Windows 8 - pada - reklamy jako nove okna v chrome
Napsal: 12 led 2013 17:49
Ahoj, jelikoz mam od vcerejsiho vecera podezreni na vir a jelikoz mam v PC data o ktere bych nerad prisel, radeji se pro jistotu zeptam zkusenejsich, tedy Vas.
Popis: Nelezu na pochybne weby, ALE muj syn dostal k vanocum MP3 a chce tam mit samozrejme nejakou hudubu a ja uprime nejsem ochoten platit za nejakou Lady Gaga apod..., tak jsem mu zacal stahovat hudbu z ruznych zdroju coz by mohl byt zdroj viru. PC me vcera po zapnuti vybidl abych mu potvrdil zmenu v aplikaci(nebo proste nejakou systemovou zmenu) coz mi bylo divne, ale nez jsem se rozkoukal, tak jsem zjistil, ze to syn stihl potvrdit za me. Kazdopadne od te doby mi zacal padat STEAM coz jsem vyresil smazanim nejakeho logu co psali na Google a pomohlo. Dale mi padnul 3x Windows u cehoz si ovem nejsem jist zda je to chyba Osmicek nebo je to virem popr. pretizenim(PC je pretaktovany, ovsem na Win 7 byl stabilni). Kdyz mi padne Windows pokazdy to ukaze chybu nejakeho MINIDUMP a vetsinou se tak deje po AUTOMATICKE instalaci aktualizace ovsem od vcera mi to pada samovolne... No a nakonec se mi(pri necinnosti) na plose samovolne oteviraji nejake reklamy na travian a dalsi kraviny coz je pro me asi nejvetsi voditko k myslence, ze mam v PC vir.
Jsem si vedom ze cista instalace Win8 by vse vyresila, ale ja mam na PC Win8 asi mesic a nemam naladu to ted preinstalovavat kdyz ani nemam jistotu ze se jedna o vir.
Diky za pomoc !!!
DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453 BrowserJavaVersion: 10.9.2
Run by Jakub at 17:28:02 on 2013-01-12
Microsoft Windows 8 Pro with Media Center 6.2.9200.0.1250.420.1029.18.8190.4329 [GMT 1:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\dashost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler64.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Jakub\AppData\Local\Google\Update\1.3.21.124\GoogleCrashHandler.exe
C:\Users\Jakub\AppData\Local\Google\Update\1.3.21.124\GoogleCrashHandler64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Jakub\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Guild Wars 2\Gw2.exe
C:\Program Files (x86)\Steam\GameOverlayUI.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Temp\gw2cache-{35AD4702-3DD9-1672-0147-AD35D93D7216}\awesomium_process.exe
C:\Windows\System32\WUDFHost.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Google Update] "C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [MusicManager] "C:\Users\Jakub\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{122D38C8-0C8B-46A2-92E1-C243DB3D9DFF} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll
SSODL: WebCheck - <orphaned>
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-1-5 75624]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 vmbusr;Poskytovatel sběrnice virtuálního počítače;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248]
S3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;C:\Windows\System32\svchost.exe -k ICService [2012-11-21 29696]
.
=============== Created Last 30 ================
.
2013-01-12 11:35:02 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{03B36771-0D61-43D6-AD1D-2E965FCFB8C9}\mpengine.dll
2013-01-11 20:11:13 9125352 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-01-11 20:06:50 707584 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll
2013-01-11 20:06:50 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll
2013-01-11 20:06:49 178176 ----a-w- C:\Windows\System32\SystemEventsBrokerServer.dll
2013-01-11 20:06:49 170496 ----a-w- C:\Windows\System32\TimeBrokerServer.dll
2013-01-11 20:06:47 4055552 ----a-w- C:\Windows\System32\win32k.sys
2013-01-11 20:06:47 368640 ----a-w- C:\Windows\System32\sppwinob.dll
2013-01-11 07:12:01 -------- d-----w- C:\Users\Jakub\AppData\Roaming\GHISLER
2013-01-10 19:00:15 -------- d-----w- C:\Users\Jakub\AppData\Local\CrashRpt
2013-01-10 19:00:02 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
2013-01-09 18:02:38 86016 ----a-w- C:\Windows\System32\ncryptsslp.dll
2013-01-09 18:02:38 71168 ----a-w- C:\Windows\SysWow64\ncryptsslp.dll
2013-01-09 18:02:26 2361344 ----a-w- C:\Windows\System32\msxml6.dll
2013-01-09 18:02:26 1836032 ----a-w- C:\Windows\System32\msxml3.dll
2013-01-09 18:02:26 1802240 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-01-09 18:02:25 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2013-01-09 18:02:25 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2013-01-09 18:02:25 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2013-01-09 18:02:25 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2013-01-09 18:02:25 1438720 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-01-06 11:56:16 -------- d-----w- C:\Users\Jakub\AppData\Local\Samsung
2013-01-06 11:56:14 -------- d-----w- C:\Users\Jakub\AppData\Roaming\Samsung
2013-01-06 11:51:50 4659712 ----a-w- C:\Windows\SysWow64\Redemption.dll
2013-01-06 11:49:44 -------- d-----w- C:\Users\Jakub\AppData\Local\Downloaded Installations
2012-12-21 09:23:47 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-21 09:23:47 362496 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-21 09:23:47 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 09:23:47 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-14 16:31:24 890880 ----a-w- C:\Windows\SysWow64\msctf.dll
2012-12-14 16:30:47 11459584 ----a-w- C:\Windows\System32\glcndFilter.dll
2012-12-14 02:47:53 144384 ----a-w- C:\Windows\System32\tssdisai.dll
2012-12-14 02:47:52 135680 ----a-w- C:\Windows\System32\appserverai.dll
2012-12-14 02:47:52 126976 ----a-w- C:\Windows\System32\RDWebAI.dll
2012-12-14 02:47:52 122880 ----a-w- C:\Windows\System32\VmHostAI.dll
2012-12-14 02:47:50 148480 ----a-w- C:\Windows\System32\poqexec.exe
2012-12-14 02:47:50 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe
.
==================== Find3M ====================
.
2013-01-11 19:35:45 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-01-11 19:35:45 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-01-11 19:06:42 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-01-10 19:57:50 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-12-29 08:40:27 6382008 ----a-w- C:\Windows\System32\nvcpl.dll
2012-12-29 08:40:27 3455416 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-12-29 08:40:11 2923201 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-12-29 08:40:09 884152 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-12-29 08:40:09 63928 ----a-w- C:\Windows\System32\nvshext.dll
2012-12-29 08:40:09 2558392 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-12-29 08:40:09 118712 ----a-w- C:\Windows\System32\nvmctray.dll
2012-12-18 23:32:58 80728 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-18 23:32:58 695640 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-28 04:21:17 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2012-11-28 04:20:59 53760 ----a-w- C:\Windows\System32\UXInit.dll
2012-11-27 07:00:32 194280 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2012-11-27 07:00:29 124648 ----a-w- C:\Windows\System32\drivers\dumpsd.sys
2012-11-27 06:59:13 329960 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-11-27 06:39:46 1122768 ----a-w- C:\Windows\System32\Taskmgr.exe
2012-11-27 04:49:20 1027152 ----a-w- C:\Windows\SysWow64\Taskmgr.exe
2012-11-27 04:20:50 1048064 ----a-w- C:\Windows\SysWow64\mstsc.exe
2012-11-27 04:20:42 179200 ----a-w- C:\Windows\SysWow64\wpnapps.dll
2012-11-27 04:20:35 891904 ----a-w- C:\Windows\SysWow64\winmde.dll
2012-11-27 04:20:31 798208 ----a-w- C:\Windows\SysWow64\WebcamUi.dll
2012-11-27 04:20:29 46592 ----a-w- C:\Windows\SysWow64\vds_ps.dll
2012-11-27 04:20:28 560128 ----a-w- C:\Windows\SysWow64\UserLanguagesCpl.dll
2012-11-27 04:20:23 1217536 ----a-w- C:\Windows\SysWow64\storagewmi.dll
2012-11-27 04:20:15 680960 ----a-w- C:\Windows\System32\vds.exe
2012-11-27 04:20:07 702464 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2012-11-27 04:20:07 1123840 ----a-w- C:\Windows\System32\mstsc.exe
2012-11-27 04:18:59 888832 ----a-w- C:\Windows\System32\nshwfp.dll
2012-11-27 04:18:39 5974528 ----a-w- C:\Windows\System32\mstscax.dll
2012-11-27 04:18:25 1146880 ----a-w- C:\Windows\System32\mcmde.dll
2012-11-27 04:18:13 1071104 ----a-w- C:\Windows\System32\IKEEXT.DLL
2012-11-27 04:18:06 378880 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2012-11-27 04:17:32 718848 ----a-w- C:\Windows\System32\BFE.DLL
2012-11-27 04:17:31 2302464 ----a-w- C:\Windows\System32\authui.dll
2012-11-27 03:57:32 18432 ----a-w- C:\Windows\System32\drivers\BtaMPM.sys
2012-11-27 03:56:29 31104 ----a-w- C:\Windows\System32\drivers\BthAvrcpTg.sys
2012-11-27 03:55:44 29952 ----a-w- C:\Windows\System32\drivers\BthhfHid.sys
2012-11-25 17:32:59 564824 ----a-w- C:\Windows\System32\drivers\sptd.sys
2012-11-23 12:57:19 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-23 12:57:17 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-11-23 12:57:17 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-11-23 12:53:50 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-11-23 12:53:50 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-11-20 08:00:23 6971624 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-11-20 05:24:19 1164800 ----a-w- C:\Windows\SysWow64\Display.dll
2012-11-20 05:24:17 36352 ----a-w- C:\Windows\SysWow64\DevDispItemProvider.dll
2012-11-20 05:17:23 1184256 ----a-w- C:\Windows\System32\Display.dll
2012-11-20 05:17:20 49152 ----a-w- C:\Windows\System32\DevDispItemProvider.dll
2012-11-20 05:02:46 6656 ----a-w- C:\Windows\SysWow64\KBDKURD.DLL
2012-11-20 04:59:26 7168 ----a-w- C:\Windows\System32\KBDKURD.DLL
2012-11-20 04:56:27 27136 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-11-20 04:56:11 83456 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2012-11-20 04:54:31 39936 ----a-w- C:\Windows\System32\drivers\hidi2c.sys
2012-11-15 06:08:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-15 06:06:34 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-13 04:20:30 1120768 ----a-w- C:\Windows\System32\msctf.dll
2012-11-09 04:49:51 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:03:48 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-08 04:25:36 523776 ----a-w- C:\Windows\SysWow64\WSShared.dll
2012-11-08 04:25:36 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
2012-11-08 04:25:36 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:25:35 1775104 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-08 04:24:27 2881536 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-08 04:24:22 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2012-11-08 04:24:22 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2012-11-08 04:24:19 75776 ----a-w- C:\Windows\SysWow64\fontsub.dll
2012-11-08 04:24:06 10752 ----a-w- C:\Windows\SysWow64\dciman32.dll
2012-11-08 04:22:21 641536 ----a-w- C:\Windows\System32\WSShared.dll
2012-11-08 04:22:20 198656 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.dll
2012-11-08 04:22:20 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:22:19 2246656 ----a-w- C:\Windows\System32\wininet.dll
2012-11-08 04:22:12 907776 ----a-w- C:\Windows\System32\uxtheme.dll
2012-11-08 04:21:00 3966464 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-08 04:20:56 67072 ----a-w- C:\Windows\System32\iesetup.dll
2012-11-08 04:20:56 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2012-11-08 04:20:50 96256 ----a-w- C:\Windows\System32\fontsub.dll
2012-11-08 04:20:37 14336 ----a-w- C:\Windows\System32\dciman32.dll
2012-11-08 04:02:16 3072 ----a-w- C:\Windows\System32\lpk.dll
2012-11-08 04:01:40 3072 ----a-w- C:\Windows\SysWow64\lpk.dll
2012-11-08 01:56:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2012-11-06 07:52:07 445160 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS
2012-11-06 07:52:04 277736 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2012-11-06 07:36:23 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys
2012-11-06 07:33:46 522640 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2012-11-06 07:33:46 253512 ----a-w- C:\Windows\System32\audiodg.exe
2012-11-06 07:33:45 490064 ----a-w- C:\Windows\System32\AudioEng.dll
2012-11-06 07:33:45 447792 ----a-w- C:\Windows\System32\AudioSes.dll
2012-11-06 07:33:30 1566432 ----a-w- C:\Windows\System32\ole32.dll
2012-11-06 05:00:06 463768 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2012-11-06 05:00:06 427568 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2012-11-06 05:00:06 324344 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2012-11-06 04:54:13 2205696 ----a-w- C:\Windows\SysWow64\PrintConfig.dll
2012-11-06 04:48:27 1150160 ----a-w- C:\Windows\SysWow64\ole32.dll
2012-11-06 04:19:59 470016 ----a-w- C:\Windows\System32\wlanmsm.dll
2012-11-06 04:18:58 84992 ----a-w- C:\Windows\SysWow64\fdWCN.dll
2012-11-06 04:17:58 110080 ----a-w- C:\Windows\System32\dafWCN.dll
2012-11-06 04:17:42 785920 ----a-w- C:\Windows\System32\audiosrv.dll
.
============= FINISH: 17:28:31,33 ===============
Popis: Nelezu na pochybne weby, ALE muj syn dostal k vanocum MP3 a chce tam mit samozrejme nejakou hudubu a ja uprime nejsem ochoten platit za nejakou Lady Gaga apod..., tak jsem mu zacal stahovat hudbu z ruznych zdroju coz by mohl byt zdroj viru. PC me vcera po zapnuti vybidl abych mu potvrdil zmenu v aplikaci(nebo proste nejakou systemovou zmenu) coz mi bylo divne, ale nez jsem se rozkoukal, tak jsem zjistil, ze to syn stihl potvrdit za me. Kazdopadne od te doby mi zacal padat STEAM coz jsem vyresil smazanim nejakeho logu co psali na Google a pomohlo. Dale mi padnul 3x Windows u cehoz si ovem nejsem jist zda je to chyba Osmicek nebo je to virem popr. pretizenim(PC je pretaktovany, ovsem na Win 7 byl stabilni). Kdyz mi padne Windows pokazdy to ukaze chybu nejakeho MINIDUMP a vetsinou se tak deje po AUTOMATICKE instalaci aktualizace ovsem od vcera mi to pada samovolne... No a nakonec se mi(pri necinnosti) na plose samovolne oteviraji nejake reklamy na travian a dalsi kraviny coz je pro me asi nejvetsi voditko k myslence, ze mam v PC vir.
Jsem si vedom ze cista instalace Win8 by vse vyresila, ale ja mam na PC Win8 asi mesic a nemam naladu to ted preinstalovavat kdyz ani nemam jistotu ze se jedna o vir.
Diky za pomoc !!!
DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453 BrowserJavaVersion: 10.9.2
Run by Jakub at 17:28:02 on 2013-01-12
Microsoft Windows 8 Pro with Media Center 6.2.9200.0.1250.420.1029.18.8190.4329 [GMT 1:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\dashost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler64.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Jakub\AppData\Local\Google\Update\1.3.21.124\GoogleCrashHandler.exe
C:\Users\Jakub\AppData\Local\Google\Update\1.3.21.124\GoogleCrashHandler64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Jakub\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Guild Wars 2\Gw2.exe
C:\Program Files (x86)\Steam\GameOverlayUI.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Temp\gw2cache-{35AD4702-3DD9-1672-0147-AD35D93D7216}\awesomium_process.exe
C:\Windows\System32\WUDFHost.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Google Update] "C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [MusicManager] "C:\Users\Jakub\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{122D38C8-0C8B-46A2-92E1-C243DB3D9DFF} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll
SSODL: WebCheck - <orphaned>
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-1-5 75624]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 vmbusr;Poskytovatel sběrnice virtuálního počítače;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248]
S3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;C:\Windows\System32\svchost.exe -k ICService [2012-11-21 29696]
.
=============== Created Last 30 ================
.
2013-01-12 11:35:02 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{03B36771-0D61-43D6-AD1D-2E965FCFB8C9}\mpengine.dll
2013-01-11 20:11:13 9125352 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-01-11 20:06:50 707584 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll
2013-01-11 20:06:50 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll
2013-01-11 20:06:49 178176 ----a-w- C:\Windows\System32\SystemEventsBrokerServer.dll
2013-01-11 20:06:49 170496 ----a-w- C:\Windows\System32\TimeBrokerServer.dll
2013-01-11 20:06:47 4055552 ----a-w- C:\Windows\System32\win32k.sys
2013-01-11 20:06:47 368640 ----a-w- C:\Windows\System32\sppwinob.dll
2013-01-11 07:12:01 -------- d-----w- C:\Users\Jakub\AppData\Roaming\GHISLER
2013-01-10 19:00:15 -------- d-----w- C:\Users\Jakub\AppData\Local\CrashRpt
2013-01-10 19:00:02 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
2013-01-09 18:02:38 86016 ----a-w- C:\Windows\System32\ncryptsslp.dll
2013-01-09 18:02:38 71168 ----a-w- C:\Windows\SysWow64\ncryptsslp.dll
2013-01-09 18:02:26 2361344 ----a-w- C:\Windows\System32\msxml6.dll
2013-01-09 18:02:26 1836032 ----a-w- C:\Windows\System32\msxml3.dll
2013-01-09 18:02:26 1802240 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-01-09 18:02:25 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2013-01-09 18:02:25 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2013-01-09 18:02:25 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2013-01-09 18:02:25 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2013-01-09 18:02:25 1438720 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-01-06 11:56:16 -------- d-----w- C:\Users\Jakub\AppData\Local\Samsung
2013-01-06 11:56:14 -------- d-----w- C:\Users\Jakub\AppData\Roaming\Samsung
2013-01-06 11:51:50 4659712 ----a-w- C:\Windows\SysWow64\Redemption.dll
2013-01-06 11:49:44 -------- d-----w- C:\Users\Jakub\AppData\Local\Downloaded Installations
2012-12-21 09:23:47 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-21 09:23:47 362496 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-21 09:23:47 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 09:23:47 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-14 16:31:24 890880 ----a-w- C:\Windows\SysWow64\msctf.dll
2012-12-14 16:30:47 11459584 ----a-w- C:\Windows\System32\glcndFilter.dll
2012-12-14 02:47:53 144384 ----a-w- C:\Windows\System32\tssdisai.dll
2012-12-14 02:47:52 135680 ----a-w- C:\Windows\System32\appserverai.dll
2012-12-14 02:47:52 126976 ----a-w- C:\Windows\System32\RDWebAI.dll
2012-12-14 02:47:52 122880 ----a-w- C:\Windows\System32\VmHostAI.dll
2012-12-14 02:47:50 148480 ----a-w- C:\Windows\System32\poqexec.exe
2012-12-14 02:47:50 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe
.
==================== Find3M ====================
.
2013-01-11 19:35:45 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-01-11 19:35:45 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-01-11 19:06:42 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-01-10 19:57:50 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-12-29 08:40:27 6382008 ----a-w- C:\Windows\System32\nvcpl.dll
2012-12-29 08:40:27 3455416 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-12-29 08:40:11 2923201 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-12-29 08:40:09 884152 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-12-29 08:40:09 63928 ----a-w- C:\Windows\System32\nvshext.dll
2012-12-29 08:40:09 2558392 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-12-29 08:40:09 118712 ----a-w- C:\Windows\System32\nvmctray.dll
2012-12-18 23:32:58 80728 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-18 23:32:58 695640 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-28 04:21:17 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2012-11-28 04:20:59 53760 ----a-w- C:\Windows\System32\UXInit.dll
2012-11-27 07:00:32 194280 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2012-11-27 07:00:29 124648 ----a-w- C:\Windows\System32\drivers\dumpsd.sys
2012-11-27 06:59:13 329960 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-11-27 06:39:46 1122768 ----a-w- C:\Windows\System32\Taskmgr.exe
2012-11-27 04:49:20 1027152 ----a-w- C:\Windows\SysWow64\Taskmgr.exe
2012-11-27 04:20:50 1048064 ----a-w- C:\Windows\SysWow64\mstsc.exe
2012-11-27 04:20:42 179200 ----a-w- C:\Windows\SysWow64\wpnapps.dll
2012-11-27 04:20:35 891904 ----a-w- C:\Windows\SysWow64\winmde.dll
2012-11-27 04:20:31 798208 ----a-w- C:\Windows\SysWow64\WebcamUi.dll
2012-11-27 04:20:29 46592 ----a-w- C:\Windows\SysWow64\vds_ps.dll
2012-11-27 04:20:28 560128 ----a-w- C:\Windows\SysWow64\UserLanguagesCpl.dll
2012-11-27 04:20:23 1217536 ----a-w- C:\Windows\SysWow64\storagewmi.dll
2012-11-27 04:20:15 680960 ----a-w- C:\Windows\System32\vds.exe
2012-11-27 04:20:07 702464 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2012-11-27 04:20:07 1123840 ----a-w- C:\Windows\System32\mstsc.exe
2012-11-27 04:18:59 888832 ----a-w- C:\Windows\System32\nshwfp.dll
2012-11-27 04:18:39 5974528 ----a-w- C:\Windows\System32\mstscax.dll
2012-11-27 04:18:25 1146880 ----a-w- C:\Windows\System32\mcmde.dll
2012-11-27 04:18:13 1071104 ----a-w- C:\Windows\System32\IKEEXT.DLL
2012-11-27 04:18:06 378880 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2012-11-27 04:17:32 718848 ----a-w- C:\Windows\System32\BFE.DLL
2012-11-27 04:17:31 2302464 ----a-w- C:\Windows\System32\authui.dll
2012-11-27 03:57:32 18432 ----a-w- C:\Windows\System32\drivers\BtaMPM.sys
2012-11-27 03:56:29 31104 ----a-w- C:\Windows\System32\drivers\BthAvrcpTg.sys
2012-11-27 03:55:44 29952 ----a-w- C:\Windows\System32\drivers\BthhfHid.sys
2012-11-25 17:32:59 564824 ----a-w- C:\Windows\System32\drivers\sptd.sys
2012-11-23 12:57:19 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-23 12:57:17 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-11-23 12:57:17 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-11-23 12:53:50 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-11-23 12:53:50 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-11-20 08:00:23 6971624 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-11-20 05:24:19 1164800 ----a-w- C:\Windows\SysWow64\Display.dll
2012-11-20 05:24:17 36352 ----a-w- C:\Windows\SysWow64\DevDispItemProvider.dll
2012-11-20 05:17:23 1184256 ----a-w- C:\Windows\System32\Display.dll
2012-11-20 05:17:20 49152 ----a-w- C:\Windows\System32\DevDispItemProvider.dll
2012-11-20 05:02:46 6656 ----a-w- C:\Windows\SysWow64\KBDKURD.DLL
2012-11-20 04:59:26 7168 ----a-w- C:\Windows\System32\KBDKURD.DLL
2012-11-20 04:56:27 27136 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-11-20 04:56:11 83456 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2012-11-20 04:54:31 39936 ----a-w- C:\Windows\System32\drivers\hidi2c.sys
2012-11-15 06:08:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-15 06:06:34 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-13 04:20:30 1120768 ----a-w- C:\Windows\System32\msctf.dll
2012-11-09 04:49:51 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:03:48 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-08 04:25:36 523776 ----a-w- C:\Windows\SysWow64\WSShared.dll
2012-11-08 04:25:36 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
2012-11-08 04:25:36 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:25:35 1775104 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-08 04:24:27 2881536 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-08 04:24:22 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2012-11-08 04:24:22 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2012-11-08 04:24:19 75776 ----a-w- C:\Windows\SysWow64\fontsub.dll
2012-11-08 04:24:06 10752 ----a-w- C:\Windows\SysWow64\dciman32.dll
2012-11-08 04:22:21 641536 ----a-w- C:\Windows\System32\WSShared.dll
2012-11-08 04:22:20 198656 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.dll
2012-11-08 04:22:20 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:22:19 2246656 ----a-w- C:\Windows\System32\wininet.dll
2012-11-08 04:22:12 907776 ----a-w- C:\Windows\System32\uxtheme.dll
2012-11-08 04:21:00 3966464 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-08 04:20:56 67072 ----a-w- C:\Windows\System32\iesetup.dll
2012-11-08 04:20:56 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2012-11-08 04:20:50 96256 ----a-w- C:\Windows\System32\fontsub.dll
2012-11-08 04:20:37 14336 ----a-w- C:\Windows\System32\dciman32.dll
2012-11-08 04:02:16 3072 ----a-w- C:\Windows\System32\lpk.dll
2012-11-08 04:01:40 3072 ----a-w- C:\Windows\SysWow64\lpk.dll
2012-11-08 01:56:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2012-11-06 07:52:07 445160 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS
2012-11-06 07:52:04 277736 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2012-11-06 07:36:23 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys
2012-11-06 07:33:46 522640 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2012-11-06 07:33:46 253512 ----a-w- C:\Windows\System32\audiodg.exe
2012-11-06 07:33:45 490064 ----a-w- C:\Windows\System32\AudioEng.dll
2012-11-06 07:33:45 447792 ----a-w- C:\Windows\System32\AudioSes.dll
2012-11-06 07:33:30 1566432 ----a-w- C:\Windows\System32\ole32.dll
2012-11-06 05:00:06 463768 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2012-11-06 05:00:06 427568 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2012-11-06 05:00:06 324344 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2012-11-06 04:54:13 2205696 ----a-w- C:\Windows\SysWow64\PrintConfig.dll
2012-11-06 04:48:27 1150160 ----a-w- C:\Windows\SysWow64\ole32.dll
2012-11-06 04:19:59 470016 ----a-w- C:\Windows\System32\wlanmsm.dll
2012-11-06 04:18:58 84992 ----a-w- C:\Windows\SysWow64\fdWCN.dll
2012-11-06 04:17:58 110080 ----a-w- C:\Windows\System32\dafWCN.dll
2012-11-06 04:17:42 785920 ----a-w- C:\Windows\System32\audiosrv.dll
.
============= FINISH: 17:28:31,33 ===============
V prve rade bych vratil pretaktovani zpatky