D198-4907-4313-8AD6-1591D4DC97F8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9DF568BF-1BE4-40F8-B58A-90F91C8AEB20}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BEBF9EAA-705A-42B4-B1CF-C888290C6E6A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C5ACDBFF-95BE-4DD7-BD63-023CE9BF4C32}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C8755942-5DC2-437A-A524-535B9759BEB9}" = lport=139 | protocol=6 | dir=in | app=system |
"{C954AA4C-4BE6-4097-8C1B-97A5DB5C2F14}" = rport=139 | protocol=6 | dir=out | app=system |
"{D7760C67-55FE-4ADB-AC99-75D6D55D1B32}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D81472C4-C8AE-4F48-A80E-EE6D7D41D2C6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D8EAA188-B9E4-48BC-A409-DD5D007B439D}" = lport=137 | protocol=17 | dir=in | app=system |
"{D8ECF05D-7E35-4F92-9439-E638C7A55F4B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9BF8245-A982-4EC4-A582-AB221E5F2BDA}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{D9FDE7C5-91CF-4946-B79E-C7E264DA859C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F7884A91-D0E9-4FA1-AB33-9E7DE38B7BBF}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08C18465-5825-4BB5-8919-2FB3205576C7}" = dir=out | name=piškvorky multiplayer |
"{0D977090-02D5-4224-9F3A-D6F412F14F81}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{10B03B00-892A-4073-A6CE-7998D0FDD9B6}" = protocol=6 | dir=in | app=d:\capcom\resident evil 5\re5dx10.exe |
"{10E10AE4-5EC2-4DB5-95AF-91381E8F9EE0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{11F03EA4-E9C6-4C98-A18D-29200E73A065}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{177C01E0-92CE-4756-B9E7-B90DC4756838}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1A6F4C31-BD6D-4DC6-BD7A-A1E081585695}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{1AEC9588-DBB7-4945-B0FB-33F5878012D8}" = protocol=6 | dir=in | app=d:\capcom\resident evil 5\re5dx9.exe |
"{1F3124D6-82AD-4C6B-A6DC-A05C1A596C7E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1F61E005-B534-4601-AE5A-52C901A9C14E}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{22E41BAB-4220-4BFD-A0D0-ECB657016C4D}" = protocol=6 | dir=in | app=d:\worms 4 mayhem cz etina\assassinscreed_dx10.exe |
"{2430101F-D57A-4C56-BF5A-8D703CF29102}" = protocol=6 | dir=in | app=d:\worms 4 mayhem cz etina\assassinscreed_dx9.exe |
"{29248DD0-E42D-4B42-9B31-6FEC348383CD}" = dir=out | name=- games app - |
"{2E028C92-77E7-486C-9ACF-5C19D9C98C1C}" = protocol=17 | dir=in | app=d:\capcom\resident evil 5\re5dx9.exe |
"{30E3E758-D419-4D03-AD25-97EC6AE4114C}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{31377E35-A828-4B60-B567-5E136B786272}" = dir=out | name=prší: prázdninová edice |
"{32245A15-3127-4C81-B8D1-A71041508870}" = dir=in | name=microsoft solitaire collection |
"{336F6486-EC16-44EF-8F74-02947DF3B6E9}" = protocol=17 | dir=in | app=d:\worms 4 mayhem cz etina\assassinscreed_dx9.exe |
"{3770F7E2-7B99-4E6E-AC69-4862C10842D7}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3EE75A72-6D45-4FF8-9DF9-D4DBCCAB2C42}" = dir=out | name=tube free |
"{402A5650-BD8C-4AD2-8A41-6741E315E6E4}" = dir=out | name=fresh paint |
"{44990372-CB63-4009-BF86-868B49D7C1BA}" = dir=out | name=microsoft mahjong |
"{45F52BA5-D82C-43F0-8C89-5E0D4A0C07C9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4C44E3A9-B413-47F7-8D95-969F5482E333}" = dir=in | name=@{magix.musicmakerjam_2.1.1025.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{4F051786-0F32-49BD-AC39-9CD913008D6B}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{4F42CB98-7F7E-4193-92BB-86C29D3BE6C4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{4F6B47FA-EAFC-48AC-957A-9BA9A004C844}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{505AF17F-25E4-453F-A77A-6D2C91388132}" = dir=in | name=@{microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{506941F4-D3A3-4013-BC70-32C367A97A9B}" = dir=out | name=@{microsoft.bingtravel_2.0.0.319_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{553EC27F-98BA-49A5-B614-BB037A898F29}" = dir=out | name=microsoft solitaire collection |
"{57302207-0AD3-4C6F-99B4-1313C38A32EB}" = dir=out | name=fhotoroom |
"{57CED4BC-8539-47DC-82F2-070124B17D5E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{599546BF-9BFC-4789-B2E2-3883795F10A6}" = dir=in | name=skype |
"{5AE39B98-6FB6-48EE-ADF2-E4FB9BB1A5F1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5FA029DF-E86C-4993-A1B9-8B36BD7312EF}" = dir=out | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{6FDCA706-BFC1-4A68-AC98-ACBABCE154FA}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{76D4FE09-9AD6-4B5C-9E1D-CCE60482C6DE}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{79595739-98AA-4261-85CB-9E7A73F851D5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7D57096D-4F08-44AA-B237-8839A693D3B5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7E7BCAE3-F18A-4017-82BF-F576A80F9400}" = dir=out | name=@{magix.musicmakerjam_2.1.1025.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{7E99B3D7-F250-47E1-BAFD-D89CFDF97B0C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{81219BD9-F4B2-4DAC-A2B2-13B02538E873}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8123B771-1127-4AFD-9AF3-0AA1C37203BD}" = dir=out | name=phototastic |
"{812D26A6-DC82-4743-AB2E-74D58BA8936B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{83822EB6-941A-433E-9F21-CF71F70C6DC1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8A45F208-DDB0-4472-AE01-4FA95B459CB4}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{8B2BC9A7-D74F-4301-B32E-20D11D79D984}" = dir=in | name=microsoft mahjong |
"{8CCB08CB-8FDD-4BC3-8360-B4B51653B401}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8DD0E335-E015-4B2A-97ED-94166AD51688}" = dir=in | name=pinball fx2 |
"{91EAFDF7-6BA5-4F1A-A593-EDEA3AE6B658}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{97126C66-C764-4A30-AE16-29F7BDA7FE3C}" = protocol=6 | dir=in | app=d:\worms 4 mayhem cz etina\assassinscreed_launcher.exe |
"{975814B4-283C-4B00-9BF6-2D6D75AF3BC9}" = dir=out | name=pinball fx2 |
"{97829E4F-C542-4ACA-91BB-90C48B32D538}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{9F9E5D4F-770D-4DF1-AF21-7C5578540F10}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{A1C40A5F-EA15-45E4-8BAB-F4EFA4B74681}" = dir=out | name=windows_ie_ac_001 |
"{A8845E15-DFEB-466E-8C78-3233214F4167}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A884812D-32D4-4162-8035-67598B9D2D8C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ADE096AC-9396-4C43-817C-1E3CFD8E0174}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AECDB5C4-5095-4DA5-AC20-28D96875FD3D}" = dir=out | name=@{microsoft.zunevideo_1.5.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{AF702977-4330-41DC-B7EB-971528C7BDD5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{AFD89999-B7A7-41C5-B680-6F8DA7BE0849}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B6E9EAD4-4E6D-4597-A9C1-B570EC5D3D5C}" = protocol=17 | dir=in | app=d:\capcom\resident evil 5\re5dx10.exe |
"{B84151C5-D75C-449A-B0CF-6B1DA56D462E}" = protocol=6 | dir=out | app=system |
"{B8866AD1-0CA7-4BBD-95B2-563D6EDD7330}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{BA49F8AC-6AA7-4D7C-BFEC-5E14245BDD50}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{BD894762-71A3-4450-8A08-313F425AEF08}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4396.311_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{C0D41D41-8256-4235-9EA9-B1A179A629D2}" = dir=out | name=česká rádia |
"{C6285FDC-A548-4D87-A3DC-C0ECF98B26EF}" = protocol=17 | dir=in | app=d:\worms 4 mayhem cz etina\assassinscreed_launcher.exe |
"{C760AD07-EADB-448C-B25E-12B081EE095A}" = dir=out | name=@{microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{C77F9EAE-7259-4520-AA75-A513C57E2E9C}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{C9F4F847-D3CB-4345-B31C-8B7841BB4F2A}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{CF110581-E369-4E3C-A258-A6F22555C6E7}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{D25FB456-759D-41F5-A2F3-408869ACD6D6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{D47970E7-07EC-440E-B6B6-D0520BB159A6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D95395D4-F9DE-45EC-AF01-C53AA6938D74}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DA985B5C-DF11-4D2F-B6C3-61E7ADED5B57}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DAE373D2-A4FE-45B2-81E7-5F4797C2DE05}" = dir=out | name=skype |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E852CB76-BC46-4097-8391-D8FF0B52B66B}" = dir=out | name=photo editor |
"{EBD0F524-DA6A-4F49-9617-B7F87BF93D48}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EBFD3B94-A923-46AF-AC31-0A84FEF02502}" = dir=out | name=spider solitaire ! |
"{F654CBD0-AF64-40F9-845C-F4251687C564}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F75587D0-F2D9-498D-8529-E67EFB248AB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F87D04FD-0719-46EC-AB2A-52E71146CF3D}" = protocol=17 | dir=in | app=d:\worms 4 mayhem cz etina\assassinscreed_dx10.exe |
"TCP Query User{155BB2C3-58B9-42C0-BD50-9A62828B26D7}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{1CC202F9-4579-4F4F-8C3A-713126C7370A}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"TCP Query User{4ECF4F3F-E55B-4944-A692-AA95DCDA760C}C:\users\petr\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\petr\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{56E36219-FFDD-4989-BE9E-06EDCC98C698}C:\users\petr\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\petr\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{7284FCD5-208D-49A6-876A-7DC83A23B1A1}D:\steam\steamapps\common\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\team fortress 2\hl2.exe |
"TCP Query User{7B4F820A-F482-4CC1-BFC4-B4CDE69C0509}D:\might.and.magic.heroes.vi-skidrow\bina1\h5_game.exe" = protocol=6 | dir=in | app=d:\might.and.magic.heroes.vi-skidrow\bina1\h5_game.exe |
"TCP Query User{BDD52F83-15E2-45C6-9570-0A7751BACEAB}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{F5ECAD82-6ACC-4F6E-8D41-E167F5A27A02}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{20EBE12D-8804-4DFB-96E3-41B1CD1ED25B}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{3EAED466-3434-47FC-A6F2-95C31017C314}C:\users\petr\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\petr\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{81910CAD-D99F-49A1-96A5-A68812F39ADC}D:\steam\steamapps\common\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\team fortress 2\hl2.exe |
"UDP Query User{87420E92-6585-4E05-819D-515906C4B49A}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{AAA86A97-CC25-4BBC-8DEF-09A759F8E298}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{C3FF9A79-793A-4972-B35A-3D08BA1085B2}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"UDP Query User{D1A3A150-C14D-4613-8154-FF31871270C3}D:\might.and.magic.heroes.vi-skidrow\bina1\h5_game.exe" = protocol=17 | dir=in | app=d:\might.and.magic.heroes.vi-skidrow\bina1\h5_game.exe |
"UDP Query User{EC23F756-5A25-4114-B6CA-133C2FC879B5}C:\users\petr\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\petr\appdata\roaming\utorrent\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04E87298-12FC-47DF-99FB-A948527F3977}" = ESET NOD32 Antivirus
"{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}" = ASUS Screen Saver
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.0.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"1016059FBF327ED9E3BAE758BD08CF10D3C6252D" = Windows Driver Package - ASUS (ATP) Mouse (05/09/2013 1.0.0.173)
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.25
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0DF95460-2887-4011-9344-1959CDF18ADC}" = Photo Common
"{1AFACC2A-9A60-43EF-ABDB-2CEECA5EA77F}" = BlueStacks Notification Center
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{49110532-D289-4BFF-807C-45B782E66A7C}" = Photo Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture
"{56232E3D-7EA9-45E0-A371-26CD80510AF7}" = Windows Live UX Platform Language Pack
"{63824BC0-B747-43F3-9863-1066D64AD919}" = Photo Gallery
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66FF4C48-0083-4E60-8556-B883AB212392}" = Heroes of Might and Magic V - Tribes of the East
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}" = Windows Live Essentials
"{6DA44563-279B-4F07-B8B0-BA97596850C4}" = Angry Birds Breakfast 2
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{749F674B-2674-47E8-879C-5626A06B2A91}" = ASUS InstantOn
"{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii
"{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}" = Windows Live Essentials
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7E9A63B3-8572-4A4B-9F87-3C2A873BBC55}" = Windows Live UX Platform Language Pack
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{857BC375-BCFB-474E-9BD9-7EBB18EC55E0}" = Windows Live Essentials
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}" = Movie Maker
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}" = Fotogaléria
"{9B22D57A-5338-49A5-AC08-70FE3E8B878B}" = Heroes of Might and Magic V
"{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}" = Movie Maker
"{A035950F-15BA-41C0-9D8F-165FC0536012}" = Movie Maker
"{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}" = Fotogalerie
"{A47EA9D4-BB87-415E-9239-28860434E5A0}" = Movie Maker
"{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{B4319C53-25C7-46BC-B27E-F8A71BA6C1EB}" = Angry Birds Rio
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}" = Windows Live Essentials
"{C67BC332-A59A-4D40-977F-664F60AB21D8}" = Photo Common
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18F981B-401C-4D90-BC57-D8903564D558}" = Windows Live UX Platform Language Pack
"{E50E3DBC-46AA-4827-B2A6-F995D81DF526}" = Fotótár
"{EB91007A-0110-42A6-B869-2709955A9B2A}" = Photo Common
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EEF7568A-BD2C-42B7-A22E-6D55EA287C34}" = Heroes of Might and Magic V - Hammers of Fate
"{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}" = Windows Live UX Platform Language Pack
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Angry Birds Seasons4.0.1.0" = Angry Birds Seasons
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage Sync Agent
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BlueStacks App Player" = BlueStacks App Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"FormatFactory" = FormatFactory 3.3.1.0
"Heroes of Might and Magic 4 Complete_is1" = Heroes of Might and Magic 4 Complete
"iFunbox_is1" = iFunbox (v2.8.2414.748), iFunbox DevTeam
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.2.1012
"Minecraft1.7.2" = Minecraft1.7.2
"Mozilla Firefox 30.0 (x86 cs)" = Mozilla Firefox 30.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3 Knife_is1" = Mp3 Knife 3.6
"MyBitCast" = MyBitCast 2.0
"Opera 22.0.1471.70" = Opera Stable 22.0.1471.70
"pcsx2-r5350" = PCSX2 - Playstation 2 Emulator
"Resco Picture Viewer" = Resco Picture Viewer
"Steam" = Steam
"Steam App 440" = Team Fortress 2
"VLC media player" = VLC media player 2.1.3
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WTA-1137fe53-d992-40ce-a7c1-592d61593a12" = Cut the Rope
"WTA-1aa96af5-7897-4b52-871b-5672bf2a93b1" = Peggle
"WTA-2f1b39cc-83cd-4559-b10f-61626726b133" = Bejeweled 3
"WTA-2f3263a5-c48e-44bb-8641-562ea5476a87" = Azteca
"WTA-6c851d85-eca4-4ecf-853a-81473e512af5" = Tales of Lagoona
"WTA-f7af5d5d-ca08-4f1e-b605-50cc7e4d969d" = Penguins!
"Zuma Deluxe 1.0" = Zuma Deluxe 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16. 7. 2014 7:56:00 | Computer Name = Petas | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_RapiMgr, verze: 6.2.9200.16420,
časové razítko: 0x505a9a4e Název chybujícího modulu: ntdll.dll, verze: 6.2.9200.16912,
časové razítko: 0x536464ba Kód výjimky: 0xc0000008 Posun chyby: 0x0000000000004b59
ID
chybujícího procesu: 0x10b0 Čas spuštění chybující aplikace: 0x01cfa0cd2c43b620 Cesta
k chybující aplikaci: C:\Windows\system32\svchost.exe Cesta k chybujícímu modulu:
C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 26ebdca1-0ce0-11e4-be89-240a6415fe1c Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:
Error - 16. 7. 2014 8:04:20 | Computer Name = Petas | Source = RapiMgr | ID = 8
Description = Zařízení se systémem Windows Mobile se nepodařilo připojit z důvodu
chyby communication (0x80072745) (viz data pro kód chyby).
Error - 16. 7. 2014 12:30:16 | Computer Name = Petas | Source = Application Error | ID = 1000
Description = Název chybující aplikace: InsOnCfg.exe, verze: 3.0.5.0, časové razítko:
0x50876377 Název chybujícího modulu: MetroInfo.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x4fa72cc9 Kód výjimky: 0xc0000005 Posun chyby: 0x70f78b38 ID chybujícího
procesu: 0x13fc Čas spuštění chybující aplikace: 0x01cfa1132c3c0da4 Cesta k chybující
aplikaci: C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe Cesta k chybujícímu
modulu: MetroInfo.dll ID zprávy: 776e9f08-0d06-11e4-be89-240a6415fe1c Úplný název
chybujícího balíčku: ID aplikace související s chybujícím balíčkem:
Error - 17. 7. 2014 8:14:55 | Computer Name = Petas | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =
Error - 17. 7. 2014 8:16:52 | Computer Name = Petas | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error - 17. 7. 2014 10:48:57 | Computer Name = Petas | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error - 17. 7. 2014 14:04:47 | Computer Name = Petas | Source = .NET Runtime | ID = 1026
Description =
Error - 17. 7. 2014 14:04:52 | Computer Name = Petas | Source = .NET Runtime | ID = 1026
Description =
Error - 17. 7. 2014 14:05:05 | Computer Name = Petas | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Aplikace 41544BlastOffGames.SpiderSolitaire_qy5fmezmgqez0!App se nespustila
ve stanovenou dobu.
Error - 18. 7. 2014 0:53:08 | Computer Name = Petas | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ System Events ]
Error - 17. 7. 2014 7:59:28 | Computer Name = Petas | Source = Application Popup | ID = 1060
Description =
Error - 17. 7. 2014 7:59:28 | Computer Name = Petas | Source = Application Popup | ID = 1060
Description =
Error - 17. 7. 2014 8:02:06 | Computer Name = Petas | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 17. 7. 2014 8:05:55 | Computer Name = Petas | Source = Application Popup | ID = 1060
Description =
Error - 17. 7. 2014 8:05:55 | Computer Name = Petas | Source = Application Popup | ID = 1060
Description =
Error - 17. 7. 2014 8:13:31 | Computer Name = Petas | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 17. 7. 2014 8:14:22 | Computer Name = Petas | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 17. 7. 2014 8:16:52 | Computer Name = Petas | Source = Service Control Manager | ID = 7023
Description = Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064
Error - 17. 7. 2014 10:48:57 | Computer Name = Petas | Source = Service Control Manager | ID = 7023
Description = Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064
Error - 17. 7. 2014 14:04:52 | Computer Name = Petas | Source = DCOM | ID = 10016
Description =
< End of report >
OTL Extras logfile created on: 18. 7. 2014 7:14:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\petr\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17028)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy
5,89 Gb Total Physical Memory | 3,75 Gb Available Physical Memory | 63,73% Memory free
6,83 Gb Paging File | 4,56 Gb Available in Paging File | 66,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,45 Gb Total Space | 206,46 Gb Free Space | 73,88% Space Free | Partition Type: NTFS
Drive D: | 397,88 Gb Total Space | 311,52 Gb Free Space | 78,30% Space Free | Partition Type: NTFS
Computer Name: PETAS | User Name: petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01106940-D7E6-4E7F-AF9C-22E069562817}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{02FE2873-1464-4471-95BB-69020F9CFB16}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{039D59B8-1F6B-42BA-9B5C-17A490B5FE6C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{06B92D16-B0CB-4E0F-8B79-642DDF998369}" = rport=138 | protocol=17 | dir=out | app=system |
"{0B09449E-06A7-43B0-985C-93A1A28D6BF6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{13F6DEC6-B147-458F-83B1-CB93B1A9BBEC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1AC89526-8C04-456C-95E0-7C2E68362113}" = rport=10243 | protocol=6 | dir=out | app=system |
"{248E404B-3756-4160-9945-89D96293EEB0}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{34516E99-2381-477F-BA9D-ACBC40B4DA1C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{34E51356-2139-4232-B1DB-283EF0B1615D}" = lport=445 | protocol=6 | dir=in | app=system |
"{37BAA9A1-64A3-4630-BF9F-127E1E288F28}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3AD5DBB5-526A-43D7-9519-FA87B30A8265}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41E4036D-E315-4426-8BEF-E39D18F74C0D}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{45D004A8-ED04-4395-A80B-AF0F20505891}" = rport=445 | protocol=6 | dir=out | app=system |
"{5AF4938D-3E23-4DA8-B711-18692D329992}" = lport=138 | protocol=17 | dir=in | app=system |
"{65637602-FB53-4210-9EA6-360B9B515AAE}" = rport=137 | protocol=17 | dir=out | app=system |
"{6882D9AD-7422-4D93-A5B6-65A44C7D5107}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6C385270-57C0-43B2-AAE5-4D13D19D5139}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6FF5C3D8-4A75-40F3-97C4-C02ED07D52AB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{77662A16-F1BB-4256-8614-9FFCA886D937}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{82A15666-C1D2-4B3B-B39C-E294ACE73911}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8C2AAD5B-F1E0-4F87-ABD7-357098DD12EB}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{8D905E87-EF6F-4BE8-82AC-E8E01FBA207A}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{8EAAF0E8-5F39-49D1-AD96-24C79FAF152B}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{9472D198-4907-4313-8AD6-1591D4DC97F8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9DF568BF-1BE4-40F8-B58A-90F91C8AEB20}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BEBF9EAA-705A-42B4-B1CF-C888290C6E6A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C5ACDBFF-95BE-4DD7-BD63-023CE9BF4C32}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C8755942-5DC2-437A-A524-535B9759BEB9}" = lport=139 | protocol=6 | dir=in | app=system |
"{C954AA4C-4BE6-4097-8C1B-97A5DB5C2F14}" = rport=139 | protocol=6 | dir=out | app=system |
"{D7760C67-55FE-4ADB-AC99-75D6D55D1B32}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D81472C4-C8AE-4F48-A80E-EE6D7D41D2C6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D8EAA188-B9E4-48BC-A409-DD5D007B439D}" = lport=137 | protocol=17 | dir=in | app=system |
"{D8ECF05D-7E35-4F92-9439-E638C7A55F4B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9BF8245-A982-4EC4-A582-AB221E5F2BDA}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{D9FDE7C5-91CF-4946-B79E-C7E264DA859C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F7884A91-D0E9-4FA1-AB33-9E7DE38B7BBF}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08C18465-5825-4BB5-8919-2FB3205576C7}" = dir=out | name=piškvorky multiplayer |
"{0D977090-02D5-4224-9F3A-D6F412F14F81}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{10B03B00-892A-4073-A6CE-7998D0FDD9B6}" = protocol=6 | dir=in | app=d:\capcom\resident evil 5\re5dx10.exe |
"{10E10AE4-5EC2-4DB5-95AF-91381E8F9EE0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{11F03EA4-E9C6-4C98-A18D-29200E73A065}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{177C01E0-92CE-4756-B9E7-B90DC4756838}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1A6F4C31-BD6D-4DC6-BD7A-A1E081585695}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{1AEC9588-DBB7-4945-B0FB-33F5878012D8}" = protocol=6 | dir=in | app=d:\capcom\resident evil 5\re5dx9.exe |
"{1F3124D6-82AD-4C6B-A6DC-A05C1A596C7E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1F61E005-B534-4601-AE5A-52C901A9C14E}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{22E41BAB-4220-4BFD-A0D0-ECB657016C4D}" = protocol=6 | dir=in | app=d:\worms 4 mayhem cz etina\assassinscreed_dx10.exe |
"{2430101F-D57A-4C56-BF5A-8D703CF29102}" = protocol=6 | dir=in | app=d:\worms 4 mayhem cz etina\assassinscreed_dx9.exe |
"{29248DD0-E42D-4B42-9B31-6FEC348383CD}" = dir=out | name=- games app - |
"{2E028C92-77E7-486C-9ACF-5C19D9C98C1C}" = protocol=17 | dir=in | app=d:\capcom\resident evil 5\re5dx9.exe |
"{30E3E758-D419-4D03-AD25-97EC6AE4114C}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{31377E35-A828-4B60-B567-5E136B786272}" = dir=out | name=prší: prázdninová edice |
"{32245A15-3127-4C81-B8D1-A71041508870}" = dir=in | name=microsoft solitaire collection |
"{336F6486-EC16-44EF-8F74-02947DF3B6E9}" = protocol=17 | dir=in | app=d:\worms 4 mayhem cz etina\assassinscreed_dx9.exe |
"{3770F7E2-7B99-4E6E-AC69-4862C10842D7}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3EE75A72-6D45-4FF8-9DF9-D4DBCCAB2C42}" = dir=out | name=tube free |
"{402A5650-BD8C-4AD2-8A41-6741E315E6E4}" = dir=out | name=fresh paint |
"{44990372-CB63-4009-BF86-868B49D7C1BA}" = dir=out | name=microsoft mahjong |
"{45F52BA5-D82C-43F0-8C89-5E0D4A0C07C9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4C44E3A9-B413-47F7-8D95-969F5482E333}" = dir=in | name=@{magix.musicmakerjam_2.1.1025.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{4F051786-0F32-49BD-AC39-9CD913008D6B}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{4F42CB98-7F7E-4193-92BB-86C29D3BE6C4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{4F6B47FA-EAFC-48AC-957A-9BA9A004C844}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{505AF17F-25E4-453F-A77A-6D2C91388132}" = dir=in | name=@{microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{506941F4-D3A3-4013-BC70-32C367A97A9B}" = dir=out | name=@{microsoft.bingtravel_2.0.0.319_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{553EC27F-98BA-49A5-B614-BB037A898F29}" = dir=out | name=microsoft solitaire collection |
"{57302207-0AD3-4C6F-99B4-1313C38A32EB}" = dir=out | name=fhotoroom |
"{57CED4BC-8539-47DC-82F2-070124B17D5E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{599546BF-9BFC-4789-B2E2-3883795F10A6}" = dir=in | name=skype |
"{5AE39B98-6FB6-48EE-ADF2-E4FB9BB1A5F1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5FA029DF-E86C-4993-A1B9-8B36BD7312EF}" = dir=out | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{6FDCA706-BFC1-4A68-AC98-ACBABCE154FA}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{76D4FE09-9AD6-4B5C-9E1D-CCE60482C6DE}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{79595739-98AA-4261-85CB-9E7A73F851D5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7D57096D-4F08-44AA-B237-8839A693D3B5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7E7BCAE3-F18A-4017-82BF-F576A80F9400}" = dir=out | name=@{magix.musicmakerjam_2.1.1025.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{7E99B3D7-F250-47E1-BAFD-D89CFDF97B0C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{81219BD9-F4B2-4DAC-A2B2-13B02538E873}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8123B771-1127-4AFD-9AF3-0AA1C37203BD}" = dir=out | name=phototastic |
"{812D26A6-DC82-4743-AB2E-74D58BA8936B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{83822EB6-941A-433E-9F21-CF71F70C6DC1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8A45F208-DDB0-4472-AE01-4FA95B459CB4}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{8B2BC9A7-D74F-4301-B32E-20D11D79D984}" = dir=in | name=microsoft mahjong |
"{8CCB08CB-8FDD-4BC3-8360-B4B51653B401}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8DD0E335-E015-4B2A-97ED-94166AD51688}" = dir=in | name=pinball fx2 |
"{91EAFDF7-6BA5-4F1A-A593-EDEA3AE6B658}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{97126C66-C764-4A30-AE16-29F7BDA7FE3C}" = protocol=6 | dir=in | app=d:\worms 4 mayhem cz etina\assassinscreed_launcher.exe |
"{975814B4-283C-4B00-9BF6-2D6D75AF3BC9}" = dir=out | name=pinball fx2 |
"{97829E4F-C542-4ACA-91BB-90C48B32D538}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{9F9E5D4F-770D-4DF1-AF21-7C5578540F10}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{A1C40A5F-EA15-45E4-8BAB-F4EFA4B74681}" = dir=out | name=windows_ie_ac_001 |
"{A8845E15-DFEB-466E-8C78-3233214F4167}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A884812D-32D4-4162-8035-67598B9D2D8C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ADE096AC-9396-4C43-817C-1E3CFD8E0174}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AECDB5C4-5095-4DA5-AC20-28D96875FD3D}" = dir=out | name=@{microsoft.zunevideo_1.5.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{AF702977-4330-41DC-B7EB-971528C7BDD5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{AFD89999-B7A7-41C5-B680-6F8DA7BE0849}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B6E9EAD4-4E6D-4597-A9C1-B570EC5D3D5C}" = protocol=17 | dir=in | app=d:\capcom\resident evil 5\re5dx10.exe |
"{B84151C5-D75C-449A-B0CF-6B1DA56D462E}" = protocol=6 | dir=out | app=system |
"{B8866AD1-0CA7-4BBD-95B2-563D6EDD7330}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{BA49F8AC-6AA7-4D7C-BFEC-5E14245BDD50}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{BD894762-71A3-4450-8A08-313F425AEF08}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4396.311_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{C0D41D41-8256-4235-9EA9-B1A179A629D2}" = dir=out | name=česká rádia |
"{C6285FDC-A548-4D87-A3DC-C0ECF98B26EF}" = protocol=17 | dir=in | app=d:\worms 4 mayhem cz etina\assassinscreed_launcher.exe |
"{C760AD07-EADB-448C-B25E-12B081EE095A}" = dir=out | name=@{microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{C77F9EAE-7259-4520-AA75-A513C57E2E9C}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{C9F4F847-D3CB-4345-B31C-8B7841BB4F2A}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{CF110581-E369-4E3C-A258-A6F22555C6E7}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{D25FB456-759D-41F5-A2F3-408869ACD6D6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{D47970E7-07EC-440E-B6B6-D0520BB159A6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D95395D4-F9DE-45EC-AF01-C53AA6938D74}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DA985B5C-DF11-4D2F-B6C3-61E7ADED5B57}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DAE373D2-A4FE-45B2-81E7-5F4797C2DE05}" = dir=out | name=skype |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E852CB76-BC46-4097-8391-D8FF0B52B66B}" = dir=out | name=photo editor |
"{EBD0F524-DA6A-4F49-9617-B7F87BF93D48}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EBFD3B94-A923-46AF-AC31-0A84FEF02502}" = dir=out | name=spider solitaire ! |
"{F654CBD0-AF64-40F9-845C-F4251687C564}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F75587D0-F2D9-498D-8529-E67EFB248AB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F87D04FD-0719-46EC-AB2A-52E71146CF3D}" = protocol=17 | dir=in | app=d:\worms 4 mayhem cz etina\assassinscreed_dx10.exe |
"TCP Query User{155BB2C3-58B9-42C0-BD50-9A62828B26D7}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{1CC202F9-4579-4F4F-8C3A-713126C7370A}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"TCP Query User{4ECF4F3F-E55B-4944-A692-AA95DCDA760C}C:\users\petr\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\petr\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{56E36219-FFDD-4989-BE9E-06EDCC98C698}C:\users\petr\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\petr\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{7284FCD5-208D-49A6-876A-7DC83A23B1A1}D:\steam\steamapps\common\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\team fortress 2\hl2.exe |
"TCP Query User{7B4F820A-F482-4CC1-BFC4-B4CDE69C0509}D:\might.and.magic.heroes.vi-skidrow\bina1\h5_game.exe" = protocol=6 | dir=in | app=d:\might.and.magic.heroes.vi-skidrow\bina1\h5_game.exe |
"TCP Query User{BDD52F83-15E2-45C6-9570-0A7751BACEAB}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{F5ECAD82-6ACC-4F6E-8D41-E167F5A27A02}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{20EBE12D-8804-4DFB-96E3-41B1CD1ED25B}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{3EAED466-3434-47FC-A6F2-95C31017C314}C:\users\petr\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\petr\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{81910CAD-D99F-49A1-96A5-A68812F39ADC}D:\steam\steamapps\common\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\team fortress 2\hl2.exe |
"UDP Query User{87420E92-6585-4E05-819D-515906C4B49A}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{AAA86A97-CC25-4BBC-8DEF-09A759F8E298}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{C3FF9A79-793A-4972-B35A-3D08BA1085B2}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"UDP Query User{D1A3A150-C14D-4613-8154-FF31871270C3}D:\might.and.magic.heroes.vi-skidrow\bina1\h5_game.exe" = protocol=17 | dir=in | app=d:\might.and.magic.heroes.vi-skidrow\bina1\h5_game.exe |
"UDP Query User{EC23F756-5A25-4114-B6CA-133C2FC879B5}C:\users\petr\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\petr\appdata\roaming\utorrent\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04E87298-12FC-47DF-99FB-A948527F3977}" = ESET NOD32 Antivirus
"{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}" = ASUS Screen Saver
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.0.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"1016059FBF327ED9E3BAE758BD08CF10D3C6252D" = Windows Driver Package - ASUS (ATP) Mouse (05/09/2013 1.0.0.173)
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.25
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0DF95460-2887-4011-9344-1959CDF18ADC}" = Photo Common
"{1AFACC2A-9A60-43EF-ABDB-2CEECA5EA77F}" = BlueStacks Notification Center
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{49110532-D289-4BFF-807C-45B782E66A7C}" = Photo Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture
"{56232E3D-7EA9-45E0-A371-26CD80510AF7}" = Windows Live UX Platform Language Pack
"{63824BC0-B747-43F3-9863-1066D64AD919}" = Photo Gallery
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66FF4C48-0083-4E60-8556-B883AB212392}" = Heroes of Might and Magic V - Tribes of the East
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}" = Windows Live Essentials
"{6DA44563-279B-4F07-B8B0-BA97596850C4}" = Angry Birds Breakfast 2
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{749F674B-2674-47E8-879C-5626A06B2A91}" = ASUS InstantOn
"{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii
"{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}" = Windows Live Essentials
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7E9A63B3-8572-4A4B-9F87-3C2A873BBC55}" = Windows Live UX Platform Language Pack
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{857BC375-BCFB-474E-9BD9-7EBB18EC55E0}" = Windows Live Essentials
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}" = Movie Maker
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}" = Fotogaléria
"{9B22D57A-5338-49A5-AC08-70FE3E8B878B}" = Heroes of Might and Magic V
"{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}" = Movie Maker
"{A035950F-15BA-41C0-9D8F-165FC0536012}" = Movie Maker
"{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}" = Fotogalerie
"{A47EA9D4-BB87-415E-9239-28860434E5A0}" = Movie Maker
"{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{B4319C53-25C7-46BC-B27E-F8A71BA6C1EB}" = Angry Birds Rio
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}" = Windows Live Essentials
"{C67BC332-A59A-4D40-977F-664F60AB21D8}" = Photo Common
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18F981B-401C-4D90-BC57-D8903564D558}" = Windows Live UX Platform Language Pack
"{E50E3DBC-46AA-4827-B2A6-F995D81DF526}" = Fotótár
"{EB91007A-0110-42A6-B869-2709955A9B2A}" = Photo Common
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EEF7568A-BD2C-42B7-A22E-6D55EA287C34}" = Heroes of Might and Magic V - Hammers of Fate
"{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}" = Windows Live UX Platform Language Pack
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Angry Birds Seasons4.0.1.0" = Angry Birds Seasons
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage Sync Agent
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BlueStacks App Player" = BlueStacks App Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"FormatFactory" = FormatFactory 3.3.1.0
"Heroes of Might and Magic 4 Complete_is1" = Heroes of Might and Magic 4 Complete
"iFunbox_is1" = iFunbox (v2.8.2414.748), iFunbox DevTeam
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.2.1012
"Minecraft1.7.2" = Minecraft1.7.2
"Mozilla Firefox 30.0 (x86 cs)" = Mozilla Firefox 30.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3 Knife_is1" = Mp3 Knife 3.6
"MyBitCast" = MyBitCast 2.0
"Opera 22.0.1471.70" = Opera Stable 22.0.1471.70
"pcsx2-r5350" = PCSX2 - Playstation 2 Emulator
"Resco Picture Viewer" = Resco Picture Viewer
"Steam" = Steam
"Steam App 440" = Team Fortress 2
"VLC media player" = VLC media player 2.1.3
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WTA-1137fe53-d992-40ce-a7c1-592d61593a12" = Cut the Rope
"WTA-1aa96af5-7897-4b52-871b-5672bf2a93b1" = Peggle
"WTA-2f1b39cc-83cd-4559-b10f-61626726b133" = Bejeweled 3
"WTA-2f3263a5-c48e-44bb-8641-562ea5476a87" = Azteca
"WTA-6c851d85-eca4-4ecf-853a-81473e512af5" = Tales of Lagoona
"WTA-f7af5d5d-ca08-4f1e-b605-50cc7e4d969d" = Penguins!
"Zuma Deluxe 1.0" = Zuma Deluxe 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16. 7. 2014 7:56:00 | Computer Name = Petas | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_RapiMgr, verze: 6.2.9200.16420,
časové razítko: 0x505a9a4e Název chybujícího modulu: ntdll.dll, verze: 6.2.9200.16912,
časové razítko: 0x536464ba Kód výjimky: 0xc0000008 Posun chyby: 0x0000000000004b59
ID
chybujícího procesu: 0x10b0 Čas spuštění chybující aplikace: 0x01cfa0cd2c43b620 Cesta
k chybující aplikaci: C:\Windows\system32\svchost.exe Cesta k chybujícímu modulu:
C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 26ebdca1-0ce0-11e4-be89-240a6415fe1c Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:
Error - 16. 7. 2014 8:04:20 | Computer Name = Petas | Source = RapiMgr | ID = 8
Description = Zařízení se systémem Windows Mobile se nepodařilo připojit z důvodu
chyby communication (0x80072745) (viz data pro kód chyby).
Error - 16. 7. 2014 12:30:16 | Computer Name = Petas | Source = Application Error | ID = 1000
Description = Název chybující aplikace: InsOnCfg.exe, verze: 3.0.5.0, časové razítko:
0x50876377 Název chybujícího modulu: MetroInfo.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x4fa72cc9 Kód výjimky: 0xc0000005 Posun chyby: 0x70f78b38 ID chybujícího
procesu: 0x13fc Čas spuštění chybující aplikace: 0x01cfa1132c3c0da4 Cesta k chybující
aplikaci: C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe Cesta k chybujícímu
modulu: MetroInfo.dll ID zprávy: 776e9f08-0d06-11e4-be89-240a6415fe1c Úplný název
chybujícího balíčku: ID aplikace související s chybujícím balíčkem:
Error - 17. 7. 2014 8:14:55 | Computer Name = Petas | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =
Error - 17. 7. 2014 8:16:52 | Computer Name = Petas | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error - 17. 7. 2014 10:48:57 | Computer Name = Petas | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error - 17. 7. 2014 14:04:47 | Computer Name = Petas | Source = .NET Runtime | ID = 1026
Description =
Error - 17. 7. 2014 14:04:52 | Computer Name = Petas | Source = .NET Runtime | ID = 1026
Description =
Error - 17. 7. 2014 14:05:05 | Computer Name = Petas | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Aplikace 41544BlastOffGames.SpiderSolitaire_qy5fmezmgqez0!App se nespustila
ve stanovenou dobu.
Error - 18. 7. 2014 0:53:08 | Computer Name = Petas | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ System Events ]
Error - 17. 7. 2014 7:59:28 | Computer Name = Petas | Source = Application Popup | ID = 1060
Description =
Error - 17. 7. 2014 7:59:28 | Computer Name = Petas | Source = Application Popup | ID = 1060
Description =
Error - 17. 7. 2014 8:02:06 | Computer Name = Petas | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 17. 7. 2014 8:05:55 | Computer Name = Petas | Source = Application Popup | ID = 1060
Description =
Error - 17. 7. 2014 8:05:55 | Computer Name = Petas | Source = Application Popup | ID = 1060
Description =
Error - 17. 7. 2014 8:13:31 | Computer Name = Petas | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 17. 7. 2014 8:14:22 | Computer Name = Petas | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 17. 7. 2014 8:16:52 | Computer Name = Petas | Source = Service Control Manager | ID = 7023
Description = Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064
Error - 17. 7. 2014 10:48:57 | Computer Name = Petas | Source = Service Control Manager | ID = 7023
Description = Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064
Error - 17. 7. 2014 14:04:52 | Computer Name = Petas | Source = DCOM | ID = 10016
Description =
< End of report >
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 51 hostů