ComboFix 14-12-04.01 - Karel 09.12.2014 23:26:12.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3893.2766 [GMT 1:00]
Spuštěný z: f:\install\ComboFix.exe
AV: ESET NOD32 Antivirus 8.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 8.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-09 do 2014-12-09 )))))))))))))))))))))))))))))))
.
.
2014-12-09 22:34 . 2014-12-09 22:34 -------- dc----w- c:\users\Default\AppData\Local\temp
2014-12-09 18:57 . 2014-12-09 18:57 -------- dc----w- c:\windows\system32\appraiser
2014-12-09 18:43 . 2014-12-09 18:43 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-09 18:43 . 2014-12-09 18:43 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-09 18:43 . 2014-12-09 18:43 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-09 18:43 . 2014-12-09 18:43 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-09 18:43 . 2014-12-09 18:43 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-09 18:43 . 2014-12-09 18:43 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-09 18:43 . 2014-12-09 18:43 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-09 18:43 . 2014-12-09 18:43 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-09 18:43 . 2014-12-09 18:43 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-09 18:43 . 2014-12-09 18:43 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-09 18:38 . 2014-12-09 18:55 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-09 18:38 . 2014-12-09 18:55 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-09 18:38 . 2014-12-09 18:55 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-09 18:38 . 2014-12-09 18:55 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-09 18:38 . 2014-12-09 18:55 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-09 18:38 . 2014-12-09 18:55 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-09 18:38 . 2014-12-09 18:55 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-09 18:37 . 2014-12-09 18:54 187904 ----a-w- c:\windows\system32\cryptsvc.dll
2014-12-09 18:37 . 2014-12-09 18:54 1480192 ----a-w- c:\windows\system32\crypt32.dll
2014-12-09 18:37 . 2014-12-09 18:54 143872 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2014-12-09 18:37 . 2014-12-09 18:54 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
2014-12-09 18:37 . 2014-12-09 18:45 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-12-09 18:35 . 2014-12-09 18:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-12-09 18:35 . 2014-12-09 18:42 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-09 09:09 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DBA4492F-8C34-488C-B6CE-160854B68AF4}\mpengine.dll
2014-11-30 00:58 . 2014-11-30 00:58 -------- dc----w- c:\users\Karel\AppData\Roaming\Convert Audio Free
2014-11-25 19:49 . 2014-11-25 19:49 -------- dc----w- c:\program files (x86)\Common Files\Skype
2014-11-25 12:59 . 2014-11-25 12:59 18638520 -c--a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2014-11-19 15:11 . 2014-11-20 02:00 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 15:11 . 2014-11-20 02:00 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-19 15:11 . 2014-11-20 02:00 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 15:11 . 2014-11-20 02:00 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-19 03:31 . 2014-11-19 03:31 1217192 -c--a-w- c:\windows\SysWow64\FM20.DLL
2014-11-17 01:53 . 2014-11-17 01:51 590536 -c--a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-11-17 01:51 . 2014-11-17 02:06 -------- dc----w- c:\programdata\regid.1991-06.com.microsoft
2014-11-17 01:47 . 2014-11-17 01:47 -------- dc----w- c:\program files\Microsoft Office 15
2014-11-17 01:13 . 2014-04-03 23:42 3382440 -c--a-w- c:\windows\system32\BootMan.exe
2014-11-17 01:13 . 2014-04-03 23:25 2499752 -c--a-w- c:\windows\SysWow64\BootMan.exe
2014-11-17 01:13 . 2013-03-07 08:49 9160 -c--a-w- c:\windows\SysWow64\EuGdiDrv.sys
2014-11-17 01:13 . 2013-03-07 08:49 87112 -c--a-w- c:\windows\SysWow64\setupempdrv03.exe
2014-11-17 01:13 . 2013-03-07 08:49 14920 -c--a-w- c:\windows\SysWow64\epmntdrv.sys
2014-11-17 01:13 . 2013-03-07 08:49 9800 -c--a-w- c:\windows\system32\EuGdiDrv.sys
2014-11-17 01:13 . 2013-03-07 08:49 17480 -c--a-w- c:\windows\system32\epmntdrv.sys
2014-11-17 01:13 . 2013-03-07 08:49 100936 -c--a-w- c:\windows\system32\setupempdrvx64.exe
2014-11-17 01:13 . 2013-03-07 08:49 16256 -c--a-w- c:\windows\system32\EuEpmGdi.dll
2014-11-17 01:13 . 2013-03-07 08:49 19840 -c--a-w- c:\windows\SysWow64\EuEpmGdi.dll
2014-11-17 01:13 . 2014-11-17 01:13 -------- dc----w- c:\program files (x86)\EaseUS
2014-11-15 16:01 . 2014-11-15 16:01 -------- dc----w- c:\users\Karel\.ssh
2014-11-14 19:37 . 2014-11-14 19:37 -------- dc----w- c:\users\Karel\AppData\Roaming\FileZilla
2014-11-14 19:20 . 2014-11-14 19:20 -------- dc----w- c:\users\Karel\AppData\Roaming\JetBrains
2014-11-14 19:19 . 2014-11-14 19:19 -------- dc----w- c:\users\Karel\.WebStorm9
2014-11-14 13:57 . 2014-11-14 13:57 -------- dc----w- c:\windows\rescache
2014-11-11 19:49 . 2014-11-11 21:48 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-11-11 19:49 . 2014-11-11 21:48 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-11 19:49 . 2014-11-11 21:48 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-11-11 19:49 . 2014-11-11 21:48 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-11-11 19:49 . 2014-11-11 21:48 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-11 19:49 . 2014-11-11 21:48 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-11-11 19:49 . 2014-11-11 21:48 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-11-11 19:49 . 2014-11-11 21:48 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-11-11 19:49 . 2014-11-11 21:48 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-11-11 15:46 . 2014-11-11 15:46 3225280 -c--a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\1029\MSOINTL.DLL
2014-11-11 04:24 . 2014-11-11 04:24 195272 -c--a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\LICLUA.EXE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-09 18:46 . 2010-10-16 00:16 112710672 -c--a-w- c:\windows\system32\MRT.exe
2014-12-09 18:42 . 2014-12-09 18:36 165888 ----a-w- c:\windows\system32\charmap.exe
2014-11-25 21:19 . 2012-04-04 15:54 701104 -c--a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-25 21:19 . 2011-05-17 16:26 71344 -c--a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-11 21:36 . 2014-11-11 19:47 342016 ----a-w- c:\windows\system32\schannel.dll
2014-11-11 21:36 . 2014-11-11 19:47 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-11-04 13:30 . 2010-09-14 16:13 275080 -c----w- c:\windows\system32\MpSigStub.exe
2014-10-16 09:10 . 2014-10-15 22:32 1943696 ----a-w- c:\windows\system32\dfshim.dll
2014-10-16 09:10 . 2014-10-15 22:32 156824 ----a-w- c:\windows\SysWow64\mscorier.dll
2014-10-16 09:10 . 2014-10-15 22:32 156312 ----a-w- c:\windows\system32\mscorier.dll
2014-10-16 09:10 . 2014-10-15 22:32 1131664 ----a-w- c:\windows\SysWow64\dfshim.dll
2014-10-16 09:10 . 2014-10-15 22:32 81560 ----a-w- c:\windows\SysWow64\mscories.dll
2014-10-16 09:10 . 2014-10-15 22:32 73880 ----a-w- c:\windows\system32\mscories.dll
2014-10-16 09:09 . 2014-10-15 22:29 424448 ----a-w- c:\windows\system32\rastls.dll
2014-10-16 09:09 . 2014-10-15 22:29 372736 ----a-w- c:\windows\SysWow64\rastls.dll
2014-10-16 09:09 . 2014-10-15 22:29 3221504 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-10-16 09:09 . 2014-10-15 22:29 3722240 ----a-w- c:\windows\system32\mstscax.dll
2014-10-16 09:09 . 2014-10-15 22:29 235520 ----a-w- c:\windows\system32\winsta.dll
2014-10-16 09:09 . 2014-10-15 22:29 1118720 ----a-w- c:\windows\system32\mstsc.exe
2014-10-16 09:09 . 2014-10-15 22:29 1051136 ----a-w- c:\windows\SysWow64\mstsc.exe
2014-10-16 09:09 . 2014-10-15 22:29 455168 ----a-w- c:\windows\system32\winlogon.exe
2014-10-16 09:09 . 2014-10-15 22:29 212480 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-10-16 09:09 . 2014-10-15 22:29 157696 ----a-w- c:\windows\SysWow64\winsta.dll
2014-10-16 09:09 . 2014-10-15 22:29 150528 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-10-16 09:09 . 2014-10-15 22:29 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2014-10-16 09:09 . 2014-10-15 22:29 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-10-10 07:59 . 2014-10-10 07:59 243440 -c--a-w- c:\windows\system32\drivers\eamonm.sys
2014-10-10 07:59 . 2014-10-10 07:59 241368 -c--a-w- c:\windows\system32\drivers\edevmon.sys
2014-10-10 07:59 . 2014-10-10 07:59 169280 -c--a-w- c:\windows\system32\drivers\ehdrv.sys
2014-10-10 07:59 . 2014-10-10 07:59 158968 -c--a-w- c:\windows\system32\drivers\epfwwfpr.sys
2014-10-01 11:03 . 2014-09-30 21:02 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-10-01 11:03 . 2014-09-30 21:02 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-12 11:14 . 2012-07-17 13:37 23256 -c--a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-07-14 . 769765CE2CC62867468CEA93969B2242 . 23040 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_804cc08a4e8a4516\asyncmac.sys
[-] 2009-07-14 . 769765CE2CC62867468CEA93969B2242 . 23040 . . [6.1.7600.16385] .. c:\windows\system32\drivers\asyncmac.sys
.
[-] 2009-07-13 . 9899284589F75FA8724FF3D16AED75C1 . 6144 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_055adf2434ae116e\null.sys
[-] 2009-07-13 . 9899284589F75FA8724FF3D16AED75C1 . 6144 . . [6.1.7600.16385] .. c:\windows\system32\drivers\null.sys
.
[-] 2014-12-09 . 70988118145F5F10EF24720B97F35F65 . 119296 . . [6.1.7601.18658] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.18658_none_483c7a50f2d21ee0\tdx.sys
[-] 2014-11-11 . 5FCF588BBD2358538DB17DD0A0A31813 . 118272 . . [6.1.7601.22865] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.22865_none_48b848380bfa8bbd\tdx.sys
[-] 2010-11-20 . DDAD5A7AB24D8B65F8D724F5C20FD806 . 119296 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys
[-] 2014-12-09 . 70988118145F5F10EF24720B97F35F65 . 119296 . . [6.1.7601.18658] .. c:\windows\system32\drivers\tdx.sys
.
[-] 2012-07-04 . 05F5A0D14A2EE1D8255C2AA0E9E8E694 . 136704 . . [6.1.7601.17887] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17887_none_d6c68344b4d406bf\browser.dll
[-] 2012-07-04 . 156768ABAE1DAF29BA0B0C05C21FEF09 . 136704 . . [6.1.7601.22044] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.22044_none_d7783703cdd41e02\browser.dll
[-] 2010-11-20 . 8EF0D5C41EC907751B8429162B1239ED . 136192 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17514_none_d70f2c28b49dffae\browser.dll
[-] 2012-07-04 . 05F5A0D14A2EE1D8255C2AA0E9E8E694 . 136704 . . [6.1.7600.16385] .. c:\windows\system32\browser.dll
.
[-] 2014-11-11 . 341655B216721D89CADE9DEA2F33872F . 31232 . . [6.1.7601.18606] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18606_none_047d4bcf7360effc\lsass.exe
[-] 2014-09-19 . B84317193B6A29F5F5DCF538C34FDCED . 31232 . . [6.1.7601.22814] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22814_none_04fa1a008c887630\lsass.exe
[-] 2014-05-30 . F23812F9F7B130854E4BC0389F7C688C . 31232 . . [6.1.7601.18489] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe
[-] 2014-05-30 . 04F6C08B30C599D301CE8530A6F6A703 . 31232 . . [6.1.7601.22705] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe
[-] 2014-05-29 . 204F3F58212B3E422C90BD9691A2DF28 . 31232 . . [6.1.7601.18443] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[-] 2014-05-29 . 204F3F58212B3E422C90BD9691A2DF28 . 31232 . . [6.1.7601.18443] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe
[-] 2014-05-29 . 204F3F58212B3E422C90BD9691A2DF28 . 31232 . . [6.1.7601.18443] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18637_none_045ddc5573785d26\lsass.exe
[-] 2014-04-12 . 6598EBC4D209318EBD81F76833ECBEDB . 31232 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[-] 2014-04-12 . 6598EBC4D209318EBD81F76833ECBEDB . 31232 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22736_none_04e678d68c96e399\lsass.exe
[-] 2014-04-12 . 6598EBC4D209318EBD81F76833ECBEDB . 31232 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe
[-] 2014-04-12 . 6598EBC4D209318EBD81F76833ECBEDB . 31232 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22843_none_04d8a9f28ca1b0ac\lsass.exe
[-] 2011-11-17 . C118A82CD78818C29AB228366EBF81C3 . 31232 . . [6.1.7601.17725] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[-] 2011-11-17 . 0A10B74FBB437FF9A23F1D5DE4446A83 . 31232 . . [6.1.7601.21861] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[-] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[-] 2014-05-29 . 204F3F58212B3E422C90BD9691A2DF28 . 31232 . . [6.1.7601.18443] .. c:\windows\system32\lsass.exe
.
[-] 2009-07-14 . 847D3AE376C0817161A14A82C8922A9E . 360448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll
[-] 2009-07-14 . 847D3AE376C0817161A14A82C8922A9E . 360448 . . [6.1.7600.16385] .. c:\windows\system32\netman.dll
.
[-] 2010-11-20 . 1EA7969E3271CBC59E1730697DC74682 . 849920 . . [7.5.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll
[-] 2010-11-20 . 1EA7969E3271CBC59E1730697DC74682 . 849920 . . [7.5.7600.16385] .. c:\windows\system32\qmgr.dll
.
[-] 2010-11-20 . 5C627D1B1138676C0A7AB2C2C190D123 . 512000 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[-] 2010-11-20 . 5C627D1B1138676C0A7AB2C2C190D123 . 512000 . . [6.1.7601.17514] .. c:\windows\system32\rpcss.dll
.
[-] 2009-07-14 . 24ACB7E5BE595468E3B9AA488B9B4FCB . 328704 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[-] 2009-07-14 . 24ACB7E5BE595468E3B9AA488B9B4FCB . 328704 . . [6.1.7600.16385] .. c:\windows\system32\services.exe
.
[-] 2012-02-11 . 85DAA09A98C9286D4EA2BA8D0E644377 . 559104 . . [6.1.7601.17777] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe
[-] 2012-02-11 . B9D7A4858CF32A6A15D2763F1DE47E0E . 559616 . . [6.1.7601.21921] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe
[-] 2010-11-20 . B96C17B5DC1424D56EEA3A99E97428CD . 559104 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[-] 2012-02-11 . 85DAA09A98C9286D4EA2BA8D0E644377 . 559104 . . [6.1.7600.16385] .. c:\windows\system32\spoolsv.exe
.
[-] 2014-10-16 . 8CEBD9D0A0A879CDE9F36F4383B7CAEA . 455168 . . [6.1.7601.18540] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[-] 2014-07-16 . 98AA0BFEE089C7E5DADB94190D93456C . 455680 . . [6.1.7601.22750] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[-] 2014-05-29 . 88AB9B72B4BF3963A0DE0820B4B0B06C . 455168 . . [6.1.7601.18409] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[-] 2014-03-04 . 6CE2AE073BD21C542FC2C707CAE944CC . 455680 . . [6.1.7601.22616] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[-] 2010-11-20 . 1151B1BAA6F350B1DB6598E0FEA7C457 . 390656 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[-] 2014-10-16 . 8CEBD9D0A0A879CDE9F36F4383B7CAEA . 455168 . . [6.1.7601.17514] .. c:\windows\system32\winlogon.exe
.
[-] 2013-07-04 . 9028D1621C43DF8DFBD1C76860412A11 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18201_none_97c9d703ee91c7f1\comctl32.dll
[-] 2013-07-04 . 9028D1621C43DF8DFBD1C76860412A11 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
[-] 2013-07-04 . 4F3C5CE9EF990E1C62B7E7EBA0EBA1C2 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.22376_none_980cc5cd07e3aa05\comctl32.dll
[-] 2013-07-04 . 4F3C5CE9EF990E1C62B7E7EBA0EBA1C2 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.22376_none_a6ba9bf96e3dcd13\comctl32.dll
[-] 2010-11-20 . 14DFDEAF4E589ED3F1FF187A86B9408C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_97c2246fee970dbb\comctl32.dll
[-] 2010-11-20 . 14DFDEAF4E589ED3F1FF187A86B9408C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
[-] 2010-11-20 . 7FA8FDC2C2A27817FD0F624E78D3B50C . 2030080 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
[-] 2013-07-04 . 9028D1621C43DF8DFBD1C76860412A11 . 633856 . . [5.82] .. c:\windows\system32\comctl32.dll
.
[-] 2009-07-14 . 1A47D52E303B7543E4E6026595B95422 . 1297408 . . [2001.12.8530.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_88a5cc7effe2dfca\comres.dll
[-] 2009-07-14 . 1A47D52E303B7543E4E6026595B95422 . 1297408 . . [2001.12.8530.16385] .. c:\windows\system32\comres.dll
.
[-] 2014-12-09 . 19D511CC455C19DE1ADF60E6C39C85B6 . 187904 . . [6.1.7601.18526] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18526_none_d41cb8b3b175406a\cryptsvc.dll
[-] 2014-07-07 . 63A15BA9875364C4147B226CB70468B3 . 190976 . . [6.1.7601.22736] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22856_none_d485e986caab2e55\cryptsvc.dll
[-] 2013-10-05 . 509D31797A4B8A3D6ED78A330B19A919 . 186880 . . [6.1.7601.22473] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[-] 2013-07-09 . 434CCE8E7150CD1324C5FAA088D1D061 . 186880 . . [6.1.7601.22380] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[-] 2013-07-09 . 6B400F211BEE880A37A1ED0368776BF4 . 184320 . . [6.1.7601.18205] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[-] 2013-05-13 . D8129C49798CBBFB2E4351D4B7B8EF9C . 184320 . . [6.1.7601.18151] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[-] 2013-05-11 . 8122252F0A4ACFA92FA0C1D50D18493B . 186880 . . [6.1.7601.22322] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[-] 2013-05-10 . 7FDC4626B01106A8EF328C88C7C0DEE3 . 184320 . . [6.1.7601.18150] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[-] 2013-05-10 . CA13C4F92BEE66DB48E58AB3223DDF6E . 186880 . . [6.1.7601.22321] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[-] 2012-06-04 . 7E7D2DACF65D750D466F36BD3D09AE20 . 186880 . . [6.1.7601.22010] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[-] 2012-06-02 . 9C01375BE382E834CC26D1B7EAF2C4FE . 184320 . . [6.1.7601.17856] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[-] 2010-11-20 . 15597883FBE9B056F276ADA3AD87D9AF . 177152 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[-] 2014-12-09 . 19D511CC455C19DE1ADF60E6C39C85B6 . 187904 . . [6.1.7600.16385] .. c:\windows\system32\cryptsvc.dll
.
[-] 2009-07-14 . 4166F82BE4D24938977DD1746BE9B8A0 . 402944 . . [2001.12.8530.16385] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll
[-] 2009-07-14 . 4166F82BE4D24938977DD1746BE9B8A0 . 402944 . . [2001.12.8530.16385] .. c:\windows\system32\es.dll
.
[-] 2009-07-14 . AA2C08CE85653B1A0D2E4AB407FA176C . 167424 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_b84b0fbd941c03a9\imm32.dll
[-] 2009-07-14 . AA2C08CE85653B1A0D2E4AB407FA176C . 167424 . . [6.1.7600.16385] .. c:\windows\system32\imm32.dll
.
[-] 2014-06-11 . 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 . 801280 . . [1.0626.7601.18454] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18454_none_0af5261f6f3c76ad\usp10.dll
[-] 2014-04-25 . BB2B03C6B6778A9B2866A049CC600D55 . 801792 . . [1.0626.7601.22666] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22666_none_0b75f5788860623d\usp10.dll
[-] 2010-11-20 . 2F8B1E3EE3545D3B5A8D56FA1AE07B65 . 800256 . . [1.0626.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_0b207e7d6f1bea6f\usp10.dll
[-] 2014-06-11 . 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 . 801280 . . [1.0626.7601.18454] .. c:\windows\system32\usp10.dll
.
[-] 2014-04-12 . 77BBBF70BCE286CD19E1E68F248363FA . 1164800 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_f24130b9862a22c7\kernel32.dll
[-] 2014-03-04 . 52E77DC8E31C89FBB1E968699C8121C5 . 1164800 . . [6.1.7601.22616] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22616_none_f26f71478606ff08\kernel32.dll
[-] 2014-03-04 . D2A513EE880D71BDE7F0257F38B9D019 . 1163264 . . [6.1.7601.18409] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_f1f3a3606cde922b\kernel32.dll
[-] 2013-08-29 . 786D234A90FCAC72633AE6FC52653A49 . 1162240 . . [6.1.7601.22436] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22436_none_f259cda386173c9c\kernel32.dll
[-] 2013-08-02 . C525D51A79B01342344F02E38866CF60 . 1162240 . . [6.1.7601.22411] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22411_none_f26a6c09860b8607\kernel32.dll
[-] 2013-08-02 . D8973E71F1B35CD3F3DEA7C12D49D0F0 . 1161216 . . [6.1.7601.18229] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18229_none_f1ddffbc6ceecfbf\kernel32.dll
[-] 2012-11-30 . B3BEA6420D482356E53B7C728E05C637 . 1163264 . . [6.1.7601.22177] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll
[-] 2012-11-30 . 65C113214F7B05820F6D8A65B1485196 . 1161216 . . [6.1.7601.18015] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll
[-] 2010-11-20 . 7A6326D96D53048FDEC542DF23D875A0 . 1161216 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll
[-] 2014-03-04 . D2A513EE880D71BDE7F0257F38B9D019 . 1163264 . . [6.1.7601.18015] .. c:\windows\system32\kernel32.dll
.
[-] 2009-07-14 . A0A65D306A5490D2EB8E7DE66898ECFD . 29696 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_945a23c3bf051859\linkinfo.dll
[-] 2009-07-14 . A0A65D306A5490D2EB8E7DE66898ECFD . 29696 . . [6.1.7600.16385] .. c:\windows\system32\linkinfo.dll
.
[-] 2013-06-06 . 796B47A4B82EF1C39F13435B88834C48 . 41472 . . [6.1.7601.18177] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_07bb20dd7154003d\lpk.dll
[-] 2013-06-06 . 22FC61B8E1EBA296FF416C3678E26DD3 . 41472 . . [6.1.7601.22350] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_08535d608a67b3eb\lpk.dll
[-] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_07f91de77125e78d\lpk.dll
[-] 2013-06-06 . 796B47A4B82EF1C39F13435B88834C48 . 41472 . . [6.1.7601.18177] .. c:\windows\system32\lpk.dll
.
[-] 2009-07-14 . 3B367397320C26DBA890B260F80D1B1B . 424448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.1.7600.16385_none_0c2b375bae4a8d38\hnetcfg.dll
[-] 2009-07-14 . 3B367397320C26DBA890B260F80D1B1B . 424448 . . [6.1.7600.16385] .. c:\windows\system32\hnetcfg.dll
.
[-] 2014-12-09 . D478A4CF07FB8ADF72FB16B88E8030B8 . 25059840 . . [11.00.9600.17496] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17501_none_f58df6883740dfc5\mshtml.dll
[-] 2014-11-11 . BBD6A636AAA65D874F3863280CD8373D . 25110016 . . [11.00.9600.17420] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17420_none_f59addd03736dce1\mshtml.dll
[-] 2014-10-16 . 7415B29AFE2E4494A57358B8C7E78600 . 23631360 . . [11.00.9600.17344] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17358_none_f5a7f85a372cd9fd\mshtml.dll
[-] 2014-09-10 . 920BD93A0B64657A20CA66C2EBB167EA . 23591424 . . [11.00.9600.17280] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17280_none_f5b67f6437213d09\mshtml.dll
[-] 2014-08-13 . ECA387DCD57F683C52171C766CF400F0 . 23645696 . . [11.00.9600.17239] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17239_none_f5b0b0ea3726a4ff\mshtml.dll
[-] 2014-07-11 . FEC19C351EF1B2C998A85D1BFD765675 . 23464448 . . [11.00.9600.17207] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17207_none_f5addd9c372925b8\mshtml.dll
[-] 2014-06-12 . 56803B20D168C1B740D12CE0BE4588F5 . 23414784 . . [11.00.9600.17126] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17126_none_f5bac4e4371f22d4\mshtml.dll
[-] 2014-05-31 . 797E2E5C309AFF76990D5B7AF457EACA . 23544320 . . [11.00.9600.17107] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17107_none_f5b8ad88372109c7\mshtml.dll
[-] 2014-05-29 . 37D0FB9E5E8EDA40B66FC3FB3D660261 . 23549440 . . [11.00.9600.17041] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17041_none_f5c8074c3714b96c\mshtml.dll
[-] 2014-12-09 . D478A4CF07FB8ADF72FB16B88E8030B8 . 25059840 . . [11.00.9600.17496] .. c:\windows\system32\mshtml.dll
.
[-] 2011-12-16 . C391FC68282A000CDF953F8B6B55D2EF . 634880 . . [7.0.7601.17744] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_2f5acf97b59df60f\msvcrt.dll
[-] 2011-12-16 . F9A4C695C86CC32048FE2C987A0BD387 . 634880 . . [7.0.7601.21878] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_2fc7fdc6ced04f08\msvcrt.dll
[-] 2009-07-14 . 7319BB10FA1F86E49E3DCF4136F6C957 . 634880 . . [7.0.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_2d4a27c7b8972454\msvcrt.dll
[-] 2011-12-16 . C391FC68282A000CDF953F8B6B55D2EF . 634880 . . [7.0.7601.17744] .. c:\windows\system32\msvcrt.dll
.
[-] 2013-09-08 . 9A9F9F1A77D6A80EE28B57664F00013E . 327168 . . [6.1.7601.18254] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_164e004b440bdabf\mswsock.dll
[-] 2013-09-07 . BDDB1FD258B92DEE00F222D3304B5D9C . 327168 . . [6.1.7601.22444] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_16e26ee85d215bbf\mswsock.dll
[-] 2010-11-20 . 1D5185A4C7E6695431AE4B55C3D7D333 . 326144 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[-] 2013-09-08 . 9A9F9F1A77D6A80EE28B57664F00013E . 327168 . . [6.1.7600.16385] .. c:\windows\system32\mswsock.dll
.
[-] 2010-11-20 . AA339DD8BB128EF66660DFBBB59043D3 . 695808 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[-] 2010-11-20 . AA339DD8BB128EF66660DFBBB59043D3 . 695808 . . [6.1.7600.16385] .. c:\windows\system32\netlogon.dll
.
[-] 2009-07-14 . 716175021BDA290504CE434273F666BC . 167424 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_ff0e900816896618\powrprof.dll
[-] 2009-07-14 . 716175021BDA290504CE434273F666BC . 167424 . . [6.1.7600.16385] .. c:\windows\system32\powrprof.dll
.
[-] 2010-11-20 . ED78427259134C63ED69804D2132B86C . 232960 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
[-] 2010-11-20 . ED78427259134C63ED69804D2132B86C . 232960 . . [6.1.7600.16385] .. c:\windows\system32\scecli.dll
.
[-] 2009-07-14 . C6DCD1D11ED6827F05C00773C3E7053C . 3072 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_032ab4f375e2ac1f\sfc.dll
[-] 2009-07-14 . C6DCD1D11ED6827F05C00773C3E7053C . 3072 . . [6.1.7600.16385] .. c:\windows\system32\sfc.dll
.
[-] 2009-07-14 . C78655BC80301D76ED4FEF1C1EA40A7D . 27136 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[-] 2009-07-14 . C78655BC80301D76ED4FEF1C1EA40A7D . 27136 . . [6.1.7600.16385] .. c:\windows\system32\svchost.exe
.
[-] 2010-11-20 . 40F0849F65D13EE87B9A9AE3C1DD6823 . 316928 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_4162de4afb9222c0\tapisrv.dll
[-] 2010-11-20 . 40F0849F65D13EE87B9A9AE3C1DD6823 . 316928 . . [6.1.7600.16385] .. c:\windows\system32\tapisrv.dll
.
[-] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2010-11-20 . BAFE84E637BF7388C96EF48D4D3FDD53 . 30720 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
[-] 2010-11-20 . BAFE84E637BF7388C96EF48D4D3FDD53 . 30720 . . [6.1.7600.16385] .. c:\windows\system32\userinit.exe
.
[-] 2014-12-09 . 4AF089160FE082E5EA5C4AA72782DCA2 . 2358272 . . [11.00.9600.17496] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17501_none_e433d769b6ea768f\wininet.dll
[-] 2014-11-11 . 6FC2819A4F80AAB2DADEDFC1EFEE3C3F . 2365440 . . [11.00.9600.17420] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17420_none_e440beb1b6e073ab\wininet.dll
[-] 2014-10-16 . 9D98D4F390F0B14A782F3B931E613A1A . 2309632 . . [11.00.9600.17344] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17358_none_e44dd93bb6d670c7\wininet.dll
[-] 2014-09-10 . 39EBB9708453036A74C30C9A294023FF . 2310656 . . [11.00.9600.17280] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17280_none_e45c6045b6cad3d3\wininet.dll
[-] 2014-08-13 . 8E71A5CB5312B8392D4DA4CA37BB5868 . 2266624 . . [11.00.9600.17239] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17239_none_e45691cbb6d03bc9\wininet.dll
[-] 2014-07-11 . 2EE102DF0EDD8A1EDD3D1E9B99A91BEC . 2266112 . . [11.00.9600.17207] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17207_none_e453be7db6d2bc82\wininet.dll
[-] 2014-06-12 . 40BFD9D6EC8E174145F012246CA73CCD . 2266112 . . [11.00.9600.17126] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17126_none_e460a5c5b6c8b99e\wininet.dll
[-] 2014-05-29 . F220BA78AB542C70211D73AE4729B2CD . 2260480 . . [11.00.9600.17041] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17041_none_e46de82db6be5036\wininet.dll
[-] 2014-03-01 . DF79CE9B950C62677D232154E93A81C7 . 2334208 . . [11.00.9600.16521] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16521_none_e435d617b6e8ac16\wininet.dll
[-] 2014-02-06 . 263B6E451526A90FF8B1CEC759F22956 . 2334208 . . [11.00.9600.16518] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16518_none_e4343655b6ea4626\wininet.dll
[-] 2013-11-28 . E6CB36B85BE59095337427E853A5B65A . 2332160 . . [11.00.9600.16428] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16428_none_e440068bb6e1438c\wininet.dll
[-] 2013-11-26 . 9B6678DB9C6A232C5A84D2FDFFF8B0E1 . 2334208 . . [11.00.9600.16476] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16476_none_e445358db6dc8efd\wininet.dll
[-] 2010-11-20 . F6C5302E1F4813D552F41A0AC82455E5 . 1188864 . . [8.00.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_7ac940242f7494a4\wininet.dll
[-] 2014-12-09 . 4AF089160FE082E5EA5C4AA72782DCA2 . 2358272 . . [11.00.9600.16428] .. c:\windows\system32\wininet.dll
.
[-] 2010-11-20 . 4BBFA57F594F7E8A8EDC8F377184C3F0 . 297984 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[-] 2010-11-20 . 4BBFA57F594F7E8A8EDC8F377184C3F0 . 297984 . . [6.1.7600.16385] .. c:\windows\system32\ws2_32.dll
.
[-] 2009-07-14 . 8396C6C26AADDFE4590CCEF0F419B6B7 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\ws2help.dll
[-] 2009-07-14 . 8396C6C26AADDFE4590CCEF0F419B6B7 . 4608 . . [6.1.7600.16385] .. c:\windows\system32\ws2help.dll
.
[-] 2010-11-20 . 6C60B5ACA7442EFB794082CDACFC001C . 2086912 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_0a43accb08f0eac5\ole32.dll
[-] 2010-11-20 . 6C60B5ACA7442EFB794082CDACFC001C . 2086912 . . [6.1.7600.16385] .. c:\windows\system32\ole32.dll
.
[-] 2009-07-14 . 86FE1B1F8FD42CD0DB641AB1CDB13093 . 18944 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
[-] 2009-07-14 . 86FE1B1F8FD42CD0DB641AB1CDB13093 . 18944 . . [6.1.7600.16385] .. c:\windows\system32\cngaudit.dll
.
[-] 2009-07-14 . 94355C28C1970635A31B3FE52EB7CEBA . 129024 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[-] 2009-07-14 . 94355C28C1970635A31B3FE52EB7CEBA . 129024 . . [6.1.7600.16385] .. c:\windows\system32\wininit.exe
.
[-] 2009-07-14 . 42B6A94DD747DF2B5F628A2752E62A98 . 9728 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[-] 2009-07-14 . 42B6A94DD747DF2B5F628A2752E62A98 . 9728 . . [6.1.7600.16385] .. c:\windows\system32\ctfmon.exe
.
[-] 2010-11-20 . AAF932B4011D14052955D4B212A4DA8D . 370688 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7601.17514_none_2b566299338d2123\shsvcs.dll
[-] 2010-11-20 . AAF932B4011D14052955D4B212A4DA8D . 370688 . . [6.1.7600.16385] .. c:\windows\system32\shsvcs.dll
.
[-] 2009-07-14 . E4D94F24081440B5FC5AA556C7C62702 . 159232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.1.7600.16385_none_e55af7609d2857a8\regsvc.dll
[-] 2009-07-14 . E4D94F24081440B5FC5AA556C7C62702 . 159232 . . [6.1.7600.16385] .. c:\windows\system32\regsvc.dll
.
[-] 2010-11-20 . 262F6592C3299C005FD6BEC90FC4463A . 1110016 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7601.17514_none_8d272400ada202f9\schedsvc.dll
[-] 2010-11-20 . 262F6592C3299C005FD6BEC90FC4463A . 1110016 . . [6.1.7600.16385] .. c:\windows\system32\schedsvc.dll
.
[-] 2009-07-14 . 51B52FBD583CDE8AA9BA62B8B4298F33 . 193024 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.1.7600.16385_none_dbbe6492eae9505c\ssdpsrv.dll
[-] 2009-07-14 . 51B52FBD583CDE8AA9BA62B8B4298F33 . 193024 . . [6.1.7600.16385] .. c:\windows\system32\ssdpsrv.dll
.
[-] 2014-11-11 . 008CD4EBFABCF78D0F19B3778492648C . 683520 . . [6.1.7601.18637] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.18637_none_ecb2935b6af13c52\termsrv.dll
[-] 2014-10-16 . 4FC4C50985E5B840F4D72E57286887B8 . 681984 . . [6.1.7601.18540] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.18540_none_eca0bf836affa9bb\termsrv.dll
[-] 2014-10-14 . 6A5B600AD0041E9AF564DE73B716F3D2 . 686592 . . [6.1.7601.22843] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.22843_none_ed2d60f8841a8fd8\termsrv.dll
[-] 2014-07-16 . F4D7114060C034134A440846F411BB7F . 686080 . . [6.1.7601.22750] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.22750_none_ed1f8e488425629d\termsrv.dll
[-] 2010-11-20 . 2E648163254233755035B46DD7B89123 . 680960 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll
[-] 2014-11-11 . 008CD4EBFABCF78D0F19B3778492648C . 683520 . . [6.1.7601.17514] .. c:\windows\system32\termsrv.dll
.
[-] 2009-07-14 . 8560FFFC8EB3A806DCD4F82252CFC8C6 . 5120 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7601.17514_none_4627a1cbadebced2\ksuser.dll
[-] 2009-07-14 . 8560FFFC8EB3A806DCD4F82252CFC8C6 . 5120 . . [6.1.7600.16385] .. c:\windows\system32\ksuser.dll
.
[-] 2009-07-14 . E424B3EF666B184CEE0B6871AAA8C9F6 . 8192 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi-painting_31bf3856ad364e35_6.1.7600.16385_none_d360c9c235bd1868\msimg32.dll
[-] 2009-07-14 . E424B3EF666B184CEE0B6871AAA8C9F6 . 8192 . . [6.1.7600.16385] .. c:\windows\system32\msimg32.dll
.
[-] 2013-07-04 . 700BD5A6AA5381D1D8ADC4045149DBF6 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.22376_none_3bee2a494f8638cf\comctl32.dll
[-] 2013-07-04 . 700BD5A6AA5381D1D8ADC4045149DBF6 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.22376_none_ee67d2d082b9f619\comctl32.dll
[-] 2013-07-04 . 75F5E1FE8D55CF8E577E0EC5F2290D3F . 530432 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll
[-] 2013-07-04 . 75F5E1FE8D55CF8E577E0EC5F2290D3F . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18201_none_3bab3b80363456bb\comctl32.dll
[-] 2013-07-04 . 75F5E1FE8D55CF8E577E0EC5F2290D3F . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
[-] 2010-11-20 . BDAC1AA64495D0F7E1FF810EBBF1F018 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_3ba388ec36399c85\comctl32.dll
[-] 2010-11-20 . BDAC1AA64495D0F7E1FF810EBBF1F018 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
[-] 2010-11-20 . 352B3DC62A0D259A82A052238425C872 . 1680896 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
.
[-] 2014-12-09 . 623E143F2DF17C0106A9988F5D7DC878 . 143872 . . [6.1.7600.16385] .. c:\windows\SysWOW64\cryptsvc.dll
[-] 2014-12-09 . 623E143F2DF17C0106A9988F5D7DC878 . 143872 . . [6.1.7601.18526] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18526_none_77fe1d2ff917cf34\cryptsvc.dll
[-] 2014-10-30 . 3031B5DC2A58A7BCE6651EA9B7DD6390 . 145920 . . [6.1.7601.22856] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22856_none_78674e03124dbd1f\cryptsvc.dll
[-] 2013-10-05 . F2D9242C3BBD1C36467FCAE1AE01733F . 142848 . . [6.1.7601.22473] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
[-] 2013-07-09 . 6DB499DEFCC827317C5371164A7CDB27 . 142848 . . [6.1.7601.22380] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[-] 2013-07-09 . 7CA1BECEA5DE2643ADDAD32670E7A4C9 . 140288 . . [6.1.7601.18205] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[-] 2013-05-13 . 3897DFF247D9ED0006190349DE264E14 . 140288 . . [6.1.7601.18151] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[-] 2013-05-11 . AC04D05309BB2C418D0D80B9FB014642 . 142848 . . [6.1.7601.22322] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[-] 2013-05-10 . E122AA1C9A3CC46FF9DDDE46E5EB0C58 . 142848 . . [6.1.7601.22321] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[-] 2013-05-10 . 33ADF6E0853AB39EA1723BE82842C1D3 . 140288 . . [6.1.7601.18150] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[-] 2012-06-02 . 063DD65889D21035311463337BD268E7 . 142336 . . [6.1.7601.22010] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[-] 2012-06-02 . 96C0E38905CFD788313BE8E11DAE3F2F . 140288 . . [6.1.7601.17856] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[-] 2010-11-20 . A585BEBF7D054BD9618EDA0922D5484A . 136192 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
.
[-] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] .. c:\windows\SysWOW64\es.dll
[-] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll
.
[-] 2010-11-20 . A6F09E5669D9A19035F6D942CAA15882 . 119808 . . [6.1.7601.17514] .. c:\windows\SysWOW64\imm32.dll
[-] 2010-11-20 . A6F09E5669D9A19035F6D942CAA15882 . 119808 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_c4d0cdd7c56b493e\imm32.dll
.
[-] 2014-04-12 . C8C41EBEE097FEB29FB816854D3AD1E7 . 1114112 . . [6.1.7601.22653] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_fc95db0bba8ae4c2\kernel32.dll
[-] 2014-03-04 . 866696FBE24914047462E34812169954 . 1114112 . . [6.1.7601.22616] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22616_none_fcc41b99ba67c103\kernel32.dll
[-] 2014-03-04 . 76161B9D78A275F8F28DD67436013110 . 1114112 . . [6.1.7601.18015] .. c:\windows\SysWOW64\kernel32.dll
[-] 2014-03-04 . 76161B9D78A275F8F28DD67436013110 . 1114112 . . [6.1.7601.18015] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_fc484db2a13f5426\kernel32.dll
[-] 2013-08-29 . EE751CBD5D0C332FDF3DF7187B612416 . 1114112 . . [6.1.7601.22436] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22436_none_fcae77f5ba77fe97\kernel32.dll
[-] 2013-08-02 . 61579F821AB5FF7FA2966D64D1070BA8 . 1114112 . . [6.1.7601.22411] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22411_none_fcbf165bba6c4802\kernel32.dll
[-] 2013-08-02 . 365A5034093AD9E04F433046C4CDF6AB . 1114112 . . [6.1.7601.18229] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18229_none_fc32aa0ea14f91ba\kernel32.dll
[-] 2012-11-30 . 9CC2571E3646B9A24296AD7ADCC71682 . 1114112 . . [6.1.7601.22177] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll
[-] 2012-11-30 . AC0B6F41882FC6ED186962D770EBF1D2 . 1114112 . . [6.1.7601.18015] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll
[-] 2010-11-20 . E80758CF485DB142FCA1EE03A34EAD05 . 837632 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll
.
[-] 2009-07-14 . 5987EA8A82C53359BCD2C29D6588583E . 22016 . . [6.1.7600.16385] .. c:\windows\SysWOW64\linkinfo.dll
[-] 2009-07-14 . 5987EA8A82C53359BCD2C29D6588583E . 22016 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_9eaece15f365da54\linkinfo.dll
.
[-] 2013-06-06 . 84CA3579EEB69D8E1EE67E4F721BF71C . 25600 . . [6.1.7601.22350] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_12a807b2bec875e6\lpk.dll
[-] 2013-06-06 . CC23295DA8F7B5C53F93804D2F5D30EB . 25600 . . [6.1.7601.18177] .. c:\windows\SysWOW64\lpk.dll
[-] 2013-06-06 . CC23295DA8F7B5C53F93804D2F5D30EB . 25600 . . [6.1.7601.18177] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_120fcb2fa5b4c238\lpk.dll
[-] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_124dc839a586a988\lpk.dll
.
[-] 2014-12-09 . 220505B0B3E96C857DD01729AF0CD369 . 19749376 . . [11.00.9600.17496] .. c:\windows\SysWOW64\mshtml.dll
[-] 2014-12-09 . 220505B0B3E96C857DD01729AF0CD369 . 19749376 . . [11.00.9600.17496] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17501_none_ffe2a0da6ba1a1c0\mshtml.dll
[-] 2014-11-11 . 93074C4FA92A8399404D032F6AF72C1B . 19781632 . . [11.00.9600.17420] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17420_none_ffef88226b979edc\mshtml.dll
[-] 2014-10-16 . F91E55DA404B834648A3B0A2477C10DB . 17484800 . . [11.00.9600.17344] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17358_none_fffca2ac6b8d9bf8\mshtml.dll
[-] 2014-09-10 . 7BF1CE9240CB9DD27C3E30733176EB8E . 17455104 . . [11.00.9600.17280] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17280_none_000b29b66b81ff04\mshtml.dll
[-] 2014-08-13 . 8453DDF167CE2986AA4AB04BC6824925 . 17524224 . . [11.00.9600.17239] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17239_none_00055b3c6b8766fa\mshtml.dll
[-] 2014-07-11 . DFA59840BB1220AFD261FDAE83543959 . 17276416 . . [11.00.9600.17207] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17207_none_000287ee6b89e7b3\mshtml.dll
[-] 2014-06-12 . D5ECBB3BFDC73A59440D9CA79AB3A342 . 17271296 . . [11.00.9600.17126] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17126_none_000f6f366b7fe4cf\mshtml.dll
[-] 2014-05-31 . EB5347F6149D3FF25F4D609A21A3BD67 . 17382912 . . [11.00.9600.17107] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17107_none_000d57da6b81cbc2\mshtml.dll
[-] 2014-05-29 . EA85144F35EDE6EE25C484D4242FF2C8 . 17387008 . . [11.00.9600.17041] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17041_none_001cb19e6b757b67\mshtml.dll
[-] 2014-05-08 . 0C81FB54D859FA2BA2680C7803A77CB6 . 17073152 . . [11.00.9600.16663] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16663_none_ffdda3346ba48bd6\mshtml.dll
.
[-] 2011-12-16 . 2F740C4B458331357E825E94AFB0953A . 690688 . . [7.0.7601.21878] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_d3a962431672ddd2\msvcrt.dll
[-] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] .. c:\windows\SysWOW64\msvcrt.dll
[-] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_d33c3413fd4084d9\msvcrt.dll
[-] 2009-07-14 . E46D48A7FE961401F1CBF85531CDF05D . 690688 . . [7.0.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_d12b8c440039b31e\msvcrt.dll
.
[-] 2013-09-08 . E94C583CDE2348950155F2AF2876F34D . 231424 . . [6.1.7600.16385] .. c:\windows\SysWOW64\mswsock.dll
[-] 2013-09-08 . E94C583CDE2348950155F2AF2876F34D . 231424 . . [6.1.7601.18254] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_ba2f64c78bae6989\mswsock.dll
[-] 2013-09-07 . 6547D445C4B69DC0083B619AC642DF04 . 231424 . . [6.1.7601.22444] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_bac3d364a4c3ea89\mswsock.dll
[-] 2010-11-20 . 8999B8631C7FD9F7F9EC3CAFD953BA24 . 232448 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
.
[-] 2010-11-20 . C1809B9907ADEDAF16F50C894100883B . 563712 . . [6.1.7600.16385] .. c:\windows\SysWOW64\netlogon.dll
[-] 2010-11-20 . C1809B9907ADEDAF16F50C894100883B . 563712 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
.
[-] 2009-07-14 . 08DFDBD2FD4EA951DC46B1C7661ED35A . 145408 . . [6.1.7600.16385] .. c:\windows\SysWOW64\powrprof.dll
[-] 2009-07-14 . 08DFDBD2FD4EA951DC46B1C7661ED35A . 145408 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_a2eff4845e2bf4e2\powrprof.dll
.
[-] 2010-11-20 . 8124944EC89D6A1815E4E53F5B96AAF4 . 175616 . . [6.1.7600.16385] .. c:\windows\SysWOW64\scecli.dll
[-] 2010-11-20 . 8124944EC89D6A1815E4E53F5B96AAF4 . 175616 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
.
[-] 2009-07-14 . 40CAEEE0EAF1B8569F7C8DF6420F2CB9 . 2560 . . [6.1.7600.16385] .. c:\windows\SysWOW64\sfc.dll
[-] 2009-07-14 . 40CAEEE0EAF1B8569F7C8DF6420F2CB9 . 2560 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_a70c196fbd853ae9\sfc.dll
.
[-] 2009-07-14 . 54A47F6B5E09A77E61649109C6A08866 . 20992 . . [6.1.7600.16385] .. c:\windows\SysWOW64\svchost.exe
[-] 2009-07-14 . 54A47F6B5E09A77E61649109C6A08866 . 20992 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
.
[-] 2010-11-20 . 613BF4820361543956909043A265C6AC . 242176 . . [6.1.7600.16385] .. c:\windows\SysWOW64\tapisrv.dll
[-] 2010-11-20 . 613BF4820361543956909043A265C6AC . 242176 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_e54442c74334b18a\tapisrv.dll
.
[-] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[-] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
[-] 2010-11-20 . 61AC3EFDFACFDD3F0F11DD4FD4044223 . 26624 . . [6.1.7600.16385] .. c:\windows\SysWOW64\userinit.exe
[-] 2010-11-20 . 61AC3EFDFACFDD3F0F11DD4FD4044223 . 26624 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
[-] 2014-12-09 . 5E4E0E43E0A5BF9F089696DFA7A3D677 . 1888256 . . [11.00.9600.16428] .. c:\windows\SysWOW64\wininet.dll
[-] 2014-12-09 . 5E4E0E43E0A5BF9F089696DFA7A3D677 . 1888256 . . [11.00.9600.17496] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17501_none_88153be5fe8d0559\wininet.dll
[-] 2014-11-11 . 6DD7D61A8EF3DFEC4FAEFEB395E77424 . 1892864 . . [11.00.9600.17420] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17420_none_8822232dfe830275\wininet.dll
[-] 2014-10-16 . 7AE80F921027CF88CB9D0433088A3E55 . 1810944 . . [11.00.9600.17344] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17358_none_882f3db7fe78ff91\wininet.dll
[-] 2014-09-10 . D58988722C72D265B51A54103DFC2C6F . 1812992 . . [11.00.9600.17280] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17280_none_883dc4c1fe6d629d\wininet.dll
[-] 2014-08-13 . B945BAA81B4805AD6BDDF4D026DCFB47 . 1792512 . . [11.00.9600.17239] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17239_none_8837f647fe72ca93\wininet.dll
[-] 2014-07-11 . CCC198257901BEEA2FBF8EB1E7678356 . 1791488 . . [11.00.9600.17207] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17207_none_883522f9fe754b4c\wininet.dll
[-] 2014-06-12 . 771CDBC3D62437D6DB070820BB1EDCCF . 1790976 . . [11.00.9600.17126] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17126_none_88420a41fe6b4868\wininet.dll
[-] 2014-05-29 . E4E829EE073E046B0EB19B5FECB19B8C . 1789440 . . [11.00.9600.17041] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17041_none_884f4ca9fe60df00\wininet.dll
[-] 2014-03-01 . AAFEAB4FC9D70253F8C7E353E879E8A2 . 1820160 . . [11.00.9600.16521] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16521_none_88173a93fe8b3ae0\wininet.dll
[-] 2014-02-06 . 9C89246184979A070B0C6CCF61C68136 . 1820160 . . [11.00.9600.16518] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16518_none_88159ad1fe8cd4f0\wininet.dll
[-] 2013-11-28 . B5EB5BD3066959611E1F7A80FD6CC172 . 1818112 . . [11.00.9600.16428] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16428_none_88216b07fe83d256\wininet.dll
[-] 2013-11-26 . 927FA6456AD6D7630F6854828D2FD16B . 1820160 . . [11.00.9600.16476] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16476_none_88269a09fe7f1dc7\wininet.dll
[-] 2010-11-20 . 44214C94911C7CFB1D52CB64D5E8368D . 980992 . . [8.00.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll
.
[-] 2010-11-20 . 7FF15A4F092CD4A96055BA69F903E3E9 . 206848 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ws2_32.dll
[-] 2010-11-20 . 7FF15A4F092CD4A96055BA69F903E3E9 . 206848 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
.
[-] 2009-07-14 . 808AABDF9337312195CAFF76D1804786 . 4608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ws2help.dll
[-] 2009-07-14 . 808AABDF9337312195CAFF76D1804786 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\ws2help.dll
.
[-] 2011-02-26 . 3B69712041F3D63605529BD66DC00C48 . 2871808 . . [6.1.7601.21669] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[-] 2011-02-25 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7600.16385] .. c:\windows\explorer.exe
[-] 2011-02-25 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7601.17567] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[-] 2010-11-20 . AC4C51EB24AA95B77F705AB159189E24 . 2872320 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
.
[-] 2009-07-14 . 2E2C937846A0B8789E5E91739284D17A . 427008 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[-] 2009-07-14 . 2E2C937846A0B8789E5E91739284D17A . 398336 . . [6.1.7600.16385] .. c:\windows\regedit.exe
.
[-] 2010-11-20 . 928CF7268086631F54C3D8E17238C6DD . 1414144 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ole32.dll
[-] 2010-11-20 . 928CF7268086631F54C3D8E17238C6DD . 1414144 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_ae2511475093798f\ole32.dll
.
[-] 2014-06-11 . A5F833506BF6A1B5D693E1499DEE2444 . 626688 . . [1.0626.7601.18454] .. c:\windows\SysWOW64\usp10.dll
[-] 2014-06-11 . A5F833506BF6A1B5D693E1499DEE2444 . 626688 . . [1.0626.7601.18454] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18454_none_aed68a9bb6df0577\usp10.dll
[-] 2014-04-25 . 5A7B3405C2AAE5369F6CB42FE248FBB0 . 626688 . . [1.0626.7601.22666] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22666_none_af5759f4d002f107\usp10.dll
[-] 2010-11-20 . 804AAAFEBB3AD5F49334DD906BCB1DE5 . 626176 . . [1.0626.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_af01e2f9b6be7939\usp10.dll
.
[-] 2009-07-14 . 9C67F6BBDA3881CFD02095160CF91576 . 4608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ksuser.dll
[-] 2009-07-14 . 9C67F6BBDA3881CFD02095160CF91576 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7601.17514_none_ea090647f58e5d9c\ksuser.dll
.
[-] 2009-07-14 . 4A3CDCEF8ED41B221F3DBEF5792FB52D . 8704 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ctfmon.exe
[-] 2009-07-14 . 4A3CDCEF8ED41B221F3DBEF5792FB52D . 8704 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe
.
[-] 2010-11-20 . 414DA952A35BF5D50192E28263B40577 . 328192 . . [6.1.7600.16385] .. c:\windows\SysWOW64\shsvcs.dll
[-] 2010-11-20 . 414DA952A35BF5D50192E28263B40577 . 328192 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7601.17514_none_35ab0ceb67ede31e\shsvcs.dll
.
[-] 2009-07-14 . 18AB2E5A40064ED5F7791AC5946A90F3 . 4608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\msimg32.dll
[-] 2009-07-14 . 18AB2E5A40064ED5F7791AC5946A90F3 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.1.7600.16385_none_77422e3e7d5fa732\msimg32.dll
.
[-] 2009-07-14 . 50BA656134F78AF64E4DD3C8B6FEFD7E . 12288 . . [6.1.7600.16385] .. c:\windows\SysWOW64\cngaudit.dll
[-] 2009-07-14 . 50BA656134F78AF64E4DD3C8B6FEFD7E . 12288 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
.
[-] 2009-07-14 . B5C5DCAD3899512020D135600129D665 . 96256 . . [6.1.7600.16385] .. c:\windows\SysWOW64\wininit.exe
[-] 2009-07-14 . B5C5DCAD3899512020D135600129D665 . 96256 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
.
[-] 2009-07-14 . A1E91B5B5273573FC132B683E550B5E6 . 19456 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ias.dll
[-] 2009-07-14 . A1E91B5B5273573FC132B683E550B5E6 . 19456 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.1.7601.17514_none_fb08448fa0c85c23\ias.dll
.
[-] 2010-11-20 12:19 . AB9EB3745B03AE67AB241A82338DEA7B . 954288 . . [4.1.6140] .. c:\windows\SysWOW64\mfc40u.dll
[-] 2010-11-20 12:19 . AB9EB3745B03AE67AB241A82338DEA7B . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7601.17514_none_f51a7bf0b3d25294\mfc40u.dll
.
[-] 2009-07-14 . 833FBB672460EFCE8011D262175FAD33 . 266752 . . [6.1.7600.16385] .. c:\windows\SysWOW64\upnphost.dll
[-] 2009-07-14 . 833FBB672460EFCE8011D262175FAD33 . 266752 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.1.7600.16385_none_2831d06e8295c671\upnphost.dll
.
[-] 2009-07-14 . 0E85C11F8850D524B02181C6E02BA9AE . 453632 . . [6.1.7600.16385] .. c:\windows\SysWOW64\dsound.dll
[-] 2009-07-14 . 0E85C11F8850D524B02181C6E02BA9AE . 453632 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_5872147ba3367471\dsound.dll
.
[-] 2010-11-20 . 6EF5F3F18413C367195F06E503AB86A6 . 1828352 . . [6.1.7601.17514] .. c:\windows\SysWOW64\d3d9.dll
[-] 2010-11-20 . 6EF5F3F18413C367195F06E503AB86A6 . 1828352 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_c454d690bf084f04\d3d9.dll
.
[-] 2009-07-14 . 198552AEFECA69D646867EC8D792DE95 . 531968 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ddraw.dll
[-] 2009-07-14 . 198552AEFECA69D646867EC8D792DE95 . 531968 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.1.7600.16385_none_04dbf9102154d42e\ddraw.dll
.
[-] 2010-11-20 12:20 . 703FFD301AB900B047337C5D40FD6F96 . 90112 . . [6.1.7601.17514] .. c:\windows\SysWOW64\olepro32.dll
[-] 2010-11-20 12:20 . 703FFD301AB900B047337C5D40FD6F96 . 90112 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.1.7601.17514_none_3c1b247e5ff65f89\olepro32.dll
.
[-] 2009-07-14 . EDD2AD141DEBD425D74A52A4D7BE6AC4 . 39424 . . [6.1.7600.16385] .. c:\windows\SysWOW64\perfctrs.dll
[-] 2009-07-14 . EDD2AD141DEBD425D74A52A4D7BE6AC4 . 39424 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.1.7600.16385_none_97bcd9bcab2b9b3a\perfctrs.dll
.
[-] 2009-07-14 . 702254574E7E52052DE39408457B7149 . 21504 . . [6.1.7600.16385] .. c:\windows\SysWOW64\version.dll
[-] 2009-07-14 . 702254574E7E52052DE39408457B7149 . 21504 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.1.7600.16385_none_14d4a552b2395165\version.dll
.
[-] 2009-07-14 . 5A12C364AD1D4FCC0AD0E56DBBC34462 . 16896 . . [6.1.7600.16385] .. c:\windows\SysWOW64\midimap.dll
[-] 2009-07-14 . 5A12C364AD1D4FCC0AD0E56DBBC34462 . 16896 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.1.7600.16385_none_8cd41e2771e37717\midimap.dll
.
[-] 2009-07-14 . ED6EE83D61EBC683C2CD8E899EA6FEBE . 11776 . . [6.1.7600.16385] .. c:\windows\SysWOW64\rasadhlp.dll
[-] 2009-07-14 . ED6EE83D61EBC683C2CD8E899EA6FEBE . 11776 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_76239aafb364e805\rasadhlp.dll
.
[-] 2009-07-14 . EE5C8E27C37B79CB54A2FCEEED2DC262 . 9216 . . [6.1.7601.17514] .. c:\windows\SysWOW64\WSHTCPIP.DLL
[-] 2009-07-14 . EE5C8E27C37B79CB54A2FCEEED2DC262 . 9216 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.1.7600.16385_none_cb895be592db1acb\WSHTCPIP.DLL
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}]
2012-02-20 02:34 342232 -c--a-w- c:\progra~2\SITERA~1\SiteRank.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-10-26 18:30 239272 -c--a-w- c:\users\Karel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-10-26 18:30 239272 -c--a-w- c:\users\Karel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-10-26 18:30 239272 -c--a-w- c:\users\Karel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-17 01:55 1729752 -c--a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-17 01:55 1729752 -c--a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-17 01:55 1729752 -c--a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"SkyDrive"="c:\users\Karel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2014-10-26 277672]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2014-10-14 720064]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE" [2014-06-16 833024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2009-10-09 47976]
"LoadFUJ02E3"="c:\program files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe" [2009-10-08 36712]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\users\Karel\AppData\Local\Temp\HWiNFO64A.SYS;c:\users\Karel\AppData\Local\Temp\HWiNFO64A.SYS [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VFPRadioSupportService;Bluetooth Feature Support;c:\program files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe;c:\program files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [x]
S2 WirelessSelectorService;WirelessSelectorService;c:\program files\Fujitsu\WirelessSelector\WSUService.exe;c:\program files\Fujitsu\WirelessSelector\WSUService.exe [x]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\DRIVERS\FUJ02E3.sys;c:\windows\SYSNATIVE\DRIVERS\FUJ02E3.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys;c:\windows\SYSNATIVE\DRIVERS\qicflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 21:19]
.
2014-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-31 22:11]
.
2014-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-31 22:11]
.
2014-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0003ec57dd0d6.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-31 22:11]
.
2014-12-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000Core.job
- c:\users\Karel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-14 10:36]
.
2014-12-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000UA.job
- c:\users\Karel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-14 10:36]
.
2014-12-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000UA1d000b01e8ca666.job
- c:\users\Karel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-14 10:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-10-26 18:30 266416 -c--a-w- c:\users\Karel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-10-26 18:30 266416 -c--a-w- c:\users\Karel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-10-26 18:30 266416 -c--a-w- c:\users\Karel\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-17 01:55 2334928 -c--a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-17 01:55 2334928 -c--a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-17 01:55 2334928 -c--a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 16:52 777032 -c--a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 16:52 777032 -c--a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 16:52 777032 -c--a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 16:52 777032 -c--a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 16:52 777032 -c--a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-12 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-12 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-12 410136]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-28 8312352]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2009-10-15 157544]
"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2009-10-15 35176]
"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2009-07-30 188264]
"FDM7"="c:\program files\Fujitsu\FDM7\FdmDaemon.exe" [2009-11-26 164712]
"ConMgr"="c:\program files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe" [2009-12-24 535440]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-10-01 5595336]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.inbox.com/homepage.aspx?tbid=80328&lng=cs
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tb_id=60547
mCustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60547
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.33.1
FF - ProfilePath - c:\users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\bsm0bqjb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
FF - prefs.js: network.proxy.type - 2
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-BthSyncServ - c:\program files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
"Key"="ActionsPane3"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-12-09 23:48:44
ComboFix-quarantined-files.txt 2014-12-09 22:48
.
Před spuštěním: Volných bajtů: 109 286 948 864
Po spuštění: Volných bajtů: 109 254 352 896
.
- - End Of File - - 1F038658F822B4302C74A3B4375DA412
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Moc prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Moc prosím o kontrolu logu
Dobry vecer 
Protoze jste spoustel/a ComboFix a souhlasila s jeho podminkami pouziti, predpokladam, ze jste osoba zkusena nebo na Vas osoba zkusena alespon dohlizela.
Nez zkontroluju integritu vsech podezrelych hashu a sepisu skript, postupujte nasledujicim krokem.
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Jsou s PC nejake konkretni problemy?
Protoze jste spoustel/a ComboFix a souhlasila s jeho podminkami pouziti, predpokladam, ze jste osoba zkusena nebo na Vas osoba zkusena alespon dohlizela. Nez zkontroluju integritu vsech podezrelych hashu a sepisu skript, postupujte nasledujicim krokem. V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Clean
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Jsou s PC nejake konkretni problemy?Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Moc prosím o kontrolu logu
# AdwCleaner v4.105 - Report created 10/12/2014 at 00:35:32
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Karel - KAREL-PC
# Running from : F:\install\adwcleaner_4.105.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : c2cautoupdatesvc
Service Deleted : c2cpnrsvc
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\SiteRanker
Folder Deleted : C:\Users\Karel\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\Karel\AppData\LocalLow\SiteRanker
Folder Deleted : C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [siteranker@siteranker.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bebnnlollpcjnfpkafhoclljaojgnfok
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\SiteRanker
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
-\\ Mozilla Firefox v34.0 (x86 cs)
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [5963 octets] - [10/12/2014 00:33:53]
AdwCleaner[S0].txt - [5142 octets] - [10/12/2014 00:35:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5202 octets] ##########
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Karel - KAREL-PC
# Running from : F:\install\adwcleaner_4.105.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : c2cautoupdatesvc
Service Deleted : c2cpnrsvc
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\SiteRanker
Folder Deleted : C:\Users\Karel\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\Karel\AppData\LocalLow\SiteRanker
Folder Deleted : C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [siteranker@siteranker.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bebnnlollpcjnfpkafhoclljaojgnfok
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\SiteRanker
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
-\\ Mozilla Firefox v34.0 (x86 cs)
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [5963 octets] - [10/12/2014 00:33:53]
AdwCleaner[S0].txt - [5142 octets] - [10/12/2014 00:35:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5202 octets] ##########
Re: Moc prosím o kontrolu logu
Jsou s PC nejake konkretni problemy? Nestydte se a klidne se mnou komunikujte 
Pokud nepouzivate, odinstalujte Skype Click to Call Pokud jeste nemate, presunte ComboFix na plochu.
- Otevrete Poznamkovy blok (Start -> Spustit -> notepad)
- zkopirujte do nej skript nize a ulozte na plochu jako CFScript (Typ souboru: Textovy dokument)
Kód: Vybrat vše
KillAll:: Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=- "Zoner Photo Studio Autoupdate"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=- "SunJavaUpdateSched"=- "BCSSync"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdobeAAMUpdater-1.0"=- File:: c:\windows\Tasks\GoogleUpdateTaskMachineCore.job c:\windows\Tasks\GoogleUpdateTaskMachineUA.job c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0003ec57dd0d6.job c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000Core.job c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000UA.job c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000UA1d000b01e8ca666.job RegLock:: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] ClearJavaCache:: Reboot:: - Tento CFScript.txt chytte, doslova pretahnete nad ikonu ComboFixu a pustte.
- Po restartu na Vas vyskoci log, jehoz obsah mi vlozte do dalsi odpovedi.
Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit Muze se stat, ze po aplikaci skriptu nenabehnou Windows. V tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraciPokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Moc prosím o kontrolu logu
Moc děkuji za reakci!!
nějak se neodeslala odpověď, psala jsem, že byl problém se zavirovaným routerem, který měl být vyřešen, ale zřejmě neúspěšně...
po připojení na danou wifi se výrazně zpomalil počítač, ač nebyla taková zátěž, všechny programy se otevíraly dlouho, reakce byly velmi zpomalené, pokud vůbec byly
nějak se neodeslala odpověď, psala jsem, že byl problém se zavirovaným routerem, který měl být vyřešen, ale zřejmě neúspěšně...
po připojení na danou wifi se výrazně zpomalil počítač, ač nebyla taková zátěž, všechny programy se otevíraly dlouho, reakce byly velmi zpomalené, pokud vůbec byly
Re: Moc prosím o kontrolu logu
ComboFix 14-12-04.01 - Karel 10.12.2014 2:27:54.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3893.2655 [GMT 1:00]
Spuštěný z: F:\install\ComboFix.exe
Použité ovládací přepínače :: C:\Users\Karel\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0003ec57dd0d6.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000UA1d000b01e8ca666.job"
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
---- Předchozí spuštění -------
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0003ec57dd0d6.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000UA1d000b01e8ca666.job
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-10 do 2014-12-10 )))))))))))))))))))))))))))))))
2014-12-10 01:40:34 . 2014-12-10 01:40:34 -------- dc----w- C:\Users\Default\AppData\Local\temp
2014-12-09 23:33:48 . 2014-12-09 23:35:38 -------- dc----w- C:\AdwCleaner
2014-12-09 18:57:53 . 2014-12-09 18:57:53 -------- dc----w- C:\Windows\system32\appraiser
2014-12-09 18:43:51 . 2014-12-09 18:43:54 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2014-12-09 18:43:51 . 2014-12-09 18:43:54 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-09 18:43:51 . 2014-12-09 18:43:54 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2014-12-09 18:43:51 . 2014-12-09 18:43:54 103424 ----a-w- C:\Windows\SysWow64\mfps.dll
2014-12-09 18:43:51 . 2014-12-09 18:43:53 55808 ----a-w- C:\Windows\system32\rrinstaller.exe
2014-12-09 18:43:51 . 2014-12-09 18:43:53 4121600 ----a-w- C:\Windows\system32\mf.dll
2014-12-09 18:43:51 . 2014-12-09 18:43:53 24576 ----a-w- C:\Windows\system32\mfpmp.exe
2014-12-09 18:43:51 . 2014-12-09 18:43:53 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2014-12-09 18:43:51 . 2014-12-09 18:43:53 206848 ----a-w- C:\Windows\system32\mfps.dll
2014-12-09 18:43:51 . 2014-12-09 18:43:53 2048 ----a-w- C:\Windows\system32\mferror.dll
2014-12-09 18:38:45 . 2014-12-09 18:55:35 1232040 ----a-w- C:\Windows\system32\aitstatic.exe
2014-12-09 18:38:45 . 2014-12-09 18:55:34 192000 ----a-w- C:\Windows\system32\aepic.dll
2014-12-09 18:38:45 . 2014-12-09 18:55:34 1083392 ----a-w- C:\Windows\system32\aeinv.dll
2014-12-09 18:38:44 . 2014-12-09 18:55:36 396800 ----a-w- C:\Windows\system32\devinv.dll
2014-12-09 18:38:44 . 2014-12-09 18:55:35 741376 ----a-w- C:\Windows\system32\invagent.dll
2014-12-09 18:38:44 . 2014-12-09 18:55:35 413184 ----a-w- C:\Windows\system32\generaltel.dll
2014-12-09 18:38:43 . 2014-12-09 18:55:34 227328 ----a-w- C:\Windows\system32\aepdu.dll
2014-12-09 18:37:34 . 2014-12-09 18:54:52 187904 ----a-w- C:\Windows\system32\cryptsvc.dll
2014-12-09 18:37:33 . 2014-12-09 18:54:53 1480192 ----a-w- C:\Windows\system32\crypt32.dll
2014-12-09 18:37:33 . 2014-12-09 18:54:52 143872 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2014-12-09 18:37:33 . 2014-12-09 18:54:52 1174528 ----a-w- C:\Windows\SysWow64\crypt32.dll
2014-12-09 18:37:29 . 2014-12-09 18:45:13 119296 ----a-w- C:\Windows\system32\drivers\tdx.sys
2014-12-09 18:35:21 . 2014-12-09 18:42:28 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-12-09 18:35:21 . 2014-12-09 18:42:28 2048 ----a-w- C:\Windows\system32\tzres.dll
2014-12-09 09:09:28 . 2014-11-02 04:20:59 11632448 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DBA4492F-8C34-488C-B6CE-160854B68AF4}\mpengine.dll
2014-11-30 00:58:57 . 2014-11-30 00:58:57 -------- dc----w- C:\Users\Karel\AppData\Roaming\Convert Audio Free
2014-11-25 19:49:47 . 2014-11-25 19:49:47 -------- dc----w- C:\Program Files (x86)\Common Files\Skype
2014-11-25 12:59:38 . 2014-11-25 12:59:38 18638520 -c--a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2014-11-19 15:11:53 . 2014-11-20 02:00:36 728064 ----a-w- C:\Windows\system32\kerberos.dll
2014-11-19 15:11:53 . 2014-11-20 02:00:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-19 15:11:53 . 2014-11-20 02:00:36 241152 ----a-w- C:\Windows\system32\pku2u.dll
2014-11-19 15:11:53 . 2014-11-20 02:00:36 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-19 03:31:16 . 2014-11-19 03:31:16 1217192 -c--a-w- C:\Windows\SysWow64\FM20.DLL
2014-11-17 01:53:57 . 2014-11-17 01:51:31 590536 -c--a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-11-17 01:51:51 . 2014-11-17 02:06:09 -------- dc----w- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-17 01:47:35 . 2014-11-17 01:47:48 -------- dc----w- C:\Program Files\Microsoft Office 15
2014-11-17 01:13:12 . 2014-04-03 23:42:24 3382440 -c--a-w- C:\Windows\system32\BootMan.exe
2014-11-17 01:13:12 . 2014-04-03 23:25:46 2499752 -c--a-w- C:\Windows\SysWow64\BootMan.exe
2014-11-17 01:13:12 . 2013-03-07 08:49:20 9160 -c--a-w- C:\Windows\SysWow64\EuGdiDrv.sys
2014-11-17 01:13:12 . 2013-03-07 08:49:20 87112 -c--a-w- C:\Windows\SysWow64\setupempdrv03.exe
2014-11-17 01:13:12 . 2013-03-07 08:49:20 14920 -c--a-w- C:\Windows\SysWow64\epmntdrv.sys
2014-11-17 01:13:12 . 2013-03-07 08:49:18 9800 -c--a-w- C:\Windows\system32\EuGdiDrv.sys
2014-11-17 01:13:12 . 2013-03-07 08:49:18 17480 -c--a-w- C:\Windows\system32\epmntdrv.sys
2014-11-17 01:13:12 . 2013-03-07 08:49:18 100936 -c--a-w- C:\Windows\system32\setupempdrvx64.exe
2014-11-17 01:13:12 . 2013-03-07 08:49:14 16256 -c--a-w- C:\Windows\system32\EuEpmGdi.dll
2014-11-17 01:13:12 . 2013-03-07 08:49:12 19840 -c--a-w- C:\Windows\SysWow64\EuEpmGdi.dll
2014-11-17 01:13:02 . 2014-11-17 01:13:02 -------- dc----w- C:\Program Files (x86)\EaseUS
2014-11-15 16:01:29 . 2014-11-15 16:01:29 -------- dc----w- C:\Users\Karel\.ssh
2014-11-14 19:37:02 . 2014-11-14 19:37:10 -------- dc----w- C:\Users\Karel\AppData\Roaming\FileZilla
2014-11-14 19:20:30 . 2014-11-14 19:20:30 -------- dc----w- C:\Users\Karel\AppData\Roaming\JetBrains
2014-11-14 19:19:50 . 2014-11-14 19:19:50 -------- dc----w- C:\Users\Karel\.WebStorm9
2014-11-14 13:57:10 . 2014-11-14 13:57:28 -------- dc----w- C:\Windows\rescache
2014-11-11 19:49:17 . 2014-11-11 21:48:59 683520 ----a-w- C:\Windows\system32\termsrv.dll
2014-11-11 19:49:17 . 2014-11-11 21:48:59 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-11-11 19:49:17 . 2014-11-11 21:48:59 681984 ----a-w- C:\Windows\system32\adtschema.dll
2014-11-11 19:49:17 . 2014-11-11 21:48:59 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-11-11 19:49:17 . 2014-11-11 21:48:59 146432 ----a-w- C:\Windows\system32\msaudite.dll
2014-11-11 19:49:17 . 2014-11-11 21:48:58 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-11-11 19:49:17 . 2014-11-11 21:48:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-11-11 19:49:17 . 2014-11-11 21:48:58 155064 ----a-w- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-11 19:49:17 . 2014-11-11 21:48:58 1460736 ----a-w- C:\Windows\system32\lsasrv.dll
2014-11-11 15:46:16 . 2014-11-11 15:46:16 3225280 -c--a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\1029\MSOINTL.DLL
2014-11-11 04:24:18 . 2014-11-11 04:24:18 195272 -c--a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\LICLUA.EXE
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2014-12-09 18:46:41 . 2010-10-16 00:16:37 112710672 -c--a-w- C:\Windows\system32\MRT.exe
2014-12-09 18:42:37 . 2014-12-09 18:36:18 165888 ----a-w- C:\Windows\system32\charmap.exe
2014-11-25 21:19:31 . 2012-04-04 15:54:06 701104 -c--a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-25 21:19:31 . 2011-05-17 16:26:33 71344 -c--a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-11 21:36:29 . 2014-11-11 19:47:39 342016 ----a-w- C:\Windows\system32\schannel.dll
2014-11-11 21:36:29 . 2014-11-11 19:47:38 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-11-04 13:30:58 . 2010-09-14 16:13:39 275080 -c----w- C:\Windows\system32\MpSigStub.exe
2014-10-16 09:10:49 . 2014-10-15 22:32:36 1943696 ----a-w- C:\Windows\system32\dfshim.dll
2014-10-16 09:10:49 . 2014-10-15 22:32:36 156824 ----a-w- C:\Windows\SysWow64\mscorier.dll
2014-10-16 09:10:49 . 2014-10-15 22:32:36 156312 ----a-w- C:\Windows\system32\mscorier.dll
2014-10-16 09:10:49 . 2014-10-15 22:32:36 1131664 ----a-w- C:\Windows\SysWow64\dfshim.dll
2014-10-16 09:10:49 . 2014-10-15 22:32:35 81560 ----a-w- C:\Windows\SysWow64\mscories.dll
2014-10-16 09:10:49 . 2014-10-15 22:32:35 73880 ----a-w- C:\Windows\system32\mscories.dll
2014-10-16 09:09:15 . 2014-10-15 22:29:29 424448 ----a-w- C:\Windows\system32\rastls.dll
2014-10-16 09:09:15 . 2014-10-15 22:29:29 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2014-10-16 09:09:07 . 2014-10-15 22:29:21 3221504 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-10-16 09:09:07 . 2014-10-15 22:29:20 3722240 ----a-w- C:\Windows\system32\mstscax.dll
2014-10-16 09:09:07 . 2014-10-15 22:29:19 235520 ----a-w- C:\Windows\system32\winsta.dll
2014-10-16 09:09:07 . 2014-10-15 22:29:19 1118720 ----a-w- C:\Windows\system32\mstsc.exe
2014-10-16 09:09:07 . 2014-10-15 22:29:19 1051136 ----a-w- C:\Windows\SysWow64\mstsc.exe
2014-10-16 09:09:07 . 2014-10-15 22:29:18 455168 ----a-w- C:\Windows\system32\winlogon.exe
2014-10-16 09:09:07 . 2014-10-15 22:29:18 212480 ----a-w- C:\Windows\system32\drivers\rdpwd.sys
2014-10-16 09:09:07 . 2014-10-15 22:29:18 157696 ----a-w- C:\Windows\SysWow64\winsta.dll
2014-10-16 09:09:07 . 2014-10-15 22:29:18 150528 ----a-w- C:\Windows\system32\rdpcorekmts.dll
2014-10-16 09:09:07 . 2014-10-15 22:29:18 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2014-10-16 09:09:07 . 2014-10-15 22:29:17 39936 ----a-w- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-10 07:59:12 . 2014-10-10 07:59:12 243440 -c--a-w- C:\Windows\system32\drivers\eamonm.sys
2014-10-10 07:59:12 . 2014-10-10 07:59:12 241368 -c--a-w- C:\Windows\system32\drivers\edevmon.sys
2014-10-10 07:59:12 . 2014-10-10 07:59:12 169280 -c--a-w- C:\Windows\system32\drivers\ehdrv.sys
2014-10-10 07:59:12 . 2014-10-10 07:59:12 158968 -c--a-w- C:\Windows\system32\drivers\epfwwfpr.sys
2014-10-01 11:03:24 . 2014-09-30 21:02:23 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-10-01 11:03:24 . 2014-09-30 21:02:23 371712 ----a-w- C:\Windows\system32\qdvd.dll
2014-09-12 11:14:02 . 2012-07-17 13:37:10 23256 -c--a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3893.2655 [GMT 1:00]
Spuštěný z: F:\install\ComboFix.exe
Použité ovládací přepínače :: C:\Users\Karel\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0003ec57dd0d6.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000UA1d000b01e8ca666.job"
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
---- Předchozí spuštění -------
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0003ec57dd0d6.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3828675760-4203229762-2768651070-1000UA1d000b01e8ca666.job
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-10 do 2014-12-10 )))))))))))))))))))))))))))))))
2014-12-10 01:40:34 . 2014-12-10 01:40:34 -------- dc----w- C:\Users\Default\AppData\Local\temp
2014-12-09 23:33:48 . 2014-12-09 23:35:38 -------- dc----w- C:\AdwCleaner
2014-12-09 18:57:53 . 2014-12-09 18:57:53 -------- dc----w- C:\Windows\system32\appraiser
2014-12-09 18:43:51 . 2014-12-09 18:43:54 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2014-12-09 18:43:51 . 2014-12-09 18:43:54 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-09 18:43:51 . 2014-12-09 18:43:54 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2014-12-09 18:43:51 . 2014-12-09 18:43:54 103424 ----a-w- C:\Windows\SysWow64\mfps.dll
2014-12-09 18:43:51 . 2014-12-09 18:43:53 55808 ----a-w- C:\Windows\system32\rrinstaller.exe
2014-12-09 18:43:51 . 2014-12-09 18:43:53 4121600 ----a-w- C:\Windows\system32\mf.dll
2014-12-09 18:43:51 . 2014-12-09 18:43:53 24576 ----a-w- C:\Windows\system32\mfpmp.exe
2014-12-09 18:43:51 . 2014-12-09 18:43:53 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2014-12-09 18:43:51 . 2014-12-09 18:43:53 206848 ----a-w- C:\Windows\system32\mfps.dll
2014-12-09 18:43:51 . 2014-12-09 18:43:53 2048 ----a-w- C:\Windows\system32\mferror.dll
2014-12-09 18:38:45 . 2014-12-09 18:55:35 1232040 ----a-w- C:\Windows\system32\aitstatic.exe
2014-12-09 18:38:45 . 2014-12-09 18:55:34 192000 ----a-w- C:\Windows\system32\aepic.dll
2014-12-09 18:38:45 . 2014-12-09 18:55:34 1083392 ----a-w- C:\Windows\system32\aeinv.dll
2014-12-09 18:38:44 . 2014-12-09 18:55:36 396800 ----a-w- C:\Windows\system32\devinv.dll
2014-12-09 18:38:44 . 2014-12-09 18:55:35 741376 ----a-w- C:\Windows\system32\invagent.dll
2014-12-09 18:38:44 . 2014-12-09 18:55:35 413184 ----a-w- C:\Windows\system32\generaltel.dll
2014-12-09 18:38:43 . 2014-12-09 18:55:34 227328 ----a-w- C:\Windows\system32\aepdu.dll
2014-12-09 18:37:34 . 2014-12-09 18:54:52 187904 ----a-w- C:\Windows\system32\cryptsvc.dll
2014-12-09 18:37:33 . 2014-12-09 18:54:53 1480192 ----a-w- C:\Windows\system32\crypt32.dll
2014-12-09 18:37:33 . 2014-12-09 18:54:52 143872 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2014-12-09 18:37:33 . 2014-12-09 18:54:52 1174528 ----a-w- C:\Windows\SysWow64\crypt32.dll
2014-12-09 18:37:29 . 2014-12-09 18:45:13 119296 ----a-w- C:\Windows\system32\drivers\tdx.sys
2014-12-09 18:35:21 . 2014-12-09 18:42:28 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-12-09 18:35:21 . 2014-12-09 18:42:28 2048 ----a-w- C:\Windows\system32\tzres.dll
2014-12-09 09:09:28 . 2014-11-02 04:20:59 11632448 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DBA4492F-8C34-488C-B6CE-160854B68AF4}\mpengine.dll
2014-11-30 00:58:57 . 2014-11-30 00:58:57 -------- dc----w- C:\Users\Karel\AppData\Roaming\Convert Audio Free
2014-11-25 19:49:47 . 2014-11-25 19:49:47 -------- dc----w- C:\Program Files (x86)\Common Files\Skype
2014-11-25 12:59:38 . 2014-11-25 12:59:38 18638520 -c--a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2014-11-19 15:11:53 . 2014-11-20 02:00:36 728064 ----a-w- C:\Windows\system32\kerberos.dll
2014-11-19 15:11:53 . 2014-11-20 02:00:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-19 15:11:53 . 2014-11-20 02:00:36 241152 ----a-w- C:\Windows\system32\pku2u.dll
2014-11-19 15:11:53 . 2014-11-20 02:00:36 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-19 03:31:16 . 2014-11-19 03:31:16 1217192 -c--a-w- C:\Windows\SysWow64\FM20.DLL
2014-11-17 01:53:57 . 2014-11-17 01:51:31 590536 -c--a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-11-17 01:51:51 . 2014-11-17 02:06:09 -------- dc----w- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-17 01:47:35 . 2014-11-17 01:47:48 -------- dc----w- C:\Program Files\Microsoft Office 15
2014-11-17 01:13:12 . 2014-04-03 23:42:24 3382440 -c--a-w- C:\Windows\system32\BootMan.exe
2014-11-17 01:13:12 . 2014-04-03 23:25:46 2499752 -c--a-w- C:\Windows\SysWow64\BootMan.exe
2014-11-17 01:13:12 . 2013-03-07 08:49:20 9160 -c--a-w- C:\Windows\SysWow64\EuGdiDrv.sys
2014-11-17 01:13:12 . 2013-03-07 08:49:20 87112 -c--a-w- C:\Windows\SysWow64\setupempdrv03.exe
2014-11-17 01:13:12 . 2013-03-07 08:49:20 14920 -c--a-w- C:\Windows\SysWow64\epmntdrv.sys
2014-11-17 01:13:12 . 2013-03-07 08:49:18 9800 -c--a-w- C:\Windows\system32\EuGdiDrv.sys
2014-11-17 01:13:12 . 2013-03-07 08:49:18 17480 -c--a-w- C:\Windows\system32\epmntdrv.sys
2014-11-17 01:13:12 . 2013-03-07 08:49:18 100936 -c--a-w- C:\Windows\system32\setupempdrvx64.exe
2014-11-17 01:13:12 . 2013-03-07 08:49:14 16256 -c--a-w- C:\Windows\system32\EuEpmGdi.dll
2014-11-17 01:13:12 . 2013-03-07 08:49:12 19840 -c--a-w- C:\Windows\SysWow64\EuEpmGdi.dll
2014-11-17 01:13:02 . 2014-11-17 01:13:02 -------- dc----w- C:\Program Files (x86)\EaseUS
2014-11-15 16:01:29 . 2014-11-15 16:01:29 -------- dc----w- C:\Users\Karel\.ssh
2014-11-14 19:37:02 . 2014-11-14 19:37:10 -------- dc----w- C:\Users\Karel\AppData\Roaming\FileZilla
2014-11-14 19:20:30 . 2014-11-14 19:20:30 -------- dc----w- C:\Users\Karel\AppData\Roaming\JetBrains
2014-11-14 19:19:50 . 2014-11-14 19:19:50 -------- dc----w- C:\Users\Karel\.WebStorm9
2014-11-14 13:57:10 . 2014-11-14 13:57:28 -------- dc----w- C:\Windows\rescache
2014-11-11 19:49:17 . 2014-11-11 21:48:59 683520 ----a-w- C:\Windows\system32\termsrv.dll
2014-11-11 19:49:17 . 2014-11-11 21:48:59 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-11-11 19:49:17 . 2014-11-11 21:48:59 681984 ----a-w- C:\Windows\system32\adtschema.dll
2014-11-11 19:49:17 . 2014-11-11 21:48:59 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-11-11 19:49:17 . 2014-11-11 21:48:59 146432 ----a-w- C:\Windows\system32\msaudite.dll
2014-11-11 19:49:17 . 2014-11-11 21:48:58 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-11-11 19:49:17 . 2014-11-11 21:48:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-11-11 19:49:17 . 2014-11-11 21:48:58 155064 ----a-w- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-11 19:49:17 . 2014-11-11 21:48:58 1460736 ----a-w- C:\Windows\system32\lsasrv.dll
2014-11-11 15:46:16 . 2014-11-11 15:46:16 3225280 -c--a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\1029\MSOINTL.DLL
2014-11-11 04:24:18 . 2014-11-11 04:24:18 195272 -c--a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\LICLUA.EXE
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2014-12-09 18:46:41 . 2010-10-16 00:16:37 112710672 -c--a-w- C:\Windows\system32\MRT.exe
2014-12-09 18:42:37 . 2014-12-09 18:36:18 165888 ----a-w- C:\Windows\system32\charmap.exe
2014-11-25 21:19:31 . 2012-04-04 15:54:06 701104 -c--a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-25 21:19:31 . 2011-05-17 16:26:33 71344 -c--a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-11 21:36:29 . 2014-11-11 19:47:39 342016 ----a-w- C:\Windows\system32\schannel.dll
2014-11-11 21:36:29 . 2014-11-11 19:47:38 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-11-04 13:30:58 . 2010-09-14 16:13:39 275080 -c----w- C:\Windows\system32\MpSigStub.exe
2014-10-16 09:10:49 . 2014-10-15 22:32:36 1943696 ----a-w- C:\Windows\system32\dfshim.dll
2014-10-16 09:10:49 . 2014-10-15 22:32:36 156824 ----a-w- C:\Windows\SysWow64\mscorier.dll
2014-10-16 09:10:49 . 2014-10-15 22:32:36 156312 ----a-w- C:\Windows\system32\mscorier.dll
2014-10-16 09:10:49 . 2014-10-15 22:32:36 1131664 ----a-w- C:\Windows\SysWow64\dfshim.dll
2014-10-16 09:10:49 . 2014-10-15 22:32:35 81560 ----a-w- C:\Windows\SysWow64\mscories.dll
2014-10-16 09:10:49 . 2014-10-15 22:32:35 73880 ----a-w- C:\Windows\system32\mscories.dll
2014-10-16 09:09:15 . 2014-10-15 22:29:29 424448 ----a-w- C:\Windows\system32\rastls.dll
2014-10-16 09:09:15 . 2014-10-15 22:29:29 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2014-10-16 09:09:07 . 2014-10-15 22:29:21 3221504 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-10-16 09:09:07 . 2014-10-15 22:29:20 3722240 ----a-w- C:\Windows\system32\mstscax.dll
2014-10-16 09:09:07 . 2014-10-15 22:29:19 235520 ----a-w- C:\Windows\system32\winsta.dll
2014-10-16 09:09:07 . 2014-10-15 22:29:19 1118720 ----a-w- C:\Windows\system32\mstsc.exe
2014-10-16 09:09:07 . 2014-10-15 22:29:19 1051136 ----a-w- C:\Windows\SysWow64\mstsc.exe
2014-10-16 09:09:07 . 2014-10-15 22:29:18 455168 ----a-w- C:\Windows\system32\winlogon.exe
2014-10-16 09:09:07 . 2014-10-15 22:29:18 212480 ----a-w- C:\Windows\system32\drivers\rdpwd.sys
2014-10-16 09:09:07 . 2014-10-15 22:29:18 157696 ----a-w- C:\Windows\SysWow64\winsta.dll
2014-10-16 09:09:07 . 2014-10-15 22:29:18 150528 ----a-w- C:\Windows\system32\rdpcorekmts.dll
2014-10-16 09:09:07 . 2014-10-15 22:29:18 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2014-10-16 09:09:07 . 2014-10-15 22:29:17 39936 ----a-w- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-10 07:59:12 . 2014-10-10 07:59:12 243440 -c--a-w- C:\Windows\system32\drivers\eamonm.sys
2014-10-10 07:59:12 . 2014-10-10 07:59:12 241368 -c--a-w- C:\Windows\system32\drivers\edevmon.sys
2014-10-10 07:59:12 . 2014-10-10 07:59:12 169280 -c--a-w- C:\Windows\system32\drivers\ehdrv.sys
2014-10-10 07:59:12 . 2014-10-10 07:59:12 158968 -c--a-w- C:\Windows\system32\drivers\epfwwfpr.sys
2014-10-01 11:03:24 . 2014-09-30 21:02:23 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-10-01 11:03:24 . 2014-09-30 21:02:23 371712 ----a-w- C:\Windows\system32\qdvd.dll
2014-09-12 11:14:02 . 2012-07-17 13:37:10 23256 -c--a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
Re: Moc prosím o kontrolu logu
Log neni kompletni... opravdu je to cely obsah logu? 
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?