Prosím o kontrolu a pomoc s odstraněním trovi.com

Zpráva

Nehas · #1 Příspěvek od **Nehas** » 28 lis 2014 10:21

Ahoj,
prosím o preventivní kontrolu a pomoc s odstraněním trovi.com z FF.

Díky

Přikládám log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2014-11-28 09:57:13
Microsoft Windows 8.1
System drive C: has 177 GB (38%) free of 465 GB
Total RAM: 3963 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:57:17, on 28. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\IM Magician\vmonproc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\IM Magician\Vicamon.exe
C:\WINDOWS\syswow64\wwahost.exe
C:\Program Files\trend micro\Petr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.usi-x.ctrnactka.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [IMMON] "C:\Program Files (x86)\IM Magician\Vicamon.exe"
O4 - HKLM\..\Run: [IMMONSUPPORT] "C:\Program Files (x86)\IM Magician\vmonproc.exe" /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Lync] "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkey
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Google Update] "C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] "C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [uTorrent] C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAA6C3B6-662B-4D14-BB64-EADB88213BFE} (IPCamPluginTM Control) - http://89.203.138.111:8080/IPCamPluginTM.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Search Protect Service (CltMngSvc) - Search Protect - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files (x86)\Tor\tor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13134 bytes

======Listing Processes======

wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
dashost.exe {027fca75-8b24-4385-98d18f6913147edd}
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Tor\tor.exe" --nt-service "-ControlPort" "9051"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\wmiprvse.exe
ngservice.exe pipeserver
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\vssvc.exe

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
taskhostex.exe
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
ClassicStartMenu.exe -startup
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
szndesktop.exe default start
"C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\IM Magician\vmonproc.exe" /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
taskhost.exe
C:\WINDOWS\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE" /dde
C:\WINDOWS\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --apps-gallery-install-auto-confirm-for-tests=accept --incognito http://software.seznam.cz/listicka?browser=chrome#auto
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2052.0.293267469\1036171080" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A2_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Control/RapporRollout/Enabled/RememberCertificateErrorDecisions/Disable/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2052.2.1992493428\1091460613" /prefetch:673131151
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A2_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Control/RapporRollout/Enabled/RememberCertificateErrorDecisions/Disable/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2052.3.633664126\1523387568" /prefetch:673131151
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A2_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Control/RapporRollout/Enabled/RememberCertificateErrorDecisions/Disable/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2052.5.810040801\1602502097" /prefetch:673131151
taskhost.exe $(Arg0)
Explorer.exe
uTorrent.exe /NOINSTALL /BRINGTOFRONT /BRINGTOFRONT
"C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe"
C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe
C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A2_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Control/RapporRollout/Enabled/RememberCertificateErrorDecisions/Disable/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2052.7.408115312\1403945820" /prefetch:673131151
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A2_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Control/RapporRollout/Enabled/RememberCertificateErrorDecisions/Disable/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2052.8.975358412\1552284348" /prefetch:673131151
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --channel="2052.9.786032731\611498862" --lang=cs /prefetch:845217598
"C:\Program Files (x86)\IM Magician\Vicamon.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe187_ Global\UsGthrCtrlFltPipeMssGthrPipe187 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 588 592 600 65536 596
"C:\WINDOWS\syswow64\wwahost.exe" -ServerName:App.wwa
C:\Windows\System32\RuntimeBroker.exe -Embedding

"C:\Users\Petr\Downloads\RSITx64(1).exe"
taskhost.exe
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.1

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

#2 Příspěvek od **Márty84** » 28 lis 2014 10:58

Zdravim

Log neni cely. Potrebuju i zbytek, abych videl, co tam bezi.

Nehas · #3 Příspěvek od **Nehas** » 28 lis 2014 11:04

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001Core.job - C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001UA.job - C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h6yooc5s.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll

C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h6yooc5s.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-10-14 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-03-30 803008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-21 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-10-14 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-03-30 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-10-14 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-03-30 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-21 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-10-14 1729752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-03-30 440000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-03-30 803008]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-03-30 683200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-29 442328]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-03-30 161984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Lync"=C:\Program Files\Microsoft Office 15\root\office15\lync.exe [2014-10-14 19051160]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"cz.seznam.software.autoupdate"=C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Google Update"=C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-03 116648]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-10-21 22869088]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A"=C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe [2014-11-25 856904]
"uTorrent"=C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe [2014-11-28 1389648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2012-08-15 2994880]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-11-21 5226600]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"IMMON"=C:\Program Files (x86)\IM Magician\Vicamon.exe [2010-09-28 143360]
"IMMONSUPPORT"=C:\Program Files (x86)\IM Magician\vmonproc.exe [2010-09-28 233472]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-29 442880]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2014-11-28 09:57:13 ----D---- C:\rsit
2014-11-28 09:37:34 ----D---- C:\Program Files (x86)\SearchProtect
2014-11-22 08:31:52 ----D---- C:\WINDOWS\SYSWOW64\vbox
2014-11-22 08:31:52 ----D---- C:\WINDOWS\system32\vbox
2014-11-21 22:30:55 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-11-21 22:30:50 ----A---- C:\WINDOWS\avastSS.scr
2014-11-19 11:48:36 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2014-11-19 11:48:36 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2014-11-19 11:48:36 ----A---- C:\WINDOWS\system32\kerberos.dll
2014-11-19 11:48:35 ----A---- C:\WINDOWS\system32\pku2u.dll
2014-11-17 14:02:04 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-11-13 18:51:33 ----D---- C:\Program Files\CCleaner
2014-11-13 08:23:20 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-11-13 08:23:20 ----A---- C:\WINDOWS\system32\schannel.dll
2014-11-13 08:23:19 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2014-11-13 08:23:19 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2014-11-13 08:23:19 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2014-11-13 08:22:28 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-11-13 08:22:28 ----A---- C:\WINDOWS\system32\msi.dll
2014-11-13 08:22:27 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-11-13 08:22:27 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-11-13 08:22:27 ----A---- C:\WINDOWS\system32\authui.dll
2014-11-13 08:22:26 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll
2014-11-13 08:22:26 ----A---- C:\WINDOWS\system32\consent.exe
2014-11-13 08:22:26 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-11-13 08:22:21 ----A---- C:\WINDOWS\system32\user32.dll
2014-11-13 08:22:20 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2014-11-13 08:22:20 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-11-13 08:22:19 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-11-13 08:22:18 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-11-13 08:22:16 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2014-11-13 08:22:16 ----A---- C:\WINDOWS\system32\winshfhc.dll
2014-11-13 08:21:41 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-11-13 08:21:40 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-11-13 08:21:01 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-11-13 08:20:54 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-11-13 08:20:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-11-13 08:20:47 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-11-13 08:20:45 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-11-13 08:20:45 ----A---- C:\WINDOWS\system32\wininet.dll
2014-11-13 08:20:44 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-11-13 08:20:44 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-11-13 08:20:44 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-11-13 08:20:43 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2014-11-13 08:20:43 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-11-13 08:20:43 ----A---- C:\WINDOWS\system32\inetcomm.dll
2014-11-13 08:20:43 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-11-13 08:20:42 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2014-11-13 08:20:42 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-11-13 08:20:41 ----A---- C:\WINDOWS\system32\jscript.dll
2014-11-13 08:20:41 ----A---- C:\WINDOWS\system32\ieui.dll
2014-11-13 08:20:40 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-11-13 08:20:40 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-11-13 08:20:40 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2014-11-13 08:20:40 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-11-13 08:20:39 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-11-13 08:20:39 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-11-13 08:20:38 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-11-13 08:20:38 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-11-13 08:20:37 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-11-13 08:20:37 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-11-13 08:20:37 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-11-13 08:20:37 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-11-13 08:20:35 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2014-11-13 08:20:35 ----A---- C:\WINDOWS\system32\webcheck.dll
2014-11-13 08:20:35 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-13 08:20:34 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-11-13 08:20:33 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-11-13 08:20:33 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2014-11-13 08:20:33 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-11-13 08:20:32 ----A---- C:\WINDOWS\system32\msrating.dll
2014-11-13 08:20:32 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-11-13 08:20:32 ----A---- C:\WINDOWS\system32\iesysprep.dll
2014-11-13 08:20:32 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-11-13 08:20:32 ----A---- C:\WINDOWS\system32\hlink.dll
2014-11-13 08:20:31 ----A---- C:\WINDOWS\SYSWOW64\inseng.dll
2014-11-13 08:20:31 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-11-13 08:20:31 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2014-11-13 08:20:31 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2014-11-13 08:20:31 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-11-13 08:20:31 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-11-13 08:20:31 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-11-13 08:20:30 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-11-13 08:20:30 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-13 08:20:30 ----A---- C:\WINDOWS\system32\inseng.dll
2014-11-13 08:20:29 ----A---- C:\WINDOWS\SYSWOW64\occache.dll
2014-11-13 08:20:29 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-11-13 08:20:29 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll
2014-11-13 08:20:29 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-11-13 08:20:29 ----A---- C:\WINDOWS\SYSWOW64\IEAdvpack.dll
2014-11-13 08:20:29 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-11-13 08:20:29 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-11-13 08:20:28 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-13 08:20:28 ----A---- C:\WINDOWS\SYSWOW64\iexpress.exe
2014-11-13 08:20:28 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-11-13 08:20:27 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-11-13 08:20:27 ----A---- C:\WINDOWS\SYSWOW64\imgutil.dll
2014-11-13 08:20:27 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-11-13 08:20:27 ----A---- C:\WINDOWS\system32\occache.dll
2014-11-13 08:20:27 ----A---- C:\WINDOWS\system32\imgutil.dll
2014-11-13 08:20:26 ----A---- C:\WINDOWS\SYSWOW64\pngfilt.dll
2014-11-13 08:20:26 ----A---- C:\WINDOWS\SYSWOW64\licmgr10.dll
2014-11-13 08:20:26 ----A---- C:\WINDOWS\system32\pngfilt.dll
2014-11-13 08:20:26 ----A---- C:\WINDOWS\system32\licmgr10.dll
2014-11-13 08:20:25 ----A---- C:\WINDOWS\SYSWOW64\wextract.exe
2014-11-13 08:20:25 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-11-13 08:20:25 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-11-13 08:20:25 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-11-13 08:20:24 ----A---- C:\WINDOWS\SYSWOW64\url.dll
2014-11-13 08:20:24 ----A---- C:\WINDOWS\system32\wextract.exe
2014-11-13 08:20:24 ----A---- C:\WINDOWS\system32\url.dll
2014-11-13 08:20:24 ----A---- C:\WINDOWS\system32\IEAdvpack.dll
2014-11-13 08:20:23 ----A---- C:\WINDOWS\SYSWOW64\mshta.exe
2014-11-13 08:20:23 ----A---- C:\WINDOWS\SYSWOW64\msfeedssync.exe
2014-11-13 08:20:23 ----A---- C:\WINDOWS\system32\iexpress.exe
2014-11-13 08:20:23 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-11-13 08:20:22 ----A---- C:\WINDOWS\system32\mshta.exe
2014-11-13 08:20:22 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2014-11-13 08:19:34 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-11-13 08:19:33 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-11-13 08:19:33 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-11-13 08:19:33 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-11-13 08:19:33 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-11-13 08:19:33 ----A---- C:\WINDOWS\system32\certcli.dll
2014-11-13 08:19:32 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2014-11-13 08:19:32 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2014-11-13 08:19:32 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2014-11-13 08:19:32 ----A---- C:\WINDOWS\system32\adtschema.dll
2014-11-13 08:19:31 ----A---- C:\WINDOWS\SYSWOW64\msaudite.dll
2014-11-13 08:19:31 ----A---- C:\WINDOWS\system32\rdpudd.dll
2014-11-13 08:19:31 ----A---- C:\WINDOWS\system32\msaudite.dll
2014-11-13 08:19:07 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2014-11-13 08:19:07 ----A---- C:\WINDOWS\system32\oleaut32.dll
2014-11-13 08:19:04 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-11-13 08:19:04 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-11-13 08:19:03 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-11-13 08:19:03 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-11-13 08:19:03 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-11-13 08:19:03 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-11-13 08:19:03 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-13 08:19:03 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-11-13 08:19:02 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-11-13 08:19:02 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-11-13 08:19:02 ----A---- C:\WINDOWS\system32\wups2.dll
2014-11-13 08:19:02 ----A---- C:\WINDOWS\system32\wups.dll
2014-11-13 08:19:02 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-11-13 08:19:02 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-11-13 08:19:02 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-11-13 08:19:01 ----A---- C:\WINDOWS\system32\wuaext.dll
2014-11-13 08:18:20 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-11-13 08:18:19 ----A---- C:\WINDOWS\system32\msxml3.dll
2014-11-13 08:18:17 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-11-13 08:18:17 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-11-13 08:18:17 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-11-13 08:18:17 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-13 08:18:16 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-11-13 08:18:16 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-11-13 08:18:16 ----A---- C:\WINDOWS\system32\EncDump.dll
2014-11-13 08:18:16 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-11-13 08:18:16 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-13 08:18:16 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-11-13 08:18:15 ----A---- C:\WINDOWS\system32\win32k.sys
2014-11-13 08:18:12 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-11-13 08:18:12 ----A---- C:\WINDOWS\system32\packager.dll
2014-11-13 08:18:11 ----A---- C:\WINDOWS\system32\generaltel.dll
2014-11-13 08:18:11 ----A---- C:\WINDOWS\system32\devinv.dll
2014-11-13 08:18:11 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-11-13 08:18:11 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-11-13 08:18:10 ----A---- C:\WINDOWS\system32\aepic.dll
2014-11-13 08:18:08 ----A---- C:\WINDOWS\system32\shell32.dll
2014-11-13 08:18:06 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-11-13 08:18:06 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-11-13 08:18:04 ----A---- C:\WINDOWS\system32\twinui.dll
2014-11-13 08:18:04 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-13 08:18:03 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-13 08:18:03 ----A---- C:\WINDOWS\system32\localspl.dll
2014-11-13 08:18:03 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-11-13 08:18:02 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-11-13 08:18:02 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-13 08:18:01 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2014-11-13 08:18:01 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-11-13 08:18:01 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-11-13 08:18:01 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2014-11-13 08:18:00 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-11-13 08:17:59 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2014-11-13 08:17:59 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2014-11-13 08:17:59 ----A---- C:\WINDOWS\system32\puiobj.dll
2014-11-13 08:17:58 ----AC---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-11-13 08:17:57 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-11-13 08:17:57 ----A---- C:\WINDOWS\system32\untfs.dll
2014-11-13 08:17:57 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-13 08:17:57 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-11-13 08:17:55 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2014-11-13 08:17:55 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2014-11-11 09:16:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-09 21:55:00 ----D---- C:\Program Files (x86)\WinSCP
2014-11-05 08:42:56 ----D---- C:\Program Files (x86)\TONDACH2014
2014-11-02 18:33:15 ----RD---- C:\Program Files (x86)\Skype

======List of files/folders modified in the last 1 month======

2014-11-28 09:57:20 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2014-11-28 09:57:16 ----D---- C:\Program Files\trend micro
2014-11-28 09:57:13 ----D---- C:\WINDOWS\Temp
2014-11-28 09:43:19 ----D---- C:\WINDOWS\Microsoft.NET
2014-11-28 09:43:08 ----D---- C:\WINDOWS\Prefetch
2014-11-28 09:37:42 ----D---- C:\WINDOWS\system32\drivers
2014-11-28 09:37:39 ----D---- C:\WINDOWS\apppatch
2014-11-28 09:37:34 ----RD---- C:\Program Files (x86)
2014-11-28 09:22:17 ----D---- C:\WINDOWS\system32\sru
2014-11-27 20:48:23 ----RD---- C:\WINDOWS\System32
2014-11-27 20:48:23 ----D---- C:\WINDOWS\Inf
2014-11-27 20:48:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-27 18:35:51 ----D---- C:\Windows
2014-11-27 17:45:50 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-11-27 09:11:09 ----D---- C:\Users\Petr\AppData\Roaming\ClassicShell
2014-11-26 20:06:24 ----D---- C:\WINDOWS\system32\config
2014-11-26 19:59:02 ----D---- C:\WINDOWS\WinSxS
2014-11-26 19:59:02 ----D---- C:\WINDOWS\SysWOW64
2014-11-26 19:58:33 ----D---- C:\WINDOWS\CbsTemp
2014-11-26 19:58:20 ----SHD---- C:\System Volume Information
2014-11-26 15:26:25 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2014-11-26 08:37:21 ----D---- C:\WINDOWS\AppReadiness
2014-11-25 07:51:31 ----HD---- C:\Program Files\WindowsApps
2014-11-22 19:54:04 ----D---- C:\WINDOWS\SoftwareDistribution
2014-11-22 19:00:38 ----D---- C:\WINDOWS\debug
2014-11-22 08:48:02 ----SHD---- C:\WINDOWS\Installer
2014-11-21 22:31:14 ----D---- C:\WINDOWS\system32\DriverStore
2014-11-21 22:30:59 ----D---- C:\WINDOWS\system32\Tasks
2014-11-18 13:24:20 ----RD---- C:\WINDOWS\assembly
2014-11-18 12:49:48 ----D---- C:\WINDOWS\system32\catroot
2014-11-17 14:59:54 ----D---- C:\WINDOWS\rescache
2014-11-17 14:03:23 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-17 14:02:34 ----D---- C:\Program Files\Microsoft Office 15
2014-11-17 14:00:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-17 13:57:49 ----D---- C:\Program Files\Windows Defender
2014-11-17 13:57:49 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-17 13:57:48 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-11-17 13:57:48 ----D---- C:\WINDOWS\system32\wbem
2014-11-17 13:57:48 ----D---- C:\WINDOWS\system32\cs-CZ
2014-11-17 13:57:47 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-11-17 13:57:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-17 13:57:46 ----SD---- C:\WINDOWS\system32\CompatTel
2014-11-17 13:57:46 ----D---- C:\WINDOWS\system32\migration
2014-11-17 13:57:46 ----D---- C:\Program Files\Internet Explorer
2014-11-17 13:57:44 ----RD---- C:\WINDOWS\ToastData
2014-11-17 13:57:44 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-11-17 13:31:48 ----D---- C:\WINDOWS\system32\MRT
2014-11-17 13:28:38 ----A---- C:\WINDOWS\system32\MRT.exe
2014-11-15 08:35:35 ----D---- C:\WINDOWS\Tasks
2014-11-13 18:55:48 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2014-11-13 18:55:47 ----D---- C:\Users\Petr\AppData\Roaming\BitTorrent
2014-11-13 18:55:22 ----DC---- C:\WINDOWS\Panther
2014-11-13 18:55:21 ----D---- C:\WINDOWS\Minidump
2014-11-13 18:51:33 ----D---- C:\Program Files
2014-11-13 06:48:53 ----D---- C:\WINDOWS\system32\catroot2
2014-11-12 13:21:48 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2014-11-12 13:21:13 ----D---- C:\ProgramData\Skype
2014-11-11 19:58:41 ----D---- C:\Users\Petr\AppData\Roaming\Mozilla
2014-11-02 18:33:16 ----D---- C:\Program Files (x86)\Common Files
2014-10-30 12:25:26 ----N---- C:\WINDOWS\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-11-21 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-11-21 267632]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 157016]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2014-11-21 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-11-23 1050432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-11-21 436624]
R1 ccSet_NARA;NARA Settings Manager; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [2012-05-26 168608]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-08-02 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-08-02 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-08-02 62776]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-11-21 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-11-21 83280]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2014-11-21 116728]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-21 271752]
R3 dtsoftbus01;@oem17.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2013-12-17 283064]
R3 e1cexpress;@oem21.inf,%e1cExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c63x64.sys [2012-07-12 498032]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-07-10 4083600]
R3 IntcDAud;@oem20.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem10.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 RSUSBSTOR;@oem18.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-07-05 252048]
R3 SPPD;SPPD; \??\C:\WINDOWS\system32\drivers\SPPD.sys []
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
S3 ggflt;@oem86.inf,%SvcFltDesc%;SOMC USB Flash Driver Filter; C:\WINDOWS\System32\drivers\ggflt.sys [2014-10-16 16088]
S3 ggsomc;@oem86.inf,%SvcDesc%;SOMC USB Flash Driver; C:\WINDOWS\System32\drivers\ggsomc.sys [2014-10-16 30424]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-21 50344]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-01-24 2615368]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R2 CltMngSvc;Search Protect Service; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2014-11-10 3056960]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-07-13 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-08-15 3943104]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R2 tor;Tor Win32 Service; C:\Program Files (x86)\Tor\tor.exe [2013-09-06 3233806]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-21 4012248]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25 267440]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-04 116648]
S2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-04-03 1030600]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-04 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-11 114288]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-25 150600]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]

-----------------EOF-----------------

#4 Příspěvek od **Márty84** » 28 lis 2014 11:07

Odinstalujte Seznam Software a McAfee Security Scan

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Nehas · #5 Příspěvek od **Nehas** » 28 lis 2014 11:17

McAfee Security Scan jsem v programech nenašel..

#6 Příspěvek od **Márty84** » 28 lis 2014 11:23

Fajn, odpalim pak jeho zbytky skriptem. Pokracujte dale tim ADWCleanerem.

Nehas · #7 Příspěvek od **Nehas** » 28 lis 2014 11:27

# AdwCleaner v4.102 - Report created 28/11/2014 at 11:22:26
# Updated 23/11/2014 by Xplode
# Database : 2014-11-27.1 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : Petr - PECINI
# Running from : C:\Users\Petr\Desktop\adwcleaner_4.102.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : CltMngSvc
Service Deleted : SPPD

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Users\Petr\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Petr\AppData\Roaming\NCH Software

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mbcjjdjanpccmehilicphhmeobiljcpk
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Mozilla Firefox v33.1 (x86 cs)

[h6yooc5s.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3330789&octid ... 4-E993-4E2[...]
[h6yooc5s.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Trovi search");

-\\ Google Chrome v

[C:\Users\Helca\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
[C:\Users\Helca\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : geggofhlfbcmanadhknllmlajiafopoh

*************************

AdwCleaner[R0].txt - [1237 octets] - [09/02/2014 23:41:52]
AdwCleaner[R1].txt - [1295 octets] - [09/02/2014 23:43:44]
AdwCleaner[R2].txt - [1969 octets] - [20/06/2014 07:32:53]
AdwCleaner[R3].txt - [2479 octets] - [28/11/2014 11:19:34]
AdwCleaner[S0].txt - [1368 octets] - [09/02/2014 23:44:19]
AdwCleaner[S1].txt - [2054 octets] - [20/06/2014 07:41:05]
AdwCleaner[S2].txt - [2446 octets] - [28/11/2014 11:22:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2506 octets] ##########

#8 Příspěvek od **Márty84** » 29 lis 2014 02:34

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Nehas · #9 Příspěvek od **Nehas** » 30 lis 2014 08:56

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 30. 11. 2014
Scan Time: 8:33:52
Logfile: MBAMlog.txt
Administrator: Yes

Version: 0.00.0.0000
Malware Database: v2014.11.30.03
Rootkit Database: v2014.11.29.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Petr

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 682958
Time Elapsed: 1 hr, 25 min, 7 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

#10 Příspěvek od **Márty84** » 30 lis 2014 10:04

MBAM odinstalujte a dejte novy log z RSIT

Nehas · #11 Příspěvek od **Nehas** » 30 lis 2014 10:46

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2014-11-30 10:45:53
Microsoft Windows 8.1
System drive C: has 170 GB (37%) free of 465 GB
Total RAM: 3963 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:45:55, on 30. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\WINDOWS\syswow64\wwahost.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\IM Magician\vmonproc.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\IM Magician\Vicamon.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Petr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.usi-x.ctrnactka.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IMMON] "C:\Program Files (x86)\IM Magician\Vicamon.exe"
O4 - HKLM\..\Run: [IMMONSUPPORT] "C:\Program Files (x86)\IM Magician\vmonproc.exe" /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Lync] "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkey
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAA6C3B6-662B-4D14-BB64-EADB88213BFE} (IPCamPluginTM Control) - http://89.203.138.111:8080/IPCamPluginTM.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files (x86)\Tor\tor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11653 bytes

======Listing Processes======

wininit.exe

C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
dashost.exe {fe60b5fe-e315-4274-87fe9f3379740ded}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
taskeng.exe {F0B09544-BACD-4CF6-9E2C-DB2E523085F2}
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
ClassicStartMenu.exe -startup
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Tor\tor.exe" --nt-service "-ControlPort" "9051"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\WINDOWS\syswow64\wwahost.exe" -ServerName:App.wwa
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
ngservice.exe pipeserver
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\IM Magician\vmonproc.exe" /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\IM Magician\Vicamon.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\WINDOWS\system32\msiexec.exe /V
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 580 584 592 65536 588

"C:\Users\Petr\Downloads\RSITx64(1).exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Nehas · #12 Příspěvek od **Nehas** » 30 lis 2014 10:50

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001Core.job - C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001UA.job - C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h6yooc5s.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll

C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h6yooc5s.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-10-14 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-03-30 803008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-21 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-10-14 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-03-30 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-10-14 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-03-30 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-21 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-10-14 1729752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-03-30 440000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-03-30 803008]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-03-30 683200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-29 442328]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-03-30 161984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Lync"=C:\Program Files\Microsoft Office 15\root\office15\lync.exe [2014-10-14 19051160]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Google Update"=C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-03 116648]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-10-21 22869088]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"uTorrent"=C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe [2014-11-28 1389648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2012-08-15 2994880]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-11-21 5226600]
"IMMON"=C:\Program Files (x86)\IM Magician\Vicamon.exe [2010-09-28 143360]
"IMMONSUPPORT"=C:\Program Files (x86)\IM Magician\vmonproc.exe [2010-09-28 233472]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-29 442880]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2014-11-29 11:26:12 ----SHD---- C:\Config.Msi
2014-11-29 10:21:15 ----D---- C:\ProgramData\Malwarebytes
2014-11-28 09:57:13 ----D---- C:\rsit
2014-11-22 08:31:52 ----D---- C:\WINDOWS\SYSWOW64\vbox
2014-11-22 08:31:52 ----D---- C:\WINDOWS\system32\vbox
2014-11-21 22:30:55 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-11-21 22:30:50 ----A---- C:\WINDOWS\avastSS.scr
2014-11-19 11:48:36 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2014-11-19 11:48:36 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2014-11-19 11:48:36 ----A---- C:\WINDOWS\system32\kerberos.dll
2014-11-19 11:48:35 ----A---- C:\WINDOWS\system32\pku2u.dll
2014-11-17 14:02:04 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-11-13 18:51:33 ----D---- C:\Program Files\CCleaner
2014-11-13 08:23:20 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-11-13 08:23:20 ----A---- C:\WINDOWS\system32\schannel.dll
2014-11-13 08:23:19 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2014-11-13 08:23:19 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2014-11-13 08:23:19 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2014-11-13 08:22:28 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-11-13 08:22:28 ----A---- C:\WINDOWS\system32\msi.dll
2014-11-13 08:22:27 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-11-13 08:22:27 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-11-13 08:22:27 ----A---- C:\WINDOWS\system32\authui.dll
2014-11-13 08:22:26 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll
2014-11-13 08:22:26 ----A---- C:\WINDOWS\system32\consent.exe
2014-11-13 08:22:26 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-11-13 08:22:21 ----A---- C:\WINDOWS\system32\user32.dll
2014-11-13 08:22:20 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2014-11-13 08:22:20 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-11-13 08:22:19 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-11-13 08:22:18 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-11-13 08:22:16 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2014-11-13 08:22:16 ----A---- C:\WINDOWS\system32\winshfhc.dll
2014-11-13 08:21:41 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-11-13 08:21:40 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-11-13 08:21:01 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-11-13 08:20:54 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-11-13 08:20:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-11-13 08:20:47 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-11-13 08:20:45 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-11-13 08:20:45 ----A---- C:\WINDOWS\system32\wininet.dll
2014-11-13 08:20:44 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-11-13 08:20:44 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-11-13 08:20:44 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-11-13 08:20:43 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2014-11-13 08:20:43 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-11-13 08:20:43 ----A---- C:\WINDOWS\system32\inetcomm.dll
2014-11-13 08:20:43 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-11-13 08:20:42 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2014-11-13 08:20:42 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-11-13 08:20:41 ----A---- C:\WINDOWS\system32\jscript.dll
2014-11-13 08:20:41 ----A---- C:\WINDOWS\system32\ieui.dll
2014-11-13 08:20:40 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-11-13 08:20:40 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-11-13 08:20:40 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2014-11-13 08:20:40 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-11-13 08:20:39 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-11-13 08:20:39 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-11-13 08:20:38 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-11-13 08:20:38 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-11-13 08:20:37 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-11-13 08:20:37 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-11-13 08:20:37 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-11-13 08:20:37 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-11-13 08:20:35 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2014-11-13 08:20:35 ----A---- C:\WINDOWS\system32\webcheck.dll
2014-11-13 08:20:35 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-13 08:20:34 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-11-13 08:20:33 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-11-13 08:20:33 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2014-11-13 08:20:33 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-11-13 08:20:32 ----A---- C:\WINDOWS\system32\msrating.dll
2014-11-13 08:20:32 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-11-13 08:20:32 ----A---- C:\WINDOWS\system32\iesysprep.dll
2014-11-13 08:20:32 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-11-13 08:20:32 ----A---- C:\WINDOWS\system32\hlink.dll
2014-11-13 08:20:31 ----A---- C:\WINDOWS\SYSWOW64\inseng.dll
2014-11-13 08:20:31 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-11-13 08:20:31 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2014-11-13 08:20:31 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2014-11-13 08:20:31 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-11-13 08:20:31 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-11-13 08:20:31 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-11-13 08:20:30 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-11-13 08:20:30 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-13 08:20:30 ----A---- C:\WINDOWS\system32\inseng.dll
2014-11-13 08:20:29 ----A---- C:\WINDOWS\SYSWOW64\occache.dll
2014-11-13 08:20:29 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-11-13 08:20:29 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll
2014-11-13 08:20:29 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-11-13 08:20:29 ----A---- C:\WINDOWS\SYSWOW64\IEAdvpack.dll
2014-11-13 08:20:29 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-11-13 08:20:29 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-11-13 08:20:28 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-13 08:20:28 ----A---- C:\WINDOWS\SYSWOW64\iexpress.exe
2014-11-13 08:20:28 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-11-13 08:20:27 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-11-13 08:20:27 ----A---- C:\WINDOWS\SYSWOW64\imgutil.dll
2014-11-13 08:20:27 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-11-13 08:20:27 ----A---- C:\WINDOWS\system32\occache.dll
2014-11-13 08:20:27 ----A---- C:\WINDOWS\system32\imgutil.dll
2014-11-13 08:20:26 ----A---- C:\WINDOWS\SYSWOW64\pngfilt.dll
2014-11-13 08:20:26 ----A---- C:\WINDOWS\SYSWOW64\licmgr10.dll
2014-11-13 08:20:26 ----A---- C:\WINDOWS\system32\pngfilt.dll
2014-11-13 08:20:26 ----A---- C:\WINDOWS\system32\licmgr10.dll
2014-11-13 08:20:25 ----A---- C:\WINDOWS\SYSWOW64\wextract.exe
2014-11-13 08:20:25 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-11-13 08:20:25 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-11-13 08:20:25 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-11-13 08:20:24 ----A---- C:\WINDOWS\SYSWOW64\url.dll
2014-11-13 08:20:24 ----A---- C:\WINDOWS\system32\wextract.exe
2014-11-13 08:20:24 ----A---- C:\WINDOWS\system32\url.dll
2014-11-13 08:20:24 ----A---- C:\WINDOWS\system32\IEAdvpack.dll
2014-11-13 08:20:23 ----A---- C:\WINDOWS\SYSWOW64\mshta.exe
2014-11-13 08:20:23 ----A---- C:\WINDOWS\SYSWOW64\msfeedssync.exe
2014-11-13 08:20:23 ----A---- C:\WINDOWS\system32\iexpress.exe
2014-11-13 08:20:23 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-11-13 08:20:22 ----A---- C:\WINDOWS\system32\mshta.exe
2014-11-13 08:20:22 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2014-11-13 08:19:34 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-11-13 08:19:33 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-11-13 08:19:33 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-11-13 08:19:33 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-11-13 08:19:33 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-11-13 08:19:33 ----A---- C:\WINDOWS\system32\certcli.dll
2014-11-13 08:19:32 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2014-11-13 08:19:32 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2014-11-13 08:19:32 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2014-11-13 08:19:32 ----A---- C:\WINDOWS\system32\adtschema.dll
2014-11-13 08:19:31 ----A---- C:\WINDOWS\SYSWOW64\msaudite.dll
2014-11-13 08:19:31 ----A---- C:\WINDOWS\system32\rdpudd.dll
2014-11-13 08:19:31 ----A---- C:\WINDOWS\system32\msaudite.dll
2014-11-13 08:19:07 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2014-11-13 08:19:07 ----A---- C:\WINDOWS\system32\oleaut32.dll
2014-11-13 08:19:04 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-11-13 08:19:04 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-11-13 08:19:03 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-11-13 08:19:03 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-11-13 08:19:03 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-11-13 08:19:03 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-11-13 08:19:03 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-13 08:19:03 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-11-13 08:19:02 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-11-13 08:19:02 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-11-13 08:19:02 ----A---- C:\WINDOWS\system32\wups2.dll
2014-11-13 08:19:02 ----A---- C:\WINDOWS\system32\wups.dll
2014-11-13 08:19:02 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-11-13 08:19:02 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-11-13 08:19:02 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-11-13 08:19:01 ----A---- C:\WINDOWS\system32\wuaext.dll
2014-11-13 08:18:20 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-11-13 08:18:19 ----A---- C:\WINDOWS\system32\msxml3.dll
2014-11-13 08:18:17 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-11-13 08:18:17 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-11-13 08:18:17 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-11-13 08:18:17 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-13 08:18:16 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-11-13 08:18:16 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-11-13 08:18:16 ----A---- C:\WINDOWS\system32\EncDump.dll
2014-11-13 08:18:16 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-11-13 08:18:16 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-13 08:18:16 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-11-13 08:18:15 ----A---- C:\WINDOWS\system32\win32k.sys
2014-11-13 08:18:12 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-11-13 08:18:12 ----A---- C:\WINDOWS\system32\packager.dll
2014-11-13 08:18:11 ----A---- C:\WINDOWS\system32\generaltel.dll
2014-11-13 08:18:11 ----A---- C:\WINDOWS\system32\devinv.dll
2014-11-13 08:18:11 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-11-13 08:18:11 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-11-13 08:18:10 ----A---- C:\WINDOWS\system32\aepic.dll
2014-11-13 08:18:08 ----A---- C:\WINDOWS\system32\shell32.dll
2014-11-13 08:18:06 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-11-13 08:18:06 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-11-13 08:18:04 ----A---- C:\WINDOWS\system32\twinui.dll
2014-11-13 08:18:04 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-13 08:18:03 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-13 08:18:03 ----A---- C:\WINDOWS\system32\localspl.dll
2014-11-13 08:18:03 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-11-13 08:18:02 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-11-13 08:18:02 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-13 08:18:01 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2014-11-13 08:18:01 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-11-13 08:18:01 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-11-13 08:18:01 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2014-11-13 08:18:00 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-11-13 08:17:59 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2014-11-13 08:17:59 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2014-11-13 08:17:59 ----A---- C:\WINDOWS\system32\puiobj.dll
2014-11-13 08:17:58 ----AC---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-11-13 08:17:57 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-11-13 08:17:57 ----A---- C:\WINDOWS\system32\untfs.dll
2014-11-13 08:17:57 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-13 08:17:57 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-11-13 08:17:55 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2014-11-13 08:17:55 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2014-11-11 09:16:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-09 21:55:00 ----D---- C:\Program Files (x86)\WinSCP
2014-11-05 08:42:56 ----D---- C:\Program Files (x86)\TONDACH2014
2014-11-02 18:33:15 ----RD---- C:\Program Files (x86)\Skype

======List of files/folders modified in the last 1 month======

2014-11-30 10:45:54 ----D---- C:\Program Files\trend micro
2014-11-30 10:44:39 ----SHD---- C:\WINDOWS\Installer
2014-11-30 10:44:39 ----D---- C:\WINDOWS\Temp
2014-11-30 10:44:29 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-11-30 10:43:43 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2014-11-30 10:43:28 ----D---- C:\WINDOWS\Prefetch
2014-11-30 10:42:57 ----RD---- C:\WINDOWS\System32
2014-11-30 10:41:06 ----D---- C:\WINDOWS\system32\catroot2
2014-11-30 10:40:44 ----RD---- C:\Program Files (x86)
2014-11-30 10:40:39 ----D---- C:\Users\Petr\AppData\Roaming\ClassicShell
2014-11-30 10:40:37 ----D---- C:\WINDOWS\system32\drivers
2014-11-30 10:02:00 ----D---- C:\WINDOWS\system32\sru
2014-11-30 08:32:50 ----D---- C:\WINDOWS\Microsoft.NET
2014-11-29 11:37:19 ----D---- C:\WINDOWS\Inf
2014-11-29 11:37:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-29 10:21:15 ----HD---- C:\ProgramData
2014-11-28 14:59:09 ----SHD---- C:\System Volume Information
2014-11-28 14:56:18 ----D---- C:\WINDOWS\system32\config
2014-11-28 11:23:49 ----D---- C:\Windows
2014-11-28 11:22:30 ----D---- C:\AdwCleaner
2014-11-28 11:15:12 ----D---- C:\Users\Petr\AppData\Roaming\Seznam.cz
2014-11-28 11:14:38 ----D---- C:\Program Files (x86)\Seznam.cz
2014-11-28 09:37:39 ----D---- C:\WINDOWS\apppatch
2014-11-26 19:59:02 ----D---- C:\WINDOWS\WinSxS
2014-11-26 19:59:02 ----D---- C:\WINDOWS\SysWOW64
2014-11-26 19:58:33 ----D---- C:\WINDOWS\CbsTemp
2014-11-26 15:26:25 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2014-11-26 08:37:21 ----D---- C:\WINDOWS\AppReadiness
2014-11-25 07:51:31 ----HD---- C:\Program Files\WindowsApps
2014-11-22 19:54:04 ----D---- C:\WINDOWS\SoftwareDistribution
2014-11-22 19:00:38 ----D---- C:\WINDOWS\debug
2014-11-21 22:31:14 ----D---- C:\WINDOWS\system32\DriverStore
2014-11-21 22:30:59 ----D---- C:\WINDOWS\system32\Tasks
2014-11-18 13:24:20 ----RD---- C:\WINDOWS\assembly
2014-11-18 12:49:48 ----D---- C:\WINDOWS\system32\catroot
2014-11-17 14:59:54 ----D---- C:\WINDOWS\rescache
2014-11-17 14:03:23 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-17 14:02:34 ----D---- C:\Program Files\Microsoft Office 15
2014-11-17 14:00:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-17 13:57:49 ----D---- C:\Program Files\Windows Defender
2014-11-17 13:57:49 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-17 13:57:48 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-11-17 13:57:48 ----D---- C:\WINDOWS\system32\wbem
2014-11-17 13:57:48 ----D---- C:\WINDOWS\system32\cs-CZ
2014-11-17 13:57:47 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-11-17 13:57:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-17 13:57:46 ----SD---- C:\WINDOWS\system32\CompatTel
2014-11-17 13:57:46 ----D---- C:\WINDOWS\system32\migration
2014-11-17 13:57:46 ----D---- C:\Program Files\Internet Explorer
2014-11-17 13:57:44 ----RD---- C:\WINDOWS\ToastData
2014-11-17 13:57:44 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-11-17 13:31:48 ----D---- C:\WINDOWS\system32\MRT
2014-11-17 13:28:38 ----A---- C:\WINDOWS\system32\MRT.exe
2014-11-15 08:35:35 ----D---- C:\WINDOWS\Tasks
2014-11-13 18:55:48 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2014-11-13 18:55:47 ----D---- C:\Users\Petr\AppData\Roaming\BitTorrent
2014-11-13 18:55:22 ----DC---- C:\WINDOWS\Panther
2014-11-13 18:55:21 ----D---- C:\WINDOWS\Minidump
2014-11-13 18:51:33 ----D---- C:\Program Files
2014-11-12 13:21:48 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2014-11-12 13:21:13 ----D---- C:\ProgramData\Skype
2014-11-11 19:58:41 ----D---- C:\Users\Petr\AppData\Roaming\Mozilla
2014-11-02 18:33:16 ----D---- C:\Program Files (x86)\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-11-21 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-11-21 267632]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 157016]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2014-11-21 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-11-23 1050432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-11-21 436624]
R1 ccSet_NARA;NARA Settings Manager; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [2012-05-26 168608]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-08-02 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-08-02 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-08-02 62776]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-11-21 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-11-21 83280]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2014-11-21 116728]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-21 271752]
R3 dtsoftbus01;@oem17.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2013-12-17 283064]
R3 e1cexpress;@oem21.inf,%e1cExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c63x64.sys [2012-07-12 498032]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-07-10 4083600]
R3 IntcDAud;@oem20.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem10.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 RSUSBSTOR;@oem18.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-07-05 252048]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
S3 ggflt;@oem86.inf,%SvcFltDesc%;SOMC USB Flash Driver Filter; C:\WINDOWS\System32\drivers\ggflt.sys [2014-10-16 16088]
S3 ggsomc;@oem86.inf,%SvcDesc%;SOMC USB Flash Driver; C:\WINDOWS\System32\drivers\ggsomc.sys [2014-10-16 30424]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-21 50344]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-01-24 2615368]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-07-13 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-08-15 3943104]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R2 tor;Tor Win32 Service; C:\Program Files (x86)\Tor\tor.exe [2013-09-06 3233806]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-21 4012248]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25 267440]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-04 116648]
S2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-04-03 1030600]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-04 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-11 114288]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-25 150600]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]

-----------------EOF-----------------

#13 Příspěvek od **Márty84** » 30 lis 2014 10:56

Jeste jeden sken a budem mazat.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Nehas · #14 Příspěvek od **Nehas** » 30 lis 2014 13:50

OTL logfile created on: 30. 11. 2014 12:47:38 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17416)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,87 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 58,87% Memory free
6,00 Gb Paging File | 4,16 Gb Available in Paging File | 69,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,75 Gb Total Space | 166,15 Gb Free Space | 36,62% Space Free | Partition Type: NTFS
Drive D: | 454,61 Gb Total Space | 439,95 Gb Free Space | 96,77% Space Free | Partition Type: NTFS

Computer Name: PECINI | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/11/30 12:45:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
PRC - [2014/11/25 20:10:09 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
PRC - [2014/11/21 22:31:08 | 005,226,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/11/21 22:30:47 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/11/15 08:35:30 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
PRC - [2014/11/11 09:16:27 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/10/21 17:52:24 | 022,869,088 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014/09/12 19:14:55 | 013,559,056 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
PRC - [2014/09/12 19:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/09/12 19:00:53 | 000,229,648 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
PRC - [2014/09/12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/09/06 07:48:19 | 003,233,806 | ---- | M] () -- C:\Program Files (x86)\Tor\tor.exe
PRC - [2013/01/24 16:30:10 | 002,615,368 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
PRC - [2012/07/19 03:36:40 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/19 03:36:38 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/19 03:36:18 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/06 01:50:26 | 000,553,616 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
PRC - [2012/07/04 18:57:44 | 000,990,320 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2010/09/28 17:49:22 | 000,143,360 | ---- | M] (Vimisoft Studio) -- C:\Program Files (x86)\IM Magician\vicamon.exe
PRC - [2010/09/28 17:46:38 | 000,233,472 | ---- | M] (Vimisoft Studio) -- C:\Program Files (x86)\IM Magician\vmonproc.exe

========== Modules (No Company Name) ==========

MOD - [2014/11/30 10:42:58 | 000,805,888 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\wx._gdi_.pyd
MOD - [2014/11/30 10:42:58 | 000,027,136 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\_multiprocessing.pyd
MOD - [2014/11/30 10:42:58 | 000,007,168 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\hashobjs_ext.pyd
MOD - [2014/11/30 10:42:57 | 001,160,704 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\_ssl.pyd
MOD - [2014/11/30 10:42:57 | 001,062,400 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\wx._controls_.pyd
MOD - [2014/11/30 10:42:57 | 000,811,008 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\wx._windows_.pyd
MOD - [2014/11/30 10:42:57 | 000,713,216 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\_hashlib.pyd
MOD - [2014/11/30 10:42:57 | 000,686,080 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\unicodedata.pyd
MOD - [2014/11/30 10:42:57 | 000,110,080 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\pywintypes27.dll
MOD - [2014/11/30 10:42:57 | 000,070,656 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\wx._html2.pyd
MOD - [2014/11/30 10:42:57 | 000,025,600 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\win32pdh.pyd
MOD - [2014/11/30 10:42:57 | 000,024,064 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\win32pipe.pyd
MOD - [2014/11/30 10:42:57 | 000,018,432 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\win32event.pyd
MOD - [2014/11/30 10:42:57 | 000,010,240 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\select.pyd
MOD - [2014/11/30 10:42:56 | 001,175,040 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\wx._core_.pyd
MOD - [2014/11/30 10:42:56 | 000,735,232 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\wx._misc_.pyd
MOD - [2014/11/30 10:42:56 | 000,557,056 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\pysqlite2._sqlite.pyd
MOD - [2014/11/30 10:42:56 | 000,525,640 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\windows._lib_cacheinvalidation.pyd
MOD - [2014/11/30 10:42:56 | 000,364,544 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\pythoncom27.dll
MOD - [2014/11/30 10:42:56 | 000,320,512 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\win32com.shell.shell.pyd
MOD - [2014/11/30 10:42:56 | 000,167,936 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\win32gui.pyd
MOD - [2014/11/30 10:42:56 | 000,128,512 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\_elementtree.pyd
MOD - [2014/11/30 10:42:56 | 000,127,488 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\pyexpat.pyd
MOD - [2014/11/30 10:42:56 | 000,122,368 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\wx._wizard.pyd
MOD - [2014/11/30 10:42:56 | 000,119,808 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\win32file.pyd
MOD - [2014/11/30 10:42:56 | 000,108,544 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\win32security.pyd
MOD - [2014/11/30 10:42:56 | 000,098,816 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\win32api.pyd
MOD - [2014/11/30 10:42:56 | 000,087,552 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\_ctypes.pyd
MOD - [2014/11/30 10:42:56 | 000,078,336 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\wx._animate.pyd
MOD - [2014/11/30 10:42:56 | 000,045,568 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\_socket.pyd
MOD - [2014/11/30 10:42:56 | 000,038,912 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\win32inet.pyd
MOD - [2014/11/30 10:42:56 | 000,035,840 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\win32process.pyd
MOD - [2014/11/30 10:42:56 | 000,022,528 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\win32ts.pyd
MOD - [2014/11/30 10:42:56 | 000,017,408 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\win32profile.pyd
MOD - [2014/11/30 10:42:56 | 000,011,264 | ---- | M] () -- C:\Users\Petr\AppData\Local\Temp\_MEI41842\win32crypt.pyd
MOD - [2014/11/25 20:10:09 | 016,841,392 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
MOD - [2014/11/21 22:30:49 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/11/11 09:16:26 | 003,649,648 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/11/21 22:30:47 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/11/21 22:30:41 | 004,012,248 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2014/10/31 05:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/10/30 01:24:10 | 002,443,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/10/07 02:54:27 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/09/22 04:05:56 | 000,368,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/09/22 04:05:56 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/08/16 04:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/16 01:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/16 01:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/24 08:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/03/14 07:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 06:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 08:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/22 16:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 10:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 10:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 10:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 10:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/12/10 08:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/08/22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/04/03 20:44:07 | 001,030,600 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2012/08/23 04:02:36 | 000,658,576 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2012/06/20 03:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2014/11/25 20:10:10 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/11 09:16:26 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/12 19:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014/09/12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/16 04:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/04/03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/03/14 07:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/01/29 23:02:44 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/09/06 07:48:19 | 003,233,806 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Tor\tor.exe -- (tor)
SRV - [2013/08/22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2013/01/24 16:30:10 | 002,615,368 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe -- (CCDMonitorService)
SRV - [2012/08/15 19:44:50 | 003,943,104 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2012/07/19 03:36:40 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/19 03:36:38 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/19 03:36:18 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/13 10:02:16 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/11/26 00:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/11/23 10:31:01 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/11/21 22:30:52 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/11/21 22:30:52 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/11/21 22:30:52 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/11/21 22:30:52 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/11/21 22:30:52 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/11/21 22:30:52 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/11/21 22:30:52 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/11/21 22:30:41 | 000,271,752 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2014/10/16 12:17:06 | 000,030,424 | ---- | M] (Sony Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsomc.sys -- (ggsomc)
DRV:64bit: - [2014/10/16 12:17:06 | 000,016,088 | ---- | M] (Sony Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2014/10/10 02:58:57 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/09/22 04:06:16 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/09/22 04:06:16 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/09/22 03:49:43 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/08/15 01:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 16:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 16:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 12:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/01 14:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/03/20 04:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 13:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 21:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/02/22 17:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 16:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 16:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 16:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 16:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 13:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/29 23:02:28 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/01/02 11:25:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/01/02 11:25:47 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/01/02 11:25:47 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/12/17 11:36:25 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/11/14 13:46:08 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 13:39:18 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 13:26:16 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2012/08/02 16:17:42 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2012/08/02 16:17:42 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2012/08/02 16:17:42 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2012/07/12 22:46:14 | 000,498,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c63x64.sys -- (e1cexpress)
DRV:64bit: - [2012/07/09 21:43:12 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/05 04:18:06 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2012/07/02 08:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 00:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/05/26 01:56:14 | 000,168,608 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NARAx64\0401000.00E\ccSetx64.sys -- (ccSet_NARA)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{92C055F5-CB0B-4329-8D59-82C54FAEE6FF}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{92C055F5-CB0B-4329-8D59-82C54FAEE6FF}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MAARJS

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.usi-x.ctrnactka.cz/
IE - HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\..\SearchScopes\{C4E01640-2E2E-4150-B191-B248E9DA0090}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Petr\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Petr\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Petr\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Petr\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/11/21 22:30:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/08/03 08:44:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\mozilla\Extensions
[2014/11/13 09:49:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\mozilla\Firefox\Profiles\h6yooc5s.default\Extensions
[2014/06/04 13:06:05 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\Petr\AppData\Roaming\mozilla\Firefox\Profiles\h6yooc5s.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2014/11/13 09:49:29 | 000,979,699 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\mozilla\firefox\profiles\h6yooc5s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/11/11 09:16:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/11/11 09:16:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.910.433.1_0\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.7.1_0\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/08/03 11:28:48 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2:64bit: - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O4:64bit: - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IMMON] C:\Program Files (x86)\IM Magician\Vicamon.exe (Vimisoft Studio)
O4 - HKLM..\Run: [IMMONSUPPORT] C:\Program Files (x86)\IM Magician\vmonproc.exe (Vimisoft Studio)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKU\S-1-5-21-3697592394-1657936854-2325889698-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-3697592394-1657936854-2325889698-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-3697592394-1657936854-2325889698-1001..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-3697592394-1657936854-2325889698-1001..\Run: [Lync] C:\Program Files\Microsoft Office 15\root\office15\lync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3697592394-1657936854-2325889698-1001..\Run: [uTorrent] C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {CAA6C3B6-662B-4D14-BB64-EADB88213BFE} http://89.203.138.111:8080/IPCamPluginTM.cab (IPCamPluginTM Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.92.0.5 10.92.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A79D757C-DDED-4C37-A8CF-2F7BF90433FE}: DhcpNameServer = 10.92.0.5 10.92.0.1
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - C:\WINDOWS\SysWow64\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\SysWow64\mpg4c32.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/11/30 12:45:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2014/11/29 11:26:12 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/11/29 10:21:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/11/28 09:57:13 | 000,000,000 | ---D | C] -- C:\rsit
[2014/11/22 08:31:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\vbox
[2014/11/22 08:31:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\vbox
[2014/11/21 22:30:55 | 000,364,512 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2014/11/21 22:30:50 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/11/17 14:02:05 | 000,106,976 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/11/17 14:02:04 | 000,714,208 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/11/13 18:51:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/11/13 18:51:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/11/13 08:23:19 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2014/11/13 08:23:19 | 000,104,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2014/11/13 08:23:19 | 000,088,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2014/11/13 08:22:28 | 003,320,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2014/11/13 08:22:27 | 002,773,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/11/13 08:22:27 | 002,459,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/11/13 08:22:27 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll
[2014/11/13 08:22:26 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll
[2014/11/13 08:22:26 | 000,116,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2014/11/13 08:22:21 | 001,519,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2014/11/13 08:22:20 | 000,258,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014/11/13 08:22:19 | 000,114,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014/11/13 08:22:18 | 000,035,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014/11/13 08:22:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll
[2014/11/13 08:22:16 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll
[2014/11/13 08:20:49 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/11/13 08:20:43 | 002,865,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/11/13 08:20:42 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/11/13 08:20:42 | 000,661,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2014/11/13 08:20:41 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2014/11/13 08:20:41 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2014/11/13 08:20:40 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/11/13 08:20:40 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/11/13 08:20:40 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2014/11/13 08:20:39 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/11/13 08:20:38 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/11/13 08:20:38 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/11/13 08:20:38 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/11/13 08:20:37 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/11/13 08:20:37 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/11/13 08:20:37 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/11/13 08:20:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/11/13 08:20:33 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2014/11/13 08:20:33 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/11/13 08:20:32 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/11/13 08:20:32 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/11/13 08:20:32 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/11/13 08:20:32 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll
[2014/11/13 08:20:32 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2014/11/13 08:20:31 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2014/11/13 08:20:31 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2014/11/13 08:20:31 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/11/13 08:20:31 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/11/13 08:20:31 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inseng.dll
[2014/11/13 08:20:31 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll
[2014/11/13 08:20:30 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2014/11/13 08:20:30 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll
[2014/11/13 08:20:30 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2014/11/13 08:20:30 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014/11/13 08:20:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2014/11/13 08:20:29 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2014/11/13 08:20:29 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IEAdvpack.dll
[2014/11/13 08:20:29 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/11/13 08:20:29 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/11/13 08:20:28 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iexpress.exe
[2014/11/13 08:20:28 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2014/11/13 08:20:28 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014/11/13 08:20:27 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll
[2014/11/13 08:20:27 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2014/11/13 08:20:27 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imgutil.dll
[2014/11/13 08:20:27 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/11/13 08:20:26 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pngfilt.dll
[2014/11/13 08:20:26 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pngfilt.dll
[2014/11/13 08:20:26 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licmgr10.dll
[2014/11/13 08:20:26 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll
[2014/11/13 08:20:25 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wextract.exe
[2014/11/13 08:20:25 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/11/13 08:20:25 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/11/13 08:20:25 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/11/13 08:20:24 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll
[2014/11/13 08:20:24 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2014/11/13 08:20:24 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wextract.exe
[2014/11/13 08:20:24 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IEAdvpack.dll
[2014/11/13 08:20:23 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iexpress.exe
[2014/11/13 08:20:23 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/11/13 08:20:23 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe
[2014/11/13 08:20:22 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshta.exe
[2014/11/13 08:20:22 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe
[2014/11/13 08:19:34 | 003,547,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2014/11/13 08:19:33 | 001,441,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/11/13 08:19:33 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2014/11/13 08:19:33 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2014/11/13 08:19:32 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2014/11/13 08:19:32 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2014/11/13 08:19:32 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll
[2014/11/13 08:19:32 | 000,027,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2014/11/13 08:19:31 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msaudite.dll
[2014/11/13 08:19:31 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msaudite.dll
[2014/11/13 08:19:31 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2014/11/13 08:19:07 | 000,789,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/11/13 08:19:04 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/11/13 08:19:03 | 001,714,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/11/13 08:19:03 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/11/13 08:19:03 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/11/13 08:19:03 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014/11/13 08:19:03 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014/11/13 08:19:03 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/11/13 08:19:02 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/11/13 08:19:02 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/11/13 08:19:02 | 000,055,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/11/13 08:19:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2014/11/13 08:19:02 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014/11/13 08:19:02 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014/11/13 08:19:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014/11/13 08:19:01 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll
[2014/11/13 08:18:17 | 000,500,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014/11/13 08:18:17 | 000,394,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/11/13 08:18:17 | 000,344,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/11/13 08:18:16 | 000,482,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014/11/13 08:18:16 | 000,272,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014/11/13 08:18:16 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/11/13 08:18:16 | 000,108,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll
[2014/11/13 08:18:12 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\packager.dll
[2014/11/13 08:18:12 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.dll
[2014/11/13 08:18:11 | 000,537,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014/11/13 08:18:11 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2014/11/13 08:18:11 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2014/11/13 08:18:11 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014/11/13 08:18:10 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2014/11/13 08:18:06 | 007,484,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/11/13 08:18:04 | 013,424,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/11/13 08:18:04 | 002,714,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/11/13 08:18:03 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/11/13 08:18:03 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/11/13 08:18:02 | 011,820,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/11/13 08:18:02 | 000,836,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/11/13 08:18:01 | 000,822,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2014/11/13 08:18:01 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/11/13 08:18:01 | 000,670,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/11/13 08:18:01 | 000,474,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2014/11/13 08:17:59 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2014/11/13 08:17:59 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2014/11/13 08:17:57 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMEX.dll
[2014/11/13 08:17:57 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2014/11/13 08:17:57 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2014/11/13 08:17:57 | 000,428,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/11/13 08:17:55 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSAPI.dll
[2014/11/13 08:17:55 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSAPI.dll
[2014/11/11 09:16:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/11/09 21:55:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinSCP
[2014/11/05 08:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TONDACH
[2014/11/05 08:42:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TONDACH2014
[2014/11/02 18:33:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/11/02 18:33:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/11/02 18:33:15 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

Nehas · #15 Příspěvek od **Nehas** » 30 lis 2014 13:51

========== Files - Modified Within 30 Days ==========

[2014/11/30 12:49:41 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/11/30 12:45:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2014/11/30 12:40:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/11/30 12:10:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/11/30 12:04:00 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001UA.job
[2014/11/30 10:49:23 | 001,745,984 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/11/30 10:49:23 | 000,738,682 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2014/11/30 10:49:23 | 000,722,278 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/11/30 10:49:23 | 000,151,404 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2014/11/30 10:49:23 | 000,135,394 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/11/30 10:43:55 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/11/30 10:41:52 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/11/30 10:41:50 | 3324,477,440 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/28 11:18:14 | 002,148,864 | ---- | M] () -- C:\Users\Petr\Desktop\adwcleaner_4.102.exe
[2014/11/28 09:37:17 | 000,000,898 | ---- | M] () -- C:\Users\Petr\Desktop\µTorrent.lnk
[2014/11/26 17:04:01 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001Core.job
[2014/11/26 09:05:37 | 000,002,419 | ---- | M] () -- C:\Users\Petr\Desktop\Google Chrome.lnk
[2014/11/23 10:31:01 | 001,050,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsnx.sys
[2014/11/21 22:31:19 | 000,001,944 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/11/21 22:30:52 | 000,436,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys
[2014/11/21 22:30:52 | 000,364,512 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2014/11/21 22:30:52 | 000,267,632 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2014/11/21 22:30:52 | 000,116,728 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswstm.sys
[2014/11/21 22:30:52 | 000,093,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2014/11/21 22:30:52 | 000,083,280 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2014/11/21 22:30:52 | 000,065,776 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2014/11/21 22:30:52 | 000,029,208 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2014/11/21 22:30:50 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/11/20 21:51:37 | 000,714,208 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/11/20 21:51:37 | 000,106,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/11/17 14:01:11 | 000,569,448 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/11/15 08:35:35 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/11/13 18:51:36 | 000,000,798 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/11/09 21:56:59 | 000,000,600 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\winscp.rnd
[2014/11/09 21:55:03 | 000,000,999 | ---- | M] () -- C:\Users\Public\Desktop\WinSCP.lnk
[2014/11/09 18:29:06 | 000,062,895 | ---- | M] () -- C:\Users\Petr\Desktop\qos.conf
[2014/11/05 08:42:57 | 000,001,190 | ---- | M] () -- C:\Users\Petr\Desktop\Střechy a stěny TONDACH 2014.lnk
[2014/11/05 00:38:37 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014/11/04 01:10:18 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2014/11/02 18:33:16 | 000,002,549 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/11/30 12:49:41 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/11/28 11:18:08 | 002,148,864 | ---- | C] () -- C:\Users\Petr\Desktop\adwcleaner_4.102.exe
[2014/11/28 09:37:17 | 000,000,898 | ---- | C] () -- C:\Users\Petr\Desktop\µTorrent.lnk
[2014/11/21 22:31:19 | 000,001,944 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/11/13 18:51:36 | 000,000,798 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/11/13 08:17:53 | 000,389,176 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/11/12 21:05:08 | 188,473,299 | ---- | C] () -- C:\Users\Petr\Desktop\UEU Manual 2012.pdf
[2014/11/12 21:00:14 | 116,711,276 | ---- | C] () -- C:\Users\Petr\Desktop\TheraSuit Manual 2012_2.pdf
[2014/11/12 21:00:14 | 116,711,276 | ---- | C] () -- C:\Users\Petr\Desktop\TheraSuit Manual 2012.pdf
[2014/11/09 21:56:59 | 000,000,600 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\winscp.rnd
[2014/11/09 21:56:43 | 000,062,895 | ---- | C] () -- C:\Users\Petr\Desktop\qos.conf
[2014/11/09 21:55:03 | 000,001,057 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
[2014/11/09 21:55:03 | 000,000,999 | ---- | C] () -- C:\Users\Public\Desktop\WinSCP.lnk
[2014/11/05 08:42:57 | 000,001,190 | ---- | C] () -- C:\Users\Petr\Desktop\Střechy a stěny TONDACH 2014.lnk
[2014/04/26 17:20:44 | 000,000,600 | ---- | C] () -- C:\Users\Petr\AppData\Local\PUTTY.RND
[2014/04/23 11:02:49 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 08:45:41 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/29 23:02:22 | 000,077,312 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/01/02 12:31:43 | 000,000,017 | ---- | C] () -- C:\Users\Petr\AppData\Local\resmon.resmoncfg
[2013/12/25 14:26:41 | 000,004,608 | ---- | C] () -- C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/08/03 10:40:08 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/08/03 10:40:08 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/08/03 10:40:08 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/08/03 10:40:08 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/08/03 10:40:08 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/12/14 02:42:30 | 000,963,452 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012/12/14 02:42:28 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/31 01:15:33 | 021,197,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/30 23:59:13 | 018,723,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/10/26 12:08:21 | 000,000,000 | ---D | M] -- C:\Users\Helca\AppData\Roaming\AVAST Software
[2014/11/08 15:25:29 | 000,000,000 | ---D | M] -- C:\Users\Helca\AppData\Roaming\ClassicShell
[2014/11/15 09:15:40 | 000,000,000 | ---D | M] -- C:\Users\Helca\AppData\Roaming\Seznam.cz
[2014/04/23 18:20:59 | 000,000,000 | ---D | M] -- C:\Users\Helca\AppData\Roaming\Vimisoft Studio
[2013/03/01 23:11:16 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\acer
[2014/08/08 08:01:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Autodesk
[2013/10/22 19:25:01 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\AVAST Software
[2014/11/13 18:55:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\BitTorrent
[2014/11/30 10:40:39 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ClassicShell
[2013/03/11 12:38:49 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\clear.fiMVPSDK21
[2014/11/13 18:55:48 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
[2014/03/26 08:33:57 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Dropbox
[2014/03/26 08:33:57 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DropboxMaster
[2013/07/25 08:10:44 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\frpsp
[2013/03/15 11:26:39 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Garmin
[2014/10/11 13:19:43 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GeoGet
[2014/11/28 11:15:12 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Seznam.cz
[2014/11/30 10:43:43 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\uTorrent
[2013/12/25 09:43:26 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Vimisoft Studio
[2013/04/20 23:37:17 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Wargaming.net
[2013/03/21 22:33:09 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WildTangent
[2013/09/09 13:23:12 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2013/08/22 15:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013/09/11 10:26:44 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013/10/08 07:57:56 | 000,000,970 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013/10/08 07:57:57 | 000,000,974 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2014/02/10 08:23:55 | 000,000,920 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001Core.job
[2014/02/10 08:23:55 | 000,000,972 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001UA.job

< >

< MD5 for: AGP440.SYS >
[2014/04/25 19:22:43 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\AGP440.sys
[2014/09/22 04:57:23 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\AGP440.sys

< MD5 for: ATAPI.SYS >
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\erdnt\cache64\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2014/04/25 19:26:38 | 000,028,249 | ---- | M] () MD5=0CBDE27FB26761852F7B22AFB8C51ACB -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2014/02/22 12:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/02/22 12:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/02/22 13:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\WINDOWS\SysNative\autochk.exe
[2014/02/22 13:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
[2014/04/25 20:42:36 | 000,023,596 | ---- | M] () MD5=83A4C9BE342BC296EC09492FF7594F13 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe

< MD5 for: CDROM.SYS >
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2013/08/22 11:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\WINDOWS\SysNative\cryptsvc.dll
[2013/08/22 11:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll
[2012/07/26 04:05:21 | 000,067,584 | ---- | M] (Microsoft Corporation) MD5=F0E78B119D12BA81F163D48C0FF30B9A -- C:\Windows\erdnt\cache64\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2014/08/23 08:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) MD5=195822ACCDAA2B4815DD01BAFC335595 -- C:\Windows\SysWOW64\explorer.exe
[2014/08/23 08:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) MD5=195822ACCDAA2B4815DD01BAFC335595 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
[2014/09/22 04:59:48 | 000,270,774 | ---- | M] () MD5=2195687491E604BA42961470EDA7660E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_42acff334d876b54\explorer.exe
[2014/09/22 05:08:40 | 000,220,250 | ---- | M] () MD5=286928E00AD34E9F88EB5BFA52660A70 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_4d01a98581e82d4f\explorer.exe
[2014/04/25 20:32:48 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2014/04/25 20:32:44 | 000,238,918 | ---- | M] () MD5=5177BB4FECDDB9CDBCF10EF65916968D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2014/09/22 04:59:45 | 000,271,249 | ---- | M] () MD5=667BC926C7CB889BF276A5FEA316CAEE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2014/04/25 19:32:41 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/08/23 08:48:28 | 002,374,784 | ---- | M] (Microsoft Corporation) MD5=ACDBE1ED38167C8B01B8F63161BB2CEA -- C:\Windows\explorer.exe
[2014/08/23 08:48:28 | 002,374,784 | ---- | M] (Microsoft Corporation) MD5=ACDBE1ED38167C8B01B8F63161BB2CEA -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2014/09/22 05:08:36 | 000,208,662 | ---- | M] () MD5=C131BC6F12417306A9C8469CA49110B1 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2012/10/11 08:35:16 | 002,380,944 | ---- | M] (Microsoft Corporation) MD5=E13A31D5254C25406A7946BDD9B06364 -- C:\Windows\erdnt\cache86\explorer.exe
[2014/04/25 19:32:38 | 000,283,735 | ---- | M] () MD5=FA98C5D746E7C9E0912E88AC44FF9926 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe

< MD5 for: HAL.DLL >
[2014/06/02 03:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\WINDOWS\SysNative\hal.dll
[2014/06/02 03:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2014/08/18 19:31:43 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
[2014/03/25 14:05:45 | 000,014,096 | ---- | M] () MD5=64D2873F32BB723BFFF3F8895032AA35 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll
[2014/04/25 19:33:35 | 000,066,843 | ---- | M] () MD5=D714202F057A317C8E31776EBEA0AEA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16500_none_9c39d4b32d63f333\hal.dll

< MD5 for: IASTORV.SYS >
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2014/04/25 19:22:43 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\isapnp.sys
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\drivers\isapnp.sys
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\isapnp.sys
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\isapnp.sys
[2014/09/22 04:57:23 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\isapnp.sys

< MD5 for: LSASS.EXE >
[2013/08/22 14:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\WINDOWS\SysNative\lsass.exe
[2013/08/22 14:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe
[2012/09/20 07:33:39 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=F702AB6181513303AB0FC8D59E52708B -- C:\Windows\erdnt\cache64\lsass.exe

< MD5 for: NDIS.SYS >
[2013/02/02 11:28:54 | 000,993,512 | ---- | M] (Microsoft Corporation) MD5=03CFE4108D1DE16D6C59455B5C73319C -- C:\Windows\erdnt\cache64\ndis.sys
[2014/02/18 19:16:12 | 000,046,734 | ---- | M] () MD5=68A9BA38BB275850F91165D1C1FCA8DA -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16408_none_4a6e60adfbbe952c\ndis.sys
[2014/04/25 19:40:13 | 000,140,607 | ---- | M] () MD5=7B886741BDAE33AC4F116DF991D1E3CB -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16475_none_4a1fb05bfbfa0cbe\ndis.sys
[2014/09/22 05:02:40 | 000,025,682 | ---- | M] () MD5=D2D6A481A75207BF24E9D48C61B7F012 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17031_none_4a46d083fbdd5ca3\ndis.sys
[2014/06/05 15:00:18 | 001,118,040 | ---- | M] (Microsoft Corporation) MD5=E4B4BE2D7750849C07589DA0B0AABA01 -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2014/06/05 15:00:18 | 001,118,040 | ---- | M] (Microsoft Corporation) MD5=E4B4BE2D7750849C07589DA0B0AABA01 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17199_none_4a0df531fc06cc28\ndis.sys

< MD5 for: NETLOGON.DLL >
[2014/03/06 08:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) MD5=2468C21E34C49E4735B4BA430D448E91 -- C:\WINDOWS\SysNative\netlogon.dll
[2014/03/06 08:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) MD5=2468C21E34C49E4735B4BA430D448E91 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_ee9e39a60bd3552e\netlogon.dll
[2014/04/25 20:37:48 | 000,058,552 | ---- | M] () MD5=35048C9600694C3BF01D644D1AAE62BE -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2014/03/06 07:29:17 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=582918F96C2B7E1E3AE17D08DB6DAC41 -- C:\Windows\SysWOW64\netlogon.dll
[2014/03/06 07:29:17 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=582918F96C2B7E1E3AE17D08DB6DAC41 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_f8f2e3f840341729\netlogon.dll
[2014/04/25 19:43:23 | 000,108,975 | ---- | M] () MD5=D817ED82C2A0E1CED9B396826F52F7CB -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll
[2012/07/26 04:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\erdnt\cache86\netlogon.dll
[2012/07/26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) MD5=FDC70965F0FC9DFEBC919627DED5DDFF -- C:\Windows\erdnt\cache64\netlogon.dll

< MD5 for: NVRAID.SYS >
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\drivers\nvraid.sys
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys

< MD5 for: SCECLI.DLL >
[2013/08/22 03:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\SysWOW64\scecli.dll
[2013/08/22 03:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2013/08/22 10:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\WINDOWS\SysNative\scecli.dll
[2013/08/22 10:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll
[2012/07/26 04:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\Windows\erdnt\cache64\scecli.dll
[2012/07/26 04:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\erdnt\cache86\scecli.dll

< MD5 for: SMSS.EXE >
[2014/04/25 19:45:01 | 000,019,120 | ---- | M] () MD5=5FBA1F5F9AA1E09595F015118AE83A36 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3\smss.exe
[2014/02/22 16:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\WINDOWS\SysNative\smss.exe
[2014/02/22 16:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.17031_none_6f522891bc9cbe45\smss.exe

< MD5 for: SVCHOST.EXE >
[2013/08/22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\SysWOW64\svchost.exe
[2013/08/22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2012/09/20 06:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\erdnt\cache86\svchost.exe
[2013/08/22 13:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\SysNative\svchost.exe
[2013/08/22 13:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
[2012/09/20 07:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\Windows\erdnt\cache64\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/02/18 19:17:23 | 000,210,441 | ---- | M] () MD5=01941724D120729E2B680B22F05D4123 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys
[2014/03/16 12:21:03 | 000,271,861 | ---- | M] () MD5=2102610D6FD1D928A3D7155077A78B82 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16456_none_a3fee49b3a43236c\tcpip.sys
[2014/04/25 19:46:38 | 000,481,295 | ---- | M] () MD5=2F83A7537A9B8CF98E6B4710A3E3D381 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys
[2014/10/18 18:20:23 | 000,445,111 | ---- | M] () MD5=5F46548648648BE21060C8DED2B56238 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17238_none_a4166a733a313d8b\tcpip.sys
[2014/08/18 19:39:43 | 000,223,198 | ---- | M] () MD5=889B53B7C56665B0277CC00EF4051DE4 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17085_none_a3dd562d3a5c82ed\tcpip.sys
[2014/09/22 05:05:52 | 000,254,700 | ---- | M] () MD5=8B15952BE4FB7CF329EC3437A7EC4828 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17039_none_a41766f13a305c94\tcpip.sys
[2014/09/22 05:05:56 | 000,242,003 | ---- | M] () MD5=90511DE4535E8829764B1E1E220F56DB -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys
[2013/03/02 10:59:37 | 002,231,528 | ---- | M] (Microsoft Corporation) MD5=B6D52E2C38B49A156E58FF5B9C6CA8BE -- C:\Windows\erdnt\cache64\tcpip.sys
[2014/09/08 04:07:38 | 002,497,344 | ---- | M] (Microsoft Corporation) MD5=CCB3A2BB60FE5073F2DEA63FE83CF8FE -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2014/09/08 04:07:38 | 002,497,344 | ---- | M] (Microsoft Corporation) MD5=CCB3A2BB60FE5073F2DEA63FE83CF8FE -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17336_none_a4146bc53a330804\tcpip.sys
[2014/11/17 14:45:55 | 000,241,540 | ---- | M] () MD5=E7D9CAEE2A6C4007CB85632A13D4EEF3 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17278_none_a3eb2ac33a51ad4f\tcpip.sys

< MD5 for: USERINIT.EXE >
[2013/08/22 11:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\SysNative\userinit.exe
[2013/08/22 11:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2012/07/26 04:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\erdnt\cache64\userinit.exe
[2013/08/22 03:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\SysWOW64\userinit.exe
[2013/08/22 03:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
[2012/07/26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\erdnt\cache86\userinit.exe

< MD5 for: WINLOGON.EXE >
[2014/02/22 10:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\WINDOWS\SysNative\winlogon.exe
[2014/02/22 10:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2012/10/11 06:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\erdnt\cache64\winlogon.exe
[2014/04/25 19:48:58 | 000,089,459 | ---- | M] () MD5=E40DC8DF924E02F04F3620DBAC1ACE31 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe

< MD5 for: WS2_32.DLL >
[2012/07/26 06:26:48 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=2E5B349ACDA36C20612795754DB93312 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2013/08/22 06:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\SysWOW64\ws2_32.dll
[2013/08/22 06:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2013/08/22 14:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\WINDOWS\SysNative\ws2_32.dll
[2013/08/22 14:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll
[2012/07/26 04:20:38 | 000,310,784 | ---- | M] (Microsoft Corporation) MD5=B3CC9EDFD97F7087013A9A47089DF571 -- C:\Windows\erdnt\cache86\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[21 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013/03/01 23:11:16 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\acer
[2014/01/25 19:54:07 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Adobe
[2014/08/08 08:01:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Autodesk
[2013/10/22 19:25:01 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\AVAST Software
[2014/11/13 18:55:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\BitTorrent
[2014/11/30 10:40:39 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ClassicShell
[2013/03/11 12:38:49 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\clear.fiMVPSDK21
[2013/03/01 09:00:19 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\CyberLink
[2014/11/13 18:55:48 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
[2014/03/26 08:33:57 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Dropbox
[2014/03/26 08:33:57 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DropboxMaster
[2014/08/25 20:23:54 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\dvdcss
[2013/07/25 08:10:44 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\frpsp
[2013/03/15 11:26:39 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Garmin
[2014/10/11 13:19:43 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GeoGet
[2013/02/21 06:42:52 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Identities
[2013/12/25 09:41:48 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\InstallShield
[2014/06/03 20:55:07 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Macromedia
[2014/09/30 11:45:12 | 000,000,000 | --SD | M] -- C:\Users\Petr\AppData\Roaming\Microsoft
[2014/11/11 19:58:41 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Mozilla
[2014/04/10 10:26:04 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Nero
[2013/09/09 15:08:37 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\PSpad
[2014/11/28 11:15:12 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Seznam.cz
[2014/11/12 13:21:48 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Skype
[2014/11/30 10:43:43 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\uTorrent
[2013/12/25 09:43:26 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Vimisoft Studio
[2014/11/26 15:26:25 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\vlc
[2013/04/20 23:37:17 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Wargaming.net
[2013/03/21 22:33:09 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WildTangent
[2013/09/09 13:23:12 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2014/09/16 22:07:05 | 001,417,048 | ---- | M] (BitTorrent Inc.) -- C:\Users\Petr\AppData\Roaming\BitTorrent\BitTorrent.exe
[2013/12/17 11:07:02 | 001,137,240 | ---- | M] (BitTorrent Inc.) -- C:\Users\Petr\AppData\Roaming\BitTorrent\updates\7.8.2_30265.exe
[2013/12/17 11:07:09 | 000,895,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\Petr\AppData\Roaming\BitTorrent\updates\7.8.2_30332.exe
[2014/05/27 19:56:29 | 001,242,704 | ---- | M] (BitTorrent Inc.) -- C:\Users\Petr\AppData\Roaming\BitTorrent\updates\7.9.1_31141.exe
[2014/09/01 08:27:05 | 001,267,032 | ---- | M] (BitTorrent Inc.) -- C:\Users\Petr\AppData\Roaming\BitTorrent\updates\7.9.2_32128.exe
[2014/09/16 22:07:05 | 001,417,048 | ---- | M] (BitTorrent Inc.) -- C:\Users\Petr\AppData\Roaming\BitTorrent\updates\7.9.2_33876.exe
[2014/10/20 19:36:59 | 001,387,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\Petr\AppData\Roaming\BitTorrent\updates\7.9.2_34312.exe
[2014/03/19 13:17:02 | 032,667,896 | ---- | M] (Dropbox, Inc.) -- C:\Users\Petr\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014/03/19 13:18:14 | 000,244,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014/03/19 13:17:06 | 000,143,616 | ---- | M] (Dropbox, Inc.) -- C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2013/07/25 08:10:45 | 000,361,000 | ---- | M] (PortableApps.com) -- C:\Users\Petr\AppData\Roaming\frpsp\ChciSeSTebouDomluvit\chrome\GoogleChromePortable.exe
[2013/07/25 08:10:46 | 000,254,928 | ---- | M] (Google Inc.) -- C:\Users\Petr\AppData\Roaming\frpsp\ChciSeSTebouDomluvit\chrome\App\Chrome-bin\app_host.exe
[2013/07/25 08:10:47 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Users\Petr\AppData\Roaming\frpsp\ChciSeSTebouDomluvit\chrome\App\Chrome-bin\chrome.exe
[2013/07/25 08:10:47 | 000,073,168 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\frpsp\ChciSeSTebouDomluvit\chrome\App\Chrome-bin\wow_helper.exe
[2013/07/25 08:10:59 | 000,082,896 | ---- | M] (Google Inc.) -- C:\Users\Petr\AppData\Roaming\frpsp\ChciSeSTebouDomluvit\chrome\App\Chrome-bin\27.0.1453.110\chrome_frame_helper.exe
[2013/07/25 08:10:59 | 000,087,504 | ---- | M] (Google Inc.) -- C:\Users\Petr\AppData\Roaming\frpsp\ChciSeSTebouDomluvit\chrome\App\Chrome-bin\27.0.1453.110\chrome_launcher.exe
[2013/07/25 08:11:00 | 000,397,776 | ---- | M] (Google Inc.) -- C:\Users\Petr\AppData\Roaming\frpsp\ChciSeSTebouDomluvit\chrome\App\Chrome-bin\27.0.1453.110\delegate_execute.exe
[2013/07/25 08:11:01 | 001,037,264 | ---- | M] (Google Inc.) -- C:\Users\Petr\AppData\Roaming\frpsp\ChciSeSTebouDomluvit\chrome\App\Chrome-bin\27.0.1453.110\nacl64.exe
[2014/01/02 15:01:02 | 007,163,455 | ---- | M] ( ) -- C:\Users\Petr\AppData\Roaming\GeoGet\ggupdate\geogetsetup-2.8.2.736.exe
[2013/08/26 20:36:30 | 000,723,456 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\GeoGet\script\geojarry\geojarryw.exe
[2013/09/19 19:59:24 | 008,060,793 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\GeoGet\script\GgStat\GgStat.exe
[2014/06/03 20:48:30 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{885A63EA-382B-4DD4-A755-14809B8557D6}\ARPPRODUCTICON.exe
[2014/06/03 20:48:36 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{91057632-CA70-413C-B628-2D3CDBBB906B}\ARPPRODUCTICON.exe
[2014/11/28 09:37:17 | 001,389,648 | ---- | M] (BitTorrent Inc.) -- C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe
[2014/11/28 09:36:26 | 001,389,648 | ---- | M] (BitTorrent Inc.) -- C:\Users\Petr\AppData\Roaming\uTorrent\updates\3.4.2_35702.exe
[2013/04/14 22:45:57 | 000,312,952 | ---- | M] (WildTangent, Inc.) -- C:\Users\Petr\AppData\Roaming\WildTangent\Updater\GameConsole\GameConsole-4.0.26.43-to-4.0.26.53.exe
[2012/11/29 02:52:32 | 000,049,824 | ---- | M] (WildTangent) -- C:\Users\Petr\AppData\Roaming\WildTangent\Updater\GameConsole\Park-{da5f999b-f7ba-486b-9d0c-c6b7610c2daa}.exe
[2013/03/03 20:34:23 | 001,007,576 | ---- | M] (WildTangent) -- C:\Users\Petr\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-wildgames.exe
[2013/03/03 20:34:22 | 000,000,179 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-wildgames.exe_filedata
[2013/03/03 20:34:33 | 000,000,174 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-acer.exe_filedata
[2012/11/29 02:52:32 | 000,572,064 | ---- | M] (WildTangent, Inc.) -- C:\Users\Petr\AppData\Roaming\WildTangent\WildTangent Games\App\Update\Updater.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/11/30 10:44:54 | 000,000,044 | ---- | M] () -- C:\WINDOWS\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Lync" = "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkey -- [2014/10/14 17:29:03 | 019,051,160 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013/10/28 09:29:38 | 003,675,352 | ---- | M] (Disc Soft Ltd)
"Google Update" = "C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2013/12/03 20:02:59 | 000,116,648 | ---- | M] (Google Inc.)
"GoogleDriveSync" = "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart -- [2014/10/21 17:52:24 | 022,869,088 | ---- | M] (Google)
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2014/10/23 16:21:34 | 006,501,656 | ---- | M] (Piriform Ltd)
"uTorrent" = "C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED -- [2014/11/28 09:37:17 | 001,389,648 | ---- | M] (BitTorrent Inc.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/11/30 12:49:41 | 000,000,512 | ---- | M] () MD5=CC6E5682BC4AC7B916FFE4D73BF9A07D -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014/10/29 15:57:08 | 000,213,184 | ---- | M] () -- \Games\World_of_Tanks\res\audio\objects_ice_crack.fsb
[2010/02/21 01:22:00 | 000,000,386 | ---- | M] () -- \Program Files (x86)\GeoGet\distdata\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif
[2014/01/10 12:33:07 | 000,023,487 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe\Assets\Episode1\Data\Scenes\Canyon\WallCrackZoom.xml
[2014/01/10 12:33:07 | 000,079,559 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe\Assets\Episode2\Data\Scenes\CrackedWall\CrackedWall.xml
[2014/01/10 12:33:07 | 000,005,094 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe\Assets\Episode3\Data\Scenes\StoneCocoonChamber\FloorCrackZoom.xml
[2013/12/19 20:10:36 | 000,001,472 | ---- | M] () -- \Users\Petr\AppData\Roaming\BitTorrent\Mafia.II.Crackfix-SKIDROW.torrent
[2010/02/21 01:22:00 | 000,000,386 | ---- | M] () -- \Users\Petr\AppData\Roaming\GeoGet\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2014/11/10 11:04:00 | 000,188,224 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll.vir
[2014/11/10 11:04:00 | 000,233,280 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll.vir
[2014/10/29 15:57:08 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2014/10/29 15:57:08 | 000,001,508 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\eulaversionloader.pyc
[2014/10/29 15:57:08 | 000,002,209 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2014/10/29 15:57:08 | 000,007,130 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2014/10/29 15:57:08 | 000,003,955 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2014/10/29 15:57:08 | 000,006,579 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2014/10/29 15:57:08 | 000,002,753 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2014/10/29 15:57:08 | 000,001,502 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2014/10/29 15:57:08 | 000,006,833 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2014/10/29 15:57:08 | 000,003,415 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2014/10/29 15:57:08 | 000,007,582 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2014/10/29 15:57:08 | 000,011,286 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\loader.pyc
[2013/01/24 16:30:42 | 001,592,904 | ---- | M] () -- \Program Files (x86)\Acer\Acer Cloud\BT\Win32\SmBIOSWmiLoader.dll
[2013/01/24 16:30:42 | 002,169,416 | ---- | M] () -- \Program Files (x86)\Acer\Acer Cloud\BT\x64\SmBIOSWmiLoader.dll
[2012/09/12 11:50:15 | 000,010,776 | ---- | M] () -- \Program Files (x86)\Acer\clear.fi SDK21\Movie\mm\MediaCtrl\ImageLoader.kc
[2012/09/12 11:50:17 | 000,003,505 | ---- | M] () -- \Program Files (x86)\Acer\clear.fi SDK21\Movie\widget\langloader.kc
[2012/09/12 11:50:17 | 000,012,808 | ---- | M] () -- \Program Files (x86)\Acer\clear.fi SDK21\Movie\widget\layoutloader.kc
[2012/11/08 09:23:37 | 000,126,064 | ---- | M] () -- \Program Files (x86)\Acer\clear.fi SDK21\Video\koan\pyloader.dll
[2014/03/02 17:48:08 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013/06/01 19:40:44 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2007/10/12 07:19:58 | 000,052,232 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\8.0\AddinLoader.dll
[2007/10/12 07:20:18 | 000,129,024 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\8.0\VSTOLoader.dll
[2007/10/12 07:20:14 | 000,017,416 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\8.0\1033\VSTOLoaderUI.dll
[2008/07/29 14:23:46 | 000,211,456 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\9.0\VSTOLoader.dll
[2008/06/17 09:39:56 | 000,018,952 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\9.0\1033\VSTOLoaderUI.dll
[2012/07/04 18:58:08 | 000,126,064 | ---- | M] () -- \Program Files (x86)\CyberLink\MediaEspresso\Koan\pyloader.dll
[2012/07/04 18:58:14 | 000,018,123 | ---- | M] () -- \Program Files (x86)\CyberLink\MediaEspresso\subsys\DataCenter\ImageLoader.kc
[2005/08/10 18:01:12 | 000,044,934 | ---- | M] () -- \Program Files (x86)\Macromedia\Flash 8\en\Configuration\Components\User Interface\Loader.swc
[2005/06/20 14:45:24 | 000,000,544 | ---- | M] () -- \Program Files (x86)\Macromedia\Flash 8\en\First Run\Classes\FP7\MovieClipLoader.as
[2005/06/20 14:45:26 | 000,000,544 | ---- | M] () -- \Program Files (x86)\Macromedia\Flash 8\en\First Run\Classes\FP8\MovieClipLoader.as
[2005/07/13 11:06:52 | 000,010,454 | ---- | M] () -- \Program Files (x86)\Macromedia\Flash 8\en\First Run\Classes\mx\controls\Loader.as
[2012/05/03 18:38:36 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012/05/03 18:39:16 | 000,063,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012/05/21 04:03:06 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012/05/21 04:03:06 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2014/10/08 14:50:44 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Sony Mobile\Update Engine\licenses\loaderbinarylegal.txt
[2012/05/21 22:56:04 | 000,002,196 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\GamePlay_Loader.html
[2012/07/19 00:18:28 | 000,000,598 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\EULA\images\downloader_bg_400.gif
[2012/05/21 22:56:04 | 000,009,085 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2010/11/03 22:17:00 | 000,002,355 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2012/03/30 15:03:44 | 000,430,080 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Facebook\ZPSFacebookUploader.exe
[2010/04/29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Facebook\ZPSPluginLoader.exe
[2011/12/06 13:06:24 | 000,319,488 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Facebook\en\ZPSFacebookUploader.resources.dll
[2012/03/30 15:14:22 | 000,444,416 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Flickr\ZPSFlickrUploader.exe
[2010/04/29 14:12:42 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Flickr\ZPSPluginLoader.exe
[2011/12/06 13:06:40 | 000,323,584 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Flickr\en\ZPSFlickrUploader.resources.dll
[2011/03/08 17:09:04 | 000,194,048 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPicasaUploader.exe
[2010/04/29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPluginLoader.exe
[2010/11/11 12:07:12 | 000,323,584 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Picasa\en\ZPSPicasaUploader.resources.dll
[2012/03/26 15:05:34 | 000,102,792 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Program32\8bfLoader.exe
[2011/12/21 17:08:06 | 000,016,776 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Program32\WICLoader.exe
[2009/02/04 05:08:46 | 000,032,616 | ---- | M] () -- \Program Files\AutoCAD 2010\AecLoader.arx
[2014/11/21 22:30:47 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014/11/21 22:30:47 | 000,085,376 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2014/11/21 22:30:41 | 000,105,464 | ---- | M] () -- \Program Files\AVAST Software\Avast\ng\aswSfLoader.exe
[2014/05/23 17:37:14 | 000,017,128 | ---- | M] () -- \Program Files\Microsoft Office 15\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\15.0.0.0__71E9BCE111E9429C\Microsoft.Office.Infopath.CLRLoader.dll
[2012/07/29 18:51:22 | 000,003,282 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-100.png
[2012/07/29 18:51:22 | 000,003,471 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-140.png
[2014/01/03 15:10:59 | 000,001,754 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-180.png
[2012/07/29 18:51:22 | 000,003,303 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-100.png
[2012/07/29 18:51:22 | 000,003,447 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-140.png
[2014/01/03 15:10:59 | 000,001,752 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-180.png
[2012/07/29 18:51:22 | 000,003,290 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-100.png
[2012/07/29 18:51:22 | 000,003,450 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-140.png
[2014/01/03 15:10:59 | 000,001,745 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-180.png
[2012/07/29 18:51:22 | 000,003,307 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-100.png
[2012/07/29 18:51:22 | 000,003,478 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-140.png
[2014/01/03 15:10:59 | 000,001,752 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-180.png
[2012/07/29 18:51:22 | 000,003,272 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-100.png
[2012/07/29 18:51:22 | 000,003,456 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-140.png
[2014/01/03 15:10:59 | 000,001,752 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-180.png
[2012/07/29 18:51:22 | 000,003,303 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-100.png
[2012/07/29 18:51:22 | 000,003,458 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-140.png
[2014/01/03 15:10:59 | 000,001,754 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-180.png
[2012/07/29 18:51:22 | 000,003,286 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-100.png
[2012/07/29 18:51:22 | 000,003,469 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-140.png
[2014/01/03 15:10:59 | 000,001,766 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-180.png
[2012/07/29 18:51:22 | 000,003,298 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-100.png
[2012/07/29 18:51:22 | 000,003,456 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-140.png
[2014/01/03 15:10:59 | 000,001,745 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-180.png
[2014/01/03 15:10:13 | 000,001,849 | ---- | M] () -- \Program Files\WindowsApps\esobiIncorporated.newsXpressoMetro_2.0.2.208_neutral__sngswjb5h6fyg\Assets\Web\lib\galleria\classic-loader.gif
[2014/01/03 15:01:15 | 000,001,849 | ---- | M] () -- \Program Files\WindowsApps\Evernote.Skitch_2.4.2000.1918_neutral__q4d96b2w5wcc2\app\win\map\images\ajax-loader_rev.gif
[2014/01/03 15:01:15 | 000,001,748 | ---- | M] () -- \Program Files\WindowsApps\Evernote.Skitch_2.4.2000.1918_neutral__q4d96b2w5wcc2\lib\require\deploader.js
[2014/02/18 12:03:57 | 000,000,856 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.212_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2014/03/06 08:37:00 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1408.2503_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/03/06 08:37:00 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1408.2503_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2014/01/03 14:45:26 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1408.2503_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2014/01/03 14:45:26 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1408.2503_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2014/01/03 14:50:59 | 000,001,338 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1408.2503_x86__8wekyb3d8bbwe\LoaderPage.xbf
[2014/09/16 11:52:24 | 000,011,300 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1408.2503_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderPage.xbf
[2014/01/03 14:51:02 | 000,002,178 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1408.2503_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\StandartPreloaderControl.xbf
[2014/01/03 14:56:25 | 000,001,290 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.4.1408.2701_x86__8wekyb3d8bbwe\ApplicationLoader.xbf
[2014/03/06 08:37:00 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.4.1408.2701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/03/06 08:37:00 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.4.1408.2701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2014/01/03 14:45:26 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.4.1408.2701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2014/01/03 14:45:26 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.4.1408.2701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2014/01/03 14:57:24 | 000,004,686 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.4.1408.2701_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderControl.xbf
[2014/01/03 14:56:25 | 000,001,290 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\ApplicationLoader.xbf
[2014/03/06 08:37:00 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/03/06 08:37:00 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2014/01/03 14:45:26 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2014/01/03 14:45:26 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2014/01/03 14:57:24 | 000,004,686 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderControl.xbf
[2014/03/06 08:37:00 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.3.1409.1802_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/03/06 08:37:00 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.3.1409.1802_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2014/01/03 14:45:26 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.3.1409.1802_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2014/01/03 14:45:26 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.3.1409.1802_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2014/05/15 07:26:44 | 000,011,287 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.3.1409.1802_x86__8wekyb3d8bbwe\Controls\PreloaderPage.xbf
[2014/05/15 07:26:44 | 000,001,262 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.3.1409.1802_x86__8wekyb3d8bbwe\Pages\LoaderPage.xbf
[2013/11/14 13:26:50 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2013/11/14 13:26:50 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2013/11/14 13:26:50 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2013/11/14 13:26:50 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2013/11/14 13:26:50 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2013/11/14 13:26:50 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2013/11/14 13:29:10 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2014/10/08 20:53:26 | 000,018,715 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\LS072PDP\AdLoader-a5fa12058ddb9a8919d6906ba95d7c57.min[1].js
[2014/01/29 23:31:55 | 000,001,537 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\LS072PDP\AdLoader[1].htm
[2014/07/02 07:29:25 | 000,001,980 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\LS072PDP\AdLoader[2].htm
[2014/11/07 22:00:05 | 000,001,980 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\LS072PDP\AdLoader[3].htm
[2014/03/02 11:51:06 | 000,002,826 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\LS072PDP\ImageLoader[1].gif
[2014/05/28 16:54:28 | 000,001,976 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\O4QSGM0P\AdLoader[1].htm
[2014/03/02 11:51:06 | 000,001,381 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\O4QSGM0P\ImageLoader[1].gif
[2014/01/29 23:31:55 | 000,111,438 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\OLA7GW4A\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2014/03/04 19:52:41 | 000,001,870 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\OLA7GW4A\AdLoader[1].htm
[2014/04/06 19:18:02 | 000,001,870 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\OLA7GW4A\AdLoader[2].htm
[2014/05/29 08:49:07 | 000,001,980 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\OLA7GW4A\AdLoader[3].htm
[2014/06/29 18:38:37 | 000,001,980 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\OLA7GW4A\AdLoader[4].htm
[2014/10/08 20:53:26 | 000,001,980 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\OLA7GW4A\AdLoader[5].htm
[2014/05/29 19:01:28 | 000,017,912 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\QJ9XLKG5\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014/03/04 19:52:42 | 000,112,122 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\QJ9XLKG5\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014/03/02 11:51:06 | 000,000,969 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\IE\QJ9XLKG5\ImageLoader[1].gif
[2014/11/08 15:44:21 | 000,006,029 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\Low\IE\4JTMWYP8\print-loader[1].gif
[2014/11/08 17:33:25 | 000,004,178 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\Low\IE\JA26LZB6\ajax-loader[1].gif
[2014/11/08 15:46:19 | 000,007,356 | ---- | M] () -- \Users\Helca\AppData\Local\Microsoft\Windows\INetCache\Low\IE\JA26LZB6\mapa_new_loader[1].gif
[2014/07/24 14:53:16 | 000,072,638 | ---- | M] () -- \Users\Helca\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/07/24 14:53:16 | 000,003,032 | ---- | M] () -- \Users\Helca\AppData\Local\Skype\Apps\login\images\loader.png
[2014/07/24 14:53:16 | 000,006,012 | ---- | M] () -- \Users\Helca\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/07/24 14:53:16 | 000,021,956 | ---- | M] () -- \Users\Helca\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/07/24 14:53:16 | 000,009,772 | ---- | M] () -- \Users\Helca\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2013/04/15 12:32:10 | 000,060,416 | ---- | M] () -- \Users\Helca\AppData\Roaming\Seznam.cz\bin\18753libfoxloader-x64.dll
[2013/03/29 12:37:34 | 000,059,384 | ---- | M] () -- \Users\Helca\AppData\Roaming\Seznam.cz\bin\18753libfoxloader.dll
[2013/12/22 16:55:20 | 000,000,165 | ---- | M] () -- \Users\Helca\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013/03/25 15:27:20 | 000,000,665 | ---- | M] () -- \Users\Helca\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013/03/25 15:27:26 | 000,000,117 | ---- | M] () -- \Users\Helca\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2012/06/21 08:07:34 | 000,000,337 | ---- | M] () -- \Users\Helca\Desktop\Nová složka\navigator\log\downloader_120621_090735.log.txt
[2012/06/21 08:08:02 | 000,000,354 | ---- | M] () -- \Users\Helca\Desktop\Nová složka\navigator\log\downloader_120621_090737.log.txt
[2012/06/21 08:10:16 | 000,000,354 | ---- | M] () -- \Users\Helca\Desktop\Nová složka\navigator\log\downloader_120621_090959.log.txt
[2012/06/21 09:50:30 | 000,000,838 | ---- | M] () -- \Users\Helca\Desktop\Nová složka\navigator\log\downloader_120621_104412.log.txt
[2013/03/15 18:59:56 | 000,000,380 | ---- | M] () -- \Users\Helca\Desktop\Nová složka\navigator\log\downloader_130315_195956.log.txt
[2005/06/20 14:45:24 | 000,000,544 | ---- | M] () -- \Users\Petr\AppData\Local\Macromedia\Flash 8\en\Configuration\Classes\FP7\MovieClipLoader.as
[2005/06/20 14:45:26 | 000,000,544 | ---- | M] () -- \Users\Petr\AppData\Local\Macromedia\Flash 8\en\Configuration\Classes\FP8\MovieClipLoader.as
[2005/07/13 11:06:52 | 000,010,454 | ---- | M] () -- \Users\Petr\AppData\Local\Macromedia\Flash 8\en\Configuration\Classes\mx\controls\Loader.as
[2014/07/24 14:53:16 | 000,072,638 | ---- | M] () -- \Users\Petr\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/07/24 14:53:16 | 000,003,032 | ---- | M] () -- \Users\Petr\AppData\Local\Skype\Apps\login\images\loader.png
[2014/07/24 14:53:16 | 000,006,012 | ---- | M] () -- \Users\Petr\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/07/24 14:53:16 | 000,021,956 | ---- | M] () -- \Users\Petr\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/07/24 14:53:16 | 000,009,772 | ---- | M] () -- \Users\Petr\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014/11/22 08:30:59 | 000,008,192 | ---- | M] () -- \Users\Petr\AppData\Local\Temp\_MEI11162\_win32sysloader.pyd
[2014/11/26 19:33:19 | 000,008,192 | ---- | M] () -- \Users\Petr\AppData\Local\Temp\_MEI41042\_win32sysloader.pyd
[2014/11/30 10:42:56 | 000,008,192 | ---- | M] () -- \Users\Petr\AppData\Local\Temp\_MEI41842\_win32sysloader.pyd
[2014/11/28 11:25:15 | 000,008,192 | ---- | M] () -- \Users\Petr\AppData\Local\Temp\_MEI45202\_win32sysloader.pyd
[2014/11/29 12:20:45 | 000,008,192 | ---- | M] () -- \Users\Petr\AppData\Local\Temp\_MEI50242\_win32sysloader.pyd
[2009/02/04 05:08:46 | 000,032,616 | ---- | M] () -- \Users\Petr\download\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\AecLoader.arx
[2014/05/23 17:39:10 | 000,103,936 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.O29577370#\387b2803b331041dcf503ba9ea9ce6b6\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2014/05/23 17:39:10 | 000,000,696 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.O29577370#\387b2803b331041dcf503ba9ea9ce6b6\Microsoft.Office.InfoPath.CLRLoader.ni.dll.aux
[2008/06/17 17:39:56 | 000,205,312 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\05835BF8A6427053A8ED000690F3EF6A\9.0.21022\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2014/05/23 17:39:06 | 000,017,128 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.CLRLoader.dll
[2013/08/22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 04:55:19 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 04:55:19 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013/08/22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2014/04/25 19:23:02 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2014/04/25 19:23:01 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2014/04/25 19:23:15 | 000,598,463 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.efi
[2014/04/25 19:23:13 | 000,542,292 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.exe
[2014/04/25 19:23:26 | 000,598,454 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.efi
[2014/04/25 19:23:24 | 000,542,288 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.exe
[2013/08/22 12:21:30 | 000,046,592 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2013/08/22 14:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 14:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 14:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 12:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 12:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 12:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 12:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 12:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 12:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2014/04/23 12:40:13 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2014/04/25 20:50:54 | 000,009,588 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.efi.mui_35ee487d
[2014/04/25 20:50:54 | 000,009,604 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.exe.mui_3bc5b827
[2014/04/25 20:50:54 | 000,007,885 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.efi.mui_f412814e
[2014/04/25 20:50:54 | 000,007,900 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.exe.mui_ff8b5358
[2014/09/16 06:52:18 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2014/09/22 05:13:52 | 000,724,249 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.efi_75834aa0
[2014/09/22 05:13:54 | 000,660,625 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.exe_75835076
[2014/09/22 05:13:55 | 000,646,411 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.efi_85cd069f
[2014/09/22 05:13:56 | 000,587,303 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.exe_85cd1215
[2013/08/22 16:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2013/11/14 13:22:40 | 000,000,463 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089.manifest
[2014/04/23 08:48:40 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2013/08/22 16:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2013/11/14 13:38:28 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16411_none_4c2dcab94067d447.manifest
[2013/11/14 13:50:45 | 000,000,546 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3.manifest
[2014/01/02 11:25:39 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2014/04/23 08:48:42 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2014/09/15 21:16:23 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2013/08/22 04:55:19 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2013/08/22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll

< *minodlogin* /s >

< *tnod* /s >
[2005/08/17 18:51:46 | 000,006,787 | ---- | M] () -- \ProgramData\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\ComponentRef\images\contentnode3.jpg
[2005/08/17 18:51:46 | 000,006,787 | ---- | M] () -- \Users\All Users\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\ComponentRef\images\contentnode3.jpg

VIRY.CZ

Prosím o kontrolu a pomoc s odstraněním trovi.com

Prosím o kontrolu a pomoc s odstraněním trovi.com

Re: Prosím o kontrolu a pomoc s odstraněním trovi.com

Re: Prosím o kontrolu a pomoc s odstraněním trovi.com

Re: Prosím o kontrolu a pomoc s odstraněním trovi.com

Re: Prosím o kontrolu a pomoc s odstraněním trovi.com

Re: Prosím o kontrolu a pomoc s odstraněním trovi.com

Re: Prosím o kontrolu a pomoc s odstraněním trovi.com

Re: Prosím o kontrolu a pomoc s odstraněním trovi.com

Re: Prosím o kontrolu a pomoc s odstraněním trovi.com

Re: Prosím o kontrolu a pomoc s odstraněním trovi.com

Re: Prosím o kontrolu a pomoc s odstraněním trovi.com

Re: Prosím o kontrolu a pomoc s odstraněním trovi.com

Re: Prosím o kontrolu a pomoc s odstraněním trovi.com

Re: Prosím o kontrolu a pomoc s odstraněním trovi.com

Re: Prosím o kontrolu a pomoc s odstraněním trovi.com